141 research outputs found
Enforcing RFID data visibility restrictions using XACML security policies
Radio Frequency Identification (RFID) technology allows automatic data capture from tagged objects moving in a supply chain. This data can be very useful if it is used to answer traceability queries, however it is distributed across many different repositories, owned by different companies. Discovery Services (DS) are designed to assist in retrieving the RFID data relevant for traceability queries while enforcing sharing policies that are defined and required by participating companies to prevent sensitive data from being exposed. In this paper we define an interface for Supply Chain Authorization (SC-Az) and describe the implementation of two visibility restriction mechanisms based on Access Control Lists (ACLs) and Capabilities. Both approaches were converted to the standard eXtensible Access Control Markup Language (XACML) and their correctness and performance was evaluated for supply chains with increasing size
Efficient Attribute Based Access Control for RESTful Services
Abstract. The popularity of REST grows more and more and so does the need for fine-grained access control for RESTful services. Attribute Based Access Control (ABAC) is a very generic concept that covers multiple different access control mechanism. XACML is an implementation of ABAC based on XML and is established as a standard mechanism. Its flexibility opens the opportunity to specify detailed security policies. But on the other hand it has some drawbacks regarding maintenance and performance when the complexity of security policies grows. Long processing times for authorization requests are the consequence in environments that require fine-grained access control. We describe how to design a security policy in a resource oriented environment so that its drawbacks are minimized. The results are faster processing times for access requests and an easy to manage concept for security policies for RESTful services
End-to-end security in service-oriented architecture
A service-oriented architecture (SOA)-based application is composed of a number of distributed and loosely-coupled web services, which are orchestrated to accomplish a more complex functionality. Any of these web services is able to invoke other web services to offload part of its functionality. The main security challenge in SOA is that we cannot trust the participating web services in a service composition to behave as expected all the time. In addition, the chain of services involved in an end-to-end service invocation may not be visible to the clients. As a result, any violation of client’s policies could remain undetected. To address these challenges in SOA, we proposed the following contributions. First, we devised two composite trust schemes by using graph abstraction to quantitatively maintain the trust levels of different services. The composite trust values are based on feedbacks from the actual execution of services, and the structure of the SOA application. To maintain the dynamic trust, we designed the trust manager, which is a trusted-third party service. Second, we developed an end-to-end inter-service policy monitoring and enforcement framework (PME framework), which is able to dynamically inspect the interactions between services at runtime and react to the potentially malicious activities according to the client’s policies. Third, we designed an intra-service policy monitoring and enforcement framework based on taint analysis mechanism to monitor the information flow within services and prevent information disclosure incidents. Fourth, we proposed an adaptive and secure service composition engine (ASSC), which takes advantage of an efficient heuristic algorithm to generate optimal service compositions in SOA. The service compositions generated by ASSC maximize the trustworthiness of the selected services while meeting the predefined QoS constraints. Finally, we have extensively studied the correctness and performance of the proposed security measures based on a realistic SOA case study. All experimental studies validated the practicality and effectiveness of the presented solutions
Authorization schema for electronic health-care records: for Uganda
This thesis discusses how to design an authorization schema focused on ensuring each patient's data privacy within a hospital information system
An Effective Modality Conflict Model for Identifying Applicable Policies During Policy Evaluation
Policy evaluation is a process to determine whether a request submitted by a user satisfies the access control policies defined by an organization. Modality conflict is one of the main issues in policy evaluation. Existing modality conflict detection approaches do not consider complex condition attributes such as spatial and temporal constraints. An effective authorization propagation rule is needed to detect the modality conflicts that occur among the applicable policies. This work proposes a modality conflict detection model to identify the applicable policies during policy evaluation, which supports an authorization propagation rule to investigate the class-subclass relationships of a subject, resource, action, and location of a request and a policy. The comparison with previous work is conducted, and findings show the solution which considers the condition attribute (i.e. spatial and temporal constraints) can affect the decision as to whether the applicable policies should be retrieved or not which further affect the accuracy of the modality conflict detection process. Whereas the applicable policies which are retrieved for a request can influence the detection of modality conflict among the applicable policies. In conclusion, our proposed solution is more effective in identifying the applicable policies and detecting modality conflict than the previous work
Plataforma ABAC para aplicações da IoT baseada na norma OASIS XACML
Mestrado em Engenharia de Computadores e TelemáticaA IoT (Internet of Things) é uma área que apresenta grande potencial
