institute for cyber security multi tenant access control
play

Institute for Cyber Security Multi-Tenant Access Control for Cloud - PowerPoint PPT Presentation

Nov 06, 2023 •29 likes •539 views

Institute for Cyber Security Multi-Tenant Access Control for Cloud Services PhD Dissertation Defense Bo Tang Committee Members: Dr. Ravi Sandhu, Chair Dr. Kay Robbins Dr. Gregory White Dr. Weining Zhang Dr. Jaehong Park 07/31/2014

  1. Institute for Cyber Security Multi-Tenant Access Control for Cloud Services PhD Dissertation Defense Bo Tang Committee Members: Dr. Ravi Sandhu, Chair Dr. Kay Robbins Dr. Gregory White Dr. Weining Zhang Dr. Jaehong Park 07/31/2014 World-Leading Research with Real-World Impact! 1

  2. The Cloud Anytime Anywhere World-Leading Research with Real-World Impact! 2

  3. Really? But where is my data? World-Leading Research with Real-World Impact! 3

  4. Really? But where is my data? Multi-Tenancy World-Leading Research with Real-World Impact! 4

  5. Cloud & Multi-Tenancy  Shared infrastructure  [$$$] -----> [$|$|$]  Multi-Tenancy  Isolated workspace for customers  Virtually temporarily dedicated resources  Problem:  How to collaborate across tenants? o Even if across my own tenants? World-Leading Research with Real-World Impact! 5

  6. Define Tenant  All deployment models are multi-tenant  E.g.: public cloud, private cloud and community cloud.  From Cloud Service Provider (CSP) perspective  A billing customer  Manages its own users and cloud resources  The owner of a tenant can be  An individual, an organization or a department in an organization, etc. World-Leading Research with Real-World Impact! 6

  7. Characteristics of Cloud  Centralized Facility  Resource pooling  Self-Service Agility  Each tenant manages its own authorization  Tenants, users and resources are temporary  Homogeneity  Identical or similar architecture and system settings  Out-Sourcing Trust  Built-in collaboration spirit World-Leading Research with Real-World Impact! 7

  8. Multi-Tenant Access Control (MTAC) Top-Down Approach Chapter 3 Chapter 4 Chapter 5 World-Leading Research with Real-World Impact! 8

  9. Motivation World-Leading Research with Real-World Impact! 9

  10. Problem & Thesis  Problem Statement The fact that contem porary cloud services are intrinsically not designed to cultivate collaboration betw een tenants lim its the developm ent of the cloud. Fine-grained access control m odels in traditional distributed environm ents are not directly applicable.  Thesis Statement The problem of m ulti-tenant access control in the cloud can be partially solved by integrating various types of unidirectional and unilateral trust relations betw een tenants into role-based and attribute-based access control m odels. World-Leading Research with Real-World Impact! 10

  11. Chapter 2: Related Work  Centralized Approaches  RBAC extensions: ROBAC, GB-RBAC  Multi-domain role mapping  Decentralized Approaches  RT, dRBAC: credential-based delegation  Delegation models: PBDM, RBDM  Attribute-Based Approaches  NIST ABAC: application framework for collaboration  ABAC models: ABURA, RBAC-A, ABAC α , ABAC β  Enforcement and Implementation  Grid: PERMIS, VOMS, CAS  Web: ABAC for SOA systems  Cloud: centralized authorization service with trust models World-Leading Research with Real-World Impact! 11

  12. Scope and Assumptions  Standardized APIs  Cross-tenant accesses are functionally available  Properly authenticated users  One Cloud Service  Of a kind: IaaS, PaaS or SaaS.  Two-Tenant Trust (rather than community trust)  Unidirectional Trust Relations  “I trust you” does not mean “you trust me”  Unilateral Trust Relations (trustor trusts trustee)  Trustee cannot control the trust relation World-Leading Research with Real-World Impact! 12

  13. Multi-Tenant Access Control (MTAC) Top-Down Approach Chapter 3 Chapter 4 Chapter 5 World-Leading Research with Real-World Impact! 13

