nach oben

Knowledge and Information Systems

Erschienen in:

30.07.2016 | Regular Paper

Role updating in information systems using model checking

verfasst von: Jinwei Hu, Khaled M. Khan, Yan Zhang, Yun Bai, Ruixuan Li

Erschienen in: Knowledge and Information Systems | Ausgabe 1/2017

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The role-based access control (RBAC) has significantly simplified the management of users and permissions in information systems. In dynamic environments, systems are constantly undergoing changes, and accordingly, the associated configurations need to be updated in order to reflect the systems’ security evolutions. However, such updating process is generally complicated as the resulting system state is expected to meet necessary constraints. This paper presents an approach for assisting administrators to make a desirable update, in light of changes in RBAC systems. We propose a formalization of the update approach, investigate its properties, and develop an updating algorithm based on model checking techniques. Our experimental results demonstrate the effectiveness of the proposed approach.

Vorheriger Artikel Community detection in social networks using user frequent pattern mining

Nächster Artikel Supervised item response models for informative prediction

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Nur mit Berechtigung zugänglich

There are other roles such as students and other permissions such as accesses to printers. But they are of no interest to our examples.

The least privilege principle states that only permissions necessary to accomplish a job are assigned to a role; a constraint \({}\langle \{r_{}\}, P _{},\varDelta _{}\rangle \) with appropriate \(\varDelta _{}\) restricts \(r_{}\)’s permissions to a reasonable set. On the other hand, SSOs may make a role useless, if associating with it a set of permissions less than necessary. SSOs could place a constraint \({}\langle \{r_{}\}, P _{},\varDelta _{}\rangle \) with \( P _{}\) including essential permissions.

Given two sets A and B, \(A\backslash B=\{a\in A\mid a\not \in B\}\).

This case could happen when, for example, \({}\langle R _{}, P _{},\emptyset \rangle \) is used to control the permission set of a user, who acquires \(p_{}\) merely through \(r_{}\) among all his/her roles.

Note that these are not RBAC states.

We define \(p_{}\models _{\eta } c\) as follows: It always holds that \(p\models _{\eta }\top \), \(p\models _{\eta }r\) if and only if \(p\in \eta (r)\), \(p\models _{\eta } (c_1\wedge c_2)\) if and only if \(p\models _{\eta } c_1\) and \(p\models _{\eta } c_2\), and \(p\models _{\eta } (c_1\vee c_2)\) if and only if \(p\models _{\eta } c_1\) or \(p\models _{\eta } c_2\).

Suppose that \({V}=\{p_{1},p_{2}\}\) such that \(p_{1}\in MP (r_{})\cap \mathrm {max\text {-}perms}_{}[r_{}]\), \(p_{2}\in MP (r_{})\) but \(p_{2}\not \in \mathrm {max\text {-}perms}_{}[r_{}]\). Consider a state \( S '\) where \(\mathrm {perms}_{ S '}[r_{}]=\{p_{1},p_{2}\}\) and no other role set \({R}_{}\) such that \(\mathrm {perms}_{ S '}[{R}_{}]=\{p_{1},p_{2}\}\) exists. If only \({}\langle \{r_{}\},\emptyset , MP (r_{})\rangle \) is required, then \( S '\) would be mistaken as a solution to the \(\mathscr {S}\)-achievability problem. However, \( S '\) actually violates update constraints as \(p_{2}\not \in \mathrm {max\text {-}perms}_{}[r_{}]\).

\(\mathrm {rt}(S)\) denotes the reflexive and transitive closure of the set S.

Ahmed T, Tripathi AR (2003) Static verification of security requirements in role based CSCW systems. In: ACM symposium on access control models and technologies, pp 196–203

Baral C (2010) Knowledge representation, reasoning and declarative problem solving. Cambridge University Press, CambridgeMATH

Bauer L, Garriss S, Reiter MK (2008) Detecting and resolving policy misconfigurations in access-control systems. In: ACM symposium on access control models and technologies, pp 185–194

Cimatti A, Clarke E, Giunchiglia E, Giunchiglia F, Pistore M, Roveri M, Sebastiani R, Tacchella A (2002) NuSMV Version 2: an opensource tool for symbolic model checking. In: Proceedings of the international conference on computer-aided verification (CAV 2002), LNCS, pp 359–364

Clarke EM, Grumberg O, Peled DA (1999) Model checking. MIT Press, Cambridge

Colantonio A, Di Pietro R, Ocello A, and Verde NV (2010) Evaluating the risk of adopting RBAC roles. In: Proceedings of the 24th annual IFIP WG 11.3 working conference on data and applications security, DBSec ’10, pp 303–310

Colantonio A, Pietro RD, Ocello A, and Verde NV (2009) A formal framework to elicit roles with business meaning in RBAC systems. In: ACM symposium on access control models and technologies, pp 85–94

Coyne EJ (1995) Role engineering. In: ACM workshop on role-based access, control 4

Crampton J (2005) Understanding and developing role-based administrative models. In: ACM conference on computer and communications security, pp 158–167

10.

