Prox-RBAC: A Proximity-based Spatially Aware RBAC Michael S. Kirkpatrick Maria Luisa Damiani Elisa Bertino 19 th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems (GIS) Chicago, IL, USA November 4, 2011 Wednesday, November 9, 2011
Motivation M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 2 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Motivation M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 2 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Motivation M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 2 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Motivation • GEO-RBAC augments access control with spatial data • <Doctor, coffeeshop> vs. <Doctor, ER> • Spatial role based on requesting user’s location • Others’ locations have security implications • Separation of duty • Presence of unprivileged users ( e.g. , civilians) M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 3 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Motivation • GEO-RBAC augments access control with spatial data • <Doctor, coffeeshop> vs. <Doctor, ER> • Spatial role based on requesting user’s location • Others’ locations have security implications • Separation of duty • Presence of unprivileged users ( e.g. , civilians) M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 3 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Key Issues • Space model • Language definition • Location integrity • Technological feasibility M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 4 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Key Issues GIS Access Control • Space model This talk • Language definition • Location integrity • Technological feasibility Crypto Formal Methods/ Languages M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 4 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Space Model M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 5 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Space Model • Indoor space model • Protected area (PA) • Entry points M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 5 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Space Model M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 5 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Space Model M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 6 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Space Model M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 6 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Space Model M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 6 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Accessibility Graph • Directed multigraph • Nodes denote protected areas • Edges denote entry points M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 7 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Hierarchical Containment • Partial order pa i ⊆ pa j Π • s ∈ pa i ⇒ s ∈ pa j • Entry into pa i requires presence in pa j • pa i ⊆ pa j and pa i ⊆ pa k ⇒ pa j ⊆ pa k or pa k ⊆ pa j Π Π Π Π M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 8 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Parent Tree • Accessibility graph alone is insufficient • Hierarchical space model • Typing of areas • Room, floor, suite, etc. • User locations are at finest granularity M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 9 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Authorized PAs • AuthPA(s) • PAs subject s is authorized to enter • pa i ∈ AuthPA(s) implies Parent(pa i ) ∈ AuthPA(s) • If pa i ∈ AuthPA(s) and pa i only reachable from sibling pa j , then pa j ∈ AuthPA(s) M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 10 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Authorized PAs • AuthPA(s) • PAs subject s is authorized to enter • pa i ∈ AuthPA(s) implies Parent(pa i ) ∈ AuthPA(s) • If pa i ∈ AuthPA(s) and pa i only reachable from sibling pa j , then pa j ∈ AuthPA(s) M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 10 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Authorized PAs • AuthPA(s) • PAs subject s is authorized to enter • pa i ∈ AuthPA(s) implies Parent(pa i ) ∈ AuthPA(s) • If pa i ∈ AuthPA(s) and pa i only reachable from sibling pa j , then pa j ∈ AuthPA(s) M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 10 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Policy Language M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 11 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Policy Language • Relative constraint clause at_least 1 supervisor in Room 100 • Continuity of usage while (at_most 0 civilians in this.room) • Timeout constraint while (...) timeout 1 minute M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 11 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Policy Language Any topological relationship • Relative constraint clause at_least 1 supervisor in Room 100 • Continuity of usage while (at_most 0 civilians in this.room) • Timeout constraint while (...) timeout 1 minute M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 11 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Policy Language • Relative constraint clause at_least 1 supervisor in Room 100 • Continuity of usage while (at_most 0 civilians in this.room) • Timeout constraint while (...) timeout 1 minute M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 11 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Policy Language • Relative constraint clause at_least 1 supervisor in Room 100 • Continuity of usage while (at_most 0 civilians in this.room) • Timeout constraint while (...) timeout 1 minute M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 11 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Policy Language • Relative constraint clause at_least 1 supervisor in Room 100 • Continuity of usage while (at_most 0 civilians in this.room) • Timeout constraint while (...) timeout 1 minute M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 11 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Semantics M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 12 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Semantics User is in the PA, authorized to enter role M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 12 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Semantics Other users also satisfy constraints M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 12 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Semantics Access stopped when others ... move M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 12 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Enforcement LD LD LD AS LD LD LD LD LD LD M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 13 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Enforcement LD LD LD AS LD Proof of LD location LD LD LD LD M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 13 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Enforcement LD LD LD AS LD LD Proof + LD LD credentials LD LD M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 13 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Request Protocol M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 14 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Request Protocol Bind the user to the location at the time M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 14 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Request Protocol Send request and signed commitment M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 14 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Request Protocol Prove commitment matches M. S. Kirkpatrick, M. L. Damiani, E. Bertino ACM GIS 2011 14 Prox-RBAC: A Proximity-based Spatially Aware RBAC Wednesday, November 9, 2011
Recommend
More recommend
