Skip to main content
Erschienen in: International Journal of Information Security 5/2018

23.08.2017 | Regular Contribution

Access right management by extended password capabilities

verfasst von: Lanfranco Lopriore

Erschienen in: International Journal of Information Security | Ausgabe 5/2018

Einloggen

Aktivieren Sie unsere intelligente Suche um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

With reference to a classic protection system featuring active subjects that reference protected objects, we approach the problem of identifying the objects that each subject can access, and the operations that the subject can carry out on these objects. Password capabilities are a classical solution to this problem. We propose a new form of password capability, called extended password capability (or e-capability, for short). An e-capability can specify any combination of access rights. A subject that holds a given e-capability can generate new e-capabilities for reduced sets of access rights. Furthermore, a subject that created a given object is in a position to revoke the access permissions granted by every e-capability referencing this object, completely or in part. The size of an e-capability is comparable to that of a traditional password capability. The number of passwords that need to be stored in memory permanently is kept to a minimum, and is equal to a single password for each object.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Fußnoten
1
If a subject steals a password capability, it can take advantage of this password capability, to access the object it references illegitimately. In fact, the validity of a password capability is independent of the subject that holds this password capability and extends system-wide, and a copy of a password capability cannot be distinguished from the original. This is a different aspect of the segregation problem. Password capability stealing can be precluded by a separation of the address spaces enforced by the underlying operating system kernel [2]. Alternatively, we can assign a cryptographic key to each application; the password capabilities held by the subjects of a given application are encrypted by using the key of this application [16]. This mechanism prevents stealing between subjects of different applications, but cannot protect the subjects of the same application, which should be considered mutually trustworthy.
 
2
Suppose that subject S transfers a copy of the owner e-capability referencing object B to subject \(S'\). As a result, \(S'\) acquires full access rights for B, including the delete access right that makes it possible to delete the object and to modify its revocation table. In fact, there is no way to distinguish the original owner e-capability from its copy. Furthermore, \(S'\) will be able to generate e-capabilities for B in different classes, as it possesses the owner password. If this should not be the case, S will preventively transform the owner e-capability into a different class, thereby changing the password.
 