Das T, Bhagwan R, Naldurg P (2010) Baaz: a system for detecting access control misconfigurations. In: USENIX Security 2010

11.

Ene A, Horne WG, Milosavljevic N, Rao P, Schreiber R, Tarjan RE (2008) Fast exact and heuristic methods for role minimization problems. In: ACM symposium on access control models and technologies, pp 1–10

12.

Epstein P, Sandhu R (2001) Engineering of role/permission assignments. In: Proceedings of the 17th annual computer security applications conference, pp 127–136

13.

Ferraiolo DF, Sandhu RS, Gavrila SI, Kuhn DR, Chandramouli R (2001) Proposed NIST standard for role-based access control. ACM Trans Inf Syst Secur 4(3):224–274CrossRef

14.

Fisler K, Krishnamurthi S, Meyerovich L, Tschantz M (2005) Verification and change impact analysis of access-control policies. In: International conference on software engineering, pp 196–205

15.

Garey MR, Johnson DJ (1979) Computers and intractability: a guide to the theory of NP-completeness. W.H. Freeman and Company, New YorkMATH

16.

Hu J, Khan K, Bai Y, Zhang Y (2012) Constraint-enhanced role engineering via answer set programming. In: ACM ASIACCS, pp 73–74

17.

Hu J, Khan K, Bai Y, Zhang Y (2012) Compliance checking for usage-constrained credentials in trust negotiation systems. In: ISC 2012 LNCS 7483, pp 290–305

18.

Irwin K, Yu T, Winsborough WH (2008) Enforcing security properties in task-based systems. In: ACM symposium on access control models and technologies, pp 41–50

19.

Jha S, Li N, Tripunitara M, Wang Q, Winsborough W (2008) Towards formal verification of role-based access control policies. IEEE Trans Dependable Secur Comput 5(4):242–255CrossRef

20.

Karjoth G (2001) The authorization service of tivoli policy director. In: Annual computer security applications conference. IEEE Computer Society, Washington, DC, USA, p 319

21.

Kern A (2002) Advanced features for enterprise-wide role-based access control. In: Annual computer security applications conference. IEEE Computer Society, Washington, DC, USA, p 333

22.

Kern A, Kuhlmann M, Schaad A, Moffett JD (2002) Observations on the role life-cycle in the context of enterprise security management. In: ACM symposium on access control models and technologies, pp 43–51

23.

Kern A, Schaad A, Moffett JD (2003) An administration concept for the enterprise role-based access control model. In: ACM symposium on access control models and technologies, pp 3–11

24.

Li N, Bizri Z, Tripunitara MV (2004) On mutually-exclusive roles and separation of duty. In: ACM conference on computer and communications security, pp 42–51

25.

Li N, Mao Z (2007) Administration in role-based access control. In: ACM symposium on information, computer and communications security, pp 127–138

26.

Li N, Mitchell JC, Winsborough WH (2005) Beyond proof-of-compliance: security analysis in trust management. J ACM 52(3):474–514MathSciNetCrossRefMATH

27.

Li N, Tripunitara MV (2004) Security analysis in role-based access control. In: ACM symposium on access control models and technologies, pp 126–135

28.

Li N, Tripunitara MV (2006) Security analysis in role-based access control. ACM Trans Inf Syst Secur 9(4):391–420CrossRef

29.

Li N, Tripunitara MV, Wang Q (2006) Resiliency policies in access control. In: ACM conference on computer and communications security, pp 113–123

30.

Ludwig F, Kunz M, Pernul G (2014) Role model optimization for secure role-based identity management. In: 22nd European conference on information systems, pp 113–123

31.

McPherson D. Role-based access control for multi-tier applications using authorization manager. http://technet.microsoft.com/en-us/library/cc780256(WS.10).aspx

32.

Kunz M, Fuchs L, Netter M, Pernul G (2015) Analyzing quality criteria in role-based identity and access management. In: 1st international conference on information systems security and privacy, Angers, France

33.

Molloy I, Chen H, Li T, Wang Q, Li N, Bertino E, Calo S, Lobo J (2010) Mining roles with multiple objectives. ACM Trans Inf Syst Secur (TISSEC) 13(4):36CrossRef

34.

