Agent approaches to role based security
This presentation is the property of its rightful owner.
Sponsored Links
1 / 26

Agent Approaches to Role-Based Security PowerPoint PPT Presentation


  • 80 Views
  • Uploaded on
  • Presentation posted in: General

Agent Approaches to Role-Based Security. S. Demurjian, Y. He, T.C. Ting, and M. Saba Computer Science & Engineering Department The University of Connecticut Storrs, Connecticut 06269-3155. {steve, ting, [email protected] http://www.engr.uconn.edu/~steve (860) 486 - 4818.

Download Presentation

Agent Approaches to Role-Based Security

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Agent approaches to role based security

Agent Approaches to Role-Based Security

S. Demurjian, Y. He, T.C. Ting, and M. Saba

Computer Science & Engineering Department

The University of Connecticut

Storrs, Connecticut 06269-3155

{steve, ting, [email protected]

http://www.engr.uconn.edu/~steve

(860) 486 - 4818

Work Presented Herein at

IFIP WG 11.3 13th Conference on Database

Security, Seattle, WA, 1999.


Overview of presentation

Overview of Presentation

  • Background and Motivation

    • Distributed and Web Based Applications

    • Software Agent Computing Paradigm

    • Previous and Related Work

  • Agent Approaches to Role-Based Security

  • Experimental Prototype via Java Aglets

  • Concluding Remarks and Future Work


Distributed and web based applications

Distributed and Web-Based Applications

  • Utilize New and Existing Info. Innovatively

  • Distributed/Web-Based Applications are:

    • Combo of Legacy, COTS, DBs, New C/S

    • Electronic Banking/Commerce

    • Information Dissemination (Push/Pull)

  • Leverage Computing and Network Resources

  • Transcend Available Alternatives

    • MAC, DAC, Role-Based

    • Employ as “Local” Solutions?

  • New Computing Paradigms Emerging

    • Software Agents

    • Various Implementations


Software agent computing paradigm

Software Agent Computing Paradigm

  • What is an Agent?

    • Acts on Behalf of Individuals(Users) on Task

    • State and Behavior in Runtime Environment

  • Four Mandatory Properties

    • Sense/React to Environment Changes

    • Autonomously Control Own State/Behavior

    • Proactive to Specific User Goals

    • Constantly Executing in Runtime Environment

  • Stationary Agent: Limited to Single Node

  • Mobile Agent: Migrate Across Network to Accomplish Required Tasks


Software agent computing paradigm1

Software Agent Computing Paradigm

  • Agents Akin to Objects

    • Created and Destroyed

    • Interact by Passing Messages

    • Remote Method Invocation Prohibited

  • Attractiveness of Agents for Security

    • Agents Created by Client to Carry Out Secure Access to Remote Clients

    • Visit Multiple Nodes to Satisfy “Request”

    • Specificity of Role Dictates Agent Behavior

  • Caveat: Mobile Agents Significant Security Concern Due to Potential Ability to Act as Threat!


Influence of previous and related work

Influence of Previous and Related Work

  • Our Previous Efforts in

    • Software Architectural Alternatives with Limited Distribution

    • Java’s Impact and Potential on Distributed Computing/Security

  • Related work by

    • Hale 1998

      • Secure Distributed Object and Language Programming Framework for Internet-Based Apps.

    • Tari 1998

      • Distributed Object Kernel as Framework to Design and Implement Distributed Security Policies


Agent approaches to role based security1

Agent Approaches to Role-Based Security

  • Distributed/Web-Based Applications to Access Remote Objects of Legacy, COTs, DBs, C/S, etc.

  • Orthogonal Goals

    • Security to Control/Limit Interactions

    • Distributed/Web-Based Computing to Enable Interoperation/Facilitate Access

  • Propose and Discuss Three Agent Architectures

    • Baseline Agent Approach

    • Hierarchical Agent Approach

    • Object-Security Manager Agent Approach

  • Assume a Role-Based Context, but Other Security Approaches may also Apply


Architecture for baseline agent approach

Architecture for Baseline Agent Approach

Client

Application

UA

IRA

Client

Server

Object

OSA

IRA

Key:

UA: User Agent

IRA: Information Retrieval Agent

OSA: Object Security Agent


Components and agents

Components and Agents

  • Client Application (CA)

    • GUI/Software Tool for User

    • User Limited to Single Role at Any Time

    • Role/User Request Passed to UA

    • Users Modify Single Remote Object/Request

    • CA Manages Multiple Requests in Serial

  • User Agent (UA)

    • Stationary Agent Created by CA for User

    • UA Receives Request from CA

    • UA Transforms Request and Creates IRA

    • UA Forwards Request to IRA and Waits

    • UA Receives Response for IRA and Transforms for Return to CA


Components and agents1

Components and Agents

  • Information Retrieval Agent (IRA)

