a connector a connector centric approach centric approach
play

A Connector- A Connector- Centric Approach Centric Approach to - PowerPoint PPT Presentation

Dec 05, 2022 •170 likes •917 views

A Connector- A Connector- Centric Approach Centric Approach to Architectural to Architectural Access Control Access Control Jie Ren Department of Informatics University of California, Irvine Outline Overview Architecture and

  1. A Connector- A Connector- Centric Approach Centric Approach to Architectural to Architectural Access Control Access Control Jie Ren Department of Informatics University of California, Irvine

  2. Outline � Overview – Architecture and Security – Software connectors – Hypotheses, approach, validation, contribution � Architectural Access Control – Model: Subject, Principal, Resource, Privilege, Safeguard, Policy – Language: xADL, XACML, and Secure xADL – Contexts: neighborhood, type, container, architecture – Algorithm: interface access and privilege propagation � Advanced concepts – RBAC, trust, content-based, architectural execution � Tool support � Case studies � Conclusion January 20, 2006 Overview 2

  3. Security Incidents Reported to CERT Incidents 140,000 120,000 100,000 80,000 60,000 40,000 20,000 0 1995 1996 1997 1998 1999 2000 2001 2002 2003 January 20, 2006 Overview 3

  4. 4 Wing, IEEE Security & Privacy, 2003 Re-architecting boosts security! Overview January 20, 2006

  5. Problem � Architectural Access Control: – How can we describe and check access control issues at the software architecture level? January 20, 2006 Overview 5

  6. Main Goal � Integrate security and software architecture – Integrate – Security: integrity through access control – Architecture level: abstraction – Software engineering perspective: how to express, check, and enforce January 20, 2006 Overview 6

  7. Security Overview � Security – confidentiality, integrity, availability � Security policy, model, mechanism � Reference Monitor and Trusted Computing Base – Anderson 1972 January 20, 2006 Overview 7

  8. Classic Discretionary Access Control � Lampson 1971 � Subject � Object � Privilege January 20, 2006 Overview 8

  9. Component and Architecture Security � Component-based Software Engineering – Computer Security Contract, Khan 2001 – cTLA Contract, Herrmann 2003 � Software Architecture – ASTER, Bidan and Issarny 1997 – System Architecture Model, Deng et al. 2003 – SADL, Moriconi et al. 1997 – Law-Governed Architecture, Minsky 1998 � Mostly cryptography, insufficient access control January 20, 2006 Overview 9

  10. Connectors � Why connectors – Model the fundamental communication issue � Should they be first class citizens? – Capture and reuse � Existing work – Taxonomy: Mehta 2000 – Assembly Language: Mehta 2004 – Constructions: Lopes 2003 – Transformation: Spitznagel 2001 � Shortcoming: insufficient access control – Dependability: Spitznagel 2004 January 20, 2006 Overview 10

  11. Hypotheses � Hypothesis 1: An architectural connector may serve as a suitable construct to model architectural access control � Hypothesis 2: The connector-centric approach can be applied to different types of componentized and networked software systems � Hypothesis 3: With connector propagating privileges, the access control check algorithm can check the suitability of accessing interfaces � Hypothesis 4: In an event-based architecture style, connectors can route events in accordance with the secure delivery requirements January 20, 2006 Overview 11

  12. Approach � A connector-centric approach to describe and enforce Architectural Access Control – Combine software architecture and security research – Adopt an integrated access control model: classic, role-based, trust management – Secure xADL, based on xADL and XACML – Architectural contexts – Architectural execution – Connector-centric description and enforcement – Tool support January 20, 2006 Overview 12

  13. Validation � Algorithm analysis – Based on graph reachability � Four case studies – Development of secure coalition � Connector for secure message delivery – Development of Impromptu � Composite connector among heterogeneous components – Modeling of Firefox component security � Algorithm to check critical path with the connector – Modeling of DCOM security � Connectors for networked components January 20, 2006 Overview 13

  14. Contributions � A novel approach to the design and analysis of the access control property for software architectures � A usable formalism for modeling and reasoning about architectural access control � An algorithm for checking whether the architectural model maintains proper access control at design-time � A suite of usable tools to design and analyze secure software January 20, 2006 Overview 14

  15. Architectural Access Control � Basic concepts, applied in architecture – Subject, Principal, Resource, Permission/Privilege/Safeguard, Policy � Secure xADL – xADL – XACML – Language design � Contexts – Neighborhood, type, container, architecture � Check algorithm � Central role of connectors January 20, 2006 Architectural Access Control 15

