Successfully reported this slideshow.
XACML pilot at a large Dutch bankUsing XACML to implement context-enhanced authorizationsMaarten Wegdam, NovayWith contrib...
formerly Telematica    research & advice                                Instituut                               innovation...
digital identity,    Managing Advisor                                    privacy, trust                                   ...
Authorization & Context?                                                     (Attribute Based                             ...
Context-enhanced authz    • XACML pilot at a large Dutch bank    • Context = location and more    • DYNAMIC!! policies    ...
CEA – the movie    http://youtu.be/lGUprbxJNvE6   XACML pilot - context-enhanced authorization
I will NOT discuss    • ABAC    • XACML    So I have MORE TIME FOR    • Context-enhanced authz    • Use case + demonstrato...
Context and examples                                 Environment                                   Social                 ...
Use-cases – a high level …    Read-only outside the office for transactions    Used device    User proximity    Data loss ...
Demonstrator      Proximity       dongle                         User                   Application     NFC reader        ...
11   XACML pilot - context-enhanced authorization
12   XACML pilot - context-enhanced authorization
13   XACML pilot - context-enhanced authorization
Our approach: authZ levels     All     • @office, proximity, IT-dept. mngd laptop     A lot     • @home, proximity, IT-dep...
15   XACML pilot - context-enhanced authorization
16   XACML pilot - context-enhanced authorization
17   XACML pilot - context-enhanced authorization
LESSONS LEARNED18     XACML pilot - context-enhanced authorization
Main lesson     YES we can  It is useful It is feasible using XACML tooling BUT … (next slides)19       XACML pilot - con...
Context – low-hanging fruit     Location, location, location     Stuff derived from location     Used device (BYOD, enterp...
Quality of context     Sensors have limitations     Context is vague      (probability, accuracy, outdated)     Requires k...
Authenticity of context     Attack by faking or disabling context sources     We need verification     • Rely on trusted s...
Trust in context vs usefullness   needed   trust in authenticity  of context23          XACML pilot - context-enhanced aut...
Context is privacy sensitive     Minimize privacy consequences      • Limit (centralized) storage      • Minimize sensing ...
Complexity of policies     Context will increase complexity     • Complete and conflict free     Expressing context at hig...
Scalability & performance     Typical XACML attribute are static,     context is not: perf & scalability challenge     No ...
Centralization - take authz out of the application (cf                  authn) Key take-aways                  Use attribu...
More information     • Project page @Novay        • http://www.novay.nl/okb/projects/context-enhanced-authorization/12435 ...
Upcoming SlideShare
Loading in …5
×

XACML pilot at a large Dutch bank, Using XACML to implement context-enhanced authorizations

1,758 views

Published on

As presented at the XACML seminar, 26 april 2012, at SURFnet (Utrecht, NL) by PIMN, CSA and PvIB. Presented the context-enhanced authorization project on usefullness and feasibility of using context to improve authz for a large Dutch bank.

Published in: Technology
  • Be the first to comment

XACML pilot at a large Dutch bank, Using XACML to implement context-enhanced authorizations

