toward automated authorization policy enforcement
play

Toward Automated Authorization Policy Enforcement Vinod Ganapathy - PowerPoint PPT Presentation

Jan 01, 2023 •387 likes •792 views

Toward Automated Authorization Policy Enforcement Vinod Ganapathy Trent Jaeger Somesh Jha vg@cs.wisc.edu tjaeger@cse.psu.edu jha@cs.wisc.edu March 1 st , 2006 Second Annual Security-enhanced Linux Symposium Baltimore, Maryland Introduction

  1. Toward Automated Authorization Policy Enforcement Vinod Ganapathy Trent Jaeger Somesh Jha vg@cs.wisc.edu tjaeger@cse.psu.edu jha@cs.wisc.edu March 1 st , 2006 Second Annual Security-enhanced Linux Symposium Baltimore, Maryland

  2. Introduction • SELinux helps meet information-flow goals Request Allowed? User Yes/No Yes/No App • Expressive access-control policy language • Security-enhanced operating system SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 2

  3. Security-aware Applications • Need for security-aware applications Request Allowed? User Yes/No Yes/No App • Can we build applications that can enforce mandatory access control policies? SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 3

  4. Security-aware Applications • Need for security-aware applications Request Allowed? Server Client Yes/No Yes/No Allowed? Yes/No SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 4

  5. Security-aware Applications • Need for security-aware applications Request Allowed? Server Client Yes/No Yes/No • Our work: How to build security-aware applications? • Focus is on mechanism, not policy SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 5

  6. Motivating Example Remote Client: Alice Alice Local X Server SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 6

  7. Motivating Example Remote Client: Bob Remote Client: Alice Alice Bob X Server SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 7

  8. Motivating Example Remote Client: Bob Remote Client: Alice Remote Client: Alice Alice X Server Keyboard input Malicious client can snoop on input violating Alice’s confidentiality SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 8

  9. Motivating Example Remote Client: Bob Remote Client: Alice Remote Client: Alice Alice X Server Malicious client can alter settings on other client windows SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 9

  10. Motivating Example Remote Client: Bob Remote Client: Alice Remote Client: Alice Alice X Server No mechanism to enforce authorization policies on client interactions SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 10

  11. Motivating Example Remote Client: Bob Remote Client: Alice Remote Client: Alice Alice Input Goal of the Security enhanced Request X server project [Kilpatrick et al., 2003] X Server Keyboard input Disallowed SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 11

  12. Need for Security-awareness • More examples: user-space servers – Samba – Web servers – Proxy and cache servers – Middleware • Common features – Manage multiple clients simultaneously – Offer shared resources to clients – Perform services on behalf of their clients SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 12

  13. Main Claim To effectively meet security-goals, all applications managing shared resources must be made security-aware SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 13

  14. Focus of our work Request Allowed? Server Client Yes/No Yes/No • How to build security-aware applications? • Focus is on mechanism, not policy – Can use tools like Tresys’ SELinux Policy Management Toolkit SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 14

  15. Security-aware Applications Our work: • How to build security-aware applications? Tool support to retrofit legacy • Proactively design code for security servers – MULTICS project [Corbato et al ., 1965] for authorization policy enforcement – Postfix mail server [Venema] • Retrofit existing, legacy code – Linux Security Modules project [Wright et al ., 2002] – Security-enhanced X project [Kilpatrick et al ., 2003] – Privilege separated OpenSSH [Provos et al ., 2003] SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 15

  16. Our Work Legacy Security-aware server server • Tools to analyze and retrofit legacy code • Two case studies: – Retrofitting the X server [IEEE S&P 2006] – Retrofitting Linux [ACM CCS 2005] SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 16

  17. Main Goal • Tool support to add reference monitoring Main challenge: Where to place to user-space servers reference monitor hooks? Security-Event Yes/No Reference Server Monitor SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 17

  18. Authorization Policies • Access-control matrix [Lampson’71] /etc/passwd /usr/vg/a.out /var/log root r/w r/w/x r/w vg r/w/x r • Three entities: ‹ subject, object, operation › – Subject (user or process) – Object (resource, such as file or socket) – Security-sensitive operation (access vectors) SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 18

  19. Main Goal • Analysis techniques to find where server performs security-sensitive operations Security-Event Yes/No Reference Server Monitor SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 19

  20. Key Insight: Fingerprints • Each security-sensitive operation has a fingerprint • Intuition: Denotes key code-level steps to achieve the operation SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 20

  21. Examples of Fingerprints • Three access vectors from SELinux • DIR_WRITE :- – Set inode->i_ctime & – Call address_space_ops->prepare_write() • DIR_RMDIR : - – Set inode->i_size TO 0 & – Decrement inode->i_nlink • SOCKET_BIND :- – Call socket->proto_ops->bind() SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 21

