attribute based access control

A Seminar

onAttribute Based Access Control

( ABAC )

[email protected]

Guided By Presented ByDr. Shamik Sural Chandra Mohan SharmaProfessor IIT Kharagpur 15CS60D04, M. Tech. Ist Year

IIT KharagpurMarch 18, 2016

[email protected]

Outline

1. Motivation

2. Security Related Key Terms

3. Access Control Mechanism

4. Traditional Access Control Models

5. Attribute Based Access Control ( ABAC )

6. Conclusion


Motivation

[email protected] IIT Kharagpur

Security – Why???

March 18, 2016

Resource

Protection

Threat

Information Sharing

Motivation

[email protected] IIT KharagpurMarch 18, 2016

Possibly most secure but unusable system

Security Components


Security

IntegrityConfidentiality

Availability

Security – Key Terms

1. Authentication: “ Who are you? ” 3 Factors

Who you are - username, userid etc.What you have - password, access card, finger print etcWhat you are - digital identity

2. Authorization: “ What can you access ”

3. Accounting: “ What you have accessed ”

4. Policy: Statement of what is allowed what is not allowed

5. Mechanism: Operation that implement and enforce a policy


Access Control Mechanism

[email protected]

NIST defines Access Control Mechanism as a logical component that serves to receive the access request for an Object from a Subject and decide & enforce the access decision.


Subject: user, NPE Object: file, data, resourceAccess ControlMechanism

Traditional Access Control Models - DAC

Discretionary Access Control (DAC): Owner responsibility to define rights of each subject on the object. The main properties of DAC are

– Decentralised – discretion of each individual owner– Identity based– Permission rule are attached to object

HRU Model is an example of DAC


Access Control Matrix

Access Control Matrix: The Simple conceptual

model that specifies the rigths that each subject possesses for each object.

The protection state of the system is defined by the triplet (A, S, O)

Traditional Access Control Models - MAC

Mandatory Access Control (MAC): Access decision are taken and enforced by the security system. The main characterstics of MAC are

– Centralised– Most restrictive model – military style of model – Used in highly sensitive application areas

Bell–LaPadula, BIBA & Chinese-Wall model are example of MAC


Bell–LaPadula Model Subjects have

security clearance Objects have security

classification Only subjects of same

or above security clearance can access objects of a security class

Traditional Access Control Models - RBAC


Role Based Access Control (RBAC): Subjects are assigned Roles which have predefined associated permissions to perform certain operation on the objects. The main features of RBAC are

– Centralized & Decentralized at once– Permissions are enforced through Access Control List (ACL)

attached to objects– Suit the industry style applications

Role1

Role2

Role1Role2

Asset

User

Traditional A C Models – RBAC Example


Traditional A C Models – Pros & Cons


Scalable Flexible – user &

permission are loosely coupled

Less administration required

Roles needs provisioning and maintenance

Possibility of role explosion

Unable to accommodate real-time context

Pros Easy to implement Highly flexible

Cons Doesn't scale well ACL explosion possibility Prone to mistakes

DAC

MAC

RBAC

Most secure Easy to scale

Not flexible Limited user Functionality High admin overhead

Attribute Based Access Control – ABAC

[email protected]

NIST defines ABAC as "An access control method where subject requeststo perform operations on objects are granted or denied based on assigned attributes of the subject, assigned attributes of the object, environment conditions, and a set of policies that are specified in terms of those attributes and conditions"


AccessControlPolicy

SubjectAttributes

ObjectAttributes

ObjectSubject

EnvironmentConditions

Decision

Enforce

ABACMechanism

Rule

ABAC Example

[email protected]

Online Movie Viewing Application– Basic Policy: Access to a movie will be granted based on age of user &

rating of movie. – For Ex. i.e. childern will be allowed to watch movie with G rating


R 1: canaccess(u, m, e ) ←( Age (u)≥21 ∧ Rating (m )∈{R,PG 13 ,G }) ∨

(21≥Age(u )≥13 ∧ Rating (m )∈{PG13 ,G )} ∨( Age( u)<13 ∧ Rating (m )∈ {G })

R 2: canaccess(u, m, e ) ←(MemberType (u )=' Pr emium' ) ∨(MemberType (u )=' Regular' ∧MovieType (m )∉ { 'NewRe lease' } )R 3: canaccess(u, m, e ) ← R 1∧ R 2

Advance Policy: Premium customer can view new releases. For this, new rule R2 can be formed and can be aggregated with R1 to force both policies

ABAC Advantage


Problems with traditional access control models: Static – access control permissions are predetermined No context – environmental conditions are not considered Too coarse – classification is done at high abstraction level

ABAC advantage: Dynamic – access control permissions are evaluated at the time

of actual request is made Contextual – environmental conditions may be considered Fine grained – attribute based, so detailed rules can be formed

Example: Using ABAC, we can form rules like: User can access Server from office User can access Server from office during working hours User can access Server from home during non working hours

using laptop only

ABAC – Access Control Mechanism

[email protected]

In ABAC, PEP, PDP, PAP & PAP may be on same machine or may be physically separated. Such distributed framework give rise to ABAC Enterprise.


Access Control Mechanism for ABAC

ABAC Pros & Cons


Pros Dynamic & fine grained

access control Scalable Consider environmental

conditions Can be mapped to MAC &

RBAC model Can easily adapt to Risk

( RAdAC ) Easy administration

Cons Attribute needs

provisioning and maintenance

Possibility of attribute explosion

Complex to analyze

Conclusion

[email protected]

Information & System sharing and need for protection of resources necessiate to have security mechanism in place.

Confidentiality, Integrity & Availability are the main components of information security.

Access Control Mechanism decide & enforce the outcome of access request. Thus provide a restricted access of resource to user.

DAC, MAC, RBAC & ABAC are various access control models. RBAC is the widely used & popular access control model till now. ABAC is a fine grained, flexible & scalable access control model

which is gaining momentum now for adoption.


References

[email protected]

1. Michael Hogan, Fang Liu, Annie Sokol, Jin Tong NIST Cloud Computing Standards Roadmap Working Group, NIST Cloud Computing Standards Roadmap - Version 1.0,Special Publication 500-291 ( National Inst. Standards and Technology, 2011), pp. 1-46

2. Xin Jin, Ram Krishnan, Ravi Sandhu, A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC (N. Cuppens-Boulahia et al. (Eds.): DBSec 2012, LNCS 7371, 2012), pp. 41-55

3. E. Yuan, J. Tong, Attributed based access control (ABAC) for web services (International ICWS, 2005), pp. 561-569

4. D.R. Kuhn, E.J. Coyne, T.R. Weil, Adding Attributes to Role Based Access Control (IEEE Computer, June, 2010), pp. 79-81

5. E. Damiani, Di Vimercati, S.D.C., P. Samarati, New paradigms for access control in open environments (Int. Sym. on Sig. Proc. and Information Technology 2005, Security, 2004), pp. 693-703

6. J. Park, R. Sandhu, The UCONabc usage control model (ACM Transactions on Information System), pp. 224-274


March 18, [email protected]

Questions ???

Thank You...

IIT Kharagpur

attribute based access control

Engineering