Gestion de l'incertitude et codage des politiques de sécurité dans les systèmes de contrôle d'accès

La présente thèse s'intéresse à coder la politique de sécurité SELinux en OrBAC et à proposer une extension de ce modèle. Nous avons commencé par présenter l'état de l'art des différents modèles de contrôles d'accès présents dans la littérature en mettant en exergue les limites de chacun de ces modèles. Ensuite nous avons présenté le modèle OrBAC comme étant une extension du modèle RBAC, car d'une part il a apporté la notion de contexte et d'organisation et d'autre part il permet d'exprimer, en plus des permissions, des interdictions et des obligations. Ensuite, nous avons présenté la solution de sécurité SELinux qui utilise un ensemble de modèles de contrôle d'accès comme DAC, RBAC et MAC. Nous avons recensé plusieurs centaines, voire des milliers, de règles dans la politique de sécurité SELinux, ces règles peuvent concerner des décisions d'accès ou des décisions de transition. Nous avons ensuite pu coder lesdites règles en modèle OrBAC, et ce en passant par le remplissage ses tables d'entité, pour ensuite les transformer en relations OrBAC. Notre thèse a aussi rappelé les fondements de la logique possibiliste, et a ensuite apportée une amélioration importante du modèle OrBAC, il s'agit de l'introduction de l'entité priorité au niveau de chaque relation du modèle OrBAC. L'entité priorité quantifie la certitude pour qu'une entité concrète soit injectée dans l'entité abstraite correspondante, ou en cas général, le degré de certitude pour qu'une relation soit réalisée. Nous avons proposé trois modes de combinaison (pessimiste, optimiste et avancé) qui peuvent être adoptés pour déterminer la valeur de la priorité de chaque relation concrète à partir des priorités des relations abstraites correspondantes. Enfin, nous avons implémenté, via une application développé par DELPHI, le codage des règles concernant les décisions d'accès de la politique de sécurité SELinux, en modèle OrBAC tout en introduisant la notion de priorité.This thesis focuses on encoding default-based SELinux security policy in OrBAC and propose an extension of this model. We presented the state of the art of different models of access controls present in the literature underlining the limitations of each of these models. Then we presented the model OrBAC as an extension of the RBAC model, firstly because he brought the notion of context and organization and secondly it allows expressing, in addition to permissions, prohibitions and obligation. Then we presented the SELinux security solution that uses a set of access control models such as DAC, RBAC and MAC. We identified several hundreds or even thousands of rules in SELinux security policy, these rules may be access decisions or decisions of transition. We could then encode these rules in OrBAC model, and via filling its tables of entities, then transform relations OrBAC. Our thesis also reviewed the foundations of possibilistic logic, and then made an important enlargement in OrBAC model; it's to introduce an entity called "priority" in each relationship model OrBAC. The entity "priority" quantifies the certainty for concrete entity injection into the corresponding abstract entity, in general, it's meaning the degree of certainty that a relationship is performed. We proposed three modes of combination (pessimistic, optimistic and advanced) that can be adopted to determine the concrete relations priority value from priorities values of each corresponding abstract relationship. Finally, we implement, via an application developed by DELPHI, coding access decisions rules of the SELinux policy in OrBAC model introducing the priority entity.ARRAS-Bib.electronique (620419901) / SudocSudocFranceF

SYSTEMATIC POLICY ANALYSIS AND MANAGEMENT

Determining whether a given policy meets a site’s high-level security goals has been a challenging task, due to the low-level nature and complexity of the policy language, various security requirements and the multiple policy violation patterns. In this dissertation, we outline a systematic policy analysis and management approach that enables system administrators to easily identify and resolve various policy violations. Our approach incorporates a domain-based isolation model to address the security requirements and visualization mechanisms to provide the policy administrator with intuitive cognitive sense about the policy analysis and policy violations. Based on the domain-based isolation model and the policy visualization mechanisms, we develop a visualization-based policy analysis and management framework. We also describe our implementation of a visualization-based policy analysis and management tool that provides the functionalities discussed in our framework. In addition, a user study is performed and the result is included as part of our evaluation efforts for the prototype system. One important application of our policy analysis and management is to support remote attestation. Remote attestation is an important mechanism to provide the trustworthiness proof of a computing system by verifying its integrity. In our work, we propose a remote attestation framework, called Dynamic Remote Attestation Framework and Tactics (DR@FT), for efficiently attesting a target system based on our extended visualization-based policy analysis and management approach. In addition, we adopt the proposed visualization-based policy violation expression to represent integrity violations with a ranked violation graph, which supports intuitive reasoning of attestation results. We also describe our experiments and performance evaluation