  14. MTAS Formalizing Calero et al work World-Leading Research with Real-World Impact! 14

  15. Tenant Trust  Tenant Trust ( TT ) relation is not partial order  Reflexive: A ⊴ A  But not transitive: A ⊴ B ∧ B ⊴ C ⇏ A ⊴ C  Neither symmetric: A ⊴ B ⇏ B ⊴ A  Nor anti-symmetric: A ⊴ B ∧ B ⊴ A ⇏ A ≡ B World-Leading Research with Real-World Impact! 15

  16. Administrative MTAS  Tenants are managed by CSP t2 β -trusts t1  on self-service basis Tenant t2 Tenant t1  Each tenant administer: UA u2 u1  Trust relations with other tenants RH R1 R2  Entity components: PA P2 P1 o users, roles and permissions  UA, PA and RH assignments o Cross-tenant assignments are issued by the trustee (t1)  UA: trustor (t2) users to trustee (t1) roles  PA: trustee (t1) permissions to trustor (t2) roles  RH: trustee (t1) roles junior to trustor (t2) roles World-Leading Research with Real-World Impact! 16

  17. Fine-grained Trust Extensions  Problem of MTAS trust model  Over exposure of trustor’s authorization information  Trustor-Centric Public Role (TCPR)  Expose only the trustor’s public roles o E.g.: OS expose only the dev.OS role to all the trustees  Relation-Centric Public Role (RCPR)  Expose public roles specific for each trust relation o E.g.: OS expose only the dev.OS role to E when OS trusts E World-Leading Research with Real-World Impact! 17

  18. Trust Types Between Tenants  Intuitive Trust (Type- α)  Delegations: RT, PBDM, etc.  Trustor gives access to trustee o Trustor has full control  MTAS trust (Type- β)  Trustee gives access to trustor  Other Types?  Trustee takes access from trustor (Type- γ )  Trustor takes access from trustee (Type- δ )  And more? World-Leading Research with Real-World Impact! 18

  19. Example of Cross-Tenant Trust [$]: grant the access OS E Dev.E Charlie  Example:  Type- α : E trusts OS so that E can say [$].  Type- β : OS trusts E so that E can say [$].  Type- γ : E trusts OS so that OS can say [$].  Type- δ : OS trusts E so that OS can say [$]. World-Leading Research with Real-World Impact! 19

  20. Example of Cross-Tenant Trust [$]: grant the access OS E Dev.E Charlie  Example:  Type- α : E trusts OS so that E can say [$].  Type- β : OS trusts E so that E can say [$].  Type- γ : E trusts OS so that OS can say [$].  Type- δ : OS trusts E so that OS can say [$]. World-Leading Research with Real-World Impact! 20

  21. Multi-Tenant Access Control (MTAC) Top-Down Approach Chapter 3 Chapter 4 Chapter 5 World-Leading Research with Real-World Impact! 21

  22. MT-RBAC Issuers: Real-world Owners e.g. E and OS Type- γ Trust World-Leading Research with Real-World Impact! 22

  23. Administrative MT-RBAC t1 γ -trusts t2  Issuers administer tenants Tenant t2 Tenant t1  Each issuer administer: UA u2 u1  Trust relations from owned tenants RH  Entity components: R1 R2 o tenants, users, roles and permissions P2 P1  UA, PA and RH assignments o Cross-tenant assignments are issued by the trustee’s (t2’s) issuer  UA: trustee (t2) users to trustor (t1) roles  RH: trustor (t1) roles junior to trustee (t2) roles o Cross-tenant PA assignments are intentionally banned  PA: trustee (t2) assign trustor (t1) permissions to trustee (t2) roles  Problem: » Trustor cannot revoke PA other than remove the trust World-Leading Research with Real-World Impact! 23

  24. Finer-grained Trust Models  MT-RBAC0: Base Model  Trustor exposes all the roles to trustees  MT-RBAC1: Trustee-Independent Public Role (TIPR)  Expose only the trustor’s public roles o E.g.: E expose only the dev.E role to all the trustees  MT-RBAC2: Trustee-Dependent Public Role (TDPR)  Expose public roles specific for each trustee o E.g.: E expose only the dev.E role to OS when E trusts OS World-Leading Research with Real-World Impact! 24

