1

Temporal Location-Aware Access Control Model Based on Composite Events

Presented by Yu, Lijun

lijun@cs.colostate.edu

2

Outline

Motivation Background The TL-RBAC model

Composite event model Conditions Actions

Conclusion and future work

3

Motivation

Manager John agrees with the employee Bob that he can track Bob’s location only during office hours and when Bob is in office, i.e. 9AM – 5PM, M-F

Bob paid twenty dollars per month for roadside assistant service so that he can use that service for up to thirty hours per week

Solution: A combined temporal and location based RBAC model

4

Background

PA

Session_rolesUser_sessions

USERS ROLES

SESSIONS

PRMS

OPS OBS

RH

UA

5

Temporal RBAC model

Temporal constraints User assignment Permission assignment Role activation Role enabling RBAC Constraints

Temporal constraints can be Duration constraints Periodic constraints

6

Temporal RBAC model

Role Status Expressions Role Triggers Run-time requests Execution model

7

Location-based access control model

Location is modeled as a set of points Location constraints on

User assignment Permission assignment Role activation Permission (object location)

Users have dynamic access control at different user location and object location

8

The TL-RBAC model

Composite event model Conditions Actions

9

Composite event model

Based on the Snoop event specification language for active databases

Extension Primitive RBAC events Primitive location-based events Duration composite constructs

10

Composite event model

Primitive events Primitive RBAC events Primitive location-based events

Temporal Composite events

Periodic / APeriodic Disjunction / Conjunction Sequence Duration

11

TL-RBAC system state The TL-RBAC system state is a tuple S = <ER, UA, UT, PA, RS> where ER Roles is a set of enabled roles, UA: Users (Roles) is a function to get the set of roles assigned to the user UT: Users (Roles) is a function to get the set of roles activated by the user PA: Roles(Permissions) is a function to get the assigned set of permission of

a role RS = TimePriorityExpressions is the set of role enabling expressions, where

Expressions can be one of the following formats: assign r to u, that is assign role r to user u de-assign r to u, that is de-assign role r from user u assign p to r, that is assign permission p to role r de-assign p to r, that is de-assign permission p from role r enable r, that is enable role r disable r, that is disable role r activate r for u, that is activate role r by user u deactivate r for u, that is deactivate role r by user u

12

TL-RBAC predicates

TL-RBAC predicates are boolean expressions comprised of role status predicates and location-based predicates where

Role status predicates can be: r er indicates whether role r is enabled in set er ER r ua(u) indicates whether role r is assigned to user u in fun

ction ua UA r ut(u) indicates whether role r is activated by user u in fun

ction ut UT p pa(r) indicates whether permission p is assigned to role r

by function pa PA Location-based predicates can be:

location(u) loc location(obj) loc loc1 = loc2

13

TL-RBAC Action and Action Semantics

The TL-RBAC action is defined as ActionsPriorityExpressions, where Actions = {Add, Remove, Execute}

The semantics of each TL-RBAC action is modeled as transition of TL-RBAC system state, that is

S(ER, UA, UT, PA, RS)S’(ER’, UA’, UT’, PA’, RS’) where S is the TL-RBAC system state before the action and S’ is the state after the action.

14

Runtime Request

Event: [Now] + [t] Condition: TL-RBAC predicates Actions: TL-RBAC-Action(t, <Execute, p, e>)

where t is the time that the event occurs, p Priority and e Expressions

15

Role Trigger

Event: Any(n, E1, E2, …, En) + [t] Condition: TL-RBAC predicates Actions: TL-RBAC-Action(t, <Execute, p, e>)

where t is the time that the event occurs, p Priority and e Expressions

16

Periodic TL-RBAC Constraints Monday = P([09:00:00)04/04/2005], [7days], [*/*/*])) Friday = P([09:00:00)04/08/2005], [7days], [*/*/*])) Ebegin = Any(1, Monday, Friday) Eend = Ebgin + [8 hours]

Event: Ebegin Condition: true Actions: TL-RBAC-Action(t, <Add, 100, enable part-time employ

ee>) where t is the time that the event occurs

Event: Eend Condition: true Actions: TL-RBAC-Action(t, <Remove, 100, enable part-time em

ployee>) where t is the time that the role enabling expression is added

17

Duration TL-RBAC Constraints

E1 = D*(activate player for John, [30 minutes], deactivate play for John)

Event: A([(09:00:00)*/*/*], E1, [(17:00:00)*/*/*])

Condition: true Actions: TL-RBAC-Action(t, <Execute, , dea

ctivate player for John>) where t is the time that the event occurs

18

Location-based TL-RBAC Constraints

Event: User Location Changing or Object Location Changing

Condition: TL-RBAC predicates Actions: TL-RBAC-Action(t, <a, p, e>) where t

is the time that the event occurs, a Actions, p Priority and e Expressions

19

Related work

Snoop model independent event specification language for active databases

S. Chakravarthy and D. Mishra [3]

The temporal RBAC model (TRBAC) and GTRBAC model

Elisa Bertino James Joshi et al.

The LRBAC model

20

Conclusion and future work

Duration Event detection

Temporal Role hierarchy

Temporal cardinality constraints

21

Questions