  1. 1. XACML pilot at a large Dutch bankUsing XACML to implement context-enhanced authorizationsMaarten Wegdam, NovayWith contributions of Martijn Oostdijk, NovayXACML seminar, 26 April 2012 www.novay.nl | maarten.wegdam@novay.nl | +31 53 4850414 | @maartenwegdam | http://maarten.wegdam.name (blog) | http://www.linkedin.com/in/wegdam
  2. 2. formerly Telematica research & advice Instituut innovation projects multi-disciplinairy, ~50 (government, financial, health) researchers/advisors2
  3. 3. digital identity, Managing Advisor privacy, trust Maarten Maarten Wegdam Wegdam PhD in computer CV: KPN Research, science (RuG, UT) Bell Labs, UD@UT3 XACML pilot - context-enhanced authorization
  4. 4. Authorization & Context? (Attribute Based Access Control)4 XACML pilot - context-enhanced authorization
  5. 5. Context-enhanced authz • XACML pilot at a large Dutch bank • Context = location and more • DYNAMIC!! policies • Usefulness through use cases + feasibility study through demonstrator • Scope: employees5 XACML pilot - context-enhanced authorization
  6. 6. CEA – the movie http://youtu.be/lGUprbxJNvE6 XACML pilot - context-enhanced authorization
  7. 7. I will NOT discuss • ABAC • XACML So I have MORE TIME FOR • Context-enhanced authz • Use case + demonstrator • Lessons learned7 XACML pilot - context-enhanced authorization
  8. 8. Context and examples Environment Social Physiological • security • SN friends incidents • heart rate • activity twitter Location • cell-id, GPS Time Mental • country • office hours • stressed • proximity Activities Network Device • travelling • VPN • type • meeting • Wifi • ownership • sleeping8 XACML pilot - context-enhanced authorization
  9. 9. Use-cases – a high level … Read-only outside the office for transactions Used device User proximity Data loss prevention when travelling9 XACML pilot - context-enhanced authorization
  10. 10. Demonstrator Proximity dongle User Application NFC reader Context client Google Latitude Policies Outlook Policy Engine Google Calendar Policies incl. ctxt variables Context Device Mgmt server10 XACML pilot - context-enhanced authorization
  11. 11. 11 XACML pilot - context-enhanced authorization
  12. 12. 12 XACML pilot - context-enhanced authorization
  13. 13. 13 XACML pilot - context-enhanced authorization
  14. 14. Our approach: authZ levels All • @office, proximity, IT-dept. mngd laptop A lot • @home, proximity, IT-dept. mngd laptop, 6.00-23.00 Some • @office, user mngd (registered) iPad, agenda, 06.00-23.00 • IT-dept. mngd laptop, proximity, agenda, time in 6.00-23.00 A little • Proximity, registered device Nothing14 XACML pilot - context-enhanced authorization
  15. 15. 15 XACML pilot - context-enhanced authorization
  16. 16. 16 XACML pilot - context-enhanced authorization
  17. 17. 17 XACML pilot - context-enhanced authorization
  18. 18. LESSONS LEARNED18 XACML pilot - context-enhanced authorization
  19. 19. Main lesson YES we can  It is useful It is feasible using XACML tooling BUT … (next slides)19 XACML pilot - context-enhanced authorization
  20. 20. Context – low-hanging fruit Location, location, location Stuff derived from location Used device (BYOD, enterprise mobility etc) Used network (VPN/local, access point etc) Time-of-day Security incidents / events And of course normal usage patterns Please note: context is just an attribute20 for XACML, but then dynamic XACML pilot - context-enhanced authorization
  21. 21. Quality of context Sensors have limitations Context is vague (probability, accuracy, outdated) Requires knowing how vague, and combining context: not trivial!21 XACML pilot - context-enhanced authorization
  22. 22. Authenticity of context Attack by faking or disabling context sources We need verification • Rely on trusted sources, e.g., company owned • Combining multiple sources (cf. quality of context) • Context history Depends very much on specific scenario22 XACML pilot - context-enhanced authorization
  23. 23. Trust in context vs usefullness needed trust in authenticity of context23 XACML pilot - context-enhanced authorization
  24. 24. Context is privacy sensitive Minimize privacy consequences • Limit (centralized) storage • Minimize sensing • Privacy-by-design, PETs etc Acceptance • Ensure sufficient benefit for the users!!! • Transparency & consent24 XACML pilot - context-enhanced authorization
  25. 25. Complexity of policies Context will increase complexity • Complete and conflict free Expressing context at high abstraction helps Not too high: lose quality and authenticity We defined discrete ‘authz levels’25 XACML pilot - context-enhanced authorization
  26. 26. Scalability & performance Typical XACML attribute are static, context is not: perf & scalability challenge No more caching  Pre-fetching context helps performance, bad for scalability26 XACML pilot - context-enhanced authorization
  27. 27. Centralization - take authz out of the application (cf authn) Key take-aways Use attributes (ABAC), XACML is the standard to do this multi-vendor and across domains Our pilot: use dynamic attributes (i.e., context) Yes it is useful, yes it is feasible But w.r.t. context: authenticity, quality & privacy But w.r.t. dyn attributes / XACML: complexity of policies & scalability/performance27 XACML pilot - context-enhanced authorization
  28. 28. More information • Project page @Novay • http://www.novay.nl/okb/projects/context-enhanced-authorization/12435 • Whitepaper: Feasibility of Context-enhanced Authorization , in the banking sector • Blogposts with more technical XACML experiences • http://martijno.blogspot.com/2012/02/xacml-with-tivoli-security-policy.html • Ack: Martijn Oostdijk, Bob Hulsebosch, Jaap Reitsma, Ruud Kosman & other Novay colleagues, IBM, Rabobank www.novay.nl | maarten.wegdam@novay.nl | +31 53 4850414 | @maartenwegdam | http://maarten.wegdam.name (blog) | http://www.linkedin.com/in/wegdam28 XACML pilot - context-enhanced authorization

×