  25. Constraints  Cyclic Role Hierarchy: lead to implicit role upgrades in the role hierarchy Tenant 1 Tenant 2  SoD: conflict of duties M1 M2  Tenant-level o E.g.: SOX compliant companies may not hire the same company for both consulting and auditing. E1 E2  Role-level o Checks across tenants  Chinese Wall: conflict of interests among tenants o E.g.: never share resources with competitors. World-Leading Research with Real-World Impact! 25

  26. Multi-Tenant Access Control (MTAC) Top-Down Approach Chapter 3 Chapter 4 Chapter 5 World-Leading Research with Real-World Impact! 26

  27. CTTM Trust Types  Four potential trust types:  Type- α: trustor can give access to trustee. (e.g. RT)  Type- β: trustee can give access to trustor. (e.g. MTAS)  Type- γ: trustee can take access from trustor. (e.g. MT- RBAC)  Type- δ : trustor can take access from trustee. o No meaningful use case, since the trustor holds all the control of the cross-tenant assignments of the trustee’s permissions. World-Leading Research with Real-World Impact! 27

  28. Formalized CTTM Model World-Leading Research with Real-World Impact! 28

  29. Role-Based CTTM World-Leading Research with Real-World Impact! 29

  30. Multi-Tenant Access Control (MTAC) Top-Down Approach Chapter 3 Chapter 4 Chapter 5 World-Leading Research with Real-World Impact! 30

  31. MT-ABAC uid: u2 γ -trustee: {t2} utid: t2 tid: t1 sowner: u2 oid: o1 sid: s2 otid: t1 World-Leading Research with Real-World Impact! 31

  32. Multi-Tenant Access Example World-Leading Research with Real-World Impact! 32

  33. Real-World Clouds  AWS  Collaboration between accounts o E.g.: E trusts OS  Unilateral trust relation (Type- α) o The trustor needs to map the roles  OpenStack  User-level delegation (trust) can be established  Cross-domain assignments bear no control World-Leading Research with Real-World Impact! 33

Recommend

Institute for Cyber Security A Framework for Risk-Aware Role Based Access Control Khalid Zaman

Institute for Cyber Security A Framework for Risk-Aware Role Based Access Control Khalid Zaman

Institute for Cyber Security A Framework for Risk-Aware Role Based Access Control Khalid Zaman Bijon, Ram Krishnan and Ravi Sandhu Institute for Cyber Security University of Texas at San Antonio October 16, 2013 SafeConfig 2013: IEEE 6th

227 views • 18 slides
Categorizing container escape methodologies in multi-tenant environments Rik Janssen

Categorizing container escape methodologies in multi-tenant environments Rik Janssen

Categorizing container escape methodologies in multi-tenant environments Rik Janssen rik.janssen@os3.nl Research Project 1 MSc Security and Network Engineering (SNE/OS3) University of Amsterdam Supervisor: Max Hovens KPMG Cyber Security

774 views • 17 slides
Provenance-based Access Control Models July 31, 2014 Dissertation Defense Dang Nguyen Institute

Provenance-based Access Control Models July 31, 2014 Dissertation Defense Dang Nguyen Institute

Institute for Cyber Security Provenance-based Access Control Models July 31, 2014 Dissertation Defense Dang Nguyen Institute for Cyber Security University of Texas at San Antonio World-leading research with real-world impact! 1 Presentation

451 views • 44 slides
Role and Attribute Based Collaborative Administration of Intra-Tenant Cloud IaaS (Invited Paper)

Role and Attribute Based Collaborative Administration of Intra-Tenant Cloud IaaS (Invited Paper)

Institute for Cyber Security Role and Attribute Based Collaborative Administration of Intra-Tenant Cloud IaaS (Invited Paper) Xin Jin, Ram Krishnan and Ravi Sandhu Institute for Cyber Security University of Texas at San Antonio October

