Middleware for efficient and confidentiality-aware federation of access control policies
Tóm tắt
Software-as-a-Service (SaaS) is a type of cloud computing in which a tenant rents access to a shared, typically web-based application hosted by a provider. Access control for SaaS should enable the tenant to control access to data that are located at the provider side, based on tenant-specific access control policies. Moreover, with the growing adoption of SaaS by large enterprises, access control for SaaS has to integrate with on-premise applications, inherently leading to a federated set-up. However, in the state of the art, the provider completely evaluates all policies, including the tenant policies. This (i) forces the tenant to disclose sensitive access control data and (ii) limits policy evaluation performance by having to fetch this policy-specific data. To address these challenges, we propose to decompose the tenant policies and evaluate the resulting parts near the data they require as much as possible while keeping sensitive tenant data local to the tenant environment. We call this concept policy federation. In this paper, we motivate the need for policy federation using an in-depth case study analysis in the domain of e-health and present a policy federation algorithm based on a widely-applicable attribute-based policy model. Furthermore, we show the impact of policy federation on policy evaluation time using the policies from the case study and a prototype implementation of supporting middleware. As shown, policy federation effectively succeeds in keeping the sensitive tenant data confidential and at the same time improves policy evaluation time in most cases.
Tài liệu tham khảo
Mell P, Grance T: The NIST definition of cloud computing. Natl Ins Standards Tech 2009, 53(6):50.
Centralizing Information on a Global Scale: Cisco Deploys Salesforce to 15,000 Users with Siebel Integration and PRM Capabilities (2009) http://www.salesforce.com/uk/customers/hi-tech-hardware/cisco.jsp (2009)
E-Health Information Platforms (E-HIP) (December 2013) http://distrinet.cs.kuleuven.be/research/projects/E-HIP (December 2013)
Healthcare professional’s collaboration Space (Share4Health) (December 2013) http://distrinet.cs.kuleuven.be/research/projects/Share4Health (December 2013)
Security Assertion Markup Language (SAML) v2.0 (March 2005) http://www.oasis-open.org/standards#samlv2.0 (March 2005)
OpenID Authentication 2.0 - Final (December 2013) http://openid.net/specs/openid-authentication-2_0.html (December 2013)
U. S. Department of Health and Human Services (1996) Health insurance portability and accountability act (HIPAA) Retrieved fromhttp://www.hhs.gov/ocr/privacy/hipaa/understanding/index.html Retrieved from
European Commision (1995) Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data Retrieved fromhttp://old.cdt.org/privacy/eudirective/EU_Directive_.html Retrieved from
Latham D: Department of Defense Trusted Computer System Evaluation Criteria. Tech. rep., US Department of Defense 1985.
Ferraiolo DF, Sandhu R, Gavrila S, Kuhn DR, Chandramouli R: Proposed NIST standard for role-based access control. ACM Trans Inf Syst Secur 2001, 4(3):224–274. http://doi.acm.org/10.1145/501978.501980 10.1145/501978.501980
Jin X, Krishnan R, Sandhu R: A unified attribute-based access controls model covering DAC, MAC and RBAC. In Data and applications security and privacy XXVI. Berlin, Heidelberg: Springer; 2012:41–55. http://dx.doi.org/10.1007/978–3-642–31540–4_4
Moses T: eXtensible Access Control Markup Language (XACML) Version 2.0. OASIS Standard 2005. https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml
Maarten Decat - Policy Federation https://distrinet.cs.kuleuven.be/software/policy-federation/
Decat M, Lagaisse B, Van Landuyt D, Crispo B, Joosen W: Federated authorization for software-as-a-service applications. In On the move to meaningful internet systems: OTM 2013 Conferences. Berlin, Heidelberg: Springer; 2013:342–359.
Crampton J, Huth M: An authorization framework resilient to policy evaluation failures. In Proceedings of the 15th European Conference on Research in Computer Security. Berlin, Heidelberg: Springer-Verlag; 2010:472–487. http://dx.doi.org/10.1007/978–3-642–15497–3_29
Ardagna C, Capitani di Vimercati S, Foresti S, Neven G, Paraboschi S, Preiss FS, Samarati P, Verdicchio M: Fine-grained disclosure of access policies. In Information and communications security. lecture notes in computer science, vol. 6476. Edited by: Soriano M, Qing S, Lopez J. Berlin, Heidelberg: Springer; 2010:16–30. http://dx.doi.org/10.1007/978–3-642–17650–0_3
Decat M, Lagaisse B, Crispo B, Joosen W: Introducing concurrency in policy-based access control. In Proceedings of the 8th workshop on middleware for next generation internet computing. New York: ACM; 2013:3:1–3:6.
Liu AX, Chen F, Hwang J, Xie T: Xengine: a fast and scalable xacml policy evaluation engine. In Proceedings of the 2008 ACM SIGMETRICS. SIGMETRICS '08. Annapolis, MD, USA: ACM; 2008:265–276. http://doi.acm.org/10.1145/1375457.1375488
Gama P, Ribeiro C, Ferreira P: A scalable history-based policy engine. In Policies for Distributed Systems and Networks, 2006. Policy 2006. Seventh IEEE International Workshop on. IEEE; 2006:100–112. http://doi.ieeecomputersociety.org/10.1109/POLICY.2006.8
Elmasri RA, Navathe SB: Fundamentals of database systems, 3rd edn. Boston: Addison-Wesley Longman Publishing Co., Inc.; 1999.
Bauer L, Garriss S, Reiter M: Distributed proving in access-control systems. In Security and Privacy, 2005 IEEE Symposium on. Los Alamitos: IEEE Computer Society; 2005:81–95.
Lin D, Rao P, Bertino E, Li N, Lobo J: Policy decomposition for collaborative access control. In Proceedings of the 13th ACM SACMAT. New York: ACM; 2008:103–112.
Asghar M, Ion M, Russello G, Crispo B: Espoon: Enforcing encrypted security policies in outsourced environments. In Availability, Reliability and Security (ARES), 2011 Sixth International Conference on. Los Alamitos: IEEE Computer Society; 2011:99–108.
di Vimercati SDC, Foresti S, Jajodia S, Paraboschi S, Samarati P: A data outsourcing architecture combining cryptography and access control. In Proceedings of the 2007 ACM workshop on computer security architecture, CSAW '07. Fairfax, Virginia, USA: ACM; 2007:63–69. http://doi.acm.org/10.1145/1314466.1314477
Brucker A, Petritsch H: Idea: efficient evaluation of access control constraints. In Engineering Secure Software and Systems. Springer; 2010:157–165. http://dx.doi.org/10.1007/978–3-642–11747–3_12
Wei Q: Towards improving the availability and performance of enterprise authorization systems. Ph.D. thesis, University of British Columbia 2009.
Gheorghe G, Crispo B, Carbone R, Desmet L, Joosen W: Deploy, adjust and readjust: Supporting dynamic reconfiguration of policy enforcement 7049. 2011, 350–369.http://dx.doi.org/10.1007/978-3-642-25821-3_18
Decat M, Lagaisse B, Joosen W: Toward efficient and confidentiality-aware federation of access control policies. In Proceedings of the 7th Workshop on Middleware for Next Generation Internet Computing. Montreal, Quebec, Canada: ACM; 2012:4:1–4:6. http://doi.acm.org/10.1145/2405178.2405182