1 / 26

Role-Based Security in a Distributed Resource Environment*

Role-Based Security in a Distributed Resource Environment*. Profs. Steven A. Demurjian and T.C. Ting J. Balthazar, H. Ren, and C. Phillips Computer Science & Engineering Department 191 Auditorium Road, Box U-155 The University of Connecticut Storrs, Connecticut 06269-3155.

lionel-trujillo
Download Presentation

Role-Based Security in a Distributed Resource Environment*

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Role-Based Security in a Distributed Resource Environment* Profs. Steven A. Demurjian and T.C. Ting J. Balthazar, H. Ren, and C. Phillips Computer Science & Engineering Department 191 Auditorium Road, Box U-155 The University of Connecticut Storrs, Connecticut 06269-3155 http://www.engr.uconn.edu/~steve steve@engr.uconn.edu Dr. Paul Barr The MITRE Corp 145 Wyckoff Road Eatontown, New Jersey 07724 poobarr@mitre.org *This work supported in part by a research contract from the Mitre Corporation (Eatontown, NJ) and a research grant from AFOSR

  2. Overview • Goals of Our Research Effort • Sun’s JINI Technology • A Software Architecture for Role-Based Security • Proposed Software Architecture • Security Resources and Services • Security Client and Resource Interactions • Client Interactions and Processing • Experimental Prototypes • JINI Prototype of Role Based Approach • Security Client Prototype • Related Work • Conclusions and Future Work

  3. Goals of Our Research Effort • Incorporation of Role-Based Approach within Distributed Resource Environment • Highly-Available Distributed Applications Constructed Using Middleware Tools • Demonstrate Use of JINI to Provide Selective Access of Clients to Resources Based on Role • Propose Software Architecture and Role-Based Security Model for • Authorization of Clients Based on Role • Authentication of Clients and Resources • Enforcement so Clients Only Use Authorized Services (of Resource) • Propose Security Solution for Distributed Applications for Clients and Services (Resources)

  4. Sun’s JINI Technology • Construct Distributed Applications Using JINI by • Federating Groups of Users • Resources Provide Services for Users • A Resource Provides a Set of Services for Use by Clients (Users) and Other Resources (Services) • A Service is Similar to a Public Method • Exportable - Analogous to API • Any Entity Utilized by Person or Program • Samples Include: • Computation, Persistent Store, Printer, Sensor • Software Filter, Real-Time Data Source • Services: Concrete Interfaces of Components • Services Register with Lookup Service

  5. Sun’s JINI TechnologyKey JINI Concepts and Terms • Registrationof Services via Leasing Mechanism • Resource Leases Services to Lookup Service • Resources Renew Services Prior to Expiration • If not, Services Become Unavailable • Lookup Service Maintains Registry • Services as Available “Components” • Leasing Supports High-Availability • Registration and Renewal Process • Upon Failure, Services Removed from Registry • Clients, Resources, Lookup Can Occupy Same or Different Computing Nodes

  6. Sun’s JINI TechnologyJoin, Lookup, and Service Invocation Request Service AddCourse(CSE900) Service Object Service Attributes Register & Lease Services CourseDB Class Contains Method AddCourse ( ) Return Service Proxy to AddCourse( ) Join Service Invocation via Proxy by Transparent RMI Call Resource Service Object Service Attributes Lookup Service Registry of Entries Client 1. Client Invokes AddCourse(CSE900) on Resource 2. Resource Returns Status of Invocation

  7. Proposed Software Architecturefor Role-Based Security • Many Current Lookup Services • Successfully Dictates Service Utilization • Requires Programmatic Solution for Security • DoesNot Selectively and Dynamically Control Access Based on Client Role • Security of a Distributed Resource Should Selectively and Dynamically Control Client Access to Services Based on the Role • Our Approach • Define Dedicated Resources to Authorize, Authenticate, and Enforce Security by Role • Proposed Resources • Role-Based Privileges, Authorization List, Security Registration

  8. Proposed Software Architecturefor Role-Based Security Role-Based Security Lookup Privileges Java Registration Service Client Java Database Client Software Legacy Agent Legacy COTS Client Database Database Client Lookup COTS Authorization COTS Service Client List Clients Using Services Resources Provide Services Figure 3.1: General Architecture of Clients and Resources.

  9. Security Resources and Services • Role-Based Privileges Resource • Define User-role • Grant/Revoke Access of Role to Resource • Register Services • Authorization List Resource • Maintains Client Profile (Many Client Types) • Client Profile and Authorize Role Services • Security Registration Resource • Register Client Service • Identity Registration at Startup • Uses IP Address • Services of Resource • Functionally Separated and Organized • Resemble Method Definitions (OO)

  10. The Services of theRole-Based Privilege Resource

  11. The Services of theAuthorization-List Resource

  12. The Services of theSecurity Registration Resource

  13. Security Client and Resource Interactions Security Client General Resource Security Registration Find_Client(C_Id, IP_Addr); Find_All_Active_Clients(); Grant_UR_Client(UR_Id, C_Id); Revoke_UR_Client(UR, C_Id); Find_AllUR_Client(C_Id); Find_All_Clients_UR(UR); Create_New_Client(C_Id); Delete_Client(C_Id); Find_Client(C_Id); Find_All_Clients(); Authorization List Lookup Service Create_New_Role(UR_Name, UR_Disc, UR_Id); Delete_Role(UR_Id); Find_UR_Name(UR_Name); Find_UR_Id(UR_Id); Grant_Resource(UR_Id, R_Id); Grant_Service(UR_Id, R_Id, S_Id); Grant_Method(UR_Id, R_Id, S_Id, M_Id); Revoke_Resource(UR, R_Id); Revoke_Service(UR, R_Id, S_Id); Revoke_Method(UR, R_Id, S_Id, M_Id); Find_AllUR_Resource(UR,R_Id); Find_AllUR_Service(UR,R_Id,S_Id); Find_AllUR_Method(UR,R_Id,S_Id,M_Id); Find_UR_Privileges(UR); Discover Service Return Proxy Register_Resource(R_Id); Register_Service(R_Id, S_Id); Register_Method(R_Id, S_Id, M_Id); UnRegister_Resource(R_Id); UnRegister_Service(R_Id, S_Id); UnRegister_Method(R_Id, S_Id, M_Id); Role-BasedPrivileges Figure 3.3: Security Client and Database Resource Interactions.

