Extended role-based access control model for enterprise systems and web services

This thesis intends to develop application-level access control models to address several major security issues in enterprise environments. The first goal is to provide simple and efficient authorization specifications to reduce the complexity of security management. The second goal is to provide dynamic access control for Web service applications. The third goal is to provide an access control framework for Semantic Web services. In this thesis, an Authorization-Function-Based Role-based Access Control (FB-RBAC) model is proposed for controlling enterprise systems at the application level. The unique features of the proposed model are authorization-function-based access control and constraint-based finegrained access control. This model significantly simplifies the management of an access control system by adopting roles and authorization-functions in authorization specifications. An extension of FB-RBAC, Extended FB-RBAC (ERBAC), is applied to Web service applications. New features such as credential-based access control and dynamic role assignment are added to FB-RBAC in order to address user heterogeneity and dynamicity in the Web environment. The proposed ERBAC model is then extended to support Semantic Web services. Each component of the ERBAC model is described by security ontologies. These correlated security ontologies are integrated with Semantic Web services to form a complete ontology network. Ontology-based role assignment is facilitated so that security information can be queries and discovered through a network of ontologies

Security Provisioning in Cloud Environments using Dynamic Expiration Enabled Role based Access Control Model

In cloud environment the role based access control (RBAC) system model has come up with certain promising facilities for security communities. This system has established itself as highly robust, powerful and generalized framework for providing access control for security management. There are numerous practical applications and circumstances where the users might be prohibited to consider respective roles only at certain defined time periods. Additionally, these roles can be invoked only on after pre-defined time intervals which depend on the permission of certain action or event. In order to incarcerate this kind of dynamic aspects of a role, numerous models like temporal RBAC (TRBAC) was proposed, then while this approach could not deliver anything else except the constraints of role enabling. Here in this paper, we have proposed robust and an optimum scheme called Dynamic expiration enabled role based access control (DEERBAC) model which is efficient for expressing a broad range of temporal constraints. Specifically, in this approach we permit the expressions periodically as well as at certain defined time constraints on roles, user-role assignments as well as assignment of role-permission. According to DEERBAC model, in certain time duration the roles can be further restricted as a consequence of numerous activation constraints and highest possible active duration constraints. The dominant contributions of DEERBAC model can the extension and optimization in the existing TRBAC framework and its event and triggering expressions. The predominant uniqueness of this model is that this system inherits the expression of role hierarchies and Separation of Duty (SoD) constraints that specifies the fine-grained temporal semantics. The results obtained illustrates that the DEERBAC system provides optimum solution for efficient user-creation, role assignment and security management framework in cloud environment with higher user count and the simultaneous rolepermission,

