Access Control in a Distributed Object Environment Using XML and - - PowerPoint PPT Presentation

access control in a distributed object environment using
SMART_READER_LITE
LIVE PREVIEW

Access Control in a Distributed Object Environment Using XML and - - PowerPoint PPT Presentation

Apr 05, 2023 708 likes •962 views

Access Control in a Distributed Object Environment Using XML and Roles Jason Crampton and Hemanth Khambhammettu Information Security Group Royal Holloway, University of London Introduction Overview What are we doing? Ensuring

slide-1
SLIDE 1

Access Control in a Distributed Object Environment Using XML and Roles

Jason Crampton and Hemanth Khambhammettu

Information Security Group Royal Holloway, University of London

slide-2
SLIDE 2

Access Control in a Distributed Environment Jason Crampton & Hemanth Khambhammettu ISSA 2003 Sandton, South Africa

Introduction – Overview

  • What are we doing?

– Ensuring that access to protected resources in a distributed computing environment is restricted to appropriately authenticated and authorised users

  • Why is it important?

– Web services – Complex heterogeneous systems in large enterprises

  • How are we doing it?

– An architecture for authentication and authorisation – Authorisation uses role-based techniques – Components of architecture integrated by XML schema

slide-3
SLIDE 3

Access Control in a Distributed Environment Jason Crampton & Hemanth Khambhammettu ISSA 2003 Sandton, South Africa

Introduction – Objectives

  • Modularity

– Independence of authentication and authorisation mechanisms – Independence of authorisation enforcement point and authorisation decision point – Avoid bottlenecks at decision and enforcement points – Promote inter-operability, scalability and extensibility

  • Avoid reliance on third-party trust mechanisms
  • Support for audit and delegation
slide-4
SLIDE 4

Access Control in a Distributed Environment Jason Crampton & Hemanth Khambhammettu ISSA 2003 Sandton, South Africa

Introduction – Access control

Reference Monitor Authenticated User Protected Resource

  • Access control protects resources from users

– Access control lists (ACLs) defined for protected resources (Windows 2000, IBM RACF) – A resource’s ACL consists of entries defining which users and groups can access the object – Often difficult to administer in large enterprise

Read?

slide-5
SLIDE 5

Access Control in a Distributed Environment Jason Crampton & Hemanth Khambhammettu ISSA 2003 Sandton, South Africa

Introduction – RBAC

  • Role-based access control

– associates each user with a set of roles – and associates each role with a set of permissions

  • Hence each user is indirectly associated with a

set of permissions

  • Roles may form a hierarchy reflecting
  • rganisational structure
  • Scales well and simplifies administration
slide-6
SLIDE 6

Access Control in a Distributed Environment Jason Crampton & Hemanth Khambhammettu ISSA 2003 Sandton, South Africa

Components of architecture

  • Authentication engine

– Creates authentication tokens

  • Interface

– Access control enforcement point – Assesses the validity of authentication tokens, session certificates and access requests

  • Session manager

– Creates session certificates – Only processes requests from the interface – Maintains information about role hierarchy and user-role assignment

  • Authorisation engine

– Access control decision point – Only processes requests from the interface – Maintains information about permission-role assignment

slide-7
SLIDE 7

Access Control in a Distributed Environment Jason Crampton & Hemanth Khambhammettu ISSA 2003 Sandton, South Africa

XML schema

  • Authentication tokens

– Contain user identity, public key of user, delegation information, lifetime of token

  • Session certificates

– Contain issuer information, user identity, public key of user, lifetime of certificate, roles assigned to user, delegation information

  • Interface requests

– Access requests (forwarded to authorisation engine) – Session certificate requests (forwarded to session manager)

slide-8
SLIDE 8

Access Control in a Distributed Environment Jason Crampton & Hemanth Khambhammettu ISSA 2003 Sandton, South Africa

Session creation (1)

  • User presents credentials to authentication engine

Interface Session Manager User Authentication Engine Authorisation Engine

slide-9
SLIDE 9

Access Control in a Distributed Environment Jason Crampton & Hemanth Khambhammettu ISSA 2003 Sandton, South Africa

Session creation (2)

  • Authentication engine generates public/private key

pair and sends private key to user

Interface Session Manager User Authentication Engine Authorisation Engine

slide-10
SLIDE 10

Access Control in a Distributed Environment Jason Crampton & Hemanth Khambhammettu ISSA 2003 Sandton, South Africa

Session creation (3)