  22. Examples of Fingerprints • Access vectors for the X server • WINDOW_MAP :- – Set WindowPtr->mapped TO TRUE & – Set xEvent->type TO MapNotify • WINDOW_ENUMERATE:- – Read WindowPtr->firstChild & – Read WindowPtr->nextSib & – Compare WindowPtr ≠ 0 SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 22

  23. Key Insight: Fingerprints • How to find fingerprints? • How to use fingerprints to place hooks? SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 23

  24. Using Fingerprints: An Example • X server function MapSubWindows MapSubWindows(Window *pParent, Client *pClient) { xEvent event; Window *pWin; … pWin = pParent->firstChild; … for (;pWin != 0; pWin=pWin->nextSib) { pWin->mapped = TRUE; … event.type = MapNotify; } } SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 24

  25. Examples of Fingerprints • Access vectors for the X server • WINDOW_MAP :- – Set WindowPtr->mapped TO TRUE & – Set xEvent->type TO MapNotify • WINDOW_ENUMERATE:- – Read WindowPtr->firstChild & – Read WindowPtr->nextSib & – Compare WindowPtr ≠ 0 SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 25

  26. Using Fingerprints: An Example • X server function MapSubWindows MapSubWindows(Window *pParent, Client *pClient) { xEvent event; Window *pWin; … pWin = pParent->firstChild; … for (;pWin != 0; pWin=pWin->nextSib) { pWin->mapped = TRUE; … Performs event.type = MapNotify; Window_Map } } SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 26

  27. Examples of Fingerprints • Access vectors for the X server • WINDOW_MAP :- – Set WindowPtr->mapped TO TRUE & – Set xEvent->type TO MapNotify • WINDOW_ENUMERATE:- – Read WindowPtr->firstChild & – Read WindowPtr->nextSib & – Compare WindowPtr ≠ 0 SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 27

  28. Using Fingerprints: An Example • X server function MapSubWindows MapSubWindows(Window *pParent, Client *pClient) { Performs xEvent event; Window_Enumerate Window *pWin; … pWin = pParent->firstChild; … for (;pWin != 0; pWin=pWin->nextSib) { // Code to map window on screen pWin->mapped = TRUE; … event.type = MapNotify; } } SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 28

  29. Using Fingerprints • Fingerprints located using static analysis • Key advantage: statically find all locations where fingerprints occur • Can add hooks to all these locations SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 29

  30. Adding Hooks: An Example • X server function MapSubWindows MapSubWindows(Window *pParent, Client *pClient) { xEvent event; Window *pWin; // Code to enumerate child windows avc_has_perm(pClient, pParent, WINDOW_ENUMERATE); pWin = pParent->firstChild; … for (;pWin != 0; pWin=pWin->nextSib) { // Code to map window on screen avc_has_perm(pClient, pWin, WINDOW_MAP); pWin->mapped = TRUE; … event.type = MapNotify; } } SELinux 2006 Ganapathy/Jaeger/Jha: Toward Automated Authorization Policy Enforcement 30

Recommend

Biocide enforcement in EU MARISTELLA RUBBIANI HEAD OF UNIT SUBSTANCES AND PRODUCTS AUTHORIZATION

Biocide enforcement in EU MARISTELLA RUBBIANI HEAD OF UNIT SUBSTANCES AND PRODUCTS AUTHORIZATION

Biocide enforcement in EU MARISTELLA RUBBIANI HEAD OF UNIT SUBSTANCES AND PRODUCTS AUTHORIZATION ISS ITALY The BPR enforcement in EU On 29 September 2016 a Biocidal products Regulation, Biocides, Enforcement, Europe was created A

366 views • 32 slides
ACE Automated Broker Interface Automated Interface Requirements ACH Debit Authorization/Entry

ACE Automated Broker Interface Automated Interface Requirements ACH Debit Authorization/Entry

ACE Automated Broker Interface Automated Interface Requirements ACH Debit Authorization/Entry Summary Presentation September 10, 2019 Contents Table of Changes

516 views • 13 slides
AUTOMATED TRAFFIC ENFORCEMENT April 23, 2019 Overview Summary of what is changing

AUTOMATED TRAFFIC ENFORCEMENT April 23, 2019 Overview Summary of what is changing

AUTOMATED TRAFFIC ENFORCEMENT April 23, 2019 Overview Summary of what is changing Council Policy What is Different? Provincial Changes Impacting the City Post rationale for sites on website Annual Traffic Safety Plan

559 views • 6 slides
AUTOMATED TRAFFIC ENFORCEMENT April 15, 2019 Overview Updated information on approved