  14. Client Interactions and Processing GUI Client 1. Register_Client(C_Id, IP_Addr,UR); Security Registration 2. Verify_UR_Client(UR,C_Id); 4. Registration OK? 3. Client OK? 6.IsClient_Registered(C_ID) Authorization List 10. Modification OK? Lookup Service 7. Registration OK? Discover Service Return Proxy 5. ModifyAttr(C_ID,UR,Value) 8. Check_Privileges(UR,R_Id,S_Id,M_Id); Database Resource Role-BasedPrivileges 9. Privileges OK? Figure 3.4: Client Interactions and Service Invocations.

  15. Two Experimental Prototypes • JINI Prototype of Role Based Approach • University Database (UDB) • Initial GUI for Sign In (Authorization List) • Student/faculty GUI Client (Coursedb) • Access to Methods Limited Based on Role (Ex: Only Student Can Enroll in a Course) • Security Client Prototype • Generic Tool • Uses Three Resources and Their Services • Role-Based Privileges • Authorization-List • Security Registration

  16. Experimental Prototype One JINI Prototype of Role Based Approach Role-Based Privileges &Sec. Reg. Role-Based Privileges &Sec. Reg. Java GUI Client1 Java GUI Client2 DBServer Service GetClasses(); PreReqCourse(); GetVacantClasses(); EnrollCourse(); AddCourse(); RemoveCourse(); UpdateCourse(). JINI Lookup Service Author. List Res. (copy 1) Author. List Res. (copy 2) CourseDB Resource (copy 1) CourseDB Resource (copy 2) Figure 4.1: An Architecture of URBS based on JINI Technology.

  17. Experimental Prototype OneExecution Process 1a. Discover Register_Client Service 1b. Return Service Proxy 2. Register the Client 3a. Is Client Authorized? 3b. Succeed - return Role 4. Return Success or Failure 5a. Discover CourseDB Service 5b. Return Service Proxy 6. Invoke a Method, e.g., Invoke EnrollCourse() 7a. Discover Role-Based Priv. & Sec. Reg. Services 7b. Return Service Proxies 8a. Is Client Registered? 8b. Return Yes or No 9a. Can Client Invoke Method? 10. addCourse() or do nothing Role-Base Privileges &Sec. Reg. 2 Java GUI Client1 4 1a, 5a 1b, 5b JINI Lookup Service 8a 9a 8b 9b 10 6 3b 3aa 7b 7a Author.List Res. CourseDB Resource Figure 4.2: Execution Process for Architecture.

  18. Experimental Prototype TwoThe Security Client Prototype Figure 4.3: Initial Security Client Screen.

  19. RecallSecurity Resources and Services

  20. Experimental Prototype TwoRole-Based Privilege Resource & Services Figure 4.4: The Role-Based Privileges Services Screen

  21. Experimental Prototype Two Authorization List Resource & Services Figure 4.5: The Authorization-List Services Screen.

  22. Experimental Prototype Two Security Registration Resource & Services Figure 4.6: The Security Registration Services Screen.

  23. Security Policy & Enforcement (OS Security) Security Filters and Screens Header Encryption User-level Authen. IP Encapsulation Key Mgmt. Protocols Browser Security Use of Encryption Access Control Securing Comm. Channel Establishing a Trusted Computer Base Network Services Kerberos and Charon Security: Mobile Agents Saga Security Architecture Access Tokens Control Vectors Security Monitor Concordia Storage Protection Transmission Protection Server Resource Protection Other Topics Trust Appraisal Metric Analysis Short-lived Certificates Seamless Object Authentication Related Work

  24. Conclusions • For a Distributed Resource Environment • Proposed & Explained a Role-Based Approach • Authorize, Authenticate, and Enforce • Presented an Software Architecture Containing • Role-Based Security Model for a Distributed Resource Environment • Security Registration, Authorization-List, and Role-based Privileges Resources • Developed Two Independent Prototypes • JINI-Based Prototype for Role-Based Security Model that Allows Clients to Access Resources Based on Role • Security Client for Establishing Privileges

  25. Future Work • Negative Privileges • Chaining of Resource Invocations • Client Uses S1 on R1 that Calls S2 on R2 • Client Authorized to S1 but Not S2 • Multiple Security Clients • What Happens When Multiple Security Clients Attempt to Modify Privileges at Same Time? • Is Data Consistency Assured? • Leasing Concept available with JINI • Leasing Allows Services to Expire • Can Role-Based Privileges Also Expire?

  26. Future Work • Location of Client vs. Affect on Service • What if Client in on Local Intranet? • What if Client is on WAN? • Are Privileges Different? • Tracking Computation for Identification Purposes • Currently Require Name, Role, IP Addr, Port # • How is this Tracked when Dynamic IP Addresses are Utilized? • Integration of the the Two Prototypes • Combining Both Prototypes into Working System • Likely Semester Project during Fall 2000

More Related