  • Authentication engine generates authentication token

and sends it to interface

Interface Session Manager User Authentication Engine Authorisation Engine

slide-11
SLIDE 11

Access Control in a Distributed Environment Jason Crampton & Hemanth Khambhammettu ISSA 2003 Sandton, South Africa

Session creation (4)

  • Interface sends authentication token to session

manager

Interface Session Manager User Authentication Engine Authorisation Engine

slide-12
SLIDE 12

Access Control in a Distributed Environment Jason Crampton & Hemanth Khambhammettu ISSA 2003 Sandton, South Africa

Session creation (5)

  • Session manager creates session certificate, encrypts

it and sends it to user

Interface Session Manager User Authentication Engine Authorisation Engine

slide-13
SLIDE 13

Access Control in a Distributed Environment Jason Crampton & Hemanth Khambhammettu ISSA 2003 Sandton, South Africa

Making an access request (1)

  • User sends session certificate and digitally signed

access request to interface

Interface Session Manager User Authentication Engine Authorisation Engine

slide-14
SLIDE 14

Access Control in a Distributed Environment Jason Crampton & Hemanth Khambhammettu ISSA 2003 Sandton, South Africa

Making an access request (2)

  • Interface verifies signature on access request and

forwards access request to authorisation engine

Interface Session Manager User Authentication Engine Authorisation Engine

slide-15
SLIDE 15

Access Control in a Distributed Environment Jason Crampton & Hemanth Khambhammettu ISSA 2003 Sandton, South Africa

Making an access request (3)

  • Authorisation engine decides whether request should

be granted and sends decision to interface

Interface Session Manager User Authentication Engine Authorisation Engine

slide-16
SLIDE 16

Access Control in a Distributed Environment Jason Crampton & Hemanth Khambhammettu ISSA 2003 Sandton, South Africa

Making an access request (4)

  • Interface enforces decision by returning either a

handle to the resource or an error message

Interface Session Manager User Authentication Engine Authorisation Engine

slide-17
SLIDE 17

Access Control in a Distributed Environment Jason Crampton & Hemanth Khambhammettu ISSA 2003 Sandton, South Africa

Updating session certificates

  • A session certificate is a static binding of a user

identity to a set of roles

  • Validity of session certificate is sensitive to

– Changes to the user-role assignment relation – Changes in the structure of the hierarchy

  • A user u could have been issued with a session

certificate containing a role r and then have his assignment to a role r revoked

– Any subsequent request by u to use a permission p assigned to r should be denied by the system

slide-18
SLIDE 18

Access Control in a Distributed Environment Jason Crampton & Hemanth Khambhammettu ISSA 2003 Sandton, South Africa

Updating session certificates (1)

  • Session manager sends revised certificate to interface

in response to changes in role hierarchy or user-role assignment

Interface Session Manager User Authentication Engine Authorisation Engine

slide-19
SLIDE 19

Access Control in a Distributed Environment Jason Crampton & Hemanth Khambhammettu ISSA 2003 Sandton, South Africa

Updating session certificates (2)

  • User makes access request

Interface Session Manager User Authentication Engine Authorisation Engine

slide-20
SLIDE 20

Access Control in a Distributed Environment Jason Crampton & Hemanth Khambhammettu ISSA 2003 Sandton, South Africa

Updating session certificates (3)

  • Interface verifies signature, substitutes new session

certificate and forwards request to authorisation engine which returns decision

Interface Session Manager User Authentication Engine Authorisation Engine

slide-21
SLIDE 21

Access Control in a Distributed Environment Jason Crampton & Hemanth Khambhammettu ISSA 2003 Sandton, South Africa

Updating session certificates (4)

  • Interface enforces decision and sends revised session

certificate to user

Interface Session Manager User Authentication Engine Authorisation Engine

slide-22
SLIDE 22

Access Control in a Distributed Environment Jason Crampton & Hemanth Khambhammettu ISSA 2003 Sandton, South Africa

Delegation

  • Our architecture allows users to delegate their

privileges to other users (whom they trust)

  • The ability to delegate privileges is

– determined by the authentication engine – defined in the authentication token

  • Delegation element in session certificate determines

– whether the certificate can be delegated – constrains the number of delegation certificates that can be created

slide-23
SLIDE 23

Access Control in a Distributed Environment Jason Crampton & Hemanth Khambhammettu ISSA 2003 Sandton, South Africa

Conclusions

  • The architecture provides

– mutual authentication for user and target system – role-based authorisation – dynamic re-issue of session certificates – delegation

  • Future work to include

– separation of duty – inter-domain authorisation