AUTOMATED TRAFFIC ENFORCEMENT April 15, 2019 Overview Updated information on approved

AUTOMATED TRAFFIC ENFORCEMENT April 15, 2019 Overview Updated information on approved motions and recommendations. Further information on revenue allocation. Introduce Council Policy. Updated Information Failure to Stop AJSG

437 views • 19 slides
SJR 21: Illegal Cigarette Trafficking November 13, 2012 Overview Study Authorization

SJR 21: Illegal Cigarette Trafficking November 13, 2012 Overview Study Authorization

SJR 21: Illegal Cigarette Trafficking November 13, 2012 Overview Study Authorization Summary Virginia Dept. of Taxation Data Enforcement and Conviction Data Policy Considerations Discussion VIRGINIA STATE CRIME COMMISSION

581 views • 46 slides
AUTOMATED TRAFFIC ENFORCEMENT March 18, 2019 OVERVIEW Highlights from the report 53

AUTOMATED TRAFFIC ENFORCEMENT March 18, 2019 OVERVIEW Highlights from the report 53

AUTOMATED TRAFFIC ENFORCEMENT March 18, 2019 OVERVIEW Highlights from the report 53 pages of detail Try to take main points/story for presentation Focus discussion on recommendations Enough overall information for

895 views • 63 slides
Policy-driven Negotiation for Authorization in the Grid Ionut Constandache Duke University

Policy-driven Negotiation for Authorization in the Grid Ionut Constandache Duke University

Policy-driven Negotiation for Authorization in the Grid Ionut Constandache Duke University Daniel Olm edilla L3S Research Center Frank SiebenList Argonne National Laboratory 8 th IEEE POLICY Bologna, Italy, 15 th June 20 0 7 Outline

414 views • 19 slides
Planning Enforcement Adrian Duffield Head of Planning 1 The planning process Enforcement

Planning Enforcement Adrian Duffield Head of Planning 1 The planning process Enforcement

Planning Enforcement Adrian Duffield Head of Planning 1 The planning process Enforcement Policy Applications 2 National Planning Policy NPPF Paragraph 207 Important in maintaining public confidence in planning system Discretionary

171 views • 14 slides
Navigating Emergency Use Authorization: FDA Policy for COVID- 19 Diagnostic Tests Ian McGill,

Navigating Emergency Use Authorization: FDA Policy for COVID- 19 Diagnostic Tests Ian McGill,

Navigating Emergency Use Authorization: FDA Policy for COVID- 19 Diagnostic Tests Ian McGill, PSM, ASQ CBA April 2020 AGENDA EUA Background COVID-19 Policy Guidance Document Test Type and Pathways to distribution Key

454 views • 11 slides
Enforcement Policy Presented by Cris Carrigan David Boyers, & Dr. Matthew Buffleben State

Enforcement Policy Presented by Cris Carrigan David Boyers, & Dr. Matthew Buffleben State

2017 Update: Enforcement Policy Presented by Cris Carrigan David Boyers, & Dr. Matthew Buffleben State Water Resources Control Board Office of Enforcement February 7, 2017 Board Meeting Item 5 2017 Enforcement Policy Highlights

570 views • 20 slides
AUTOMATED TRAFFIC ENFORCEMENT March 25, 2019 Overview Request for Decision March 18,

AUTOMATED TRAFFIC ENFORCEMENT March 25, 2019 Overview Request for Decision March 18,

AUTOMATED TRAFFIC ENFORCEMENT March 25, 2019 Overview Request for Decision March 18, 2019 COW report and subsequent feedback from Council Strong desire to provide clear direction to administration and community Motion as

343 views • 13 slides
Oracle Buys Automated Applications Controls Leader LogicalApps To strengthen Oracles

Oracle Buys Automated Applications Controls Leader LogicalApps To strengthen Oracles

Oracle Buys Automated Applications Controls Leader LogicalApps To strengthen Oracles Governance, Risk and Compliance Suite with Real-time Policy Enforcement October 26, 2007 Disclaimer The following is intended to outline our general product

408 views • 17 slides
Authorization the permission or power given to sb to do sth: enter a security area without

Authorization the permission or power given to sb to do sth: enter a security area without

Authorization the permission or power given to sb to do sth: enter a security area without authorization Authorization in Oxford Advanced Learner's Dictionary Object-oriented Databases authorization is the concept of allowing

70 views • 6 slides
Automated Red Light Enforcement Commission Performance & Program Update April 30, 2019

Automated Red Light Enforcement Commission Performance & Program Update April 30, 2019

Automated Red Light Enforcement Commission Performance & Program Update April 30, 2019 Towfiq Khan, Executive Manager Department of Transportation Program History The City of Dallas implemented Safelight program to reduce high number of

