delegation in role based access control
play

Delegation in Role-Based Access Control Controlling delegation - PowerPoint PPT Presentation

Introduction Delegation operations in hierarchical RBAC Delegation in Role-Based Access Control Controlling delegation Enforcing transfer delegation Jason Crampton Hemanth Khambhammettu semantics Conclusion Information Security


  1. Introduction Delegation operations in hierarchical RBAC Delegation in Role-Based Access Control Controlling delegation Enforcing transfer delegation Jason Crampton · Hemanth Khambhammettu semantics Conclusion Information Security Group, Royal Holloway, University of London ESORICS · Hamburg · 2006

  2. Outline Introduction Delegation operations in hierarchical Introduction 1 RBAC Controlling delegation Delegation operations in hierarchical RBAC 2 Enforcing transfer delegation semantics Controlling delegation Conclusion 3 Enforcing transfer delegation semantics 4 Conclusion 5

  3. Delegation Introduction Delegation operations in hierarchical Delegation is a lightweight method for assigning temporary RBAC permissions to a user Controlling delegation A delegator is required to be authorized for the delegated Enforcing transfer permission delegation semantics Conclusion

  4. Delegation Introduction Delegation operations in hierarchical Delegation is a lightweight method for assigning temporary RBAC permissions to a user Controlling delegation A delegator is required to be authorized for the delegated Enforcing transfer permission delegation semantics Conclusion Administration is a general term for the methods by which an authorization policy can be updated (including authorizing a user for a permission) An administrator is not necessarily required to be authorized for the permission

  5. Delegation operations Introduction Delegation operations in hierarchical Grant RBAC Controlling A delegator may grant a permission p to a delegatee delegation The delegator is still authorized for p Enforcing transfer delegation Monotonic semantics Conclusion

  6. Delegation operations Introduction Delegation operations in hierarchical Grant RBAC Controlling A delegator may grant a permission p to a delegatee delegation The delegator is still authorized for p Enforcing transfer delegation Monotonic semantics Conclusion Transfer A delegator may transfer p The delegator is no longer authorized for p Non-monotonic

  7. Role-based access control Introduction Delegation operations in hierarchical RBAC Role hierarchy Controlling delegation A partially ordered set of roles ( R , � ) Enforcing transfer delegation semantics Conclusion

  8. Role-based access control Introduction Delegation operations in hierarchical RBAC Role hierarchy Controlling delegation A partially ordered set of roles ( R , � ) Enforcing transfer delegation User-role assignment relation semantics Conclusion UA ⊆ U × R

  9. Role-based access control Introduction Delegation operations in hierarchical RBAC Role hierarchy Controlling delegation A partially ordered set of roles ( R , � ) Enforcing transfer delegation User-role assignment relation semantics Conclusion UA ⊆ U × R Permission-role assignment relation PA ⊆ P × R

  10. Role-based access control Introduction Delegation operations in hierarchical RBAC Controlling Authorized roles delegation u is authorized for role r ′ if there exists r � r ′ and ( u , r ) ∈ UA Enforcing transfer delegation semantics Conclusion

  11. Role-based access control Introduction Delegation operations in hierarchical RBAC Controlling Authorized roles delegation u is authorized for role r ′ if there exists r � r ′ and ( u , r ) ∈ UA Enforcing transfer delegation semantics Authorized permissions Conclusion u is authorized for permission p if there exists a role r for which u is authorized and ( p , r ) ∈ PA

  12. Role-based access control Introduction Delegation operations in hierarchical RBAC Controlling Sessions delegation u creates a session by activating some subset of the roles for Enforcing transfer which she is authorized delegation semantics Conclusion

  13. Role-based access control Introduction Delegation operations in hierarchical RBAC Controlling Sessions delegation u creates a session by activating some subset of the roles for Enforcing transfer which she is authorized delegation semantics Conclusion Authorized requests A request by u for permission p is granted if u has activated a role r such that ( p , r ) ∈ PA

  14. Motivation Introduction Delegation operations in hierarchical Delegation in RBAC has focused on delegation of roles RBAC (interpreted as a set of permissions) Controlling delegation Enforcing transfer delegation semantics Conclusion

  15. Motivation Introduction Delegation operations in hierarchical Delegation in RBAC has focused on delegation of roles RBAC (interpreted as a set of permissions) Controlling delegation Enforcing transfer Existing models for delegation in RBAC only consider grant delegation semantics operations Conclusion The existence of the hierarchy makes enforcing transfer operations difficult