Molloy I, Li N, Li T, Mao Z, Wang Q, Lobo J (2009) Evaluating role mining algorithms. In: ACM symposium on access control models and technologies, pp 95–104

35.

Mondal S, Sural S, Atluri V (2009) Towards formal security analysis of GTRBAC using timed automata. In: ACM symposium on access control models and technologies, pp 33–42

36.

Ni Q, Lobo J, Calo SB, Rohatgi P, Bertino E (2009) Automating role-based provisioning by learning from examples. In: ACM symposium on access control models and technologies, pp 75–84

37.

Osborn SL, Sandhu RS, Munawer Q (2000) Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Trans Inf Syst Secur 3(2):85–106CrossRef

38.

Park JS, Costello KP, Neven TM, Diosomito JA (2004) A composite rbac approach for large, complex organizations. In: ACM symposium on access control models and technologies, pp 163–172

39.

Ray I (2005) Applying semantic knowledge to real-time update of access control policies. IEEE Trans Knowl Data Eng 17(6):844–858CrossRef

40.

Reith M, Niu J, Winsborough WH (2009) Toward practical analysis for trust management policy. In: ACM symposium on information, computer and communications security. ACM, pp 310–321

41.

Rosen KH (2003) Discrete mathematics and its applications, 5th edn. McGraw Hill, New YorkMATH

42.

Sandhu RS, Bhamidipati V, Munawer Q (1999) The ARBAC97 model for role-based administration of roles. TISSEC 2(1):105–135CrossRef

43.

Sandhu RS, Coyne EJ, Feinstein HL, Youman CE (1996) Role-based access control models. IEEE Comput 29(2):38–47CrossRef

44.

Schaad A, Lotz V, Sohr K (2006) A model-checking approach to analysing organisational controls in a loan origination process. In: ACM symposium on access control models and technologies, pp 139–149

45.

Schaad A, Moffett JD, Jacob J (2001) The role-based access control system of a european bank: a case study and discussion. In: ACM symposium on access control models and technologies, pp 3–9

46.

Sinclair S, Smith SW (2010) What’s wrong with access control in the real world? IEEE Secur Priv 8(4):70–73CrossRef

47.

Sohr K, Drouineaud M, Ahn G-J, Gogolla M (2008) Analyzing and managing role-based access control policies. Knowl Data Eng IEEE Trans 20(7):924–939CrossRef

48.

Stoller SD, Yang P, Ramakrishnan C, Gofman MI (2007) Efficient policy analysis for administrative role based access control. In: ACM conference on computer and communications security

49.

Vaidya J, Atluri V, Guo Q (2007) The role mining problem: finding a minimal descriptive set of roles. In: ACM symposium on access control models and technologies, pp 175–184

50.

Vaidya J, Atluri V, Warner J (2006) Roleminer: mining roles using subset enumeration. In: ACM conference on computer and communications security, pp 144–153

51.

Vaidya J, Atluri V, Warner J, Guo Q (2010) Role engineering via prioritized subset enumeration. IEEE Trans Dependable Secure Comput 7:300–314CrossRef

52.

Wang H, Guo X, Fan Y, Bi J (2014) Extended access control and recommendation methods for enterprise knowledge management system. In: 2014 international conference on future information engineering, pp 224–230

53.

Xu W, Shehab M, Ahn GJ (2008) Visualization based policy analysis: case study in selinux. In: ACM symposium on access control models and technologies, pp 165–174

54.

Zhang D, Ramamohanarao K, Ebringer T, Yann T (2008) Permission set mining: discovering practical and useful roles. In: Annual computer security applications conference, pp 247–256

55.

Xu Z, Stoller S (2013) Mining parameterized role-based policies. In: ACM CODASPY, pp 255–266

Titel: Role updating in information systems using model checking
verfasst von: Jinwei Hu
Khaled M. Khan
Yan Zhang
Yun Bai
Ruixuan Li
Publikationsdatum: 30.07.2016
Verlag: Springer London
Erschienen in: Knowledge and Information Systems / Ausgabe 1/2017
Print ISSN: 0219-1377
Elektronische ISSN: 0219-3116
DOI: https://doi.org/10.1007/s10115-016-0974-4

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Weitere Artikel der Ausgabe 1/2017

Nonparametric discovery and analysis of learning patterns and autism subgroups from therapeutic data

Supervised item response models for informative prediction

Online evaluation of bid prediction models in a large-scale computational advertising platform: decision making and insights

A survey of query result diversification

Community detection in social networks using user frequent pattern mining

Efficient and scalable labeled subgraph matching using SGMatch

Premium Partner