Enforcing RFID data visibility restrictions using XACML security policies

Radio Frequency Identification (RFID) technology allows automatic data capture from tagged objects moving in a supply chain. This data can be very useful if it is used to answer traceability queries, however it is distributed across many different repositories, owned by different companies. Discovery Services (DS) are designed to assist in retrieving the RFID data relevant for traceability queries while enforcing sharing policies that are defined and required by participating companies to prevent sensitive data from being exposed. In this paper we define an interface for Supply Chain Authorization (SC-Az) and describe the implementation of two visibility restriction mechanisms based on Access Control Lists (ACLs) and Capabilities. Both approaches were converted to the standard eXtensible Access Control Markup Language (XACML) and their correctness and performance was evaluated for supply chains with increasing size

Efficient Attribute Based Access Control for RESTful Services

Abstract. The popularity of REST grows more and more and so does the need for fine-grained access control for RESTful services. Attribute Based Access Control (ABAC) is a very generic concept that covers multiple different access control mechanism. XACML is an implementation of ABAC based on XML and is established as a standard mechanism. Its flexibility opens the opportunity to specify detailed security policies. But on the other hand it has some drawbacks regarding maintenance and performance when the complexity of security policies grows. Long processing times for authorization requests are the consequence in environments that require fine-grained access control. We describe how to design a security policy in a resource oriented environment so that its drawbacks are minimized. The results are faster processing times for access requests and an easy to manage concept for security policies for RESTful services

End-to-end security in service-oriented architecture

A service-oriented architecture (SOA)-based application is composed of a number of distributed and loosely-coupled web services, which are orchestrated to accomplish a more complex functionality. Any of these web services is able to invoke other web services to offload part of its functionality. The main security challenge in SOA is that we cannot trust the participating web services in a service composition to behave as expected all the time. In addition, the chain of services involved in an end-to-end service invocation may not be visible to the clients. As a result, any violation of client’s policies could remain undetected. To address these challenges in SOA, we proposed the following contributions. First, we devised two composite trust schemes by using graph abstraction to quantitatively maintain the trust levels of different services. The composite trust values are based on feedbacks from the actual execution of services, and the structure of the SOA application. To maintain the dynamic trust, we designed the trust manager, which is a trusted-third party service. Second, we developed an end-to-end inter-service policy monitoring and enforcement framework (PME framework), which is able to dynamically inspect the interactions between services at runtime and react to the potentially malicious activities according to the client’s policies. Third, we designed an intra-service policy monitoring and enforcement framework based on taint analysis mechanism to monitor the information flow within services and prevent information disclosure incidents. Fourth, we proposed an adaptive and secure service composition engine (ASSC), which takes advantage of an efficient heuristic algorithm to generate optimal service compositions in SOA. The service compositions generated by ASSC maximize the trustworthiness of the selected services while meeting the predefined QoS constraints. Finally, we have extensively studied the correctness and performance of the proposed security measures based on a realistic SOA case study. All experimental studies validated the practicality and effectiveness of the presented solutions

Authorization schema for electronic health-care records: for Uganda

This thesis discusses how to design an authorization schema focused on ensuring each patient's data privacy within a hospital information system

An Effective Modality Conflict Model for Identifying Applicable Policies During Policy Evaluation

Policy evaluation is a process to determine whether a request submitted by a user satisfies the access control policies defined by an organization. Modality conflict is one of the main issues in policy evaluation. Existing modality conflict detection approaches do not consider complex condition attributes such as spatial and temporal constraints. An effective authorization propagation rule is needed to detect the modality conflicts that occur among the applicable policies. This work proposes a modality conflict detection model to identify the applicable policies during policy evaluation, which supports an authorization propagation rule to investigate the class-subclass relationships of a subject, resource, action, and location of a request and a policy. The comparison with previous work is conducted, and findings show the solution which considers the condition attribute (i.e. spatial and temporal constraints) can affect the decision as to whether the applicable policies should be retrieved or not which further affect the accuracy of the modality conflict detection process. Whereas the applicable policies which are retrieved for a request can influence the detection of modality conflict among the applicable policies. In conclusion, our proposed solution is more effective in identifying the applicable policies and detecting modality conflict than the previous work

