![Page 1: Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University](https://reader036.vdocuments.mx/reader036/viewer/2022062511/551463465503462d4e8b5a16/html5/thumbnails/1.jpg)
Cyber-Identity, Authority and Trust in an Uncertain World
Prof. Ravi SandhuLaboratory for Information Security
TechnologyGeorge Mason University
![Page 2: Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University](https://reader036.vdocuments.mx/reader036/viewer/2022062511/551463465503462d4e8b5a16/html5/thumbnails/2.jpg)
2© 2004 Ravi Sandhu
Outline
Perspective on security Role Based Access Control (RBAC) Objective Model-Architecture
Mechanism (OM-AM) Framework Usage Control (UCON)
![Page 3: Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University](https://reader036.vdocuments.mx/reader036/viewer/2022062511/551463465503462d4e8b5a16/html5/thumbnails/3.jpg)
3© 2004 Ravi Sandhu
Security Conundrum
Nobody knows WHAT security is Some of us do know HOW to
implement pieces of it
Result: hammers in search of nails
![Page 4: Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University](https://reader036.vdocuments.mx/reader036/viewer/2022062511/551463465503462d4e8b5a16/html5/thumbnails/4.jpg)
4© 2004 Ravi Sandhu
Security Confusion
INTEGRITYmodification
AVAILABILITYaccess
CONFIDENTIALITYdisclosure
USAGEpurpose
• electronic commerce, electronic business• DRM, client-side controls
![Page 5: Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University](https://reader036.vdocuments.mx/reader036/viewer/2022062511/551463465503462d4e8b5a16/html5/thumbnails/5.jpg)
5© 2004 Ravi Sandhu
Security Successes
On-line banking On-line trading Automatic teller machines (ATMs) GSM phones Set-top boxes …………………….
Success is largely unrecognizedby the security community
![Page 6: Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University](https://reader036.vdocuments.mx/reader036/viewer/2022062511/551463465503462d4e8b5a16/html5/thumbnails/6.jpg)
6© 2004 Ravi Sandhu
Good enough security
EASY SECURE
COST
Security geeksReal-world users
System owner
• whose security• perception or reality of security
• end users• operations staff• help desk
• system solution• operational cost• opportunity cost• cost of fraud
Business models dominatesecurity models
![Page 7: Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University](https://reader036.vdocuments.mx/reader036/viewer/2022062511/551463465503462d4e8b5a16/html5/thumbnails/7.jpg)
7© 2004 Ravi Sandhu
Good enough security
RISK
COST
H
M
L
L M H
1
2
3
2
3
4
3
4
5
Entrepreneurialmindset
Academicmindset
![Page 8: Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University](https://reader036.vdocuments.mx/reader036/viewer/2022062511/551463465503462d4e8b5a16/html5/thumbnails/8.jpg)
8© 2004 Ravi Sandhu
RBAC96 model(Currently foundation of a NIST/ANSI/ISO standard)
ROLES
USER-ROLEASSIGNMENT
PERMISSIONS-ROLEASSIGNMENT
USERS PERMISSIONS
... SESSIONS
ROLE HIERARCHIES
CONSTRAINTS
![Page 9: Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University](https://reader036.vdocuments.mx/reader036/viewer/2022062511/551463465503462d4e8b5a16/html5/thumbnails/9.jpg)
9© 2004 Ravi Sandhu
Fundamental Theorem of RBAC
RBAC can be configured to do MAC MAC is Mandatory Access Control as
defined in the Orange Book RBAC can be configured to do DAC
DAC is Discretionary Access Control as defined in the Orange Book
RBAC is policy neutral
![Page 10: Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University](https://reader036.vdocuments.mx/reader036/viewer/2022062511/551463465503462d4e8b5a16/html5/thumbnails/10.jpg)
10© 2004 Ravi Sandhu
THE OM-AM WAY
ObjectivesModelArchitectureMechanism
What?
How?
Assurance
![Page 11: Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University](https://reader036.vdocuments.mx/reader036/viewer/2022062511/551463465503462d4e8b5a16/html5/thumbnails/11.jpg)
11© 2004 Ravi Sandhu
OM-AM AND MANDATORY ACCESS CONTROL (MAC)
What?
How?
No information leakageLattices (Bell-LaPadula)
Security kernelSecurity labels
Assurance
![Page 12: Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University](https://reader036.vdocuments.mx/reader036/viewer/2022062511/551463465503462d4e8b5a16/html5/thumbnails/12.jpg)
12© 2004 Ravi Sandhu
OM-AM AND DISCRETIONARY ACCESS CONTROL (DAC)
What?