DR BACA: dynamic role based access control for Android

Thesis (M.S.)--Boston UniversityAndroid, as an open platform, dominates the booming mobile market. However, its permission mechanism is inflexible and often results in over-privileged applications. This in turn creates severe security issues. Aiming to support the Principle of Least Privilege, we propose a Dynamic Role Based Access Control for Android (DR BACA) model and implement the DR BACA system to address these problems. Our system offers multi-user management on Android mobile devices, comparable to traditional workstations, and provides fine-grained Role Based Access Control (RBAC) to en- hance Android security at both the application and permission level. Moreover, by leveraging context-aware capabilities of mobile devices and Near Field communication (NFC) technology, our solution supports dynamic RBAC that provides more flexible access control while still being able to mitigate some of the most serious security risks on mobile devices. The DR BACA system is highly scalable, suitable for both end- users and large business environments. It simplifies configuration and management of Android devices and can help enterprises to deal with security issues by implementing a uniform security policy. We show that our DR BACA system can be deployed and used with eet:se. With a proper security policy, our evaluation shows that DR BACA can effectively mitigate the security risks posed by both malicious and vulnerable non-malicious applications while incurring only a small overall system overhead

Holistic security 4.0

The future computer climate will represent an ever more aligned world of integrating technologies, affecting consumer, business and industry sectors. The vision was first outlined in the Industry 4.0 conception. The elements which comprise smart systems or embedded devices have been investigated to determine the technological climate. The emerging technologies revolve around core concepts, and specifically in this project, the uses of Internet of Things (IoT), Industrial Internet of Things (IIoT) and Internet of Everything (IoE). The application of bare metal and logical technology qualities are put under the microscope to provide an effective blue print of the technological field. The systems and governance surrounding smart systems are also examined. Such an approach helps to explain the beneficial or negative elements of smart devices. Consequently, this ensures a comprehensive review of standards, laws, policy and guidance to enable security and cybersecurity of the 4.0 systems

Sistema open-source de registos clínicos de saúde em doenças tropicais

Mestrado em Engenharia de Computadores e TelemáticaLow-resource countries are primarily the ones afected by tropical diseases where environmental factors play a major role. Means for controlling these diseases are often lacking in these countries in part due to their poor support of Health Information Technology. Nowadays, with the advances of standards and software in the health-field, several open-source electronic health record systems (EHR) exist which can assist facilities to capture of information, aiding to research and better health-care of neglected diseases in these countries. In this work, we performed a systematic review of several of such solutions to select the most appropriate candidate to satisfy the requirements of a testbed in a low-resource country - Gondar in Ethiopia. The implementation was conducted with a strong focus on adapting the existing paper-based workflow of the institution to the proposed system, to assure that all the information generated in this center can be captured in a digital way. As a final result, a working prototype was deployed and some conclusions are obtained from all this process.Países sub-desenvolvidos são os principalmente afectados por um conjunto de doenças tropicais onde factores ambientais desempenham uma contribuição maior na sua origem. No geral estes países não dispõem de métodos para controlar estas doenças eficazmente, em parte devido à fraca implementação de Tecnologias da Informação em Saúde. Atualmente, com o avanço em standards e software na área da saúde, existem diversos sistemas opensource de registos clínicos que podem auxiliar centros de cuidados médicos na captura de informação útil à melhoria dos serviços prestados e há investigação de doenças negligenciadas. Nesta dissertação efectuámos uma revisão sistemática de tais soluções de maneira a escolher um candidato apropriado aos requisitos de uma cama de teste de um país sub-desenvolvido - Gondar, Etiópia. A implementação foi conduzida com ênfase à adaptação do fluxo de trabalho baseado em papel da instituição para o sistema proposto, assegurando que toda a informação gerada pelo centro pode ser capturada de forma digital. Como resultado final, um protótipo foi criado e algumas conclusões obtidas de todo este processo

Big Data Processing Attribute Based Access Control Security

The purpose of this research is to analyze the security of next-generation big data processing (BDP) and examine the feasibility of applying advanced security features to meet the needs of modern multi-tenant, multi-level data analysis. The research methodology was to survey of the status of security mechanisms in BDP systems and identify areas that require further improvement. Access control (AC) security services were identified as priority area, specifically Attribute Based Access Control (ABAC). The exemplar BDP system analyzed is the Apache Hadoop ecosystem. We created data generation software, analysis programs, and posted the detailed the experiment configuration on GitHub. Overall, our research indicates that before a BDP system, such as Hadoop, can be used in operational environment significant security configurations are required. We believe that the tools are available to achieve a secure system, with ABAC, using Apache Ranger and Apache Atlas. However, these systems are immature and require verification by an independent third party. We identified the following specific actions for overall improvement: consistent provisioning of security services through a data analyst workstation, a common backplane of security services, and a management console. These areas are partially satisfied in the current Hadoop ecosystem, continued AC improvements through the open source community, and rigorous independent testing should further address remaining security challenges. Robust security will enable further use of distributed, cluster BDP, such as Apache Hadoop and Hadoop-like systems, to meet future government and business requirements