TRAMMAS: Enhancing Communication in Multiagent Systems

Tesis por compendio[EN] Over the last years, multiagent systems have been proven to be a powerful and versatile paradigm, with a big potential when it comes to solving complex problems in dynamic and distributed environments, due to their flexible and adaptive behavior. This potential does not only come from the individual features of agents (such as autonomy, reactivity or reasoning power), but also to their capability to communicate, cooperate and coordinate in order to fulfill their goals. In fact, it is this social behavior what makes multiagent systems so powerful, much more than the individual capabilities of agents. The social behavior of multiagent systems is usually developed by means of high level abstractions, protocols and languages, which normally rely on (or at least, benefit from) agents being able to communicate and interact indirectly. However, in the development process, such high level concepts habitually become weakly supported, with mechanisms such as traditional messaging, massive broadcasting, blackboard systems or ad hoc solutions. This lack of an appropriate way to support indirect communication in actual multiagent systems compromises their potential. This PhD thesis proposes the use of event tracing as a flexible, effective and efficient support for indirect interaction and communication in multiagent systems. The main contribution of this thesis is TRAMMAS, a generic, abstract model for event tracing support in multiagent systems. The model allows all entities in the system to share their information as trace events, so that any other entity which require this information is able to receive it. Along with the model, the thesis also presents an abstract architecture, which redefines the model in terms of a set of tracing facilities that can be then easily incorporated to an actual multiagent platform. This architecture follows a service-oriented approach, so that the tracing facilities are provided in the same way than other traditional services offered by the platform. In this way, event tracing can be considered as an additional information provider for entities in the multiagent system, and as such, it can be integrated from the earliest stages of the development process.[ES] A lo largo de los últimos años, los sistemas multiagente han demostrado ser un paradigma potente y versátil, con un gran potencial a la hora de resolver problemas complejos en entornos dinámicos y distribuidos, gracias a su comportamiento flexible y adaptativo. Este potencial no es debido únicamente a las características individuales de los agentes (como son su autonomía, y su capacidades de reacción y de razonamiento), sino que también se debe a su capacidad de comunicación y cooperación a la hora de conseguir sus objetivos. De hecho, por encima de la capacidad individual de los agentes, es este comportamiento social el que dota de potencial a los sistemas multiagente. El comportamiento social de los sistemas multiagente suele desarrollarse empleando abstracciones, protocolos y lenguajes de alto nivel, los cuales, a su vez, se basan normalmente en la capacidad para comunicarse e interactuar de manera indirecta de los agentes (o como mínimo, se benefician en gran medida de dicha capacidad). Sin embargo, en el proceso de desarrollo software, estos conceptos de alto nivel son soportados habitualmente de manera débil, mediante mecanismos como la mensajería tradicional, la difusión masiva, o el uso de pizarras, o mediante soluciones totalmente ad hoc. Esta carencia de un soporte genérico y apropiado para la comunicación indirecta en los sistemas multiagente reales compromete su potencial. Esta tesis doctoral propone el uso del trazado de eventos como un soporte flexible, efectivo y eficiente para la comunicación indirecta en sistemas multiagente. La principal contribución de esta tesis es TRAMMAS, un modelo genérico y abstracto para dar soporte al trazado de eventos en sistemas multiagente. El modelo permite a cualquier entidad del sistema compartir su información en forma de eventos de traza, de tal manera que cualquier otra entidad que requiera esta información sea capaz de recibirla. Junto con el modelo, la tesis también presenta una arquitectura {abs}{trac}{ta}, que redefine el modelo como un conjunto de funcionalidades que pueden ser fácilmente incorporadas a una plataforma multiagente real. Esta arquitectura sigue un enfoque orientado a servicios, de modo que las funcionalidades de traza son ofrecidas por parte de la plataforma de manera similar a los servicios tradicionales. De esta forma, el trazado de eventos puede ser considerado como una fuente adicional de información para las entidades del sistema multiagente y, como tal, puede integrarse en el proceso de desarrollo software desde sus primeras etapas.[CA] Al llarg dels últims anys, els sistemes multiagent han demostrat ser un paradigma potent i versàtil, amb un gran potencial a l'hora de resoldre problemes complexes a entorns dinàmics i distribuïts, gràcies al seu comportament flexible i adaptatiu. Aquest potencial no és només degut a les característiques individuals dels agents (com són la seua autonomia, i les capacitats de reacció i raonament), sinó també a la seua capacitat de comunicació i cooperació a l'hora d'aconseguir els seus objectius. De fet, per damunt de la capacitat individual dels agents, es aquest comportament social el que dóna potencial als sistemes multiagent. El comportament social dels sistemes multiagent solen desenvolupar-se utilitzant abstraccions, protocols i llenguatges d'alt nivell, els quals, al seu torn, es basen normalment a la capacitat dels agents de comunicar-se i interactuar de manera indirecta (o com a mínim, es beneficien en gran mesura d'aquesta capacitat). Tanmateix, al procés de desenvolupament software, aquests conceptes d'alt nivell son suportats habitualment d'una manera dèbil, mitjançant mecanismes com la missatgeria tradicional, la difusió massiva o l'ús de pissarres, o mitjançant solucions totalment ad hoc. Aquesta carència d'un suport genèric i apropiat per a la comunicació indirecta als sistemes multiagent reals compromet el seu potencial. Aquesta tesi doctoral proposa l'ús del traçat d'esdeveniments com un suport flexible, efectiu i eficient per a la comunicació indirecta a sistemes multiagent. La principal contribució d'aquesta tesi és TRAMMAS, un model genèric i abstracte per a donar suport al traçat d'esdeveniments a sistemes multiagent. El model permet a qualsevol entitat del sistema compartir la seua informació amb la forma d'esdeveniments de traça, de tal forma que qualsevol altra entitat que necessite aquesta informació siga capaç de rebre-la. Junt amb el model, la tesi també presenta una arquitectura abstracta, que redefineix el model com un conjunt de funcionalitats que poden ser fàcilment incorporades a una plataforma multiagent real. Aquesta arquitectura segueix un enfoc orientat a serveis, de manera que les funcionalitats de traça són oferides per part de la plataforma de manera similar als serveis tradicionals. D'aquesta manera, el traçat d'esdeveniments pot ser considerat com una font addicional d'informació per a les entitats del sistema multiagent, i com a tal, pot integrar-se al procés de desenvolupament software des de les seues primeres etapes.Búrdalo Rapa, LA. (2016). TRAMMAS: Enhancing Communication in Multiagent Systems [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/61765TESISCompendi