mas embora muitos dos seus problemas já terem soluções satisfatórias,
a segurança permanece um pouco esquecida, mantendo-se um como
questão ainda por resolver. Um dos aspectos da segurança que ainda
não foi endereçado é o controlo de acessos. O controlo de acesso é
uma forma de reforçar a segurança que envolve avaliar os pedidos de
acesso a recursos e negar o acesso caso este não seja autorizado,
garantindo assim a segurança no acesso a recursos crÃticos ou
vulneráveis. O controlo de Acesso é um termo lato, existindo diversos
modelos ou paradigmas possÃveis, dos quais os mais significativos
são: IBAC (Identity Based Access Control), RBAC (Role Based Access
Control) and ABAC (Attribute Based Access Control). Neste trabalho
será usado o ABAC, já que oferece uma maior flexibilidade
comparativamente a IBAC e RBAC. Além disso, devido à sua natureza
adaptativa o ABAC tem maior longevidade e menor necessidade de
manutenção. A OASIS (Organization for the Advancement of Structured
Information Standards) desenvolveu a norma XACML (eXtensible
Access Control Markup Language) para escrita/definição de polÃticas de
acesso e pedidos de acesso, e de avaliação de pedidos sobre
conjuntos de polÃticas com o propósito de reforçar o controlo de acesso
sobre recursos. O XACML foi definido com a intenção de que os
pedidos e as polÃticas fossem de fácil leitura para os humanos,
garantindo, porém, uma estrutura bem definida que permita uma
avaliação precisa. A norma XACML usa ABAC. Este trabalho tem o
objetivo de criar uma plataforma de segurança que utilize os padrões
ABAC e XACML que possa ser usado por outros sistemas, reforçando o
controlo de acesso sobre recursos que careçam de proteção, e
garantindo acesso apenas a sujeitos autorizadas. Vai também
possibilitar a definição fina ou granular de regras e pedidos permitindo
uma avaliação com maior precisão e um maior grau de segurança. Os
casos de uso principais são grandes aplicações IoT, como aplicações
Smart City, que inclui monitorização inteligente de tráfego, consumo de
energia e outros recursos públicos, monitorização pessoal de saúde,
etc. Estas aplicações lidam com grandes quantidades de informação
(Big Data) que é confidencial e/ou pessoal. Existe um número
significativo de soluções NoSQL (Not Only SQL) para resolver o
problema do volume de dados, mas a segurança é ainda uma questão
por resolver. Este trabalho vai usar duas bases de dados NoSQL: uma
base de dados key-value (Redis) para armazenamento de polÃticas e
uma base de dados wide-column (Cassandra) para armazenamento de
informação de sensores e informação de atributos adicionais durante os
testes.IoT (Internet of Things) is an area which offers great opportunities and
although a lot of issues already have satisfactory solutions, security has
remained somewhat unaddressed and remains to be a big issue.
Among the security aspects, we emphasize access control. Access
Control is a way of enforcing security that involves evaluating requests
for accessing resources and denies access if it is unauthorised,
therefore providing security for vulnerable resources. Access Control is
a broad term that consists of several methodologies of which the most
significant are: IBAC (Identity Based Access Control), RBAC (Role
Based Access Control) and ABAC (Attribute Based Access Control). In
this work ABAC will be used as it offers the most flexibility compared to
IBAC and RBAC. Also, because of ABAC's adaptive nature, it offers
longevity and lower maintenance requirements. OASIS (Organization for
the Advancement of Structured Information Standards) developed the
XACML (eXtensible Access Control Markup Language) standard for
writing/defining requests and policies and the evaluation of the requests
over sets of policies for the purpose of enforcing access control over
resources. It is defined so the requests and policies are readable by
humans but also have a well defined structure allowing for precise
evaluation. The standard uses ABAC. This work aims to create a
security framework that utilizes ABAC and the XACML standard so that
it can be used by other systems and enforce access control over
resources that need to be protected by allowing access only to
authorised subjects. It will also allow for fine grained defining of rules
and requests for more precise evaluation and therefore a greater level
of security. The primary use-case scenarios are large IoT applications
such as Smart City applications including: smart traffic monitoring,
energy and utility consumption, personal healthcare monitoring, etc.
These applications deal with large quantities (Big Data) of confidential
and/or personal data. A number of NoSQL (Not Only SQL) solutions
exist for solving the problem of volume but security is still an issue. This
work will use two NoSQL databases. A key-value database (Redis) for
the storing of policies and a wide-column database (Cassandra) for
storing sensor data and additional attribute data during testing
Security Analysis of System Behaviour - From "Security by Design" to "Security at Runtime" -
The Internet today provides the environment for novel applications and
processes which may evolve way beyond pre-planned scope and
purpose. Security analysis is growing in complexity with the increase
in functionality, connectivity, and dynamics of current electronic
business processes. Technical processes within critical
infrastructures also have to cope with these developments. To tackle
the complexity of the security analysis, the application of models is
becoming standard practice. However, model-based support for security
analysis is not only needed in pre-operational phases but also during
process execution, in order to provide situational security awareness
at runtime.
This cumulative thesis provides three major contributions to modelling
methodology.
Firstly, this thesis provides an approach for model-based analysis and
verification of security and safety properties in order to support
fault prevention and fault removal in system design or redesign.
Furthermore, some construction principles for the design of
well-behaved scalable systems are given.
