Access Control Policy Combining & Comparison
This presentation is the property of its rightful owner.
Sponsored Links
1 / 21

PCL: A Policy Combining Language EXAM: E nvironment for X acml policy A nalysis & M anagement PowerPoint PPT Presentation


  • 58 Views
  • Uploaded on
  • Presentation posted in: General

Access Control Policy Combining & Comparison. PCL: A Policy Combining Language EXAM: E nvironment for X acml policy A nalysis & M anagement. Elisa Bertino, Ninghui Li (Purdue University). Why Policy Combining?.

Download Presentation

PCL: A Policy Combining Language EXAM: E nvironment for X acml policy A nalysis & M anagement

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Pcl a policy combining language exam e nvironment for x acml policy a nalysis m anagement

Access Control Policy Combining & Comparison

  • PCL: A Policy Combining Language

  • EXAM: Environment for Xacml policy Analysis & Management

Elisa Bertino, Ninghui Li (Purdue University)


Why policy combining

Why Policy Combining?

  • A policy may contain multiple sub-policies. The effect of the whole policy is determined by combining the effects of sub-policies

    • Firewalls: first-applicable

    • XACML: deny-overrides, permit-overrides, first-applicable, only-one-applicable


Other useful combining algorithms

Other Useful Combining Algorithms

  • Weak-consensus:

  • Strong-consensus:

  • Weak-majority:

  • Strong-majority:


Our goal

Our Goal

An expressive and practical language for specifying policy combining algorithms

Our solution: PCL

NINGHUI LI, ELISA BERTINO, QIHUA WANG, WAHBEH QADARJI

Purdue University


Overview of pcl

Overview of PCL

  • Uses four values: Σ = {P, D, NA, IN}

  • Evaluation errors are represented by non-empty subsets of {P, D, NA, IN}

    • 15 possible values

  • Two ways to specify policy combining behavior

    • Using a Policy Combining Operator (PCO)

    • Using linear constraints


Policy combining operators

Policy Combining Operators

  • Policy combining operator (PCO)

    • is a PCA that combines two policies (or rules)

    • g: Σ × Σ -> Σ, where Σ = {P, D, NA, IN}

  • A PCO can be represented as a matrix

Deny-overrides

First-applicable


From pco to pca

Deny-overrides

Any

Any

P

D

D

P

Any

Any

P, NA

Any

D, IN

D, IN

D

IN

P

P

IN

NA

NA

IN

NA

NA

From PCO to PCA

  • PCA should be a function Σ+ -> Σ

  • Given a PCO g, its recursive PCA is the function f:

    • f(P1) = P1

    • f(P1, P2) = g(P1, P2)

    • f(P1,…,Pn) = g(f(P1,…,Pn-1), Pn)

  • DFA-representation of policy evaluation

First-applicable


Using linear constraints

Using Linear Constraints

  • PCOs cannot express counting-based strategies.

  • Second approach for PCA specification uses linear constraints on the number of sub-policies that return P, D, NA, and IN.

    • A Linear Constraint is an expressions that uses #P, #D, #NA, #IN, addition/subtraction, comparisons, and AND  and OR 


Other issues we considered

Other Issues We Considered

  • Optimized evaluation of PCAs

  • Specify how to specify obligation-handling behavior in a PCA


Expressive power there are examples for each numbered area

Expressive Power: There are Examples for each numbered area


Using pcl in xacml

Using PCL in XACML

  • An XACML Policy can include the PCA it wants to use

  • A PDP that understands PCL can parse and understand all PCAs specified in it

    • makes deployment of new PCAs feasible


Implementation

Implementation

  • We implemented PCL and integrated it with Sun’s implementation for XACML 1.1

  • Changes and additions were made to several classes and the Result class in particular to account for errors in evaluation


Pcl a policy combining language exam e nvironment for x acml policy a nalysis m anagement

EXAM

Environment for Xacml policy Analysis & Management

EXAM is a comprehensive environment for analyzing and managing XACML access control policies. It supports acquisition, editing and retrieval of policies in addition to policy similarity filtering, policy similarity analysis and policy integration.

ELISA BERTINO, NINGHUI LI, GABRIEL GHINITA, PRATHIMA RAO

Purdue University


Exam overview architecture

User

User

User

User Interface

Policy Annotation

PolicyRepository

EXAM Overview: Architecture

Query Dispatcher

PolicySimilarity Filter

Policy Integration Framework

Policy Similarity Analyzer


Key feature policy similarity analysis

Key Feature –Policy Similarity Analysis

  • Goal

    • Characterize the relationships among the sets of requests respectively authorized by a set of policies.

  • Two techniques

    • Policy Similarity Filter

      • Less precise, faster (based on techniques from document matching techniques)

    • Policy Similarity Analyzer

      • Precise, slower (based on MTDBB)

      • A visualization environment has been developed to visualize policy similarity results


Multi level grid visualization of policy similarity

Multi-level Grid Visualizationof Policy Similarity

p3 <Time  [9am,1am]>

p4 <Time  [1am,9am]>

“DRILL-DOWN”

Action Type


Policy integration

Policy Integration

  • A Fine-grained Integration Algebra (FIA)

    • 3-valued (Permit, Deny, NotApplicable)

    • Specify behavior at the granularity of requests and effects

    • Restrict domain of applicability

    • Support expressive policy languages like XACML

  • Framework for specifying integration constraints and generating integrated policies.

    • MTBDD based implementation of FIA

    • Generation of integrated policy in XACML syntax.


Fine grained integration algebra fia

Fine-grained Integration Algebra (FIA)

Vocabulary of attribute names and domains

Unary operators

Negation Domain Projection

Policy constants

Permit policyDeny policy

Binary operators

Addition Intersection


Fia theoretical results

FIA - Theoretical Results

  • Expressivity

    • FIA can express all XACML policy combining algorithms

    • FIA can express policy “jumps”

    • FIA can model closed policies and open policies

  • Completeness

    • A completeness notion has been developed, based on the concept of policy combination matrix, and FIA is complete with respect to such notion

  • Minimality

    • Identification of the minimal complete subsets of the FIA operators


Current status of exam

Current Status of EXAM

  • A prototype has been completed that includes the similarity filter and analyzer

  • The visualization tool has been completed

  • We expect to release EXAM to the project team in December 2009


On going work

On-Going Work

  • Study the specification and analysis of stateful policies in a practical way

    • e.g., by extending XACML

  • User experimental study – the goal is to assess whether the similarity filter is a good predictor for policy similarity as perceived by users

  • Extend EXAM with tools for synonym and dictionary management, and ontologies

  • Develop tools for collaborative privacy-preserving policy enforcement


  • Login