Analyzing temporal role based access control models

Today, Role Based Access Control (RBAC) is the de facto model used for advanced access control, and is widely deployed in diverse enterprises of all sizes. Several extensions to the authorization as well as the administrative models for RBAC have been adopted in recent years. In this paper, we consider the temporal extension of RBAC (TRBAC), and develop safety analysis techniques for it. Safety analysis is essential for understanding the implications of security policies both at the stage of specification and modification. Towards this end, in this paper, we first define an administrative model for TRBAC. Our strategy for performing safety analysis is to appropriately decompose the TRBAC analysis problem into multiple subproblems similar to RBAC. Along with making the analysis simpler, this enables us to leverage and adapt existing analysis techniques developed for traditional RBAC. We have adapted and experimented with employing two state of the art analysis approaches developed for RBAC as well as tools developed for software testing. Our results show that our approach is both feasible and flexible

V-Model Role Engineering

The paper focuses on role engineering which is an important topic in the development of access control system, particularly when considering Role Based Access Control – RBAC models. Despite the wide use of RBAC in various applications, the role engineering process is not a standardized approach. The paper aims to define a methodology and a process model for role engineeringInformation security, access control systems, role based access control systems – RBAC, engineering methodologies, security policies, access control models

A Prototype for Transforming Role-Based Access Control Models

Rollipõhine juurdepääsukontroll on arvutisüsteemides laialtkasutatav mehhanism – see tagab turvalisuse, lubades ligipääsu ressurssidele vaid nendele kasutajatele, kel on selleks vastavad õigused. Rollipõhise juurdepääsukontrolli lahendusi on võimalik välja töötada selliste modelleerimiskeelte abil, nagu SecureUML ning UMLsec, mis mõlemad esitavad süsteemi disaini erinevatest vaatepunktidest. Mitme kooskõlalise mudeli koostamine võib aga osutuda keeruliseks ning aeganõudvaks ülesandeks. See võib omakorda vähendada rollipõhise juurdepääsukontrolli mudelite loomise motivatsiooni. Ühe lahendusena võib pakkuda arendajale tööriista, mis kasutaks ühes keeles loodud mudelit, et selle põhjal automaatselt konstrueerida mudel teises keeles. Teisendatud mudel aga ei oleks täielik, kuna eelmainitud keeli kasutatakse osalt erineva informatsiooni kandmiseks. Tööriista eesmärk oleks vähendada vajadust teist mudelit koostades käsitsi informatsiooni kopeerida. Selle töö raames arendatakse tööriista prototüüp, mis teisendab SecureUML mudeli UMLsec mudeliks ning vastupidi. See teostatakse Java programmeerimiskeeles ning pistikprogrammina professionaalsele UML modelleerimistööriistale MagicDraw. Rakendusele lisatakse menüüpunktid, millele vajutades käivitatakse teisendused: SecureUML keelest UMLsec keelde või vastupidi. Lisafunktsioonina arendatakse ka mõlema mudeli täielikkuse kontrollid, mille abil antakse kasutajale teada, kas kõik vajalikud elemendid on olemas. Need annavad kasutajale juhtnööre, kuidas teisendatud mudelit täiendada, kuna on teada, et pärast teisendust on teatud info uuelt mudelilt puudu. Teine lisakomponent võimaldab töödelda UMLsec märgendeid (ingl. k. association tags), mis on SecureUML ning UMLsec vaheliste teisenduste tähtis osa. Käesoleva töö raames on koostatud ka pistikprogrammi dokumentatsioon – nõuete analüüs, koodi dokumentatsioon ning kasutusjuhend – mille eesmärk on tagada prototüübi mõistmine ning aidata kaasa selle edasiarendamisele tulevikus.Role-based access control is a widely-used mechanism in computer systems – it ensures security by restricting resource access to only the system users with respective rights. The RBAC solutions can be engineered with the aid of modelling languages, such as SecureUML and UMLsec, which both present the system design from different viewpoints. Creating multiple coherent models, however, may turn out to be a non-trivial and time-consuming task. This, in turn, may dramatically lessen the motivation to create role-based access control models altogether. As a solution to the problem above, developers could be provided a software tool, which inputs a model in one language and transforms it into the model of another. The transformed model, however, would not be complete, since the two languages are used to represent somewhat different information. The aim of such a tool would be to diminish the necessity to manually copy information, when creating a second model. With this thesis, a prototype tool is developed, which enables the transformation of a SecureUML model to a UMLsec model and vice versa. The tool is implemented in the Java programming language, as a plug-in to the professional UML modelling tool MagicDraw. Menu items are added to the application, which trigger transformations: information is collected from a model in the UMLsec or SecureUML language and, based on that, a new model in the other language is created. As an additional function, completion checks are developed for both models to inform the user of whether all necessary language elements are present. They should act as guides for the user on how to improve the transformed model, since after transformations some information is known to be absent from the new model. Another additional component is the support for manipulating UMLsec association tags, which are an integral part of transformations between the SecureUML and UMLsec languages. The documentation – requirements, code documentation and user manual – is also provided in this paper and are supposed to contribute to the further development as well as understanding of the prototype