Aspect-based approach to modeling access control policies, An

Department Head: L. Darrell Whitley.2007 Spring.Includes bibliographical references (pages 119-126).Access control policies determine how sensitive information and computing resources are to be protected. Enforcing these policies in a system design typically results in access control features that crosscut the dominant structure of the design (that is, features that are spread across and intertwined with other features in the design). The spreading and intertwining of access control features make it difficult to understand, analyze, and change them and thus complicate the task of ensuring that an evolving design continues to enforce access control policies. Researchers have advocated the use of aspect-oriented modeling (AOM) techniques for addressing the problem of evolving crosscutting features. This dissertation proposes an approach to modeling and analyzing crosscutting access control features. The approach utilizes AOM techniques to isolate crosscutting access control features as patterns described by aspect models. Incorporating an access control feature into a design involves embedding instantiated forms of the access control pattern into the design model. When composing instantiated access control patterns with a design model, one needs to ensure that the resulting composed model enforces access control policies. The approach includes a technique to verify that specified policies are enforced in the composed model. The approach is illustrated using two well-known access control models: the Role- Based Access Control (RBAC) model and the Bell-LaPadula (BLP) model. Features that enforce RBAC and BLP models are described by aspect models. We show how the aspect models can be composed to create a new hybrid access control aspect model. We also show how one can verify that composition of a base (primary) design model and an aspect model that enforces specified policies produces a composed model in which the policies are still enforced

Steps towards adaptive situation and context-aware access: a contribution to the extension of access control mechanisms within pervasive information systems

