Tie-RBAC An application of RBAC to Social Networks Antonio Tapiador - PowerPoint PPT Presentation

Jun 18, 2023 •6 likes •146 views

Tie-RBAC An application of RBAC to Social Networks Antonio Tapiador Diego Carrera Joaqun Salvacha Departamento de Ingeniera de Sistemas Telemticos ETS de Ingenieros de Telecomunicacin Universidad Politcnica de Madrid Access

Tie-RBAC An application of RBAC to Social Networks Antonio Tapiador Diego Carrera Joaquín Salvachúa Departamento de Ingeniería de Sistemas Telemáticos ETS de Ingenieros de Telecomunicación Universidad Politécnica de Madrid
Access control models ● Discretionary Access Control ● Mandatory Access Control ● Role-based access Control ● Other (Task/workflows, etc) Joshi J, Aref W, Ghafoor A, Spafford E. Security models for web-based applications. Commun. ACM, 44, 2, Feb. 38–44. 2001
RBAC
RBAC advantages ● Policy neutral ● Simplified security administration ● Administrative roles to manage other roles ● Separation of duties ● Least privilege Joshi J, Aref W, Ghafoor A, Spafford E. Security models for web-based applications. Commun. ACM, 44, 2, Feb. 38–44. 2001
Social Network Analysis ● Understanding the linkages between social entities Wasserman S, Faust K. Social network analysis: methods and applications. New York: Cambridge University Press. 1997.
Tie
Tie-RBAC
Tie-RBAC
Tie-RBAC
Advantages from RBAC ● Policy neutral ● Simplified security administration ● Administrative roles to manage other roles
Tie-RBAC advantages ● Relations are similar to roles ● Managing security while building the network
Implementation: Social Stream ● Core for building social network websites ● Ruby on Rails plug-in ● User, groups, post and comments ● Free / open source ● http://social-stream.dit.upm.es/
Looking for scholar visit!
Questions? atapiador@dit.upm.es

Recommend

ROLE BASED ACCESS CONTROL (RBAC) John Barkley RBAC Project Leader Software Diagnostics and

ROLE BASED ACCESS CONTROL (RBAC) John Barkley RBAC Project Leader Software Diagnostics and Conformance Testing National Institute of Standards and Technology (301) 975-3346 jbarkley@nist.gov http://hissa.nist.gov/rbac/ ACTIVE PARTICIPANTS

635 views • 27 slides

Prox-RBAC: A Proximity-based Spatially Aware RBAC Michael S. Kirkpatrick Maria Luisa Damiani

Prox-RBAC: A Proximity-based Spatially Aware RBAC Michael S. Kirkpatrick Maria Luisa Damiani Elisa Bertino 19 th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems (GIS) Chicago, IL, USA November 4, 2011

482 views • 46 slides

1 Core RBAC (2) Core RBAC (3) UA USERS ROLES SESSIONS assigned_users : ( r :

Announcements CS590U Class mailing list Access Control: Theory and David Ferraiolo visit on Sep 16/17 Practice sign-up sheet to meet him after the class Proposal due Sep 30 (20% of grade) Lecture 5 (September 9 th ) Student

437 views • 6 slides

Contextual Privacy Management in Extended RBAC Model Nabil Ajam, Nora Cuppens, Frdric

Contextual Privacy Management in Extended RBAC Model Nabil Ajam, Nora Cuppens, Frdric Cuppens 24 september 2009 page 1 Workshop DPM Nabil Ajam Plan Introduction Motivation to use RBAC models Privacy requirements as OrBAC

461 views • 24 slides

Elaborating and Verifying RBAC Policies Conforming with CobiT Framework Requirements Christophe

Third International Workshop on Requirements Engineering and Law (RELAW 10) - September 28 th 2010 Conceptualizing a Responsibility based Approach for Elaborating and Verifying RBAC Policies Conforming with CobiT Framework Requirements

429 views • 27 slides

RBAC Administration in Distributed Systems Policy Distribution Concluding Remarks Marnix

Introduction Modeling Distributed Systems RBAC Administration in Distributed Systems Policy Distribution Concluding Remarks Marnix Dekker, Jason Crampton, Sandro Etalle Questions Distributed and Embedded Systems groep (DIES), Universitity

541 views • 26 slides

Role-based access control Role-based access control 1 RBAC: Motivations Complexity of

Role-based access control Role-based access control 1 RBAC: Motivations Complexity of security administration p y y For large number of subjects and objects, the number of authorizations can become extremely large For dynamic

536 views • 51 slides

XACML and Role-Based Access Control Jason Crampton Royal Holloway, University of London DIMACS

XACML and Role-Based Access Control Jason Crampton Royal Holloway, University of London DIMACS Workshop on Secure Web Services and e-Commerce XACML and RBAC/Introduction Jason Crampton Programme Examine the XACML standard and the XACML RBAC

499 views • 32 slides

Role-based access control 1 RBAC: Motivations Complexity of security administration For

Role-based access control 1 RBAC: Motivations Complexity of security administration For large number of subjects and objects, the number of o a ge u be o subjects a d objects, t e u be o authorizations can become extremely large