Literatur
1.
Zurück zum Zitat Anderson, M., Pose, R.D., Wallace, C.S.: A password-capability system. Comput. J. 29(1), 1–8 (1986)CrossRef Anderson, M., Pose, R.D., Wallace, C.S.: A password-capability system. Comput. J. 29(1), 1–8 (1986)CrossRef
2.
Zurück zum Zitat Castro, M.D., Pose, R.D., Kopp, C.: Password-capabilities and the Walnut kernel. Comput. J. 51(5), 595–607 (2008)CrossRef Castro, M.D., Pose, R.D., Kopp, C.: Password-capabilities and the Walnut kernel. Comput. J. 51(5), 595–607 (2008)CrossRef
3.
Zurück zum Zitat Chase, J.S., Levy, H.M., Lazowska, E.D., Baker-Harvey, M.: Lightweight shared objects in a 64-bit operating system. ACM SIGPLAN Notices 27(10), 397–413 (1992)CrossRef Chase, J.S., Levy, H.M., Lazowska, E.D., Baker-Harvey, M.: Lightweight shared objects in a 64-bit operating system. ACM SIGPLAN Notices 27(10), 397–413 (1992)CrossRef
4.
Zurück zum Zitat de Vivo, M., de Vivo, G.O., Gonzalez, L.: A brief essay on capabilities. ACM SIGPLAN Notices 30(7), 29–36 (1995)CrossRef de Vivo, M., de Vivo, G.O., Gonzalez, L.: A brief essay on capabilities. ACM SIGPLAN Notices 30(7), 29–36 (1995)CrossRef
5.
Zurück zum Zitat England, D.M.: Capability concept mechanism and structure in System 250. In: Proceedings of the International Workshop on Protection in Operating Systems, pp. 63–82. IRIA, Paris, France (1974) England, D.M.: Capability concept mechanism and structure in System 250. In: Proceedings of the International Workshop on Protection in Operating Systems, pp. 63–82. IRIA, Paris, France (1974)
6.
Zurück zum Zitat Gligor, V.D.: Review and revocation of access privileges distributed through capabilities. IEEE Trans. Softw. Eng. SE–5(6), 575–586 (1979)CrossRef Gligor, V.D.: Review and revocation of access privileges distributed through capabilities. IEEE Trans. Softw. Eng. SE–5(6), 575–586 (1979)CrossRef
7.
Zurück zum Zitat Grove, D.A., Murray, T.C., Owen, C.A., North, C.J., Jones, J.A., Beaumont, M.R., Hopkin, B.D.: An overview of the Annex system. In: Proceedings of the Twenty-Third Annual Computer Security Applications Conference, pp. 341–352. IEEE, Miami Beach, Florida, USA (2007) Grove, D.A., Murray, T.C., Owen, C.A., North, C.J., Jones, J.A., Beaumont, M.R., Hopkin, B.D.: An overview of the Annex system. In: Proceedings of the Twenty-Third Annual Computer Security Applications Conference, pp. 341–352. IEEE, Miami Beach, Florida, USA (2007)
8.
Zurück zum Zitat Heiser, G., Elphinstone, K., Vochteloo, J., Russell, S., Liedtke, J.: The Mungi single-address-space operating system. Softw. Pract. Exp. 28(9), 901–928 (1998)CrossRef Heiser, G., Elphinstone, K., Vochteloo, J., Russell, S., Liedtke, J.: The Mungi single-address-space operating system. Softw. Pract. Exp. 28(9), 901–928 (1998)CrossRef
9.
Zurück zum Zitat Houdek, M.E., Soltis, F.G., Hoffman, R.L.: IBM System/38 support for capability-based addressing. In: Proceedings of the 8th Annual Symposium on Computer Architecture, pp. 341–348. IEEE Computer Society Press, Minneapolis, Minnesota, USA (1981) Houdek, M.E., Soltis, F.G., Hoffman, R.L.: IBM System/38 support for capability-based addressing. In: Proceedings of the 8th Annual Symposium on Computer Architecture, pp. 341–348. IEEE Computer Society Press, Minneapolis, Minnesota, USA (1981)
10.
Zurück zum Zitat King-Lacroix, J., Martin, A.: BottleCap: a credential manager for capability systems. In: Proceedings of the Seventh ACM Workshop on Scalable Trusted Computing, pp. 45–54. ACM, Raleigh, NC, USA (2012) King-Lacroix, J., Martin, A.: BottleCap: a credential manager for capability systems. In: Proceedings of the Seventh ACM Workshop on Scalable Trusted Computing, pp. 45–54. ACM, Raleigh, NC, USA (2012)
11.
Zurück zum Zitat Klein, G., Elphinstone, K., Heiser, G., Andronick, J., Cock, D., Derrin, P., Elkaduwe, D., Engelhardt, K., Kolanski, R., Norrish, M., et al.: seL4: formal verification of an OS kernel. In: Proceedings of the 22nd ACM Symposium on Operating Systems Principles, pp. 207–220. ACM, Big Sky, MT, USA (2009) Klein, G., Elphinstone, K., Heiser, G., Andronick, J., Cock, D., Derrin, P., Elkaduwe, D., Engelhardt, K., Kolanski, R., Norrish, M., et al.: seL4: formal verification of an OS kernel. In: Proceedings of the 22nd ACM Symposium on Operating Systems Principles, pp. 207–220. ACM, Big Sky, MT, USA (2009)
12.
Zurück zum Zitat Lamport, L.: Password authentication with insecure communication. Commun. ACM 24(11), 770–772 (1981)CrossRef Lamport, L.: Password authentication with insecure communication. Commun. ACM 24(11), 770–772 (1981)CrossRef
13.
Zurück zum Zitat Leung, A.W., Miller, E.L.: Scalable security for large, high performance storage systems. In: Proceedings of the Second ACM Workshop on Storage Security and Survivability, pp. 29–40. ACM, Alexandria, Virginia, USA (2006) Leung, A.W., Miller, E.L.: Scalable security for large, high performance storage systems. In: Proceedings of the Second ACM Workshop on Storage Security and Survivability, pp. 29–40. ACM, Alexandria, Virginia, USA (2006)