  16. Motivation Introduction Delegation operations in hierarchical Delegation in RBAC has focused on delegation of roles RBAC (interpreted as a set of permissions) Controlling delegation Enforcing transfer Existing models for delegation in RBAC only consider grant delegation semantics operations Conclusion The existence of the hierarchy makes enforcing transfer operations difficult Existing models for delegation are simplistic and lack controls on the propagation of permissions and roles

  17. Introduction Introduction 1 Delegation operations in hierarchical RBAC Controlling Delegation operations in hierarchical RBAC 2 delegation Enforcing transfer delegation Controlling delegation semantics 3 Conclusion Enforcing transfer delegation semantics 4 Conclusion 5

  18. Delegation operations and their semantics Introduction Delegation grantRole ( u , v , d ) operations in hierarchical Delegator u grants role d to delegatee v RBAC Controlling delegation Enforcing transfer delegation semantics a Conclusion b c d e f g h

  19. Delegation operations and their semantics Introduction Delegation grantRole ( u , v , d ) operations in hierarchical Delegator u grants role d to delegatee v RBAC Controlling u continues to be authorized for all roles in ↓ d delegation Enforcing transfer delegation semantics a Conclusion b c d e f g h

  20. Delegation operations and their semantics Introduction Delegation transferRoleStrong ( u , v , d ) operations in hierarchical Delegator u transfers role d to delegatee v RBAC Controlling delegation Enforcing transfer delegation semantics a Conclusion b c d e f g h

  21. Delegation operations and their semantics Introduction Delegation transferRoleStrong ( u , v , d ) operations in hierarchical Delegator u transfers role d to delegatee v RBAC Controlling u is no longer authorized for any role in ↓ d delegation Enforcing transfer delegation semantics a Conclusion b c d e f g h

  22. Delegation operations and their semantics Introduction transferRoleStatic ( u , v , d ) Delegation operations in hierarchical Delegator u transfers role d to delegatee v RBAC Controlling delegation Enforcing transfer delegation semantics Conclusion a b c d e f g h

  23. Delegation operations and their semantics Introduction transferRoleStatic ( u , v , d ) Delegation operations in hierarchical Delegator u transfers role d to delegatee v RBAC u is no longer authorized for any role x ∈ ↓ d unless there Controlling delegation exists r � = d such that r � x and ( u , r ) ∈ UA Enforcing transfer delegation semantics Conclusion a b c d e f g h

  24. Delegation operations and their semantics Introduction transferRoleDynamic ( u , v , d ) Delegation operations in hierarchical Delegator u transfers role d to delegatee v RBAC Controlling delegation Enforcing transfer delegation semantics Conclusion a b c d e f g h

  25. Delegation operations and their semantics Introduction transferRoleDynamic ( u , v , d ) Delegation operations in hierarchical Delegator u transfers role d to delegatee v RBAC u is no longer authorized for any role x ∈ ↓ d unless u has Controlling delegation activated a role r � = d such that r � x Enforcing transfer delegation semantics Conclusion a a b c b c d e f d e f g g h h

  26. Administrative scope Introduction Fundamental concept in the RHA family of administrative Delegation models operations in hierarchical RBAC Maps a role r to a set of roles σ ( r ) Controlling σ ( r ) = { r ′ � r : ↑ r ′ ⊆ ↓ r ∪ ↑ r } delegation If r ′ ∈ σ ( r ), every path upwards from r ′ passes through r Enforcing transfer delegation semantics Conclusion

  27. Administrative scope Introduction Fundamental concept in the RHA family of administrative Delegation models operations in hierarchical RBAC Maps a role r to a set of roles σ ( r ) Controlling σ ( r ) = { r ′ � r : ↑ r ′ ⊆ ↓ r ∪ ↑ r } delegation If r ′ ∈ σ ( r ), every path upwards from r ′ passes through r Enforcing transfer delegation semantics Conclusion a σ ( a ) = { a , b , . . . , h } b c σ ( b ) = { b , d } d e f σ ( d ) = { d } g h

  28. Administrative scope and delegation operations Introduction Delegation operations in hierarchical RBAC Controlling delegation It can be shown that the set of roles denied Enforcing transfer delegation by a static transfer of r is σ ( r ) semantics by a dynamic transfer of r is σ ( r ), where σ is evaluated in Conclusion the sub-poset of R generated by the set of activated roles

Recommend


More recommend