際際滷

際際滷Share a Scribd company logo

Self-Adaptive Federated Authorisation Infrastructures

Lionel Montrieux
Lionel Montrieux

際際滷s from a talk given at our weekly lab seminar at NII, Tokyo. The talk is mostly based on Christopher Bailey et al's paper on "Self-Adaptive Federated Authorization Infrastructures", as well as related work I was involved with.

1 of 62
Download to read offline
Self-Adaptive Federated Authorisation Infrastructures Lionel Montrieux
C. Bailey, D. Chadwick, R. de Lemos, Self-adaptive federated authorization infrastructures. JCSS, 2014
C. Bailey, L. Montrieux, R. de Lemos, Y. Yu, M. Wermelinger, Run-time generation, transformation, and verification of access control models for self-protection. SEAMS14
L. Montrieux, C. Bailey, R. de Lemos, A. Bandara, Engineering self-adaptive authorisation infrastructures. Draft.
Part 1
I am Arthur, king of the Britons
None shall pass.
Self-Adaptive Federated Authorisation Infrastructures
Its just a scratch.
Just a flesh wound.
Im invincible!!!
Lets just call it a draw then.
Come on, Patsy.
Sinclair et al, 2007 We have been cited examples in which 50-90% of the individuals with access to particular data store also have legacy access to information that they no longer need.
Self-Adaptive Authorisation
Cheng et al., 2009 Self-adaptive systems are systems that are able to modify their behaviour and/ or structure in response changes that occur to the system itself, its environment, or even its goals.
Montrieux et al, draft Self-adaptive authorisation infrastructures refer to the run-time adaptation of the collection of authorisation policies and their enforcement.
Bailey et al, 2014 Federated authorisation infrastructures [] build upon existing authorisation models []. [They] provide the method through which large scale distributed access can be granted.
Part 2
Overview
Target System
Target System Identity Provider Credential Issuing Policy User Attribute Repository Attributes Identity Provider Credential Validation Service Credential Validation Policy Credentials Service Provider Policy Decision Point Access Control Policy Valid Attributes
Adaptive Layer
Adaptive Layer Target System ProbesEffectors Monitor Triggers SAAF Controller Analyser SolutionsPlanner Executor Authorisation Infrastructure Model Behaviour Model
Architecture
Component
Component Sub-component
Self-Adaptive Federated Authorisation Infrastructures
Self-Adaptive Federated Authorisation Infrastructures
Identity Provider Server Identity Provider Server Authorisation Server Identity Provider Server Service Provider Server Roles/ Attributes Role/Attribute Adaptations SAML Assertion Subject Authentication Access Decision Access Request Subject Access Request
LDAP (Attribute Repository) SimpleSAMLPHP: Identity ProviderAttributes Identity Provider Server
Authorisation Server CVS PDP PERMIS Standalone SAAF Controller Access Events Policy Adaptations
ResourcesResources Policy Enforcement Point SimpleSAMLPHP: Service Provider Resources Service Provider Server
Planner Analyser Behaviour Model Authorisation Infrastructure Model Executor Asset Monitor Behaviour Gauges Identity Provider Authorisation Service Rules & Attributes Tailored Solutions Plan Get Behaviour Set BehaviourRBAC/ABAC Constructs Get Attributes Active Policies Access Requests/Decisions Attribute Assignment New Policies
Authorisation Model?
Attr3 Attr2 Attr1 Sub1 Sub2 Sub3 Sub4 IdP1 IdP2 Tgt1 Tgt2 Tgt3 Tgt4 Tgt5 Tgt6 Act1 Act2 Act3 Act4 Act5 Credential Validation Constraints Access Control Constraints Subject Attribute Assignments
Part 3
Initial Configuration
PERMIS AZ Policy <RoleAssignment ID="ContractorIdPAssignment"> <SubjectDomain ID="Contractor"/> <RoleList> <Role Type="permisRole" Value="Contractor"/> </RoleList> <Delegate Depth="0"/> <SOA ID="ContractIdP"/> <Validity/> </RoleAssignment> <TargetAccess ID="ContractPayroll"> <RoleList> <Role type="permisRole" Value="Contractor"/> </RoleList> <TargetList> <TargetDomain ID="PayrollSystem"/> <AllowedAction ID="getEmpPayslip"/> <AllowedAction ID="runPayroll"/> </TargetList> </TargetAccess>