14.
Zurück zum Zitat Levy, H.M.: Capability-Based Computer Systems. Digital Press, Bedford, Mass, USA (1984) Levy, H.M.: Capability-Based Computer Systems. Digital Press, Bedford, Mass, USA (1984)
15.
Zurück zum Zitat Lopriore, L.: Encrypted pointers in protection system design. Comput. J. 55(4), 497–507 (2012)CrossRef Lopriore, L.: Encrypted pointers in protection system design. Comput. J. 55(4), 497–507 (2012)CrossRef
16.
Zurück zum Zitat Lopriore, L.: Password capabilities revisited. Comput. J. 58(4), 782–791 (2015)CrossRef Lopriore, L.: Password capabilities revisited. Comput. J. 58(4), 782–791 (2015)CrossRef
17.
Zurück zum Zitat Merkle, R.C.: One way hash functions and DES. In: Proceedings of the 9th Annual International Cryptology Conference—Advances in Cryptology, pp. 428–446. Springer, Santa Barbara, California, USA (1989) Merkle, R.C.: One way hash functions and DES. In: Proceedings of the 9th Annual International Cryptology Conference—Advances in Cryptology, pp. 428–446. Springer, Santa Barbara, California, USA (1989)
19.
Zurück zum Zitat Neumann, P.G., Feiertag, R.J.: PSOS revisited. In: Proceedings of the 19th Annual Computer Security Applications Conference, pp. 208–216. IEEE, Las Vegas, NV, USA (2003) Neumann, P.G., Feiertag, R.J.: PSOS revisited. In: Proceedings of the 19th Annual Computer Security Applications Conference, pp. 208–216. IEEE, Las Vegas, NV, USA (2003)
20.
Zurück zum Zitat Pose, R.: Password-capabilities: their evolution from the Password-Capability System into Walnut and beyond. In: Proceedings of the Sixth Australasian Computer Systems Architecture Conference, pp. 105–113. IEEE, Gold Coast, Australia (2001) Pose, R.: Password-capabilities: their evolution from the Password-Capability System into Walnut and beyond. In: Proceedings of the Sixth Australasian Computer Systems Architecture Conference, pp. 105–113. IEEE, Gold Coast, Australia (2001)
21.
Zurück zum Zitat Preneel, B., Govaerts, R., Vandewalle, J.: Hash functions based on block ciphers: a synthetic approach. In: Proceedings of the 13th Annual International Cryptology Conference, pp. 368–378. Springer, Santa Barbara, California, USA (1993) Preneel, B., Govaerts, R., Vandewalle, J.: Hash functions based on block ciphers: a synthetic approach. In: Proceedings of the 13th Annual International Cryptology Conference, pp. 368–378. Springer, Santa Barbara, California, USA (1993)
22.
Zurück zum Zitat Samarati, P., De Capitani Di Vimercati, S.: Access control: policies, models, and mechanisms. In: Focardi, R., Gorrieri, R. (eds.) Foundations of Security Analysis and Design, pp. 137–196. Springer, Berlin, Heidelberg (2001) Samarati, P., De Capitani Di Vimercati, S.: Access control: policies, models, and mechanisms. In: Focardi, R., Gorrieri, R. (eds.) Foundations of Security Analysis and Design, pp. 137–196. Springer, Berlin, Heidelberg (2001)
23.
Zurück zum Zitat Sandhu, R.S.: Cryptographic implementation of a tree hierarchy for access control. Inf. Process. Lett. 27(2), 95–98 (1988)CrossRef Sandhu, R.S.: Cryptographic implementation of a tree hierarchy for access control. Inf. Process. Lett. 27(2), 95–98 (1988)CrossRef
24.
Zurück zum Zitat Seitz, L., Pierson, J.-M., Brunie, L.: Key management for encrypted data storage in distributed systems. In: Proceedings of the Second IEEE International Security in Storage Workshop, pp. 20–30. IEEE, Washington, DC, USA (2003) Seitz, L., Pierson, J.-M., Brunie, L.: Key management for encrypted data storage in distributed systems. In: Proceedings of the Second IEEE International Security in Storage Workshop, pp. 20–30. IEEE, Washington, DC, USA (2003)
25.
Zurück zum Zitat Shapiro, J.S., Smith, J.M., Farber, D.J.: EROS: a fast capability system. ACM SIGOPS Oper. Syst. Rev. 34(2), 170–185 (2000) Shapiro, J.S., Smith, J.M., Farber, D.J.: EROS: a fast capability system. ACM SIGOPS Oper. Syst. Rev. 34(2), 170–185 (2000)
26.
Zurück zum Zitat Trappe, W., Song, J., Poovendran, R., Liu, K.J.: Key management and distribution for secure multimedia multicast. IEEE Trans. Multimed. 5(4), 544–557 (2003)CrossRef Trappe, W., Song, J., Poovendran, R., Liu, K.J.: Key management and distribution for secure multimedia multicast. IEEE Trans. Multimed. 5(4), 544–557 (2003)CrossRef
27.
Zurück zum Zitat Wilkes, M.V., Needham, R.M.: The Cambridge CAP Computer and Its Operating System. North-Holland, New York (1979) Wilkes, M.V., Needham, R.M.: The Cambridge CAP Computer and Its Operating System. North-Holland, New York (1979)
Metadaten
Titel
Access right management by extended password capabilities
verfasst von
Lanfranco Lopriore
Publikationsdatum
23.08.2017
Verlag
Springer Berlin Heidelberg
Erschienen in
International Journal of Information Security / Ausgabe 5/2018
Print ISSN: 1615-5262
Elektronische ISSN: 1615-5270
DOI
https://doi.org/10.1007/s10207-017-0390-0

Weitere Artikel der Ausgabe 5/2018

International Journal of Information Security 5/2018 Zur Ausgabe