    • Mobile Agent Created by UA

    • Limited to Interacting with UA and OSA

    • IRA Created and Dispatched by UA

    • IRA Moves from Client to Server to Client

    • Interact with Remote Object and Return Result

  • Object Security Agent (OSA)

    • Stationary Agent (or Collection of Security Objects) or a Mobile Agent

    • Enforce Security Policy for Remote Object

    • Based on Permissible Actions by Role

  • Object

    • Remote Object Provides Services to CA


User agent ua

User Agent (UA)

  • UA Arbitrates Interaction of CA and IRA

  • UA Allocation Strategies

    • User-Based Allocation (UBA)

      • UA Dedicated to Each User, Created Upon Login, Lives During Session to Enforce Single Role of CA

      • Multiple CAs Imply Multiple UAs - Resources

    • Role-Based Allocation (RBA)

      • UA Dedicated to Each Role, Shared by Multiple Users Playing Same Role

      • Use-Counts for Allocation/Deallocation

    • UBA Can Support Multiple Roles/User

    • UBA vs. RBA: Number and Activity of Agents


Information retrieval agent ira

Information Retrieval Agent (IRA)

  • Mobile Agent Created by UA to Process CA Request

  • IRA Access Single Remote Object

  • Created on Client and Moves to Host (Server)

  • Interacts with OSA: Success or Denied Access

  • Returns to Client and Sends Result to UA

  • IRA Allocation/Lifetime Strategies

    • IRA Active as Long as UA

    • IRA De-allocated when Request Done

    • What are Tradeoffs of Each?


Object security agent osa

Object Security Agent (OSA)

  • OSA as Firewall to Separate Remote Object from Outside World

  • OSA Embodies Security Policy (Role-Based)

  • OSA Receives Request from IRA

  • OSA Deny Request or Forward Result to IRA

  • OSA as Agent: Allocation Strategies

    • “Few” Remote Objects, One OSA/Server

    • “Moderate” Remote Objects, OSA/Instance

    • “Many” Remote Objects, Same Type, OSA/Type

  • What are Tradeoffs of Each Allocation Strategy?


Architecture for hierarchical agent approach

Architecture for Hierarchical Agent Approach

Client

Application

UA

IRA

Client

IRA

IRA

Server

Object

OSA

IRA

Security Policy

Key:

UA: User Agent

IRA: Information Retrieval Agent

OSA: Object Security Agent


Components and agents2

Components and Agents

  • CA, UA, OSA (Security Policy), Object as in Baseline

  • Hierarchical Approach for Complex Requests

    • Complex Request to Access Multiple-Remote Objects

    • In Baseline, Serially Processed by CA or UA

    • In Hierarchical, Complex Request Sent to IRA as a Single Serializable Request

    • Processing in IRA by Hierarchy of

      • Root-IRA

      • Internal-IRA

      • Leaf-IRA


Ira processing

IRA Processing

  • Root-IRA for Complex Request of Multiple Ros

  • Root-IRA Spawned by UA

  • Root-IRA can Spawn Internal and Leaf IRAs

  • Root-IRA Spawns All Leaf-IRAs if

    • Complex Request Consists of Series of Simple Request to Single Remote Objects

    • Leaf-IRA Mobile Agent ala IRA (Baseline)

    • Leaf-IRAs can Move to Same/Different Nodes

    • Each Leaf-IRA Interacts with OSA, Collects Response, and Returns Result to Root-IRA

    • Root-IRA Processes all Leaf-IRA Results


Ira processing1

IRA Processing

  • Root-IRA Spawns Internal-IRAs and Leaf-IRAs

    • Multi-Level Process to Handle Complex Request with Root-IRA Stationary

    • Internal-IRAs can Spawn Internal-IRAs and Leaf-IRAs as Request is Decomposed

    • Internal-IRAs may be Stationary or Mobile

    • Recursive Spawning of IRA Nodes

    • As Leaf-IRAs and Internal-IRAs Complete, Results are Collected by Internal-IRAs and Eventually Root-IRA

    • Allocate one Root-IRA per UA


Architecture for object security manager agent approach

Architecture for Object-Security Manager Agent Approach

Client

Application

UA

IRA

IRA

IRA

OSA Manager

Object

OSA

IRA

Security Policy

Client

Server

Key:

UA: User Agent

IRA: Information Retrieval Agent

OSA: Object Security Agent


Osa manager

OSA Manager

  • OSA Manager has Active Role in Allocation

  • OSA Manager Oversees OSA Allocation: Recall

    • “Few” Remote Objects, One OSA/Server

    • “Moderate” Remote Objects, OSA/Instance

    • “Many” Remote Objects, Same Type, OSA/Type

  • OSA Manager Dynamically Chooses One or More Allocation Strategies Most Suited to System State