494 views • 23 slides
on Cyber Security Presentation by Control Risks James Owen Partner, Cyber, EMEA William Brown

on Cyber Security Presentation by Control Risks James Owen Partner, Cyber, EMEA William Brown

The impact of Covid-19 on Cyber Security Presentation by Control Risks James Owen Partner, Cyber, EMEA William Brown Director, Cyber, Middle East 1 Control Risks Cyber attacks exploiting the pandemic Share of attack vector of organized

447 views • 10 slides
Access Control MAC Summary ITS335: IT Security Sirindhorn International Institute of Technology

Access Control MAC Summary ITS335: IT Security Sirindhorn International Institute of Technology

ITS335 Access Control Concepts DAC RBAC Access Control MAC Summary ITS335: IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 10 October 2013 its335y13s2l04,

400 views • 26 slides
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 7 Access Control

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 7 Access Control

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 7 Access Control Fundamentals Objectives Define Access Controls List the four Access Control Models Describe logical Access Control Methods Explain the

128 views • 8 slides
Security of Cyber-Physical Systems Henrik Sandberg hsan@kth.se Department of Automatic Control,

Security of Cyber-Physical Systems Henrik Sandberg hsan@kth.se Department of Automatic Control,

KTH ROYAL INSTITUTE OF TECHNOLOGY Security of Cyber-Physical Systems Henrik Sandberg hsan@kth.se Department of Automatic Control, KTH, Stockholm, Sweden 7th oCPS PhD School on Cyber-Physical Systems, Lucca, Italy Outline Background and

881 views • 63 slides
CS 4803 Computer and Network Security Alexandra (Sasha) Boldyreva OS security. Access control.

CS 4803 Computer and Network Security Alexandra (Sasha) Boldyreva OS security. Access control.

Access control Access control determines access to files and processes in OS Old area of security, but not well understood CS 4803 Computer and Network Security Alexandra (Sasha) Boldyreva OS security. Access control. 1 2 System

889 views • 5 slides
Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework Reporting Objectives Executive Summary Information Assess Current Cyber Security Posture Measure Progress Toward Improvement Assess

634 views • 5 slides
Cyber Security Research on Industrial Control Systems SM Yiu Department of Computer Science The

Cyber Security Research on Industrial Control Systems SM Yiu Department of Computer Science The

Cyber Security Research on Industrial Control Systems SM Yiu Department of Computer Science The University of Hong Kong Cyber-security for industry 4.0 conference 23 June, 2017 1 Will the followings only be seen in movies? Movies: Cyber

510 views • 28 slides
Institute for Cyber Security A Lattice Interpretation of Group-Centric Collaboration with

Institute for Cyber Security A Lattice Interpretation of Group-Centric Collaboration with

Institute for Cyber Security A Lattice Interpretation of Group-Centric Collaboration with Expedient Insiders Khalid Zaman Bijon, Tahmina Ahmed, Ravi Sandhu, Ram Krishnan Institute for Cyber Security University of Texas at San Antonio 1 1

336 views • 16 slides
Institute for Cyber Security A Formal Model for Isolation Management in Cloud

Institute for Cyber Security A Formal Model for Isolation Management in Cloud

Institute for Cyber Security A Formal Model for Isolation Management in Cloud Infrastructure-as-a-Service Khalid Zaman Bijon, Ram Krishnan and Ravi Sandhu Institute for Cyber Security University of Texas at San Antonio October 15-17, 2014 NSS

146 views • 13 slides
Access Control Enforcement Access Control Enforcement for Conversation- -based based for

Access Control Enforcement Access Control Enforcement for Conversation- -based based for

The Cyber Center The Cyber Center Access Control Enforcement Access Control Enforcement for Conversation- -based based for Conversation Web Services Web Services Massimo Mecella * Mourad Ouzzani Univ. Roma LA SAPIENZA, Italy Purdue

375 views • 26 slides
About Loxal Security Ltd Specialist access control and vacant property security company Unique

About Loxal Security Ltd Specialist access control and vacant property security company Unique

