Authorization credentials for controlled sharing in NDN: Experiments with codecaps and macaroons in NDN.JS NDNCOMM 2014 Pedro de-las-Heras-Quir´ os, Eva M. Castro-Barbero <pedro.delasheras@urjc.es> Information Technology and Communications Department Universidad Rey Juan Carlos, Spain September 5, 2014 pedro.delasheras@urjc.es - 2014 Authorization credentials for controlled sharing in NDN 1
c � 2014 Pedro de las Heras Qur´ os, Eva M. Castro Barbero. Algunos derechos reservados. Este trabajo se distribuye bajo la licencia Creative Commons Attribution Share-Alike disponible en http://creativecommons.org/licenses/by-sa/3.0/es pedro.delasheras@urjc.es - 2014 Authorization credentials for controlled sharing in NDN 2
Contents Codecaps for NDN 1 Macaroons for NDN 2 Why use these mechanisms in NDN? 3 pedro.delasheras@urjc.es - 2014 Authorization credentials for controlled sharing in NDN 3
Introduction We are developing prototypes of codecaps and macaroons for NDN using NDN-CCL (NDN.JS v0.3), ndnd-tlv, ndncert, Mini-CCNx (adapted to ndnd-tlv) Work in progress to explore potential solutions for encryption based group access control for NDN apps Expect more doubts than claims: Can these mechanisms improve consumer anonymity in NDN when compared with signed interests? Can they facilitate service composition of NDN apps? Example applications: Raw sensor data stored and published to service that transforms and republishes data to different group, with different rights Example application: want to let my family group / friends group some of the photos in NDNFlickr, withouth them having an account there Delegation of voting rights acording to subject Open mHealth pedro.delasheras@urjc.es - 2014 Authorization credentials for controlled sharing in NDN 4
Codecaps for NDN Contenidos Codecaps for NDN 1 Macaroons for NDN 2 Why use these mechanisms in NDN? 3 pedro.delasheras@urjc.es - 2014 Authorization credentials for controlled sharing in NDN 5
Codecaps for NDN What are Codecaps Secure abstraction with code capabilities. R. van Renesse, H.D. Johansenn, N. Naigaonkar and D. Johansen. In 21st Euromicro International Conference on Parallel, Distributed and Network-Based Processing, 2013 Codecaps are Capabilities that embed code that programatically expresses the rights acquired by the owner Rights are code (Javascript in the original paper) that is evaluated in the context of a request to grant/deny access. pedro.delasheras@urjc.es - 2014 Authorization credentials for controlled sharing in NDN 6
Codecaps for NDN What are Codecaps Codecaps can be extended by principals. Each codecap includes a certificate chain that can be extended by its owner by adding new right functions that attenuate the original rights Codecaps are extended for a particular principal: each certificate in the chain signs both a new right function and the Public Key of the principal who can use the new extended codecap pedro.delasheras@urjc.es - 2014 Authorization credentials for controlled sharing in NDN 7
Codecaps for NDN What are Codecaps A request includes a codecap + action requested A request can be created by any principal owning a Codecap by signing the requested action with its private key and sending it alongside the codecap The original creator of the codecap validates the chain of certificates of the request, and evaluates if every rights function is satisfied in the context of the request, granting or denying access pedro.delasheras@urjc.es - 2014 Authorization credentials for controlled sharing in NDN 8
Codecaps for NDN Example /ndn/urjc/ bob O1: bob, RW /ndn/urjc /ndn/ucla/ mary pedro.delasheras@urjc.es - 2014 Authorization credentials for controlled sharing in NDN 9
Codecaps for NDN Example Signed interest /ndn/urjc/ /ndn/urjc/ get-codecap / O1 bob O1: bob, RW /ndn/urjc /ndn/ucla/ mary pedro.delasheras@urjc.es - 2014 Authorization credentials for controlled sharing in NDN 10
Codecaps for NDN Example Signed interest /ndn/urjc/ /ndn/urjc/ get-codecap / O1 bob K-urjc{K+bob, O1, RW} O1: bob, RW /ndn/urjc /ndn/ucla/ mary pedro.delasheras@urjc.es - 2014 Authorization credentials for controlled sharing in NDN 11
Codecaps for NDN Example Signed interest /ndn/urjc/ /ndn/urjc/ get-codecap / O1 bob K-urjc{K+bob, O1, RW} O1: bob, RW Signed interest /ndn/urjc /ndn/urjc/bob/ get-codecap / O1 /ndn/ucla/ mary pedro.delasheras@urjc.es - 2014 Authorization credentials for controlled sharing in NDN 12
