1 / 23

Policy-Based Systems

Policy-Based Systems. System Security. Previous lectures. We have discussed the 4 main models of access control: Discretionary Access Control (DAC) Mandatory Access Control (MAC) Bell- LaPadula for Confidentiality Biba for Integrity Role-based Access Control (RBAC)

gannon
Download Presentation

Policy-Based Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Policy-Based Systems System Security

  2. Previous lectures • We have discussed the 4 main models of access control: • Discretionary Access Control (DAC) • Mandatory Access Control (MAC) • Bell-LaPadulafor Confidentiality • Bibafor Integrity • Role-based Access Control (RBAC) • Usage Control (UCON)

  3. Policy-based Access Control(P-bAC) • A policy is a rule governing the behaviour of a system. • In P-aBC, an authorization policy governs the access rights of subjects over targets • targets and objects have the same meaning

  4. P-bAC Advantages • Policies are specified independently of entities • Provide at a glance a coherent view of the access control in a system • Give a neat separation between access control logic and the enforcement mechanism

  5. P-bACApproaches • There are several approaches that use policies for access control: • XACML • Ponder2 • Policy Description Language (PDL) • REI • Firewall rules

  6. Authorization Policies subject, action, target when condition then decision • Subject: entity that wants to perform an action • Action: an operation on the resources (open, read, write, etc.) • Target: a resource on which a subject wants to operate • Condition: a Boolean expression to represent context • Decision: policy outcome (allow, deny, kill, ask, etc.)

  7. Policy Enforcement Architecture IETF - RFC 2753

  8. Policy Enforcement Point (PEP) • The point where the policy decisions are actually enforced • PEP collects information about: • who the subject is • what action is going to execute • which target is going to be accessed

  9. Example – Intercepting • I want to perform a read operation on foo • The PEP intercepts the action and creates a tuple (Andrew, read, foo) • The PEP passes the tuple to the Policy Decision Point (PDP)

  10. Example – Retrieving Policies • Once the PDP receives the tuple, it retrieves the relevant policies from the PR matching the tuple

  11. Example – Evaluating • Once the PDP receives the tuple, it retrieves the relevant policies from the PR matching the tuple • Ask the PIP for the current time • Now the PDP is able to evaluate the policy • Because the condition part is true, the decision returned by the policy is allow

  12. Example – Enforcing • The PDP informs the PEP that the operation can be allowed • The PEP lets the operation being executed

  13. Fine-grained control thru PEP • Traditionally access control mechanisms are concerned with checking before the access takes place • A finer grained control can be achieved by placing multiple Policy Enforcement Points (PEP) between the subject and target

  14. Same Access Multiple PEPs

  15. Distributed Enforcing

  16. Policy Combination - I • Both policies matches the tuple from PEP • Both policies are valid when evaluated by the PDP • Which one should be applied?

  17. Policy Combination - II • Both policies matches the tuple from PEP • Both policies are valid when evaluated by the PDP • Which one should be applied?

  18. Conflict Resolution • A robust P-bAC system has to provide a conflict resolution mechanism • The conflict resolution has to be performed at the PDP to return a univocal decision to the PEP • Several conflict resolution techniques: • Policy order • Decision priority • Specificity of policy arguments • …

  19. Ordered Conflict Resolution • The first policy that applies is used • In this case the PDP returns the decision deny • This mechanism is used in Firewall rules

  20. Decision Priority Conflict Resolution • Requires a ordered decision set • In this case the PDP returns the decision allow

  21. Most Specific Policy First • The policy with the most specific arguments takes priority • In this case the PDP returns allow • It might be used in combination with other resolution strategies (e.g., when arguments have similar specificity)

  22. Policy Engineering • A P-bAC mechanism is very flexible but when the number of policies becomes too large it might be difficult to manage • Conflict resolution might help, but still is up to the security admin to be able to manage the life cycle of policies

  23. Questions?

More Related