anupam joshi and tim finin ebiquity umbc
TRANSCRIPT
Anupam Joshi and Tim FininEbiquityUMBC
http://ebiquity.umbc.edu/
Constraining Information Flow in Social Networks using Policies and Context
Probing Policy secured systems to recover policy
SOA based InfrastructureSecuring Clouds with Policy
2
3
Increase in the user generated content on web
Rise in the online interactions and content sharing among users
More dynamic contextNeed to provide precise control over
the conditions under which users can share their personal information
4
Availability of GPS functionality on phone devices like iPhone, HTC-G1 and network based positioning methods on internet
Social network maps friends and their locations using Maps API on the web
Content sharing relative to dynamic context (location and time)
Privacy is an important issue with the current systems like Google latitude, Loopt, Brightkite
5
6
Static knowledge about user profile, and networks of friends
Knowledge about dynamic user context like current activity, location
Privacy enforcement rules
Reasoning Engine
Network
Privacy Control Framework
Content Preferences
Content Aggregator
Social Media
Policy network ontology
Database
7
Policy network ontology Integrates Rein and AIR policy ontology Rein policies to provide access control and
AIR policies to provide justification to the inferences made
Policies specified using N3 rules and Turtle Reasoning engine
CWM, a forward chaining rule engine▪ Pychinko, a forward chaining rule engine, written in
Python, that implements Rete algorithm and allows for efficient processing of very large rule bases
Supports a significant subset of the math, string, time and logic built-ins
8
9
Policy(N3)Policy(N3)
Resource(User-
location)
Meta-PolicyMeta-Policy
Policy Language
(loc-access)
Policy Language
(loc-access)
policy
policy language meta-policy
RequestRequest Requester CredentialsRequester Credentials
Location-Access
Location-Access
AnswerAnswer
ValidValid
InValidInValid
access
requester
ans IsA
IsA
Policy Network Ontology
Request Ontology
Privacy Policy follows Deny-Access approach.It specifies authorization logic --
Authentication is separate
What information user is willing to share With whom
Friends Group of friends
Under what conditions Day and time of the week Location of the user, specifying the area in
which user can be seen Accuracy level of the (location) information
10
Example policies can be : Share my location with teachers on
weekdays only if I am in the university campus and only between 9 am and 6 pm
Share exact location with members of family group all the time, in all locations
Do not share my location if I am at any of the sensitive locations
Do not share my activity status with teachers on weekends
Share my activity status with only close friends
11
Example of location access control policy: Share my location with teachers on weekdays only if I am in the university campus and only between 9 am and 6 pm 12
Example of location access control policy: Share exact location with members
of family group all the time, in all locations13
14
Example of location access control policy: Do not share my location if user is at any of the sensitive locations
15
Example of activity access control policy: Do not share my activity status with teachers on weekends
16
Example of activity access control policy: Do not share my location if user is at any of the sensitive locations
17
Example of Accountability Policy: Checks the compliance of location request with user's policy
User shares her protected resources and defines the privacy preferences
System follows pull mechanism. All the different types of information sharing activities among participants are established by the privacy control module in the system.
Whenever any participant makes a query, it is sent to the privacy control module which in turn processes the query by reasoning over the policy networks associated with the resource, and returns the valid answer to the query.