L'évolution des systèmes pervasives a ouvert de nouveaux horizons aux systèmes d'information classiques qui ont intégré des nouvelles technologies et des services qui assurent la transparence d'accès aux resources d'information à n'importe quand, n'importe où et n'importe comment. En même temps, cette évolution a relevé des nouveaux défis à la sécurité de données et à la modélisation du contrôle d'accès. Afin de confronter ces challenges, differents travaux de recherche se sont dirigés vers l'extension des modèles de contrôles d'accès (en particulier le modèle RBAC) afin de prendre en compte la sensibilité au contexte dans le processus de prise de décision. Mais la liaison d'une décision d'accès aux contraintes contextuelles dynamiques d'un utilisateur mobile va non seulement ajouter plus de complexité au processus de prise de décision mais pourra aussi augmenter les possibilités de refus d'accès. Sachant que l'accessibilité est un élément clé dans les systèmes pervasifs et prenant en compte l'importance d'assurer l'accéssibilité en situations du temps réel, nombreux travaux de recherche ont proposé d'appliquer des mécanismes flexibles de contrôle d'accès avec des solutions parfois extrêmes qui depassent les frontières de sécurité telle que l'option de "Bris-de-Glace". Dans cette thèse, nous introduisons une solution modérée qui se positionne entre la rigidité des modèles de contrôle d'accès et la flexibilité qui expose des risques appliquées pendant des situations du temps réel. Notre contribution comprend deux volets : au niveau de conception, nous proposons PS-RBAC - un modèle RBAC sensible au contexte et à la situation. Le modèle réalise des attributions des permissions adaptatives et de solution de rechange à base de prise de décision basée sur la similarité face à une situation importanteÀ la phase d'exécution, nous introduisons PSQRS - un système de réécriture des requêtes sensible au contexte et à la situation et qui confronte les refus d'accès en reformulant la requête XACML de l'utilisateur et en lui proposant une liste des resources alternatives similaires qu'il peut accéder. L'objectif est de fournir un niveau de sécurité adaptative qui répond aux besoins de l'utilisateur tout en prenant en compte son rôle, ses contraintes contextuelles (localisation, réseau, dispositif, etc.) et sa situation. Notre proposition a été validé dans trois domaines d'application qui sont riches des contextes pervasifs et des scénarii du temps réel: (i) les Équipes Mobiles Gériatriques, (ii) les systèmes avioniques et (iii) les systèmes de vidéo surveillance.The evolution of pervasive computing has opened new horizons to classical information systems by integrating new technologies and services that enable seamless access to information sources at anytime, anyhow and anywhere. Meanwhile this evolution has opened new threats to information security and new challenges to access control modeling. In order to meet these challenges, many research works went towards extending traditional access control models (especially the RBAC model) in order to add context awareness within the decision-making process. Meanwhile, tying access decisions to the dynamic contextual constraints of mobile users would not only add more complexity to decision-making but could also increase the possibilities of access denial. Knowing that accessibility is a key feature for pervasive systems and taking into account the importance of providing access within real-time situations, many research works have proposed applying flexible access control mechanisms with sometimes extreme solutions that depass security boundaries such as the Break-Glass option. In this thesis, we introduce a moderate solution that stands between the rigidity of access control models and the riskful flexibility applied during real-time situations. Our contribution is twofold: on the design phase, we propose PS-RBAC - a Pervasive Situation-aware RBAC model that realizes adaptive permission assignments and alternative-based decision-making based on similarity when facing an important situation. On the implementation phase, we introduce PSQRS - a Pervasive Situation-aware Query Rewriting System architecture that confronts access denials by reformulating the user's XACML access request and proposing to him a list of alternative similar solutions that he can access. The objective is to provide a level of adaptive security that would meet the user needs while taking into consideration his role, contextual constraints (location, network, device, etc.) and his situation. Our proposal has been validated in three application domains that are rich in pervasive contexts and real-time scenarios: (i) Mobile Geriatric Teams, (ii) Avionic Systems and (iii) Video Surveillance Systems

A SEMANTIC BASED POLICY MANAGEMENT FRAMEWORK FOR CLOUD COMPUTING ENVIRONMENTS

Cloud computing paradigm has gained tremendous momentum and generated intensive interest. Although security issues are delaying its fast adoption, cloud computing is an unstoppable force and we need to provide security mechanisms to ensure its secure adoption. In this dissertation, we mainly focus on issues related to policy management and access control in the cloud. Currently, users have to use diverse access control mechanisms to protect their data when stored on the cloud service providers (CSPs). Access control policies may be specified in different policy languages and heterogeneity of access policies pose significant problems.An ideal policy management system should be able to work with all data regardless of where they are stored. Semantic Web technologies when used for policy management, can help address the crucial issues of interoperability of heterogeneous CSPs. In this dissertation, we propose a semantic based policy management framework for cloud computing environments which consists of two main components, namely policy management and specification component and policy evolution component. In the policy management and specification component, we first introduce policy management as a service (PMaaS), a cloud based policy management framework that give cloud users a unified control point for specifying authorization policies, regardless of where the data is stored. Then, we present semantic based policy management framework which enables users to specify access control policies using semantic web technologies and helps address heterogeneity issues of cloud computing environments. We also model temporal constraints and restrictions in GTRBAC using OWL and show how ontologies can be used to specify temporal constraints. We present a proof of concept implementation of the proposed framework and provide some performance evaluation. In the policy evolution component, we propose to use role mining techniques to deal with policy evolution issues and present StateMiner, a heuristic algorithm to find an RBAC state as close as possible to both the deployed RBAC state and the optimal state. We also implement the proposed algorithm and perform some experiments to demonstrate its effectiveness