Sécurité des Systèmes Distribués Virtualisés : De la Modélisation au Déploiement

This Thesis deals with security for virtualized distributed environments such as Clouds. In these environments, a client can access resources or services (compute, storage, etc.) on-demand without prior knowledge of the infrastructure underneath. These services are low-cost due to the mutualization of resources. As a result, the clients share a common infrastructure. However, the concentration of businesses and critical data makes Clouds more attractive for malicious users, especially when considering new attack vectors between tenants.Nowadays, Cloud providers offer default security or security by design which does not fit tenants' custom needs. This gap allows for multiple attacks (data thieft, malicious usage, etc.)In this Thesis, we propose a user-centric approach where a tenant models both its security needs as high-level properties and its virtualized application. These security objectives are based on a new logic dedicated to expressing system-based information flow properties. Then, we propose security-aware algorithm to automatically deploy the application and enforce the security properties. The enforcement can be realized by taking into account shared resources during placement decision and/or through the configuration of existing security mechanisms.Cette thèse s'intéresse à la sécurité des environnements virtualisés distribués type “Clouds” ou informatique en nuage. Dans ces environnements, le client bénéficie de ressources ou services (de calcul, stockage, etc.) à la demande sans connaissance de l'infrastructure sous-jacente. Ces services sont proposés à bas coût en mutualisant les ressources proposées aux clients. Ainsi, ces derniers se retrouvent à partager une infrastructure commune. Cependant, cette concentration des activités en fait une cible privilégiée pour un attaquant, d'autant plus intéressante que les Clouds présentent de nouveaux vecteurs d'attaque entre les clients du Clouds de part le partage des ressources. Actuellement, les fournisseurs de solutions de Cloud proposent une sécurité par défaut ne correspondant pas nécessairement aux besoins de sécurité des clients. Cet aspect est donc bien souvent négligé et cette situation donne lieu à de nombreux exemples d'attaques (vol de données, usage malicieux, etc.). Dans cette thèse, nous proposons une approche où le client spécifie ses besoins de sécurité ainsi que son application virtualisée au sein d'un modèle. Nous proposons notamment une nouvelle logique dédiée à l'expression de propriétés sur la propagation de l'information dans un système.Puis, nous proposons un déploiement automatique de ce modèle sur une infrastructure de type Cloud basée sur la virtualisation grâce à nos nouveaux algorithmes prenant en compte les propriétés de sécurité. Ces dernières sont assurées via un placement prenant en compte les risques d'attaques entre ressources partagées et/ou via la configuration de mécanismes de sécurité existants au sein du système

Mandatory security and performance of services in Asbestos

Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2005.Includes bibliographical references (p. 61-66).This thesis presents the design and implementation for several system services, including network access and database storage, on a new operating system design, Asbestos. Using the security mechanism provided by Asbestos, Asbestos labels, these services are used to support the construction of secure Web applications. The network and database services serve as the foundation for a Web server that supports mandatory security policies, such that even a compromised Web application cannot improperly disclose private data. The methods used in this thesis allow Web application developers to be freed from worries about flawed applications, if developers are willing to place trust in the underlying services used.by David Patrick Ziegler.M.Eng

DPMbox: An interactive user-friendly web interface for a disk-based grid storage system

Disk Pool Manager (DPM) es un sistema de gestión de almacenamiento que se usa dentro del Worldwide LHC Computing Grid. Ha sido desarrollado en el CERN y actualmente es el más usado dentro de esta infraestructura de computación distribuida. Avanzando hacia el uso de estándares que faciliten el uso de DPM, recientemente se implementó una interfaz WebDAV (una extensión del protocolo HTTP) para este sistema. A pesar de ello esta interfaz aún ofrece una funcionalidad básica, sobre todo accediendo desde un navegador web, lo que hace que siga siendo necesario usar algunas herramientas especiales. El objetivo de DPMbox es ofrecer una interfaz realmente amigable, intuitiva y que pueda usarse con herramientas ya conocidas por los usuarios, como es el caso de un navegador web, atrayendo así a usuarios menos técnicos de la comunidad científica. El proyecto basa su construcción en la interfaz WebDAV implementada y hace uso de tecnologías maduras y estándar que permiten este desarrollo como JavaScript/ECMAScript a través de jQuery u otras librerías de apoyo, así como HTML y CSS. Al realizarse como colaboración con el CERN el desarrollo se centra en las funcionalidades requeridas por el sistema DPM. Aún así, uno de los objetivos es que habiendo cumplido los requisitos iniciales, el sistema sea extensible y facilmente adaptable, haciendo posible su uso con otros sistemas que ofrezcan el protocolo WebDAV de manera general.Disk Pool Manager (DPM) is a lightweight storage management system for grid sites. It has been developed in CERN (European Organization for Nuclear Research), and it is the most widely adopted solution in the Worldwide LHC Computing Grid infrastructure. Attracting less technical users has been an objective for the last years, thus, as an effort to move towards standard protocols that removes the need of special tools, DPM started offering a WebDAV (an extension of the HTTP protocol) interface, facilitating the access through commonly available tools, i.e. web browsers or WebDAV clients. However, this interface only provides basic functionality, especially when accessed from a web browser, making it still necessary to use some specific tools. DPMbox is a project for a friendly web interface that allows both technical and nontechnical users to manage their data from and into the grid by accessing it trough their web browsers. The project has been built getting advantage of the implemented WebDAV front-end, and as a web development it uses standard and mature web technologies like HTML, CSS and JavaScript/ECMAScript as its core language. As a collaboration with CERN, the development has been focused on the functionality required by the DPM, but one of the objectives is to make DPMbox easily expandable and flexible, enabling its use with other systems that offer the WebDAV protocol