+ All Categories
Home > Documents > UCON Model

UCON Model

Date post: 16-Feb-2016
Category:

Documents
Upload: lavi
View: 52 times
Download: 0 times
Download Report this document
Share this document with a friend
Description:
UCON Model. 51000448 - Huỳnh Châu Duy. OUTLINE. UCON MODEL. Traditional access control. Mandatory Access Control (MAC) Discretionary Access Control (DAC) Role Based Access Control (RBAC) Focus in a closed system environment - PowerPoint PPT Presentation
Popular Tags:
lack of access control
tracking access
access control rbac
preauthorizations prea
preobligations preb
ongoingauthorizations
digital environment
object attributes
29
UCON MODEL 51000448 - Huỳnh Châu Duy
Transcript
Page 1: UCON Model

UCON MODEL

51000448 - Huỳnh Châu Duy

Page 2: UCON Model

OUTLINEUCON

MODELWhat?

What for?When?Why?

CORE MODELS

16 basic models Example

COMPARISONTraditional

access control

DRM

CONCLUSION

Page 3: UCON Model

UCON MODEL

UCON MODEL

WHAT?

WHEN?

WHAT FOR?

WHY?

Page 4: UCON Model

TRADITIONAL ACCESS CONTROL Mandatory Access Control (MAC) Discretionary Access Control (DAC) Role Based Access Control (RBAC)

Focus in a closed system environment Not adequate for today’s distributed, network-

connected digital environment. Authorization only Decision is made before access No consumable rights Rights are pre-defined and granted to subjects

Page 5: UCON Model

DIGITAL RIGHT MANAGEMENT(DRM) Controlling and tracking access to and use of

digital information objects at client-side. Mainly focus on intellectual property

rights protection. Lack of access control model.

Page 6: UCON Model

PROBLEM

Page 7: UCON Model

UCON MODEL

UCON MODEL

WHAT?

WHEN?

WHAT FOR?

WHY?

Page 8: UCON Model

UCONABC MODEL COMPONENTS

Page 9: UCON Model

UCONABC MODEL COMPONENTSSubjects

Attributes Consumer Subjects Provider Subjects Identifiee Subjects

Objects Attributes

Rights

Page 10: UCON Model

WHAT IS UCONABC MODEL?

OBLIGATIONSAUTHORIZATIONSCONDITIONS

Page 11: UCON Model

AUTHORIZATIONS Functional predicates that have to be

evaluated for usage decision. Return whether the subject(requester) is

allowed to perform the requested rights on the object.

Authorizations can be either pre-authorizations (preA) or ongoing-authorizations (onA).

Page 12: UCON Model

OBLIGATIONS Functional predicates that verify mandatory

requirements a subject has to perform before or during a usage exercise.

Obligations can be either pre-obligations (preB) or ongoing-obligations (onB)

Page 13: UCON Model

CONDITIONS Environmental or system-oriented decision

factors. Unlike authorizations or obligations, condition

variables cannot be mutable. Evaluation of conditions cannot update any

subject or object attributes.

Page 14: UCON Model

OUTLINEUCON

MODELWhat?

What for?When?Why?

CORE MODELS

16 basic models Example

COMPARISONTraditional

access control

DRM

CONCLUSION

Page 15: UCON Model

CORE MODEL

The 16 basic UCONABC models

0immutable

1pre_update

2ongoing_updat

e

3post_updat

epreA Y Y N YonA Y Y Y YpreB Y Y N YonB Y Y Y YpreC Y N N NonC Y N N N

Page 16: UCON Model

CORE MODEL

AUTHORIZATIONS preA

onA

Page 17: UCON Model

CORE MODELpreApreA0

preA1

preA3

Example : - Pay-per-view (preUpdate) - Metered payment

(postUpdate)

Page 18: UCON Model

CORE MODELonAonA0

onA1

onA2

onA3

Example : Pay-per-Minutes

Page 19: UCON Model

CORE MODELOBLIGATIONS

preB

onB

Page 20: UCON Model

CORE MODELpreBpreB0

preB1

preB3

Example : Free Internet Service

Page 21: UCON Model

CORE MODELonBonB0

onB1

onB2

onB3

Page 22: UCON Model

CORE MODELCONDITIONS

preC

onC

Page 23: UCON Model

CORE MODEL Example :

Healthcare Education Long-distance phone Pre-paid phone card Click Ad within every 30 minutes Business Hour

Page 24: UCON Model

OUTLINEUCON

MODEL What? What for? When?Why?

CORE MODELS 16 basic models Example

COMPARISON Traditional access control DRM

CONCLUSION

Page 25: UCON Model

COMPARISON

TraditionalAccess Control

•RBAC•MAC•DAC

UCON MODEL

•Authorizations•Obligations•Conditions

Page 26: UCON Model

COMPARISON

DRM•pay-per-use•multiple credits

UCON MODEL

•Authorizations•Obligations•Conditions

Page 27: UCON Model

OUTLINEUCON

MODEL What? What for? When?Why?

CORE MODELS 16 basic models Example

COMPARISON Traditional access control DRM

CONCLUSION

Page 28: UCON Model

CONSLUSION UCONABC leaves open the architecture and

mechanisms for providing trusted attributes.

Page 29: UCON Model

Recommended
TOP Server 5 User Configurable (UCON) Driver Training Lauren Conrad.

TOP Server 5 User Configurable (UCON) Driver Training Lauren Conrad.

Documents

Trust and Security for Next Generation Grids, Implementing UCON with XACML for Grid Services Bruno Crispo Vrije Universiteit Amsterdam.

