DÃ©partement RÃ©seau, SÃ©curitÃ© et MultimÃ©dia Rapport d'ActivitÃ©s 2008

More documents

Recommendations

Info

Policy AdministrationResearch Staff : Frédéric Cuppens, Nora Cuppens-Boulahia– Ph.D. Student: Meriam Ben GhorbelKeywords : Security policy, security configuration analysis, delegation, OrBACApplications : information system administrationPartners & Funding : Meriam Ben Ghorbel’s PhD thesis is co-advised with SupCom Tunis.IntroductionThe OrBAC model (Organization Based AccessControl) is an access control model developedin the RSM department of TELECOM Bretagne.This model is based on the concept oforganization. In this manner, the policyspecification is completely parameterized bythe organization so that it is possible to handlesimultaneously several security policiesassociated with different organizations. Inother words, the security policy does notdirectly apply to subjects, actions and objects.Instead, it defines authorizations that applywithin an organization to control the activitiesperformed by roles on views.The OrBAC model is self administrated, that isthe concepts used to define an administrationpolicy, in the Administration model for OrBAC(AdOrBAC), are similar to the ones used todefine the remainder of the security policy.RealizationThe main purpose of this work is to provide acomplete framework to specify delegationrequirements in the OrBAC model. Thedelegation is the process whereby a userwithout any administrative prerogativesobtains the ability to grant someauthorizations.We have shown, in [1,3], that it is possible tomanage administration requirements, includingdelegation requirements, in a unique model.This is thanks to the fact that the OrBAC modeloffers facilities, such as multi-granular license,contextual license, use of views, etc., whichprovide means to specify delegationcharacteristics without adding newcomponents or modifying the exiting ones.Therefore our approach is more flexible, moresimple and more complete than previousdelegation models. However, adding adelegation rules in the OrBAC model can beconflicting with administration rules.The approach used to manage conflicts inOrBAC is based on assigning priorities toaccess control rules. Nevertheless, toovercome difficulties encountered in Rule-BAC,we restate, in [2], the problems of ruleredundancy and potential conflicts usinginheritance mechanisms and separatedconstraints specification. We show that, usingthis approach, rule redundancy and potentialconflicts are tractable problems computable inpolynomial time.ConclusionThe future work will be dedicated to enrich ourdelegation model and more precisely therevocation mechanism.Moreover, since in the OrBAC model it is alsopossible to specify obligations, our model canbe enriched by the study of the delegation ofobligations. The notion of context is also veryuseful to deal with this aspect, for instance, wecan specify the bilateral agreement using aprovisional context. In further work we willdevelop this point.Future work also includes the enforcement ofthe delegation policies in MotOrBAC, theapplication prototype designed to manage Or-BAC policies.References[1] M. Ben Ghorbel-Talbi, F. Cuppens, N.Cuppens-Boulahia and A. Bouhoula. "ManagingDelegation in Access Control Models". InProceedings of the 15th InternationalConference on Advanced Computing andCommunication (ADCOM'07), Guwahati, Inde,December 2007. IEEE Computer Society.[2] F. Cuppens, N. Cuppens-Boulahia, M. BenGhorbel. "High Level Conflict ManagementStrategies in Advanced Access Control Models".Electronic Notes in Theoretical ComputerScience (ENTCS), Volume 186, Pages 3-26,Juillet 2007. Elsevier Science Publishers.[3] F. Cuppens, N. Cuppens, A. Bouhoula, M.Ben Ghorbel. “Delegation Model for ORBACModel : Extended Abstract”. In Proceedings ofthe 7th Tunisia-Japan Symposium on Science,Society and Technology (TJASST'06), Sousse,Tunisia, December 2006.36 Extract of Pracom’s Annual Report 2008
Specifying and deploying security in workflow managementsystemsResearch Staff : Frédéric Cuppens, Nora Cuppens-Boulahia– Ph.D. Student : Samiha AyedKeywords : Workflow Management, OrBAC, context-awarenessApplications : Security of workflow management systems, Web service securityPartners & Funding : partially funded by Conseil Régional de BretagneIntroductionWorkflow Management Systems (WFMSs) arebeing more and more used in industry andresearch domain. WFMSs are used tocoordinate and streamline different processes.Very large WFMSs are often used inorganizations. So, they need to be executed ina secure manner especially because executionsof different tasks defining them are muchrelated [1].For instance, let us consider a workflowcomposed of tasks T1, T2 and T3 which must beexecuted in a sequential order. If we supposethat these three tasks act on the samedocuments, the access to these documentsmust be controlled according to the order ofexecution of tasks. In other words, this accesscontrol must be synchronized with executionprogression of the workflow. In addition, theexecution of a task is related to the executionof precedent tasks. So, a workflowspecification must be correlatively defined witha security policy. This policy has to expressthese different requirements. On the onehand, it has to deal