1ACSAC 2002 © Mohammad al-Kahtani 2002
A Model for Attribute-Based User-Role Assignment
Mohammad A. Al-Kahtani Ravi Sandhu George Mason University SingleSignOn.net, Inc. & [email protected] George Mason University
2ACSAC 2002 © Mohammad al-Kahtani 2002
Presentation Roadmap
1. Introduction2. Problem Description3. Suggested Solution 4. Case Study 5. Expressing MAC
3ACSAC 2002 © Mohammad al-Kahtani 2002
Introduction
• Role-Based Access Control (RBAC): A proven alternative to DAC and MAC
• RBAC basic components:1. Users2. Roles3. Permissions
4ACSAC 2002 © Mohammad al-Kahtani 2002
Introduction
• Simplified RBAC Model
RoleHierarchy
Users
(UA) User
Assignment
(PA) Permission Assignment
RolesPermiss-ions
5ACSAC 2002 © Mohammad al-Kahtani 2002
Presentation Roadmap
1. Introduction2. Problem Description3. Suggested Solution4. Case Study 5. Expressing MAC
6ACSAC 2002 © Mohammad al-Kahtani 2002
Problem Description
• In RBAC, user-to-role assignment is done manually
• Many enterprises have huge customer bases: Banks Utilities companies Popular web sties
• Manual assignment becomes a formidable task
7ACSAC 2002 © Mohammad al-Kahtani 2002
Presentation Roadmap
1. Introduction2. Problem Description3. Suggested Solution4. Case Study 5. Expressing MAC
8ACSAC 2002 © Mohammad al-Kahtani 2002
Suggested Solution
• Modify RBAC to allow automatic user-role assignment
Introducing Authorization Rules
• Authorization rule structure:
Constraints
AttributesExpression
Roles
9ACSAC 2002 © Mohammad al-Kahtani 2002
Suggested Solution
• Rule-Based RBAC (RB-RBAC)
AttributesExpressions
Users
Roles
Permissions
Constraints
Attributesvalues
10ACSAC 2002 © Mohammad al-Kahtani 2002
Suggested Solution
• Attributes Values:
1. Stored locally
2. Provided by users
3. Other means
AttributesExpressions
Users
Roles
Permissions
Constraints
Attributesvalues
11ACSAC 2002 © Mohammad al-Kahtani 2002
Suggested Solution
• Attributes Expressions:
1. Expressed in RB-RBAC language
2. Constitute LHS of authorization rules
• RB-RBAC production rules are in BNF notation.
AttributesExpressions
Users
Roles
Permissions
Constraints
Attributesvalues
12ACSAC 2002 © Mohammad al-Kahtani 2002
Suggested Solution
• Constraints:
Future work
AttributesExpressions
Users
Roles
Permissions
Constraints
Attributesvalues
13ACSAC 2002 © Mohammad al-Kahtani 2002
Suggested Solution
• Seniority Levels Relations among authorization rules
• Rule i:
• Rule j:
Rulei is senior to Rulej
AttributesExpression
Roles
AttributesExpression
Roles
Logically implies
14ACSAC 2002 © Mohammad al-Kahtani 2002
Suggested Solution
• Seniority Levels Anomalies
1. Redundancy
Rule i is senior to Rule j
Rule i
Rule j
Role 1
Role 1 & Role 2
15ACSAC 2002 © Mohammad al-Kahtani 2002
Suggested Solution
• Seniority Levels anomalies
1. Redundancy
Rule i is senior to Rule j
Rule i
Rule j
Role 1
Role 2
Role 1 is senior to Role 2
16ACSAC 2002 © Mohammad al-Kahtani 2002
Suggested Solution
• Seniority Levels anomalies
2. Inconsistency
Rule i is senior to Rule j
Rule i
Rule j
Role 1
Role 2
Role 1 and 2 are mutually exclusive
17ACSAC 2002 © Mohammad al-Kahtani 2002
Presentation Roadmap
1. Introduction2. Problem Description3. Suggested Solution4. Case Study 5. Expressing MAC
18ACSAC 2002 © Mohammad al-Kahtani 2002
Case Study
• Online Entertainment Store
• Suggested rating system
• Attributes Age Country
Rating Levels Roles
Strict Child
Less Strict Juvenile
Liberal Adolescent
Graphic Adult
19ACSAC 2002 © Mohammad al-Kahtani 2002
Case Study
• Attributes: Age
1. Rule 1:: (Age 3) Child2. Rule 2:: (Age 11) Juvenile3. Rule 3:: (Age 16) Adolescent
4. Rule 4:: (Age 18) Adult
Age Role
3 Child
11 Juvenile
16 Adolescent
18 Adult
20ACSAC 2002 © Mohammad al-Kahtani 2002
Case Study
• Attributes: Country
1. Rule 1:: (Country IN {A..Z}) Juvenile 2. Rule 2:: (Country IN {{A..Z} – {Saudi, Sudan}}) Adolescent 3. Rule 3:: (Country IN {{A..Z} – {China, India, Saudi, Sudan, Egypt, Indonesia, Malaysia, Singapore}}) Adult
Country Role
Country in {A..Z} Juvenile
Country in {{A..Z} – {Saudi, Sudan}}
Adolescent
Country in {{A..Z}
– {China, India, Saudi, Sudan, Egypt, Indonesia, Malaysia, Singapore}}
Adult
21ACSAC 2002 © Mohammad al-Kahtani 2002
Case Study
• Authorization rules for the 2 attributes:
1. Rule 1:: (Age 3) AND (country IN {A..Z}) Child 2. Rule 2:: (Age 11) AND (country IN {A..Z}) Juvenile3. Rule 3:: (Age 16) AND (country IN {{A..Z} – {Saudi, Sudan}}) Adolescent4. Rule 4:: (Age 18) AND (Country IN {{A..Z} – {China, India, Saudi, Sudan, Egypt, Indonesia, Malaysia, Singapore }}) Adult
22ACSAC 2002 © Mohammad al-Kahtani 2002
Presentation Roadmap
1. Introduction2. Problem Description3. Suggested Solution4. Case Study 5. Expressing MAC
23ACSAC 2002 © Mohammad al-Kahtani 2002
Expressing MAC
Adult
Adolescent
Juvenile
Child
Adult Write(AW)
Adolescent Write(DW)
Juvenile Write(JW)
Child Write(CW)
Security Lattice
Role Hierarchies
Adolescent Read (DR)
Juvenile Read (JR)
Child Read (CR)
Adult Read (AR)
24ACSAC 2002 © Mohammad al-Kahtani 2002
Expressing MAC
Authorization Rules:
Rule 1:: (Age 3) AND (country IN {A..Z}) CR AND CW
Rule 2:: (Age 11) AND (country IN {A..Z}) JR AND JW
Rule 3:: (Age 16) AND (country IN {{A..Z} – {Saudi, Sudan}})
DR AND DW
Rule 4:: (Age 18) AND (Country IN {{A..Z} –{China, India,
Saudi, Sudan, Egypt, Indonesia, Malaysia, Singapore}})
AR AND AW