About Loxal Security Ltd Specialist access control and vacant property security company Unique range of access control technology & temporary physical security products : - Keysafes Locking Bar Void security doors & screens

368 views • 21 slides
Outline OS security: authentication, contd Basics of access control CSci 5271 Introduction

Outline OS security: authentication, contd Basics of access control CSci 5271 Introduction

Outline OS security: authentication, contd Basics of access control CSci 5271 Introduction to Computer Security Announcements intermission OS security: access control Unix-style access control Stephen McCamant Multilevel and mandatory

656 views • 9 slides
Institute for Cyber Security Towards Provenance and Risk-Awareness in Social Computing Yuan

Institute for Cyber Security Towards Provenance and Risk-Awareness in Social Computing Yuan

Institute for Cyber Security Towards Provenance and Risk-Awareness in Social Computing Yuan Cheng, Dang Nguyen, Khalid Bijon, Ram Krishnan, Jaehong Park and Ravi Sandhu Institute for Cyber Security University of Texas at San Antonio September

256 views • 12 slides
Securing OAuth2-Enabled, Multi-Tenant Applications with Spring Security Rob Winch SpringSource,

Securing OAuth2-Enabled, Multi-Tenant Applications with Spring Security Rob Winch SpringSource,

Securing OAuth2-Enabled, Multi-Tenant Applications with Spring Security Rob Winch SpringSource, VMware About Me Spring Security Lead at SpringSource, VMware Past Cerner: Secure Health Care Applications Argonne Labs: Grid

562 views • 16 slides
Institute for Cyber Security Towards An Attribute Based Constraints Specification Language

Institute for Cyber Security Towards An Attribute Based Constraints Specification Language

Institute for Cyber Security Towards An Attribute Based Constraints Specification Language Khalid Zaman Bijon, Ram Krishnan and Ravi Sandhu Institute for Cyber Security University of Texas at San Antonio September 11, 2013 2013 ASE/IEEE

425 views • 17 slides
Outline Basics of access control Unix-style access control CSci 5271 Introduction to Computer

Outline Basics of access control Unix-style access control CSci 5271 Introduction to Computer

Outline Basics of access control Unix-style access control CSci 5271 Introduction to Computer Security Announcements intermission Day 10: OS security: access control Multilevel and mandatory access control Stephen McCamant University of

324 views • 10 slides
OS Security CS 161: Computer Security Prof. Anthony D. Joseph January 29, 2014 Access Control

OS Security CS 161: Computer Security Prof. Anthony D. Joseph January 29, 2014 Access Control

Access Control and OS Security CS 161: Computer Security Prof. Anthony D. Joseph January 29, 2014 Access Control Some resources (files, web pages, ) are sensitive. How do we limit who can access them? This is called the access

629 views • 27 slides
Distributed multi-tenant cloud/fog and heterogeneous SDN/NFV orchestration for 5G services Ricard

Distributed multi-tenant cloud/fog and heterogeneous SDN/NFV orchestration for 5G services Ricard

Distributed multi-tenant cloud/fog and heterogeneous SDN/NFV orchestration for 5G services Ricard Vilalta, A. Mayoral, Raul Muoz, Ramon Casellas, Ricardo Martnez The need for generic control functions and a Transport API The NBI of the

679 views • 15 slides
Institute for Cyber Security The University of Texas at San Antonio World-Leading Research with

Institute for Cyber Security The University of Texas at San Antonio World-Leading Research with

Institute for Cyber Security The University of Texas at San Antonio World-Leading Research with Real-World Impact! April 20, 2010 To: Julian Thrash From: Jeff Reich, Director of Operations for the Institute for Cyber Security Subject:

176 views • 3 slides
Quantitative Cyber-Security Colorado State University Yashwant K Malaiya CS559 Course Overview

Quantitative Cyber-Security Colorado State University Yashwant K Malaiya CS559 Course Overview

Quantitative Cyber-Security Colorado State University Yashwant K Malaiya CS559 Course Overview (cont) CSU Cybersecurity Center Computer Science Dept 1 1 Today Security Architecture Key terms Access control and authentication 2

703 views • 47 slides

More recommend