SAAF Behaviour<BehaviourPolicy> <BaseTrigger ID="bt1"> <Subject/> <Provider/> <Attribute type="permisRole">Contractor</Attribute> <Target>PayrollSystem</Target> <Action>getEmpPayslip</Action> <Rate> <Threshold>5</Threshold> <Interval>1</Interval> <TimeScale>min</TimeScale> </Rate> </BaseTrigger> <CompositeTrigger ID="ct1"> <BasedTriggerID>bt1</BasedTriggerID> <Rate> <Threshold>4</Threshold> <Interval>1</Interval> <TimeScale>day</TimeScale> </Rate> </CompositeTrigger> </BehaviourPolicy>
SAAF Solutions (1) <SolutionPolicy> <Solution> <Action> <Operation>removeSubjectAttribute</Operation> </Action> <TriggerID>bt1</TriggerID> <TriggerID>ct1</TriggerID> </Solution> <Solution> <Action> <Operation>removeAttributePermission</Operation> </Action> <Action> <Operation>buildPolicy</Operation> </Action> <Action> <Operation>activatePolicy</Operation> </Action> <TriggerID>ct1</TriggerID> </Solution>
SAAF Solutions (2) <Solution> <Action> <Operation>removeAttributeAssignment</Operation> </Action> <Action> <Operation>buildPolicyFile</Operation> </Action> <Action> <Operation>activatePolicy</Operation> </Action> <TriggerID>ct1</TriggerID> </Solution> <Solution> <Action> <Operation>deactivatePolicy</Operation> </Action> <TriggerID>ct1</TriggerID> </Solution> </SolutionPolicy>
Runtime Adaptation
bt1 ct1 AnalyserPlanner Executor Monitor Target System bt1 S1 S1 S1 ct1 S1,S2,S3,S4 S2 S2
LDAP directory
PERMIS AZ Policy <RoleAssignment ID="ContractorIdPAssignment"> <SubjectDomain ID="Contractor"/> <RoleList> <Role Type="permisRole" Value="Contractor"/> </RoleList> <Delegate Depth="0"/> <SOA ID="ContractIdP"/> <Validity/> </RoleAssignment> Before adaptation (excerpt)
PERMIS AZ Policy <RoleAssignment ID="ContractorIdPAssignment"> <SubjectDomain ID="Contractor"/> <RoleList/> <Delegate Depth="0"/> <SOA ID="ContractIdP"/> <Validity/> </RoleAssignment> After adaptation (excerpt)
Part 4
Validating Solutions Verification Analysis Planning SAAF ControllerRBAC1 RBAC2 RBAC3 RBAC1 RBAC2 RBAC S1, S2, S3 RBAC1 isVerified
Model Validation LDAP PERMIS RBAC CONSTRAINTS RBACDSML
rbacDSML MM
Constraint Verification (OCL) constraint rbacDSML::Granted inv: self.rbacRole >closure(parent).permission >union (self.rbacRole.permission) > includesAll(self.resource.permission)
Part 5
Planner Analyser Behaviour Model Authorisation Infrastructure Model Executor Asset Monitor Behaviour Gauges Identity Provider Authorisation Service Rules & Attributes Tailored Solutions Plan Get Behaviour Set BehaviourRBAC/ABAC Constructs Get Attributes Active Policies Access Requests/Decisions Attribute Assignment New Policies
Model Repair Verification and repair Analysis Planning SAAF ControllerRBAC1 RBAC2 RBAC3 RBAC1_r RBAC2 RBAC S1, S2, S3 RBAC1_r RBAC1_r RBAC2
Model Repair LDAP PERMIS RBAC CONSTRAINTS RBACDSML
Just One More Thing
Self-Adaptive Federated Authorisation Infrastructures
https://saaf- resource.kent.ac.uk/ game/index.php
Thank You
References C. Bailey, D. W. Chadwick, and R. de Lemos, Self-adaptive federated authorization infrastructures, Journal of Computer and System Sciences, vol. 80, no. 5, pp. 935952, Aug. 2014. C. Bailey, L. Montrieux, R. de Lemos, Y. Yu, and M. Wermelinger, Run- time generation, transformation, and verification of access control models for self-protection, in SEAMS14: 9th International Symposium on Software Engineering for Adaptive and Self-Managing Systems, Hyderabad, India, 2014. B. H. C. Cheng, R. de Lemos, H. Giese, P. Inverardi, J. Magee, J. Andersson, B. Becker, N. Bencomo, Y. Brun, B. Cukic, G. D. M. Serugendo, S. Dustdar, A. Finkelstein, C. Gacek, K. Geihs, V. Grassi, G. Karsai, H. M. Kienle, J. Kramer, M. Litoiu, S. Malek, R. Mirandola, H. A. M端ller, S. Park, M. Shaw, M. Tichy, M. Tivoli, D. Weyns, and J. Whittle, Software Engineering for Self-Adaptive Systems: A Research Roadmap, in Software Engineering for Self-Adaptive Systems, B. H. C. Cheng, R. de Lemos, H. Giese, P. Inverardi, and J. Magee, Eds. Springer Berlin Heidelberg, 2009, pp. 126 S. Sinclair, S. W. Smith, S. Trudeau, M. E. Johnson, and A. Portera, Information Risk in Financial Institutions: Field Study and Research Roadmap, in Enterprise Applications and Services in the Finance Industry, D. J. Veit, D. Kundisch, T. Weitzel, C. Weinhardt, F. A. Rabhi, and F. Rajola, Eds. Springer Berlin Heidelberg, 2007, pp. 165 180.
Image Credits All screen captures are from the film Monthy Python and the Holy Grail (1975) Snakes and Ladders, Len Matthews, CC by-nd 2.0 https://goo.gl/3j3KF4

More Related Content

Self-Adaptive Federated Authorisation Infrastructures