177 research outputs found
Implementing Advanced RBAC Administration Functionality with USE
Role-based access control (RBAC) is a powerful means for laying out and developing higher-level organizational policies such as separation of duty, and for simplifying the security management process. One of the important aspects of RBAC is authorization constraints that express such organizational policies. While RBAC has generated a great interest in the security community, organizations still seek a flexible and effective approach to impose role-based authorization constraints in their security-critical applications. In particular, today often only basic RBAC concepts have found their way into commercial RBAC products; specifically, authorization constraints are not widely supported. In this paper, we present an RBAC administration tool that can enforce certain kinds of role-based authorization constraints such as separation of duty constraints. The authorization constraint functionality is based upon the OCL validation tool USE. We also describe our practical experience that we gained on integrating OCL functionality into a prototype of an RBAC administration tool that shall be extended to a product in the future
A Distributed Calculus for Role-Based Access Control
Role-based access control (RBAC) is increasingly attracting attention because it reduces the complexity and cost of security administration by interposing the notion of role in the assignment of permissions to users. In this paper, we present a formal framework relying on an extension of the Ļ calculus to study the behavior of concurrent systems in a RBAC scenario. We define a type system ensuring that the specified policy is respected during computations, and a bisimulation to equate systems. The theory is then applied to three meaningful examples, namely finding the āminimalā policy to run a given system, refining a system to be run under a given policy (whenever possible), and minimizing the number of users in a given system without changing the overall behavior
Scalable And Secure Provenance Querying For Scientific Workflows And Its Application In Autism Study
In the era of big data, scientific workflows have become essential to automate scientific experiments and guarantee repeatability. As both data and workflow increase in their scale, requirements for having a data lineage management system commensurate with the complexity of the workflow also become necessary, calling for new scalable storage, query, and analytics infrastructure. This system that manages and preserves the derivation history and morphosis of data, known as provenance system, is essential for maintaining quality and trustworthiness of data products and ensuring reproducibility of scientific discoveries. With a flurry of research and increased adoption of scientific workflows in processing sensitive data, i.e., health and medication domain, securing information flow and instrumenting access privileges in the system have become a fundamental precursor to deploying large-scale scientific workflows. That has become more important now since today team of scientists around the world can collaborate on experiments using globally distributed sensitive data sources. Hence, it has become imperative to augment scientific workflow systems as well as the underlying provenance management systems with data security protocols. Provenance systems, void of data security protocol, are susceptible to vulnerability. In this dissertation research, we delineate how scientific workflows can improve therapeutic practices in autism spectrum disorders. The data-intensive computation inherent in these workflows and sensitive nature of the data, necessitate support for scalable, parallel and robust provenance queries and secured view of data. With that in perspective, we propose , a parallel, robust, reliable and scalable provenance query language and introduce the concept of access privilege inheritance in the provenance systems. We characterize desirable properties of role-based access control protocol in scientific workflows and demonstrate how the qualities are integrated into the workflow provenance systems as well. Finally, we describe how these concepts fit within the DATAVIEW workflow management system
Modeling context with graph annotations
Organisational policies are often formed of declarational (defining constraints on functional services) and operational (realising functionalities via simple activities) aspects. However, when several perspectives are involved, constraints and operations can comprise different aspects, without identifying the origin of some details. We propose the use of annotations as a way to flexibly add and remove application conditions on rules, while maintaining an indication of their origin. We use graph transformations to model operations in some application domain, graph constraints to model conditions imposed by some external domain, and annotations to combine domains. We explore the problem of failure of transactions due to the additional constraints imposed by the contextual domain, and describe a way to redefine the success conditions for transactions employing the modified rules
A SEMANTIC BASED POLICY MANAGEMENT FRAMEWORK FOR CLOUD COMPUTING ENVIRONMENTS
Cloud computing paradigm has gained tremendous momentum and generated intensive interest.
Although security issues are delaying its fast adoption, cloud computing is an unstoppable force and we need to provide security mechanisms to ensure its secure adoption.
In this dissertation, we mainly focus on issues related to policy management and access control in the cloud.
Currently, users have to use diverse access control mechanisms to protect their data when stored on the cloud service providers (CSPs).
Access control policies may be specified in different policy languages and heterogeneity of access policies pose significant problems.An ideal policy management system should be able to work with all data regardless of where they are stored.
Semantic Web technologies when used for policy management, can help address the crucial issues of interoperability of heterogeneous CSPs.
In this dissertation, we propose a semantic based policy management framework for cloud computing environments which consists of two main components, namely policy management and specification component and policy evolution component.
In the policy management and specification component, we first introduce policy management as a service (PMaaS), a cloud based policy management framework that give cloud users a unified control point for specifying authorization policies, regardless of where the data is stored. Then, we present semantic based policy management framework which enables users to specify access control policies using semantic web technologies and helps address heterogeneity issues of cloud computing environments.
We also model temporal constraints and restrictions in GTRBAC using OWL and show how ontologies can be used to specify temporal constraints.
