Security Management-Access Control

1

[1]

Dr. Kaniz Fatema

Trinity College Dublin March, 2016

Authentication Authorisation

2

Access Control

Identifies someone/ something

Verifies the identified someone/ something has right to access

3

Access Control Models

o Identity based access control

o Role Based Access Control (RBAC) model

o Attribute Based Access Control (ABAC) model

4

Identity based access control

In an identity based system the access rights are based on the identity of the subject It can be implemented using an access control matrix, access control lists or capabilities (Sandhu and Samarati 1994).

5

Role Based Access Control (RBAC) model

The main concept of RBAC is that permissions are associated with roles and users get permissions based on the roles assigned to them. Unlike identity based systems adding or removing users is much easier in this model.

6

Attribute Based Access Control (ABAC) model

The Attribute Based Access Control Model is an extension of the RBAC Model where permissions are given based on the attributes possessed by the user.

Attributes are not limited to organisational roles, they can be anything such as degree, qualification, name, age and of course roles.

Attributes (usually assigned by Attribute Authorities (AAs)), are assigned to users and permissions are assigned to attributes and thus users get permissions based on the attributes they possess.

Authentication

Authentication is a way of identifying an entity and is a process by which it is possible to determine whether someone/something is genuine.

7

8

Password and PIN based authentication One-time password

Authentication elements

Something you know: This may be something you mentally possess. This could be a password, a secret word known by the user and the authenticator.

9

Authentication elements

Secret / Private key for- Symmetric-key authentication Public-key authentication

Electronic Identity Cards

Something you have:

10

Biometric authentication

Authentication elements

Something you are: This being a naturally acquired physical characteristic such as voice, fingerprint, and other biometrics.

12

To increase authentication effective ness, a scheme with multiple methods is used. Systems using a scheme with two or more methods can result in greater system security

The popular technique, referred to as multi-factor authentication, overcome the limitations of a specific authentication.

Multiple Factors and Effectiveness of Authentication

13

Privacy preserving Authentication methods

Privacy preserving authentication technique should allow

• Anonymity

• Unlinkability

• Minimum disclosure

14

User

eID Server

Cloud service

Cloud service

Cloud service

Age = 12 years

Name = ?XDate of Birth= ?X

Privacy Preserving Authentication

15

Authorisation determines that the proven identityhas the right to perform the requested actions (e.g.,read the file, write in the database) on therequested resources.

An authorisation system determines who isauthorised to do what i.e. it assigns privileges tousers and provides a decision on whethersomeone is allowed to perform a requested actionon a resource.

Authorisation

16

Policy based authorisation system

Initiator

Policy Decision Point

Target

Policy Enforcement

Point

Submit Access Request

Decision Request Decision

Present Access Request

17

Example Policy<Policy PolicyId="PolicyNo1forMedicalData"RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-

algorithm:deny-overrides"><Target/><Rule RuleId="MedicalDataAccessByMedicalProfessional"

Effect="Permit"><Description>Medical Professional of this organisation can read the

medical data </Description> <Target>

<Subjects> <Subject><SubjectMatch

MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"><AttributeValue

DataType= "http://www.w3.org/2001/XMLSchema#string">Medical Professional</AttributeValue>

<SubjectAttributeDesignator AttributeId=Role DataType="http://www.w3.org/2001/XMLSchema#string"/>

</SubjectMatch></Subject> </Subjects>

18

Example Policy<Resources> <Resource>

<ResourceMatchMatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">

<AttributeValueDataType="http://www.w3.org/2001/XMLSchema#string">Medical Data</AttributeValue>

<ResourceAttributeDesignatorDataType="http://www.w3.org/2001/XMLSchema#string" AttributeId="ResourceType"/>

</ResourceMatch></Resource>

</Resources><Actions> <Action> <ActionMatch

MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"><AttributeValue

DataType="http://www.w3.org/2001/XMLSchema#string">READ</AttributeValue>

<ActionAttributeDesignatorDataType="http://www.w3.org/2001/XMLSchema#string" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"/>

</ActionMatch></Action> </Target> </Rule> </Policy>

19

Adding privacy protection to policy based authorisation system

Needs to add policies from Data Subject to honour his/her wishes.

Needs to enforce obligations to notify the data subject.

Needs to add policies from the data protection legislations.

Needs to integrate the policies of all the authorities who have any control over the

data such as the controller, issuer.

Needs to resolve conflicts among multiple independent policies of all the

stakeholders.

Needs to have facility to enforce policies in a distributed environment.

Needs to have the facility to include and execute policies from multiple languages.

20

First an organization must choose the access control model.

Then the organization must select and implement different access control technologies.

Access Control Administration comes in many forms:oCentralized

oHierarchical

oCooperative

oOwnership based

oDecentralized

Access Control Administration

21

Centralized Access Control Administration:

◦ One entity is responsible for overseeing access to all resources.

◦ Provides a consistent and uniform method of controlling access rights.