  • OSA Manager Adjust Strategies Dynamically

  • Mobile IRAs Ask OSA Manager for “Right” OSA

  • Well-Suited to Evolving Security Policy


Aglets java agents

Aglets - Java Agents

  • Many Java-Based Agent Computing Systems

    • Aglets http://aglets.trl.ibm.co.jp

    • Odyssey, Concordia, and Voyager

  • Aglets are Agents + Applets

    • Aglets Start Execute on Node

    • Suspend and Move to Another Node

    • Continue Execution where Left Off

    • Aglet Actions Restricted to Sandbox

    • Aglets can Ask Security Manager for Permission to Perform Local Operations


Architecture for agent implementation

Architecture for Agent Implementation

Client

Application

UA

IRA

Client

Translator

Database

Server

Translator

OSA

IRA

Security Policy

Key:

UA: User Agent

IRA: Information Retrieval Agent

OSA: Object Security Agent


Version of baseline approach

Version of Baseline Approach

  • Main Difference: Presence of Translator

    • Translator Encodes Outgoing Data from CA

    • Translator Decodes Incoming Data from UA

    • Similar Activities at Server Side

  • Implementation Includes User Identity in Message

  • Client Side Translator Does Authentication

  • Server Side Translator Invokes Methods on RO

  • Two Allocation Variants of Prototype

    • Two ROs (Course/Person DBs)/Single OSA

    • Two ROs (Course/Person DBs) on Different Servers with Dedicated OSAs


Illustration of aglet interaction code

Illustration of Aglet Interaction Code

  • CA CODE TO INITIATE PROCESS BY SENDING MESSAGE TO UA

  • try{

  • reply =(Message)userAgent.sendMessage(new Message("request", request));

  • }catch(Exception e) {e.printStackTrace();}

    • UA COUNTERPART: FORWARDS TO IRA AND RECEIVES RESPONSE

    • public boolean handleMessage(Message msg) {

    • if (msg.sameKind("request")) // Request from CA

    • {

    • try{ // Dispatch message to IRA

    • iraProxy = (AgletProxy)iraProxy.sendMessage((Message)msg.getArg());

    • waitMessage(); // Wait for Reply from IRA

    • msg.sendReply(reply); // Route Reply back to CA

    • } catch(Exception e) {e.printStackTrace();}

    • }

    • else

    • if (msg.sameKind("reply")) {// Upon Receipt of Reply

    • reply = msg; // Record the Reply from IRA

    • notifyAllMessages(); // Awaken UA

    • }

    • ...

  • }


  • Illustration of aglet interaction code1

    Illustration of Aglet Interaction Code

    • IRA CODE FOR STATIONARY AND MOBILE INTERACTIONS

    • public boolean handleMessage(Message msg) {

    • if (msg.sameKind("askservice")) {// IRA Arrives at Server

    • try{ // Obtain OSA Proxy to Facilitate IRA-OSA Interaction

    • AgletProxy proxy =

    • (AgletProxy)getAgletContext().getProperty(osaName);

    • // Send Request to OSA and Receive Reply

    • reply = (Message)proxy.sendMessage(msg);

    • itinerary.go(home, "back"); // Return Back to Client

    • } catch(Exception e) {e.printStackTrace();}

    • } else if (msg.sameKind("back")) {// IRA Arrives Back at Client

    • // Obtain UA Proxy to Facilitate IRA-UA Interaction

    • AgletProxy proxy = getAgletContext().getAgletProxy( parentID );

    • // Send the Request Response to UA

    • try{ proxy.sendMessage( reply );

    • } catch( Exception e ) { e.printStackTrace(); }

    • } }

    • INTERACTIONS OF IRA WITH OSA

    • public boolean handleMessage( Message msg ) {

    • // Utilize Translator to Decode Message from IRA and Create Reply

    • Message reply = translator.GetReply( msg );

    • // Route the Reply Back to IRA

    • msg.sendReply( reply ); return true;}


    Bitmap from experimental prototype

    Bitmap from Experimental Prototype


    Concluding remarks

    Concluding Remarks

    • Explored Architectures for Constructing Secure Distributed and Web-Based Applications:

      • Emerging Agent Computing Paradigm

      • Mobile and Stationary Agents to Realize Role-Based Security of Dynamic Remote Objects

      • Architectures with Varied Capabilities

      • Successful Prototyping Implementation

    • Future Work

      • Continued Exploration of Agent Approaches

      • Applicability to Other Agent Systems Such as Concordia, Voyager, etc.

      • Ph.D. Topic Related to Security, Agents, and IOA


  • Login