Plataforma ABAC para aplicações da IoT baseada na norma OASIS XACML

Mestrado em Engenharia de Computadores e TelemáticaA IoT (Internet of Things) é uma área que apresenta grande potencial mas embora muitos dos seus problemas já terem soluções satisfatórias, a segurança permanece um pouco esquecida, mantendo-se um como questão ainda por resolver. Um dos aspectos da segurança que ainda não foi endereçado é o controlo de acessos. O controlo de acesso é uma forma de reforçar a segurança que envolve avaliar os pedidos de acesso a recursos e negar o acesso caso este não seja autorizado, garantindo assim a segurança no acesso a recursos críticos ou vulneráveis. O controlo de Acesso é um termo lato, existindo diversos modelos ou paradigmas possíveis, dos quais os mais significativos são: IBAC (Identity Based Access Control), RBAC (Role Based Access Control) and ABAC (Attribute Based Access Control). Neste trabalho será usado o ABAC, já que oferece uma maior flexibilidade comparativamente a IBAC e RBAC. Além disso, devido à sua natureza adaptativa o ABAC tem maior longevidade e menor necessidade de manutenção. A OASIS (Organization for the Advancement of Structured Information Standards) desenvolveu a norma XACML (eXtensible Access Control Markup Language) para escrita/definição de políticas de acesso e pedidos de acesso, e de avaliação de pedidos sobre conjuntos de políticas com o propósito de reforçar o controlo de acesso sobre recursos. O XACML foi definido com a intenção de que os pedidos e as políticas fossem de fácil leitura para os humanos, garantindo, porém, uma estrutura bem definida que permita uma avaliação precisa. A norma XACML usa ABAC. Este trabalho tem o objetivo de criar uma plataforma de segurança que utilize os padrões ABAC e XACML que possa ser usado por outros sistemas, reforçando o controlo de acesso sobre recursos que careçam de proteção, e garantindo acesso apenas a sujeitos autorizadas. Vai também possibilitar a definição fina ou granular de regras e pedidos permitindo uma avaliação com maior precisão e um maior grau de segurança. Os casos de uso principais são grandes aplicações IoT, como aplicações Smart City, que inclui monitorização inteligente de tráfego, consumo de energia e outros recursos públicos, monitorização pessoal de saúde, etc. Estas aplicações lidam com grandes quantidades de informação (Big Data) que é confidencial e/ou pessoal. Existe um número significativo de soluções NoSQL (Not Only SQL) para resolver o problema do volume de dados, mas a segurança é ainda uma questão por resolver. Este trabalho vai usar duas bases de dados NoSQL: uma base de dados key-value (Redis) para armazenamento de políticas e uma base de dados wide-column (Cassandra) para armazenamento de informação de sensores e informação de atributos adicionais durante os testes.IoT (Internet of Things) is an area which offers great opportunities and although a lot of issues already have satisfactory solutions, security has remained somewhat unaddressed and remains to be a big issue. Among the security aspects, we emphasize access control. Access Control is a way of enforcing security that involves evaluating requests for accessing resources and denies access if it is unauthorised, therefore providing security for vulnerable resources. Access Control is a broad term that consists of several methodologies of which the most significant are: IBAC (Identity Based Access Control), RBAC (Role Based Access Control) and ABAC (Attribute Based Access Control). In this work ABAC will be used as it offers the most flexibility compared to IBAC and RBAC. Also, because of ABAC's adaptive nature, it offers longevity and lower maintenance requirements. OASIS (Organization for the Advancement of Structured Information Standards) developed the XACML (eXtensible Access Control Markup Language) standard for writing/defining requests and policies and the evaluation of the requests over sets of policies for the purpose of enforcing access control over resources. It is defined so the requests and policies are readable by humans but also have a well defined structure allowing for precise evaluation. The standard uses ABAC. This work aims to create a security framework that utilizes ABAC and the XACML standard so that it can be used by other systems and enforce access control over resources that need to be protected by allowing access only to authorised subjects. It will also allow for fine grained defining of rules and requests for more precise evaluation and therefore a greater level of security. The primary use-case scenarios are large IoT applications such as Smart City applications including: smart traffic monitoring, energy and utility consumption, personal healthcare monitoring, etc. These applications deal with large quantities (Big Data) of confidential and/or personal data. A number of NoSQL (Not Only SQL) solutions exist for solving the problem of volume but security is still an issue. This work will use two NoSQL databases. A key-value database (Redis) for the storing of policies and a wide-column database (Cassandra) for storing sensor data and additional attribute data during testing

Security Analysis of System Behaviour - From "Security by Design" to "Security at Runtime" -