Access Control Administration

22

Hierarchical Access Control Administration:

◦ A central authoriser is responsible for assigning administrative responsibilities to other administrators.

◦ The administrators can then grant and revoke access authorisations to the users of the system.

◦ Hierarchical administration can be applied, for example, according to the organisation chart.

Access Control Administration

23

Cooperative Access Control Administration:

◦ Special authorisations on given resources cannot be granted by a single authoriser but needs cooperation of several authorisers.

Ownership based Access Control Administration:

◦ A user is considered the owner of the objects he/she creates. The owner can grant and revoke access rights for other users to that object..

Access Control Administration

24

Decentralized Access Control Administration:

◦ In decentralized administration the owner of an object can also grant other users the privilege of administering authorisations on the object.

◦ Has no methods for consistent control, lacks proper consistency.

Access Control Administration

25

A few threats to access control

◦ Insiders◦ Countermeasures include good policies and procedures, separation of

duties, job rotation

◦ Dictionary Attacks◦ Countermeasures include strong password policies, strong authentication,

intrusion detection and prevention

◦ Brute Force Attacks◦ Countermeasures include minimum necessary information provided,

monitoring, intrusion detection

◦ Spoofing at Logon◦ Countermeasures include a guaranteed trusted path, security awareness to

be aware of phishing scams, SSL connection

Threats to Access Control

Policy Based Network Management

26

[1]

27

What is PBNM

“ ...policy based networking is a concept where

access to network resources e.g. bandwidth or

servers, is governed by explicit policies.

A policy-based management tool is responsible

for translating these policies into commands

sent to network devices ….”

28

So What IS a policy ?

There are several interpretations as to what actually

constitutes a policy

Some see a policy as a goal or high level objective

others as a ‘RULE based approach’

“ …Policies represent business goals and objectives

which must be translated (to their realisation) in

the network ….” [IETF Policy Core Schema]

“….. A policy is a rule that can be used to change the

behaviour of a system …….” [Sloman et al 2000]

29

Simple Definition of a Policy

“ a Policy is one or more rules that describe the

action(s) to occur when specific condition(s)

exist” [QoS

Forum]

It can be thought of as comprising:

– Event(s)/Condition(s): which must be satisfied

for the policy to be enacted

– Action: the high level operations which must be

carried out on the device(s) to realise the policy

30

Why use Policy Based Management Approach

Natural fit for Business, where network should

behave in accordance with business/high level goals

Allows great flexibility in changing the way the

(network) management system behaves without

having to recode the management systems

themselves (i.e. just change the policies!)

31

Properties of a Policy

Policies can comprise other policies

This is vital to enable complex policies to be

constructed from simpler policies

Policies should be deterministic i.e. must

define a finite state machine

32

Policy Framework & Architecture

PEP

PDP

PolicyRepository

AuthenticationServer

……..

Net

work

Bord

er

Poin

t

PDP exports info. for monitoring &

management (using SNMP etc.)[QoSForum2000]

http://www.hjp.at/doc/rfc/rfc2748.html

COPS – Common Open Policy Service

33

Architectural Components

PDP: Policy Decision Point

– makes decisions based on policies it retrieves from

the policy repository.

– Involves retrieving policy; interpreting policy;

detecting policy conflicts, ;receiving interface (Role)

descriptions, policy decision requests and policy

elements (conditions); determining which policy is

relevant, applying the policy and returning the

results). Also involves sending policy elements to the

PEP

34

Architectural Components

Policy Repository

– provides storage and distributed (storage)

management of policies

PEP Policy Enforcement Point:

– enforces the policy actions on the network device

– applying actions according to PDP decisions & based

on relevant policies and current network conditions

35

Policy Standardisation

IETF

– Policy Working Group

– Directory Enabled Networking ad hoc working

group

DMTF

– SLA & Policy Information Group (integrated into

DMTF’s Common Information Model)

Policy Model defines: policy, policyGroup,

policy Rule, policy Condition …...

36

Managing your network using PBNM approach

Four Phases:

– Identifying the needs/service features which

needs to be differenciationally managed e.g.

traffic profiles etc.

– Defining Policies to manage these resources

(includes design of policies, testing and

verification/validation)

– Deploying the Policies into the network

– Feedback mechanism for self-tuning

37

[1] Kizza - Guide to Computer Network Security

[2] Jeff Smith, ITNS and CERIAS CISSP Luncheon Series: Access Control Systems & Methodology, Purdue University.

[3] Ravi S. Sandhuy and Pierangela Samaratiz, “Authentication, Access Control, and Intrusion Detection.”

[4] www.qosforum.com - white paper ‘Introduction to QoS Policies’

[5] www.neworkcomputing.com ‘Policy-Based Network Management’ J Conover

[6] ‘Ponder: A langauge for specifying security & management for distributed system’ Sloman et al

[7] www.nwfusion.com ‘Policy based management ain’t what it used to be’ J Caruso

References