  16. Running Example: Coalition Message from Message from US France January 20, 2006 Architectural Access Control 16

  17. Concepts: Subject � A subject is the user on whose behalf software executes � Missing from traditional software architecture: – All of its components and connectors execute under the same subject – The subject can be determined at design-time – It generally will not change during runtime, either inadvertently or intentionally – Even if there is a change, it has no impact on the software architecture January 20, 2006 Architectural Access Control 17

  18. Concepts: Principal � A subject can take multiple principals , which encapsulate the credentials that a subject possesses to acquire permissions � Different types of principals � Summary credentials and concrete credentials � Missing from previous architectures January 20, 2006 Architectural Access Control 18

  19. Concepts: Resource � A resource is an entity whose access should be protected � Passive: files, sockets, etc. � Active: components, connectors, interfaces – Relevant to architecture January 20, 2006 Architectural Access Control 19

  20. Concepts: Privilege � Permissions describe a possible operation on an object � Privilege describes what permissions a component possesses depending on the executing subject � Privilege escalation vulnerabilities � Two types of privileges: – Traditional: read file, open sockets, etc. – Architectural: access, instantiation, connection, message routing, introspection, etc. January 20, 2006 Architectural Access Control 20

  21. Concepts: Safeguard � Safeguards are permissions that are required to access the interfaces of the protected components and connectors � Architectural access control check January 20, 2006 Architectural Access Control 21

  22. Concepts: Policy � A policy specifies what privileges a subject, with a given set of principals, should have to access resources protected by safeguards � Numerous existing studies in the security community � We focus on software engineering applicability for architectural modeling January 20, 2006 Architectural Access Control 22

  23. Overview of xADL � XML-based extensible architecture description language � Component and connector � Types � Signatures and interfaces � Sub-architecture � Design-time and run-time � Tool support: ArchStudio � Extensible: configuration, execution January 20, 2006 Architectural Access Control 23

  24. Overview of XACML � Conceptual framework for access control models – Based on set theory and first order logic � Extensible � Formal semantics � Matching rule for request – Policy Enforcement Point (PEP) and Policy Decision Point (PDP) – PolicySet, Policy, Rule – Match on Subject, Resource, Action � Combining algorithms � Open Standard from OASIS January 20, 2006 Architectural Access Control 24

  25. Secure xADL � The first effort to model these security concepts directly in an architectural description language � Viewed from XACML: a profile for the software architecture domain � Viewed from xADL: a new schema with elements necessary for access control January 20, 2006 Architectural Access Control 25

  26. Syntax of Secure xADL <complexType name="SecurityPropertyType"> <sequence> <element name="subject" type="Subject"/> <element name="principals" type="Principals"/> <element name="privileges" type="Privileges"/> <element name="policies" type="Policies"/> </sequence> <complexType> <complexType name="SecureConnectorType"> <complexContent> <extension base="ConnectorType"> <sequence> <element mame="security" type="SecurityPropertyType"/> </sequence> </extension> <!-- similar constructs for component, structure, and instance --> January 20, 2006 Architectural Access Control 26

  27. Rationales for Language Design � Concepts – Architecture, access control � Extensibility – xADL, XACML � XACML flexible in combining policies � Tool support – ArchStudio – Evaluation engine and editor January 20, 2006 Architectural Access Control 27

  28. The Larger Contexts � Access control decisions might be based on entities other than the decision maker and the protected resource. These relationships are the contexts. � XACML’s combining algorithms supply a framework to combine these contexts January 20, 2006 Architectural Access Control 28

Recommend

April 2018 1 } HHS 2020 is an transformational approach to the way HHS services and programs are

April 2018 1 } HHS 2020 is an transformational approach to the way HHS services and programs are

April 2018 1 } HHS 2020 is an transformational approach to the way HHS services and programs are delivered } A modular, enterprise-wide approach } Moving from a program-centric approach to a person-centric approach } Changing the approach on

424 views • 16 slides
Mylyn Industrial Connector Mylyn Industrial Connector 1 Why yet another connector? Mylyn is

Mylyn Industrial Connector Mylyn Industrial Connector 1 Why yet another connector? Mylyn is

Mylyn Industrial Connector Mylyn Industrial Connector 1 Why yet another connector? Mylyn is about yet another connector There are many Mylyn connectors: Bugzilla Connector: Integrates Task List with Bugzilla repository

730 views • 17 slides
A CLIENT CENTRIC APPROACH November 2015 SYZ WEALTH MANAGEMENT IN BRIEF A unique A wide A

A CLIENT CENTRIC APPROACH November 2015 SYZ WEALTH MANAGEMENT IN BRIEF A unique A wide A

A CLIENT CENTRIC APPROACH November 2015 SYZ WEALTH MANAGEMENT IN BRIEF A unique A wide A global corporate spectrum of coverage culture capabilities Client centric Discretionary mandates to cater our clients' Swiss banking group with