We present a proof of concept implementation of the proposed framework and provide some performance evaluation.
In the policy evolution component, we propose to use role mining techniques to deal with policy evolution issues and present StateMiner, a heuristic algorithm to find an RBAC state as close as possible to both the deployed RBAC state and the optimal state. We also implement the proposed algorithm and perform some experiments to demonstrate its effectiveness
A logic of negative trust
We present a logic to model the behaviour of an agent trusting or not trusting messages sent by another agent. The logic formalises trust as a consistency checking function with respect to currently available information. Negative trust is modelled in two forms: distrust, as the rejection of incoming inconsistent information; mistrust, as revision of previously held information becoming undesirable in view of new incoming inconsistent information, which the agent wishes to accept. We provide a natural deduction calculus, a relational semantics and prove soundness and completeness results. We overview a number of applications which have been investigated for the proof-theoretical formulation of the logic
Models for Substructural Arithmetics
This paper explores models for arithmetic in substructural logics. In the existing literature on substructural arithmetic, frame semantics for substructural logics are absent. We will start to fill in the picture in this paper by examining frame semantics for the substructural logics C (linear logic plus distribution), R (relevant logic) and CK (C plus weakening). The eventual goal is to find negation complete models for arithmetic in R
VĆ©rification et validation de politiques de contrĆ“le d'accĆØs dans le domaine mĆ©dical
Dans le domaine meĢdical, la numeĢrisation des documents et lāutilisation des dossiers patient eĢlectroniques (DPE, ou en anglais EHR pour Electronic Health Record) offrent de nombreux avantages, tels que la faciliteĢ de recherche et de transmission de ces donneĢes. Les systeĢmes informatiques doivent reprendre ainsi progressivement le roĢle traditionnellement tenu par les archivistes, roĢle qui comprenait notamment la gestion des acceĢs aĢ ces donneĢes sensibles. Ces derniers doivent en effet eĢtre rigoureusement controĢleĢs pour tenir compte des souhaits de confidentialiteĢ des patients, des reĢgles des eĢtablissements et de la leĢgislation en vigueur. SGAC, ou Solution de Gestion AutomatiseĢe du Consentement, a pour but de fournir une solution dans laquelle lāacceĢs aux donneĢes du patient serait non seulement baseĢe sur les reĢgles mises en place par le patient lui-meĢme mais aussi sur le reĢglement de lāeĢtablissement et sur la leĢgislation. Cependant, cette liberteĢ octroyeĢe au patient est source de divers probleĢmes : conflits, masquage des donneĢes neĢcessaires aux soins ou encore tout simplement erreurs de saisie. Pour effectuer ces veĢrifications, les meĢthodes formelles fournissent des moyens fiables de veĢrification de proprieĢteĢs tels que les preuves ou la veĢrification de modeĢles. Cette theĢse propose des meĢthodes de veĢrification adapteĢes aĢ SGAC pour le patient : elle introduit le modeĢle formel de SGAC, des meĢthodes de veĢrifications de proprieĢteĢs. Afin de mener ces veĢrifications de manieĢre automatiseĢe, SGAC est modeĢliseĢ en B et Alloy ; ces diffeĢrentes modeĢlisations donnent acceĢs aux outils Alloy et ProB, et ainsi aĢ la veĢrification automatiseĢe de proprieĢteĢs via la veĢrification de modeĢles ou model checking.Abstract : In healthcare, data digitization and the use of the Electronic Health Records (EHR) offer several benefits, such as the reduction of the space occupied by data, or the ease of data search or data exchanges. IT systems must gradually take up the archivistās role by managing the accesses over sensitive data, which have to be compliant with patient wishes, hospital rules, as well as laws and regulations. SGAC, or Solution de Gestion AutomatiseĢe du Consentement (Automated Consent Management Solution), aims to provide a solution in which access to patient data would be based on patient rules, hospital rules and laws. However, the freedom granted to the patient can cause several problems : conflicts, concealment of crucial data needed to treat the patient adequately, and data-capture errors. Therefore, verification and validation of policies are essential : formal methods provide reliable ways, such as proofs or model checking, to conduct verifications of properties. This thesis provides verification methods applied on SGAC for the patient : it introduces the formal model of SGAC, methods to verify properties such as data access resolution, hidden data detection or redundant rule identification. Modeling of SGAC in B and Alloy provides access to the tools Alloy and ProB, and thus, automated property verification through model checking
Lambda-RBAC: Programming with Role-Based Access Control
We study mechanisms that permit program components to express role
constraints on clients, focusing on programmatic security mechanisms, which
permit access controls to be expressed, in situ, as part of the code realizing
basic functionality. In this setting, two questions immediately arise: (1) The
user of a component faces the issue of safety: is a particular role sufficient
to use the component? (2) The component designer faces the dual issue of
protection: is a particular role demanded in all execution paths of the
component? We provide a formal calculus and static analysis to answer both
questions.Comment: LMC
- ā¦