Trust and Security for Next Generation Grids, Implementing UCON with XACML for Grid Services Bruno Crispo Vrije Universiteit Amsterdam.

Documents

Fluids and Lubricants - Dow Chemical Company UCON fluids or lubricants. Selection may be based primarily on viscosity, ... Viscosity is a key property in the selection of any lubricant.

Fluids and Lubricants - Dow Chemical Company UCON fluids or lubricants. Selection may be based primarily on viscosity, ... Viscosity is a key property in the selection of any lubricant.

Documents

Carlota - Efficient Developments · Carlota Luxury Model Luxury Model Basic Model Luxury Model Luxury Model Basic Model Luxury Model Luxury Model Luxury Model “This brochure is

Carlota - Efficient Developments · Carlota Luxury Model Luxury Model Basic Model Luxury Model Luxury Model Basic Model Luxury Model Luxury Model Luxury Model “This brochure is

Documents

Superior Solution for Deposit and Varnish Control UCON Oil ... Superior Solution for Deposit and Varnish Control UCON™ Oil-Soluble Polyalkylene Glycol (PAG) Lubricant Technology

Superior Solution for Deposit and Varnish Control UCON Oil ... Superior Solution for Deposit and Varnish Control UCON™ Oil-Soluble Polyalkylene Glycol (PAG) Lubricant Technology

Documents

+ Experimental Research Designs: True Experimental vs. Quasi Experimental Research Designs Ms. Sharanjit Kaur Lecturer UCON, BFUHS, Faridkot.

+ Experimental Research Designs: True Experimental vs. Quasi Experimental Research Designs Ms. Sharanjit Kaur Lecturer UCON, BFUHS, Faridkot.

Documents

D50x Development Tool Chain - duagon AG Dietikon Phone +41 44 743 73 00 Fax +41 44 743 73 15 D50x Development Tool Chain ... 12 4.1 Install and Setup uCon ...

D50x Development Tool Chain - duagon AG Dietikon Phone +41 44 743 73 00 Fax +41 44 743 73 15 D50x Development Tool Chain ... 12 4.1 Install and Setup uCon ...

Documents

UCON Magazine: May 2013

UCON Magazine: May 2013

Documents

Usage Control (UCON) or ABAC on Steroids · digital rights management and more − For sensitive information protection, IPR protection, and privacy protection Model − General purpose,

Usage Control (UCON) or ABAC on Steroids · digital rights management and more − For sensitive information protection, IPR protection, and privacy protection Model − General purpose,

Documents

UCON. Tailor-made solutions.  · chemical and pharmaceutical industry. Storage - With safety always in mind, our containers represent the best choice for the storage of hazardous

UCON. Tailor-made solutions.  · chemical and pharmaceutical industry. Storage - With safety always in mind, our containers represent the best choice for the storage of hazardous

Documents

Teamcenter Product Cost Management Gateway for SAP S ...The UCON Blacklist prevents external applications such as T4S to work properly with SAP S/4HANA®. Siemens PLM Software provides

Teamcenter Product Cost Management Gateway for SAP S ...The UCON Blacklist prevents external applications such as T4S to work properly with SAP S/4HANA®. Siemens PLM Software provides

Documents

Intro to Windows Kernel Security Development (uCON ... · Reference ” • “Windows ... keep your old WinDBG scripts :-) 30. Debugging Over Serial ... ★But let’s take a quick

Intro to Windows Kernel Security Development (uCON ... · Reference ” • “Windows ... keep your old WinDBG scripts :-) 30. Debugging Over Serial ... ★But let’s take a quick

Documents

System Security Access Control Fundamentals€¦ · Role-based AC (RBAC) Usage Control (UCON) Policy-based Access Control . Discretionary Access Control Subjects are able to assign

System Security Access Control Fundamentals€¦ · Role-based AC (RBAC) Usage Control (UCON) Policy-based Access Control . Discretionary Access Control Subjects are able to assign

Documents

Unified Connectivity (UCON) for SAP NetWeaver Overview

Unified Connectivity (UCON) for SAP NetWeaver Overview

Technology

Intro to Windows Kernel Security Development … · Intro to Windows Kernel Security Development (uCON-Conference 2009) 1. ... Reference ” • “Windows ... ★But let’s take

Intro to Windows Kernel Security Development … · Intro to Windows Kernel Security Development (uCON-Conference 2009) 1. ... Reference ” • “Windows ... ★But let’s take

Documents

COTTON DEVELOPMENT ORGANISATION - Zonal Agriculture Research and Development Institute IV Annual Report 2009/2010 NATIONAL LINT QUALITY GRADES AND THEIR INTERNATIONAL EQUIVALENTS UCON

COTTON DEVELOPMENT ORGANISATION - Zonal Agriculture Research and Development Institute IV Annual Report 2009/2010 NATIONAL LINT QUALITY GRADES AND THEIR INTERNATIONAL EQUIVALENTS UCON

Documents

Universal Connection System - UCON · 2015-06-04 · Universal Connection System - UCON 26 January 2012 Steven Manquin Product Responsible – Connection Systems • 2007 FMC starts

Universal Connection System - UCON · 2015-06-04 · Universal Connection System - UCON 26 January 2012 Steven Manquin Product Responsible – Connection Systems • 2007 FMC starts

Documents

Design of Secure CAMIN Application System based on Dependable and Secure TMO and RT-UCON

Design of Secure CAMIN Application System based on Dependable and Secure TMO and RT-UCON

Documents