590 views • 29 slides
User-Centric Perspective UCP Working Group Our approach to this theme - We started by defining

User-Centric Perspective UCP Working Group Our approach to this theme - We started by defining

User-Centric Perspective UCP Working Group Our approach to this theme - We started by defining concepts and terms we thought were relevant - We told stories/use cases of user-centric process models in the wild as well as

907 views • 19 slides
Consumer Connector Collaboration May 16, 2017 Webinar Consumer Connector Collaboration Agenda

Consumer Connector Collaboration May 16, 2017 Webinar Consumer Connector Collaboration Agenda

Consumer Connector Collaboration May 16, 2017 Webinar Consumer Connector Collaboration Agenda Review the Idaho consumer connector landscape Review the Consumer Connector Program Certification Requirements Roles &amp;

517 views • 15 slides
Sta Stagecoac gecoach h Sta State te Par ark k BLM BLM Connector Connector Trail ail Pr

Sta Stagecoac gecoach h Sta State te Par ark k BLM BLM Connector Connector Trail ail Pr

Sta Stagecoac gecoach h Sta State te Par ark k BLM BLM Connector Connector Trail ail Pr Proposal oposal PROJECT PARTNERS Proposal Goals The primary goal of this project is to ensure ongoing recreational access to federal public

317 views • 10 slides
An Architecture-Centric Approach for Software Engineering with for Software Engineering with

An Architecture-Centric Approach for Software Engineering with for Software Engineering with

An Architecture-Centric Approach for Software Engineering with for Software Engineering with Situated Multiagent Systems PhD Defense Danny Weyns Katholieke Universiteit Leuven October 11, 2006 Supervisors Tom Holvoet &amp; Pierre Verbaeten

779 views • 48 slides
The Actual, the Counterfactual and the Possible An Oceanic-centric approach to tense and modality

The Actual, the Counterfactual and the Possible An Oceanic-centric approach to tense and modality

The Actual, the Counterfactual and the Possible An Oceanic-centric approach to tense and modality Kilu von Prince AFLA, August 20 2020 Background Three modal domains handle/10900/91242 . https://publikationen.uni-tuebingen.de/xmlui/

983 views • 71 slides
R-SUSCEPTIBILITY An IR-Centric Approach to Assessing Privacy Risks for Users in Online

R-SUSCEPTIBILITY An IR-Centric Approach to Assessing Privacy Risks for Users in Online

R-SUSCEPTIBILITY An IR-Centric Approach to Assessing Privacy Risks for Users in Online Communities Joanna Asia Biega Krishna P . Gummadi, Ida Mele, Dragan Milchevski, Christos Tryfonopoulos, Gerhard Weikum SIGIR 2016 APPROACHING

824 views • 50 slides
Connector Integration SALESFORCE CONNECTOR INTEGRATION Share data to and from Salesforce

Connector Integration SALESFORCE CONNECTOR INTEGRATION Share data to and from Salesforce

Platform Demo Salesforce Connector Integration SALESFORCE CONNECTOR INTEGRATION Share data to and from Salesforce Enabled progressive profiling Technical expertise not required SFDC Demo BRIEF OVERVIEW OF CROWNPEAK

595 views • 5 slides
Vibration Performance Comparison Study on Current Fiber Optic Connector Technologies Connector

Vibration Performance Comparison Study on Current Fiber Optic Connector Technologies Connector

Vibration Performance Comparison Study on Current Fiber Optic Connector Technologies Connector Technologies William J. Thomes Jr., Frank V. LaRocca, Robert C. Switzer, Melanie N. Ott, Richard F. Chuska, Shawn L. Macmurphy SPIE Optics +

487 views • 29 slides
Simulation-based optimization of information security controls: An adversary-centric approach

Simulation-based optimization of information security controls: An adversary-centric approach

Simulation-based optimization of information security controls: An adversary-centric approach Elmar Kiesling, Andreas Ekelhart, Bernhard Grill, Christine Strau, Christian Stummer December 9, 2013; Washington, DC Funded by the Austrian

1.01k views • 88 slides
Selling a customer-centric approach into a business Changing the culture and approach of Imperial

Selling a customer-centric approach into a business Changing the culture and approach of Imperial

Selling a customer-centric approach into a business Changing the culture and approach of Imperial War Museums Charles Bodsworth, digital consultant Background Introductions to Myself: Charles Bodsworth Imperial War Museums (IWM)

382 views • 13 slides
Objective of Integrated Care Management A proactive, personalized, patient-centric approach .

Objective of Integrated Care Management A proactive, personalized, patient-centric approach .