Codecaps for NDN Example Signed interest /ndn/urjc/ /ndn/urjc/ get-codecap / O1 bob K-urjc{K+bob, O1, RW} O1: bob, RW Signed interest /ndn/urjc /ndn/urjc/bob/ get-codecap / O1 K-urjc {K+bob, O1, RW} K-bob {K+mary, O1, R} /ndn/ucla/ mary pedro.delasheras@urjc.es - 2014 Authorization credentials for controlled sharing in NDN 13
Codecaps for NDN Example Signed interest /ndn/urjc/ /ndn/urjc/ get-codecap / O1 bob K-urjc{K+bob, O1, RW} O1: bob, RW Signed interest /ndn/urjc /ndn/urjc/bob/ get-codecap / O1 K-urjc {K+bob, O1, RW} K-bob {K+mary, O1, R} Signed interest /ndn/urjc/ O1 / W / K-urjc{K+bob ,O1, RW} K-bob{K+mary, O1, R} /ndn/ucla/ mary pedro.delasheras@urjc.es - 2014 Authorization credentials for controlled sharing in NDN 14
Macaroons for NDN Contenidos Codecaps for NDN 1 Macaroons for NDN 2 Why use these mechanisms in NDN? 3 pedro.delasheras@urjc.es - 2014 Authorization credentials for controlled sharing in NDN 15
Macaroons for NDN What are Macaroons Macaroons: Cookies with contextual caveats for decentralized authorization in the cloud. A. Birgisson, J.G. Politz, ´ Ulfar Erlingsson, A. Taly, M. Vrable, and M. Lentczner. In Network and Distributed System Security Symposium, 2014 Similar to codecaps although they’re not capabilities, but credentials pedro.delasheras@urjc.es - 2014 Authorization credentials for controlled sharing in NDN 16
Macaroons for NDN What are Macaroons Also embed code: authorization predicates in caveats, similar to rights functions of codecaps Express when, where, by who and for what purpose a producer principal should authorize requests for content or services it owns pedro.delasheras@urjc.es - 2014 Authorization credentials for controlled sharing in NDN 17
Macaroons for NDN What are Macaroons Macaroons can also be extended but they don’t use PK certificates for expressing delegation The list of caveats added by principals is chained through HMAC’s: much more efficient, and potentially anonymous for NDN consumers Original creator of macaroon keeps secret the root key used to calculate the first HMAC, and adds nonce identifying it to macaroon Next principal in chain will use the previous HMAC as the key for calculating HMAC of next caveat added Requests can only be validated by original creator, who recalculates the chain of HMACs starting with secret root key indexed by nonce in macaroon of request pedro.delasheras@urjc.es - 2014 Authorization credentials for controlled sharing in NDN 18
Macaroons for NDN What are Macaroons Main innovation of macaroons: third-party caveats pedro.delasheras@urjc.es - 2014 Authorization credentials for controlled sharing in NDN 19
Macaroons for NDN Example Bob receives macaroon created by /ndn/urjc O1: bob, RW nonce X caveat: /ndn/urjc/ /ndn/urjc O1, RW bob Bob friends: mary, K+mary jane, K+jane ... /ndn/urjc/ /auth-service mary pedro.delasheras@urjc.es - 2014 Authorization credentials for controlled sharing in NDN 20
Macaroons for NDN Example Bob extends the macaroon with normal caveat and with third-party caveat that requires Mary to authenticate in auth-service, and then sends the extended macaroon to Mary O1: bob, RW nonce X caveat: /ndn/urjc/ /ndn/urjc O1, RW bob nonce X caveat: O1, RW caveat: O1, R Bob friends: 3rd party caveat, nonceY : mary, K+mary my friend in /auth-service? jane, K+jane ... /ndn/urjc/ /auth-service mary pedro.delasheras@urjc.es - 2014 Authorization credentials for controlled sharing in NDN 21
Macaroons for NDN Example In order for Mary to create a request for O1, she must first authenticate herself in the third party auth-service to satisfy the third party caveat as demanded by Bob O1: bob, RW nonce X caveat: /ndn/urjc/ /ndn/urjc O1, RW bob nonce X caveat: O1, RW caveat: O1, R Bob friends: 3rd party caveat, nonceY : mary, K+mary my friend in /auth-service? jane, K+jane ... /ndn/urjc/ 3rd party caveat: /auth-service my friend in /auth-service? mary nonce Y discharge macaroon pedro.delasheras@urjc.es - 2014 Authorization credentials for controlled sharing in NDN 22
Macaroons for NDN Example Mary then adds the discharge macaroon to a request sent to /ndn/urjc O1: bob, RW nonce X caveat: /ndn/urjc/ /ndn/urjc O1, RW bob nonce X nonce X caveat: caveat: O1, RW O1, RW caveat: caveat: O1, R O1, R Bob friends: nonce Y 3rd party caveat, nonce Y, 3rd party caveat, nonceY : mary, K+mary my friend in /auth-service? discharge jane, K+jane macaroon ... /ndn/urjc/ 3rd party caveat: /auth-service my friend in /auth-service? mary nonce Y discharge macaroon pedro.delasheras@urjc.es - 2014 Authorization credentials for controlled sharing in NDN 23
Recommend
More recommend