A conditional role-involved purpose-based access control model

This paper presents a role-involved conditional purpose-based access control (RCPBAC) model, where a purpose is defined as the intension of data accesses or usages. RCPBAC allows users using some data for certain purpose with conditions. The structure of RCPBAC model is defined and investigated. An algorithm is developed to achieve the compliance computation between access purposes (related to data access) and intended purposes (related to data objects) and is illustrated with role-based access control (RBAC) to support RCPBAC. According to this model, more information from data providers can be extracted while at the same time assuring privacy that maximizes the usability of consumers' data. It extends traditional access control models to a further coverage of privacy preserving in data mining environment as RBAC is one of the most popular approach towards access control to achieve database security and available in database management systems. The structure helps enterprises to circulate clear privacy promise, to collect and manage user preferences and consent

A Prototype to Analyze Role- and Attribute-Based Access Control Models

Käesoleva lõputöö eesmärgiks on luua juurdepääsu kontrolli võrdlemise platvorm või tööriist, mille abil kasutajad saavad eksperimenteerida ning luua turvaanalüüse ja -mudeleid. Lõputöö jaguneb kahte ossa: teoreetiline ja praktiline. Teoreetilises osas uuritakse, kuidas turvalisusmudelid, nagu näiteks kasutajapõhine juurdepääs ja atribuudipõhine juurdepääs töötavad, defineeritakse metamudeleid ja selgitatakse turvalisuse voogu. Seejärel võrreldakse kahte mudelit, fikseerides võrdluskriteeriumid, mida hiljem kasutatakse platvormil. Praktilises osas kasutatakse teoreetilise osa põhipunkte ning defineeritakse vajadused ja kasutuslahendid, et anda kasutajatele maksimaalne arusaam rakenduse sees toimuvast kasutajaliidesega suheldes.The goal of this thesis is to create an access control comparison prototype, where people will do experiments with security models and analyse reports based on their actions. The thesis is split into two parts: theoretical and practical. In the theoretical part, we studied how security models like, Role-Based Access and Attribute-Based Access work, defined the meta models and explained the security flows. After that, we did the theoretical comparison between these models and defined the comparison criteria, which later was used in the prototype. Meanwhile, in practical part, we put main points of the theoretical part and defined requirements and use cases in order to give maximum experience to the users about what is going underneath the application during the interaction through graphical user interface

Extracting Role-Based Access Control Models from Business Process Event Logs

Keeruliste äriprotsesside ja järjest suurenevate andmemahtude juures on väljakutsuvaks ülesandeks analüüsida ja parandada ettevõtte äriprotsessi andmeturvalisust. Infosüsteemid, mis toetavad äriprotsessi mudeli (abstraktne esitus äriprotsessist) rakendamist, registreerivad äriprotsessi tegevusi sündmustena eraldi logisse. Salvestatud sündmuste logid on aluseks äriprotsessiga seotud andmete kaevamiseks. Need andmed on vajalikud äriprotsessi analüüsimiseks ja parendamiseks, kuid neid andmeid võib kasutada ka turvaanalüüsiks. Turvaanalüüsi üheks eesmärgiks on ka kontrollida, kas nende andmete hulgas turvalisusega seotud informatsioon on kooskõlas praeguste turvanõuetega. Lisaks, äriprotsessi logide peal saab rakendada äriprotsessikaeve (uurimisvaldkond, mis ühendab andmekaeve ja äriprotsesside modelleerimise) tehnikaid, et luua äriprotsessi mudeleid. Lisaks äriprotsessi mudelitele on võimalik tuletada ka teisi mudeleid, näiteks turvamudeleid, mida saab hiljem kasutada turvameetmete tagamiseks infosüsteemis. Käesoleva töö eesmärgiks on esitada üks võimalik meetod, kuidas luua rollipõhist ligipääsukontrolli esitatavaid turvamudeleid (Role- Based Access Control models) XES-formaadis sündmuste logidest, mis on salvestatud äriprotsessi toetava infosüsteemi poolt. Lisatähelepanu on suunatud kaitstavate infovarade väljaselgitamiseks sündmuste logide põhjal. Need infovarad on näiteks dokumendid, dokumendiväljad, või muud andmed, mida töödeldakse äriprotsessi tegevuste jooksul. Lisaks, me hindame antud meetodi rakendatavust reaalse äriprotsessi sündmuste logi peal. Ühe võimaliku meetodina me kontrollime sündmuste logi andmete ja seoste vastavust juurdepääsu õigustega olemasoleva rollipõhise juurdepääsu kontrolli turvamudelis. Lõppkokkuvõttes võib sündmuste logidest tuletatud rollipõhist ligipääsu kontrolli mudelit võtta aluseks turvaanalüüsiks või rakendada mõnes süsteemis juurdepääsumehhanismina.Today, as business processes are getting more complex and the volumes of stored data about business process executions are increasing in size, collecting information for the analysis and for the improvement of the business process security1, is becoming a complex task. Information systems that support business processes record business process executions into event logs which capture the behavior of system usage in terms of events. Business process event logs can be used for analysing and improving the business process, but also for analysing the information security. One of the main goals of security analysis is to check the compliance with existing security requirements. Also event logs can be the basis for business process mining, or shortly process mining. Utilizing bottom-up process mining on event logs, we can extract business process-related information for security analysis. Process mining is not just only for discovering business process models, but also other models, such as security models. For this purpose, we present a possible approach to extract RBAC models (semi-)automatically from event logs in XES format. The focus is also on determining the protected business assets, such as document or other artifact data that is exchanged and accessed during business process activities. In addition, we evaluate the applicability of this approach with conformance checking where we check the compliance of a real-life event log with respect to the LTL constraints translated from RBAC model. Eventually, the purpose of the extracted RBAC models is that they provide a basis for security analysis and they can be adapted by other applications in order to implement access control mechanism