The second topic is the analysis of the exposition of vulnerabilities
in the software components of networked systems to exploitation by
internal or external threats. This kind of fault forecasting allows
the security assessment of alternative system configurations and
security policies. Validation and deployment of security policies
that minimise the attack surface can now improve fault tolerance and
mitigate the impact of successful attacks.
Thirdly, the approach is extended to runtime applicability. An
observing system monitors an event stream from the observed system
with the aim to detect faults - deviations from the specified
behaviour or security compliance violations - at runtime.
Furthermore, knowledge about the expected behaviour given by an
operational model is used to predict faults in the near
future. Building on this, a holistic security management strategy is
proposed. The architecture of the observing system is described and
the applicability of model-based security analysis at runtime is
demonstrated utilising processes from several industrial scenarios.
The results of this cumulative thesis are provided by 19 selected
peer-reviewed papers
Architecting Social Internet of Things
In the new era of the Internet of Things (IoT), most of the devices we interact with daily are connected to the Internet. From tiny sensors, lamps, home appliances, home security systems and health-care devices, to complex heating, ventilation and air conditioning (HVAC) systems at home, myriad devices have network connectivity and provide smart applications. The Social Internet of Things (SIoT) is a new paradigm where IoT merges with social networks, allowing people and connected devices as well as the devices themselves to interact within a social network framework to support a new social navigation. Smart homes is one of the domains that can fully leverage this new paradigm, which will enable people and devices, even in different homes, to actively and mostly automatically collaborate to discover and share new information and services. Unfortunately the heterogeneous nature of the devices around the home prohibits seamless communication in the (S)IoT. Furthermore, the state-of-the-art solutions in smart homes offer little, if any, support for collaborating users and devices. This dissertation describes a new, scalable approach to connect, interact and share useful information through devices and users with common interests. The dissertation has three contributions. First, it proposes a holistic and extensible smart home gateway architecture that seamlessly integrates heterogeneous protocol-- and vendor-- specific devices and services and provides fine-grained access controls. Second, it defines an interoperable, scalable and extensible software architecture for a novel cloud-based collaboration framework for a large number of devices and users in many different smart homes. Third, it provides a reasoning framework to enable automated decisions based on the discovered information and knowledge created and shared by end users. The developed architecture and solutions are implemented in real systems, which integrate with many different devices from different manufacturers and run multiple categories of rules created by end users. The architectural evaluation results show the developed systems are interoperable, scalable and extensible
IaaS-cloud security enhancement: an intelligent attribute-based access control model and implementation
The cloud computing paradigm introduces an efficient utilisation of huge computing
resources by multiple users with minimal expense and deployment effort
compared to traditional computing facilities. Although cloud computing has incredible
benefits, some governments and enterprises remain hesitant to transfer
their computing technology to the cloud as a consequence of the associated security
challenges. Security is, therefore, a significant factor in cloud computing
adoption. Cloud services consist of three layers: Software as a Service (SaaS), Platform
as a Service (PaaS), and Infrastructure as a Service (IaaS). Cloud computing
services are accessed through network connections and utilised by multi-users who
can share the resources through virtualisation technology. Accordingly, an efficient
access control system is crucial to prevent unauthorised access.
This thesis mainly investigates the IaaS security enhancement from an access
control point of view. [Continues.
A SEMANTIC BASED POLICY MANAGEMENT FRAMEWORK FOR CLOUD COMPUTING ENVIRONMENTS
Cloud computing paradigm has gained tremendous momentum and generated intensive interest.
Although security issues are delaying its fast adoption, cloud computing is an unstoppable force and we need to provide security mechanisms to ensure its secure adoption.
In this dissertation, we mainly focus on issues related to policy management and access control in the cloud.
Currently, users have to use diverse access control mechanisms to protect their data when stored on the cloud service providers (CSPs).
Access control policies may be specified in different policy languages and heterogeneity of access policies pose significant problems.An ideal policy management system should be able to work with all data regardless of where they are stored.
Semantic Web technologies when used for policy management, can help address the crucial issues of interoperability of heterogeneous CSPs.
In this dissertation, we propose a semantic based policy management framework for cloud computing environments which consists of two main components, namely policy management and specification component and policy evolution component.
In the policy management and specification component, we first introduce policy management as a service (PMaaS), a cloud based policy management framework that give cloud users a unified control point for specifying authorization policies, regardless of where the data is stored. Then, we present semantic based policy management framework which enables users to specify access control policies using semantic web technologies and helps address heterogeneity issues of cloud computing environments.
We also model temporal constraints and restrictions in GTRBAC using OWL and show how ontologies can be used to specify temporal constraints.
We present a proof of concept implementation of the proposed framework and provide some performance evaluation.
In the policy evolution component, we propose to use role mining techniques to deal with policy evolution issues and present StateMiner, a heuristic algorithm to find an RBAC state as close as possible to both the deployed RBAC state and the optimal state. We also implement the proposed algorithm and perform some experiments to demonstrate its effectiveness
- …