with access controlrequirements. On the other hand, it must takeinto account information flow requirements.To manage security in workflow systems manyresearch works have been based on differentapproaches. In particular, the RBAC model hasbeen used to define their security policy.Because of a lack of native means to expressconfinement and dynamic securityrequirements of workflow systems, the RBACmodel is not fully satisfactory. These works aregenerally based on (1) specifying the globalsecurity policy and (2) defining a centralizedmanagement procedure that controls theworkflow execution. So, they do not deal withmanaging the information flow control.To remedy to these limitations, we suggestmanaging the workflow security policy usingthe OrBAC (Organization Based AccessControl) model and using a DTE (Domain TypeEnforcement) approach to take into accountthe information flow control.RealizationThe OrBAC model defines two useful notionsfor workflow security management. The first isthe organization which can be seen as anorganized group of active entities. Workflowtasks may be executed in the same or differentorganizations. If they are executed within thesame organization, the policy has to managesecurity in this organization. The notionbecomes more useful if workflow tasks areexecuted in independent organizations. In thiscase, flows between different organizationsmust be managed. The second useful notiondefined in OrBAC is the context. A context is anentity used to express permissions orprohibitions that depend on some specificcircumstances. A context corresponds to anyconstraint or extra conditions that join anexpression of a rule in the access controlpolicy. OrBAC classifies contexts according totheir type. A provisional context depends onprevious actions the subject has performed inthe system. In other words, it is considered asa history of execution. Provisional contexts arevery interesting in the domain of WFMS sincethe execution of a task depends on the historyof execution of precedent tasks. Also, itpermits the definition of a dynamic securitypolicy according to contexts, a very usefulrequirement in WFMS.Using these OrBAC concepts, we define amodel for specifying workflow processes [2].Then, we define the WFMS security policy thatwe have to associate with the workflow model.Such a policy deals with access andinformation flow control. It is based on OrBACrules. The information flow control part isbased on a DTE (Domain Type Enforcement)approach [3]. It uses DTE principles, especiallythe "Entry point" concept, to defineinformation flow control rules.Afterwards, we show how to manage thisWFMS security policy to control the workflowPracom’s Annual Report 2007 37
Page 2 and 3:
Présentation générale...........
Page 4 and 5:
Activités d’enseignementLe dépa
Page 6 and 7:
Activités de rechercheLe départem
Page 8 and 9:
Notre implication dans les organism
Page 10 and 11:
le cadre du projet NextTV4all où l
Page 12 and 13: cloisonnement par domaine tels qu
Page 14 and 15: - le GIS ITS (Intelligent Transport
Page 16 and 17: Twente aux Pays Bas, Université de
Page 18 and 19: Liste des doctorants présents en 2
Page 20 and 21: Annexe 2 : liste des publicationsAr
Page 22 and 23: COMA-BREBEL Céline, CUPPENS Nora,
Page 24 and 25: PHAN LE Cam Tu, CUPPENS Frédéric,
Page 26 and 27: Annexe 3 : description détaillée
Page 28 and 29: Access Control ....................
Page 30 and 31: schemes specifically suitable for l
Page 32 and 33: An easy-to-use solution for IPv6 co
Page 34 and 35: Loss Synchronization and Router Buf
Page 36 and 37: Sensor NetworksRandom Walk Techniqu
Page 38 and 39: Suppressing Neighbor Discovery in W
Page 40 and 41: Media and NetworksIP-based transmis
Page 42 and 43: One of the most difficult aspects o
Page 44 and 45: Another direction is the associatio
Page 46 and 47: classes. In our simple study case,
Page 48 and 49: Management of Multiple Access Netwo
Page 50 and 51: Adaptation of Multimedia Flows in a
Page 52 and 53: Optimized mobility management in he
Page 54 and 55: ecause it offers a generic framewor
Page 56 and 57: Future workOur next step is to fina
Page 58 and 59: Security Analysis and ValidationAna
Page 60 and 61: RealizationFigure 1 shows a classif
Page 64 and 65: execution in a distributed manner.
Page 66 and 67: Intrusion DetectionDetection and co
Page 68 and 69: eported alerts have to be managed b
Page 70 and 71: inside the corresponding detection
Page 72 and 73: function has a limitation that it d
Page 74 and 75: 1) Normal Node behavior simulation:
Page 76 and 77: negotiation. These strategies speci
Page 78 and 79: A Fast Adaptative Secure Technology
Page 80 and 81: estricted to the organization to wh
Page 82 and 83: ights and external identities, and
Page 84 and 85: Peer 2 peerP2PIm@gesResearch Staff
Page 86 and 87: Managing a Peer-to-Peer Storage Sys
Page 88 and 89: Applications of networks to transpo
Page 90 and 91: Adaptive Application Support in Mob
Page 92 and 93: Wireless Mesh NetworksResearch Staf
Page 94 and 95: TestbedsA showroom for practical IP
Page 96 and 97: egistrar and proxies, video streami
show all

DÃ©partement RÃ©seau, SÃ©curitÃ© et MultimÃ©dia Rapport d'ActivitÃ©s 2008

Create successful ePaper yourself

Delete template?

Save as template?