How?
Owner-based discretionnumerousnumerous
ACLs, Capabilities, etc
Assurance
![Page 13: Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University](https://reader036.vdocuments.mx/reader036/viewer/2022062511/551463465503462d4e8b5a16/html5/thumbnails/13.jpg)
13© 2004 Ravi Sandhu
OM-AM AND ROLE-BASED ACCESS CONTROL (RBAC)
What?
How?
Objective neutralRBAC96, ARBAC97, etc.
user-pull, server-pull, etc.certificates, tickets, PACs, etc.
Assurance
![Page 14: Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University](https://reader036.vdocuments.mx/reader036/viewer/2022062511/551463465503462d4e8b5a16/html5/thumbnails/14.jpg)
14© 2004 Ravi Sandhu
RBAC96 Model
ROLES
USER-ROLEASSIGNMENT
PERMISSIONS-ROLEASSIGNMENT
USERS PERMISSIONS
... SESSIONS
ROLE HIERARCHIES
CONSTRAINTS
![Page 15: Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University](https://reader036.vdocuments.mx/reader036/viewer/2022062511/551463465503462d4e8b5a16/html5/thumbnails/15.jpg)
15© 2004 Ravi Sandhu
Server-Pull Architecture
Client Server
User-roleAuthorizationServer
![Page 16: Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University](https://reader036.vdocuments.mx/reader036/viewer/2022062511/551463465503462d4e8b5a16/html5/thumbnails/16.jpg)
16© 2004 Ravi Sandhu
User-Pull Architecture
Client Server
User-roleAuthorizationServer
![Page 17: Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University](https://reader036.vdocuments.mx/reader036/viewer/2022062511/551463465503462d4e8b5a16/html5/thumbnails/17.jpg)
17© 2004 Ravi Sandhu
Proxy-Based Architecture
Client ServerProxyServer
User-roleAuthorizationServer
![Page 18: Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University](https://reader036.vdocuments.mx/reader036/viewer/2022062511/551463465503462d4e8b5a16/html5/thumbnails/18.jpg)
18© 2004 Ravi Sandhu
Usage Control (UCON) Coverage
Protection Objectives
Sensitive information protection
IPR protection Privacy protection
Protection Architectures
Server-side reference monitor
Client-side reference monitor
SRM & CRMServer-side
Reference Monitor(SRM)
Client-sideReference Monitor
(CRM)
TraditionalAccessControl
TrustManagement
Usage ControlSensitive
InformationProtection
IntellectualProperty Rights
Protection
PrivacyProtection
DRM
SRM & CRM
![Page 19: Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University](https://reader036.vdocuments.mx/reader036/viewer/2022062511/551463465503462d4e8b5a16/html5/thumbnails/19.jpg)
19© 2004 Ravi Sandhu
Core UCON (Usage Control) Models
Rights(R)
UsageDecision
Authoriza-tions (A)
Subjects(S)
Objects(O)
Subject Attributes(ATT(S))
Object Attributes(ATT(O))
Obligations(B)
Conditions(C)
Continuity Decision can be made during usage for continuous enforcement
MutabilityAttributes can be updated as side-effects of subjects’ actions
Usage
Continuity ofDecisions
pre
Before After
pre ongoing postMutability of
Attributes
ongoing N/A
![Page 20: Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University](https://reader036.vdocuments.mx/reader036/viewer/2022062511/551463465503462d4e8b5a16/html5/thumbnails/20.jpg)
20© 2004 Ravi Sandhu
Examples Long-distance phone (pre-authorization
with post-update) Pre-paid phone card (ongoing-
authorization with ongoing-update) Pay-per-view (pre-authorization with
pre-updates) Click Ad within every 30 minutes
(ongoing-obligation with ongoing-updates)
Business Hour (pre-/ongoing-condition)
![Page 21: Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University](https://reader036.vdocuments.mx/reader036/viewer/2022062511/551463465503462d4e8b5a16/html5/thumbnails/21.jpg)
21© 2004 Ravi Sandhu
Good enough security
RISK
COST
H
M
L
L M H
1
2
3
2
3
4
3
4
5
EntrepreneurialMindset• 80% problem• soft, informal• ordinary consumers
AcademicMindset• 120% problem• hard, informal• techno-geeks