Objective of Integrated Care Management A proactive, personalized, patient-centric approach . Use of evidence-based practices. Focusing on highly complex populations. 1 Identification: Assessment and Stratification Top 5% of

220 views • 9 slides
Southeast Connector Project Texas Transportation Commission Southeast Connector Project May 28,

Southeast Connector Project Texas Transportation Commission Southeast Connector Project May 28,

Southeast Connector Project Texas Transportation Commission Southeast Connector Project May 28, 2020 May 28, 2020 Minute Order Authorization Summary of Commission Action: Authorize TxDOT to issue a request for proposals (RFP) to design,

448 views • 8 slides
Southeast Connector Project Texas Transportation Commission Southeast Connector Project Oct.

Southeast Connector Project Texas Transportation Commission Southeast Connector Project Oct.

Southeast Connector Project Texas Transportation Commission Southeast Connector Project Oct. 31, 2019 Oct. 31, 2019 Minute Order authorization Sum ummary o y of Commission a n acti tion: Authorize TxDOT to issue a request for

450 views • 8 slides
Taking a Customer-Centric Approach in the Business Maria Robertson, Deputy Chief Executive,

Taking a Customer-Centric Approach in the Business Maria Robertson, Deputy Chief Executive,

Taking a Customer-Centric Approach in the Business Maria Robertson, Deputy Chief Executive, Service Delivery and Operations, Department of Internal Affairs 7 September 2016 We are in rapidly changing times Ministers priorities; citizens

107 views • 10 slides
An Event-Based Approach to Runtime Adaptation in Communication-Centric Systems Jorge A. P erez

An Event-Based Approach to Runtime Adaptation in Communication-Centric Systems Jorge A. P erez

An Event-Based Approach to Runtime Adaptation in Communication-Centric Systems Jorge A. P erez University of Groningen (NL) Joint work with Cinzia Di Giusto Universit e de Nice Sophia-Antipolis (FR) 11th International Workshop on Web

272 views • 24 slides
The Connector Program Presentation to the MHBE Board of Directors June 24, 2014 Leslie Lyles

The Connector Program Presentation to the MHBE Board of Directors June 24, 2014 Leslie Lyles

The Connector Program Presentation to the MHBE Board of Directors June 24, 2014 Leslie Lyles Smith Ginny Seyler Connector Entities Maryland Health Connection has contracted with entities in six geographic regions to implement the Connector

564 views • 18 slides
A Human-Centric Approach to Program Understanding Ph.D. Dissertation Proposal Raymond P.L. Buse

A Human-Centric Approach to Program Understanding Ph.D. Dissertation Proposal Raymond P.L. Buse

A Human-Centric Approach to Program Understanding Ph.D. Dissertation Proposal Raymond P.L. Buse buse@cs.virginia.edu April 6, 2010 1 Introduction Software development is a large global industry, but software products continue to ship with

446 views • 29 slides
Network-Centric Approach Using Task Migration for Drive-by-Wire Vehicle Resilience Jeanseong Baik

Network-Centric Approach Using Task Migration for Drive-by-Wire Vehicle Resilience Jeanseong Baik

Network-Centric Approach Using Task Migration for Drive-by-Wire Vehicle Resilience Jeanseong Baik , Haegeon Jeong, Kyungtae Kang* Computer Science and Engineering, Hanyang University ICNP 2020 Rise of the Autonomous Vehicles Define Accident

211 views • 10 slides
A consumer-driven access control approach to censorship circumvention in content-centric

A consumer-driven access control approach to censorship circumvention in content-centric

A consumer-driven access control approach to censorship circumvention in content-centric networking Jun Kurihara, Kenji Yokota and Atsushi Tagami KDDI R&amp;D Laboratories, Inc. ACM ICN 2016 Kyoto, Japan, Sep. 28, 2016 1 Sep. 28, 2016 Jun

579 views • 34 slides
XTM Connect Series: InDesign Connector Grant Blackburn Senior Solutions Architect XTM

XTM Connect Series: InDesign Connector Grant Blackburn Senior Solutions Architect XTM

XTM Connect Series: InDesign Connector Grant Blackburn Senior Solutions Architect XTM International Todays Topics XTM Connect InDesign Connector 01 Overview of InDesign connector In-context translation and review of InDesign files using

208 views • 8 slides
Entity-centric Topic Extraction and Exploration: A Network-based Approach Andreas Spitz and

Entity-centric Topic Extraction and Exploration: A Network-based Approach Andreas Spitz and

Entity-centric Topic Extraction and Exploration: A Network-based Approach Andreas Spitz and Michael Gertz March 27, 2018 ECIR 2018, Grenoble Heidelberg University, Germany Database Systems Research Group A Topic From Recent News term

826 views • 40 slides

More recommend