783 views • 26 slides

Pros and cons for using LDAP as backend for an RBAC system 3 rd LDAPCon, Heidelberg,

Pros and cons for using LDAP as backend for an RBAC system 3 rd LDAPCon, Heidelberg, 10.-11.10.2011 Peter Gietz, Markus Widmer, DAASI International GmbH Peter.gietz@daasi.de Markus.widmer@daasi.de 1 (c) October 2011 DAASI

815 views • 52 slides

Application Layer CS 3516 Computer Networks CS 3516 Computer Networks 2: Application Layer 2

Application Layer CS 3516 Computer Networks CS 3516 Computer Networks 2: Application Layer 2 Chapter 2: Application Layer Some network apps learn about protocols Goals: conceptual, e-mail social networks by examining

371 views • 14 slides

Simulating Games on Networks with R Application to Coordination in Dynamic Social Network Under

Introduction Outline The model Simulation Results Implementation Summing-up Simulating Games on Networks with R Application to Coordination in Dynamic Social Network Under Heterogeneity Micha l Bojanowski ICS / Department of Sociology

406 views • 16 slides

Querying Geo-social Data by Bridging Spatial Networks and Social Networks Yerach Ben Yaron

Querying Geo-social Data by Bridging Spatial Networks and Social Networks Yerach Ben Yaron Doytsher Galon Kanza 1 Motivation Social networks provide valuable information on social relationships among people (users) Associating

1.25k views • 46 slides

Introduction Social and Economic Networks MohammadAmin Fazli Social and Economic Networks 1

Introduction Social and Economic Networks MohammadAmin Fazli Social and Economic Networks 1 Why Study Networks Social networks permeate our social and economic lives They play a central role in the transmission of information, .

562 views • 35 slides

Multi-agent distributed optimization over networks and its application to energy systems Maria

Vistas in Control | ETH Zurich | September 10 - 11 2018 Multi-agent distributed optimization over networks and its application to energy systems Maria Prandini Introduction Robotic networks Social networks taken from AJGpr.com Transportation

1.27k views • 116 slides

portable social networks with microformats social networks pownce.com ma.gnolia.com

creating portable social networks with microformats social networks pownce.com ma.gnolia.com edenbee.com upcoming.yahoo.com last.fm twitter.com flickr.com Social network fatigue? More important than that: freedom of movement; reducing

404 views • 25 slides

Graphs and social networks Social networks Active area of research motivated in part by

csci 210: Data Structures Graphs and social networks Social networks Active area of research motivated in part by growing public fascination withe the complex connectedness of modern society Social networks have grown in

590 views • 11 slides

SOCIAL NETWORKS OF ELDERLY PEOPLE Hayden Manseau 1 1. THE PROBLEM 2 THE IMPACT OF SOCIAL

SOCIAL NETWORKS OF ELDERLY PEOPLE Hayden Manseau 1 1. THE PROBLEM 2 THE IMPACT OF SOCIAL NETWORKS IN ELDERLY POPULATION Social Network Elderly Social Networks Reduced Social Networks Is defined as a subjective Could be family members,

129 views • 11 slides

On Permissions, Inheritance and Role Hierarchies Jason Crampton Information Security Group

On Permissions, Inheritance and Role Hierarchies Jason Crampton Information Security Group Royal Holloway, University of London Introduction The role hierarchy is central to most RBAC models Modelled as a partially ordered set R

834 views • 25 slides

Beautiful REST + JSON APIs Les Hazlewood, @lhazlewood Founder & CTO, Stormpath About

Beautiful REST + JSON APIs Les Hazlewood, @lhazlewood Founder & CTO, Stormpath About Stormpath User Management API for Developers Registration and Login User Profiles Role Based Access Control (RBAC) Permissions

1.26k views • 86 slides

Delegation in Role-Based Access Control Controlling delegation Enforcing transfer delegation

Introduction Delegation operations in hierarchical RBAC Delegation in Role-Based Access Control Controlling delegation Enforcing transfer delegation Jason Crampton Hemanth Khambhammettu semantics Conclusion Information Security

959 views • 57 slides

The Chinese Wall Conflict of Interests Access Control Model Chinese Wall Policy

Introduction Access Control Models Other models: Part II The Chinese Wall Model it combines elements of DAC and MAC RBAC Model it is a DAC model; however, it is Elisa Bertino sometimes considered a policy-neutral model

611 views • 12 slides

Role-Based Access Control CS461/ECE422 Spring 2012 Reading

Role-Based Access Control CS461/ECE422 Spring 2012 Reading Material Chapter 4, sec?ons 4.5 and 4.6 [SFK00] DAC vs RBAC DAC Users, Groups

415 views • 25 slides

Existence & Emergence of Navigability in Social Networks Emmanuelle Lebhar (CNRS &

Existence & Emergence of Navigability in Social Networks Emmanuelle Lebhar (CNRS & CMM-U. de Chile) 1 1- Social networks 2 Social networks Networks of human beings interactions. High school dating Co-authorship in Physics 3

1.29k views • 125 slides