1 / 21

ROLE HIERARCHIES AND CONSTRAINTS FOR LATTICE-BASED ACCESS CONTROLS

ROLE HIERARCHIES AND CONSTRAINTS FOR LATTICE-BASED ACCESS CONTROLS. Ravi Sandhu George Mason University and SETA Corporation. OUTLINE. RBAC96 model: policy neutral LBAC models: policy full and varied LBAC can be reduced to RBAC96 LBAC < RBAC96 ? why bother to do this?. RBAC96.

zudora
Download Presentation

ROLE HIERARCHIES AND CONSTRAINTS FOR LATTICE-BASED ACCESS CONTROLS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ROLE HIERARCHIES AND CONSTRAINTS FOR LATTICE-BASED ACCESS CONTROLS Ravi Sandhu George Mason University and SETA Corporation

  2. OUTLINE • RBAC96 model: policy neutral • LBAC models: policy full and varied • LBAC can be reduced to RBAC96 • LBAC < RBAC96 ? • why bother to do this?

  3. ... RBAC96 ROLE HIERARCHIES USER-ROLE ASSIGNMENT PERMISSION-ROLE ASSIGNMENT USERS ROLES PERMISSIONS SESSIONS

  4. Supervising Engineer Hardware Engineer Software Engineer Engineer HIERARCHICAL ROLES

  5. ... RBAC96 ROLE HIERARCHIES USER-ROLE ASSIGNMENT PERMISSIONS-ROLE ASSIGNMENT USERS ROLES PERMISSIONS SESSIONS CONSTRAINTS

  6. WHAT IS THE POLICY IN RBAC? • RBAC is policy neutral • Role hierarchies facilitate security management • Constraints facilitate non-discretionary policies

  7. + - H M1 M2 - + L LBAC: LIBERAL *-PROPERTY Read Write

  8. HR LW M1R M2R LR HW RBAC96: LIBERAL *-PROPERTY + M1W M2W - Read Write

  9. RBAC96: LIBERAL *-PROPERTY • user  xR, user has clearance x user  LW, independent of clearance • Need constraints • session  xR iff session  xW • read can be assigned only to xR roles • write can be assigned only to xW roles • (O,read) assigned to xR iff (O,write) assigned to xW

  10. H M1 M2 L LBAC: STRICT *-PROPERTY + - Read Write

  11. HR M1R M2R LR RBAC96: STRICT *-PROPERTY M1W LW HW M2W

  12. H M1 M2 L LBAC: WRITE RANGE • subjects have 2 labels • read label • write label

  13. HR LW M1R M2R LR HW RBAC96: WRITE RANGE LIBERAL *-PROPERTY M1W M2W read role ° write role

  14. HR M1R M2R LR RBAC96: WRITE RANGE STRICT *-PROPERTY M1W LW HW M2W read role ° write role

  15. HS-LI HS LI HS-HI LS-LI LS HI LS-HI LBAC: CONFIDENTIALITY AND INTEGRITY two independent lattices one composite lattice

  16. RBAC96: CONFIDENTIALITY AND INTEGRITY READ ROLES HSR-LIR HSR-HIR LSR-LIR LSR-HIR Same for all cases

  17. RBAC96: CONFIDENTIALITY AND INTEGRITY WRITE ROLES LSW-HIW HSW-HIW LSW-LIW HSW-LIW Liberal confidentiality Liberal integrity

  18. LSW-HIW HSW-HIW LSW-LIW HSW-LIW RBAC96: CONFIDENTIALITY AND INTEGRITY WRITE ROLES Strict confidentiality Liberal integrity

  19. RBAC96: CONFIDENTIALITY AND INTEGRITY WRITE ROLES LSW-HIW HSW-HIW LSW-LIW HSW-LIW Strict confidentiality Strict integrity

  20. SUMMARY • policy-neutral RBAC96 can accommodate policy-full LBAC in all its variations • LBAC variations are modeled by • adjusting role hierarchy • adjusting constraints

  21. COVERT CHANNELS • are a problem for LBAC • remain a problem for RBAC but • they don’t get any worse • same techniques can be adapted • who cares about them anyway

More Related