453 views • 12 slides
FPPC Enforcement Retrospective & Prospective Policy Meeting November 22, 2019 2019

FPPC Enforcement Retrospective & Prospective Policy Meeting November 22, 2019 2019

FPPC Enforcement Retrospective & Prospective Policy Meeting November 22, 2019 2019 Enforcement Trends Resource Allocation 2019/2020 Penalties 2019/2020 Streamline/WL Discussion Program Roadblocks to Enforcement Legislative Proposals

633 views • 39 slides
Deriving Enforcement Mechanisms from H. Janicke, et.al. Policies Motivation ITL Policy Rules

Deriving Enforcement Mechanisms from H. Janicke, et.al. Policies Motivation ITL Policy Rules

Deriving Enforcement Mechanisms from Policies Deriving Enforcement Mechanisms from H. Janicke, et.al. Policies Motivation ITL Policy Rules Helge Janicke, Antonio Cau, Fran cois Siewe, Enforcement Hussein Zedan Summary Software

550 views • 16 slides
The Irish Waste Management Conference Waste policy and enforcement: update Alison Fanagan 28

The Irish Waste Management Conference Waste policy and enforcement: update Alison Fanagan 28

The Irish Waste Management Conference Waste policy and enforcement: update Alison Fanagan 28 November 2019 M-47824253-1 Introduction Waste policy Waste enforcement 2012 A resource opportunity: up for review What are Irelands

400 views • 28 slides
GAMING POLICY AND ENFORCEMENT BRANCH SAM MACLEOD, ASSISTANT DEPUTY MINISTER AND GENERAL MANAGER

GAMING POLICY AND ENFORCEMENT BRANCH SAM MACLEOD, ASSISTANT DEPUTY MINISTER AND GENERAL MANAGER

GAMING POLICY AND ENFORCEMENT BRANCH SAM MACLEOD, ASSISTANT DEPUTY MINISTER AND GENERAL MANAGER German Report Implementation: Addressing Money Laundering in BCs Casinos Presentation for UBCM GAMING POLICY AND ENFORCEMENT BRANCH (GPEB)

830 views • 11 slides
Enforcement Policy for the Processing of Penalty Charge Notices Civil Parking Enforcement

Enforcement Policy for the Processing of Penalty Charge Notices Civil Parking Enforcement

Civil Parking Enforcement Policy for the Processing of Penalty Charge Notices Civil Parking Enforcement Guidance for the processing of Penalty Charge Notices in the County of Staffordshire June 2007 Revised February 2008 Introduction In

828 views • 64 slides
Authorization We will use the terms authorization and access control interchangeably

Authorization We will use the terms authorization and access control interchangeably

Authorization We will use the terms authorization and access control interchangeably Authorization answers the question who is allowed to do what ? A first step in the development of an access control system is the

651 views • 53 slides
Automated License Plate Reader (ALPR) usage November 7, 2017 ALPR usage among MN Law Enforcement

Automated License Plate Reader (ALPR) usage November 7, 2017 ALPR usage among MN Law Enforcement

Automated License Plate Reader (ALPR) usage November 7, 2017 ALPR usage among MN Law Enforcement Minnesota LE agencies with at least one ALPR device: 34 municipal/tribal police departments 9 Sheriffs Offices Minnesota State Patrol

655 views • 17 slides
1 Travel Authorization and Expense Process 1. Introduction 2. Travel Authorization 3. Travel

1 Travel Authorization and Expense Process 1. Introduction 2. Travel Authorization 3. Travel

1 Travel Authorization and Expense Process 1. Introduction 2. Travel Authorization 3. Travel Expense 4. Travel Regulations 2 Travel Authorization (See Next Slide for Detailed Steps) 2. Trip Information goes here 1. Budgetary Coding goes

321 views • 11 slides
in Hungary Enforcement procedure Procedure after Ordering enforcement enforcement order

in Hungary Enforcement procedure Procedure after Ordering enforcement enforcement order

Monitoring of enforcement in Hungary Enforcement procedure Procedure after Ordering enforcement enforcement order Ordering enforcement Authorities court notary public Enforcement order certificate of enforcement

540 views • 12 slides
The Autonomous Vehicle Vision CSG Autonomous & Connected Vehicles Policy Academy Prashanthi

The Autonomous Vehicle Vision CSG Autonomous & Connected Vehicles Policy Academy Prashanthi

The Autonomous Vehicle Vision CSG Autonomous & Connected Vehicles Policy Academy Prashanthi Rao Raman Director of Public Policy, Lyft Will automated cars help or hurt cities? Will automated cars cut miles and carbon? Will automated cars

290 views • 28 slides

More recommend