Generalization is applied for the valid answers. 18
Client device is location aware device like GPS enabled phones or wi-fi enabled laptops
Google maps to plot user and her friends User interface to define privacy
preferences Connects with Facebook accounts to fetch
profile information and find networks of friends
Creates and stores policy ontology in persistent memory and reloads when required by reasoning engine
19
Privacy Configuration User Interface20
Summary of features of our system and their comparison with the state of theart systems
21
22
Problem: A system whose access policy is known is more vulnerable to attacks and insider threat
Attackers may infer likely policies fromaccess observations, partial knowledgeof subject attributes, and backgroundknowledge
Objective: Strengthen policiesagainst discovery
Approach: Explore techniques topropose policy theories via machinelearning, including ILP and SVMs
Results: promising initial results forsimple Role Based Access Control policies
24
Practically everyone’s plans are to move to Cloud based systems
Everyone thinks about security for clouds, but almost no one is doing it. A lot of it is technology, but a lot is
management as well Much of the technology work is focused
on isolation at the hypervisor level, but this is not enough
Policies driven security can be of great help in both the technological and management planes
Most existing work focuses on Isolation for Virtualization You don’t always want to isolate,
sometimes it is good (i.e. efficient) to share
Trusting the virtualized service provider on the cloud Amazon disclaims any data loss,
Facebook wants to own your data … Constrain what the cloud can do
Don’t replicate outside of US jurisdiction, don’t co-locate with a job run by my competitor, …
Use computational policies to Leverage Hypervisor level isolation
functions to provide granular isolation Allow users to specify what kind of
security they need at the virtualization level▪ Sharing and isolation requirements
Allow users to describe how their data is shared/used
Allow clouds to specify what security / Isolation they offer
PbA-WAN-C&M 001 v1
Management – configuration, planning, and control
Planning agents emulate operational environment to create and test configuration policies
Operation – deployment and control
Embedded agents verify, validate, and enforce local and global configuration
Configuration Policy Embedded agents share and
diagnose local and remote states to detect and respond
to aberrant behavior
Planning agents collect information from operational network to provide emulation and analysis feedback
Role-based PKI control access for restricting
capabilities of network administrator
Cross-system secure messaging and policy-based PKI authentication and authorization control
OWL + SWRL based ontologies and rules to define advanced configuration policies
Goal: self configuring network routers running in a coalition envi-ronment demonstrating constraints on border gateway protocol
29
An event-based model allowscomponents to share context
Shared semantic models fordescriptions, communicationand policies
Initial prototype uses ApacheAxis2 SOA Framework
Adding a shared Blackbook based component for situation awareness, policy reasoning and enhanced agent-based protocols for advertising, neg-otiation and argumentation
service calls & interactions
disc
over
y
rele
ase
use
BlackbookBlackbookpolicy reasoner
policy reasoner
DL reasoner
DL reasoner
back-ground
knowledgeand LOD
back-ground
knowledgeand LOD
triple storetriple store
context and situ-
ation awareness
context and situ-
ation awareness
Blackbook
Identify functional and technical specifications Determine domain, data type and it’s acceptable quality levels
Identify functional and technical specifications Determine domain, data type and it’s acceptable quality levels
“Request for Service” “Request for Service”
SERVICE CLOUDSERVICE CLOUDCONSUMERCONSUMER
Service Discovery Engine
Service Discovery Engine
List of service providers with advertised service, service levels and cost
List of service providers with advertised service, service levels and cost
Service Certification
Service Certification
Quality of Service (QoS) contracts between primary service providers and dependent services
Quality of Service (QoS) contracts between primary service providers and dependent services
Service Level Agreement (SLA) between consumer and primary service provider
Service Level Agreement (SLA) between consumer and primary service provider
Service composedService composed Dependant servicesDependant services
Service packaged, delivered – one time or periodically as needed
Service packaged, delivered – one time or periodically as needed
Service paymentService payment
Service consumedService consumed
Service MonitoringService Monitoring
ClassContract
Class: Service Level Agreement
SLA NameDescriptionSLA MetricsPenalty
ClassContract Negotiation
Class :Quality of Service (QOS)QOS NameDescriptionQOS MetricsPenalty
is part of
results in
ClassDependent Service Sub-Contract
ClassService Contract
subClass of
subClass of Class
Provider Negotiation
ClassConsumer Negotiation
subClass of
subClass of
results in
is part of
Class : Provider ListProvider Service detailsService availabilityService Cost
Is used in
Class : Request for ServiceService DomainExp_Svc_Begin_DateExp_Svc_End_DateRFS_Respond_by_dt Cost_constraint
Is used in