The Internet today provides the environment for novel applications and processes which may evolve way beyond pre-planned scope and purpose. Security analysis is growing in complexity with the increase in functionality, connectivity, and dynamics of current electronic business processes. Technical processes within critical infrastructures also have to cope with these developments. To tackle the complexity of the security analysis, the application of models is becoming standard practice. However, model-based support for security analysis is not only needed in pre-operational phases but also during process execution, in order to provide situational security awareness at runtime. This cumulative thesis provides three major contributions to modelling methodology. Firstly, this thesis provides an approach for model-based analysis and verification of security and safety properties in order to support fault prevention and fault removal in system design or redesign. Furthermore, some construction principles for the design of well-behaved scalable systems are given. The second topic is the analysis of the exposition of vulnerabilities in the software components of networked systems to exploitation by internal or external threats. This kind of fault forecasting allows the security assessment of alternative system configurations and security policies. Validation and deployment of security policies that minimise the attack surface can now improve fault tolerance and mitigate the impact of successful attacks. Thirdly, the approach is extended to runtime applicability. An observing system monitors an event stream from the observed system with the aim to detect faults - deviations from the specified behaviour or security compliance violations - at runtime. Furthermore, knowledge about the expected behaviour given by an operational model is used to predict faults in the near future. Building on this, a holistic security management strategy is proposed. The architecture of the observing system is described and the applicability of model-based security analysis at runtime is demonstrated utilising processes from several industrial scenarios. The results of this cumulative thesis are provided by 19 selected peer-reviewed papers

Architecting Social Internet of Things

In the new era of the Internet of Things (IoT), most of the devices we interact with daily are connected to the Internet. From tiny sensors, lamps, home appliances, home security systems and health-care devices, to complex heating, ventilation and air conditioning (HVAC) systems at home, myriad devices have network connectivity and provide smart applications. The Social Internet of Things (SIoT) is a new paradigm where IoT merges with social networks, allowing people and connected devices as well as the devices themselves to interact within a social network framework to support a new social navigation. Smart homes is one of the domains that can fully leverage this new paradigm, which will enable people and devices, even in different homes, to actively and mostly automatically collaborate to discover and share new information and services. Unfortunately the heterogeneous nature of the devices around the home prohibits seamless communication in the (S)IoT. Furthermore, the state-of-the-art solutions in smart homes offer little, if any, support for collaborating users and devices. This dissertation describes a new, scalable approach to connect, interact and share useful information through devices and users with common interests. The dissertation has three contributions. First, it proposes a holistic and extensible smart home gateway architecture that seamlessly integrates heterogeneous protocol-- and vendor-- specific devices and services and provides fine-grained access controls. Second, it defines an interoperable, scalable and extensible software architecture for a novel cloud-based collaboration framework for a large number of devices and users in many different smart homes. Third, it provides a reasoning framework to enable automated decisions based on the discovered information and knowledge created and shared by end users. The developed architecture and solutions are implemented in real systems, which integrate with many different devices from different manufacturers and run multiple categories of rules created by end users. The architectural evaluation results show the developed systems are interoperable, scalable and extensible

IaaS-cloud security enhancement: an intelligent attribute-based access control model and implementation

The cloud computing paradigm introduces an efficient utilisation of huge computing resources by multiple users with minimal expense and deployment effort compared to traditional computing facilities. Although cloud computing has incredible benefits, some governments and enterprises remain hesitant to transfer their computing technology to the cloud as a consequence of the associated security challenges. Security is, therefore, a significant factor in cloud computing adoption. Cloud services consist of three layers: Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). Cloud computing services are accessed through network connections and utilised by multi-users who can share the resources through virtualisation technology. Accordingly, an efficient access control system is crucial to prevent unauthorised access. This thesis mainly investigates the IaaS security enhancement from an access control point of view. [Continues.

A SEMANTIC BASED POLICY MANAGEMENT FRAMEWORK FOR CLOUD COMPUTING ENVIRONMENTS

Cloud computing paradigm has gained tremendous momentum and generated intensive interest. Although security issues are delaying its fast adoption, cloud computing is an unstoppable force and we need to provide security mechanisms to ensure its secure adoption. In this dissertation, we mainly focus on issues related to policy management and access control in the cloud. Currently, users have to use diverse access control mechanisms to protect their data when stored on the cloud service providers (CSPs). Access control policies may be specified in different policy languages and heterogeneity of access policies pose significant problems.An ideal policy management system should be able to work with all data regardless of where they are stored. Semantic Web technologies when used for policy management, can help address the crucial issues of interoperability of heterogeneous CSPs. In this dissertation, we propose a semantic based policy management framework for cloud computing environments which consists of two main components, namely policy management and specification component and policy evolution component. In the policy management and specification component, we first introduce policy management as a service (PMaaS), a cloud based policy management framework that give cloud users a unified control point for specifying authorization policies, regardless of where the data is stored. Then, we present semantic based policy management framework which enables users to specify access control policies using semantic web technologies and helps address heterogeneity issues of cloud computing environments. We also model temporal constraints and restrictions in GTRBAC using OWL and show how ontologies can be used to specify temporal constraints. We present a proof of concept implementation of the proposed framework and provide some performance evaluation. In the policy evolution component, we propose to use role mining techniques to deal with policy evolution issues and present StateMiner, a heuristic algorithm to find an RBAC state as close as possible to both the deployed RBAC state and the optimal state. We also implement the proposed algorithm and perform some experiments to demonstrate its effectiveness