ISSE 2012 Context-enhanced Authorization
-
Upload
martijn-oostdijk -
Category
Technology
-
view
188 -
download
2
description
Transcript of ISSE 2012 Context-enhanced Authorization
![Page 1: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/1.jpg)
Context-enhaced Authorization
Using XACML to implement context-enhanced authorizations Martijn Oostdijk, Novay ISSE 2012, Brussels
![Page 2: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/2.jpg)
2
Research & advisory organization
Multi-disciplinary, ~50 researchers/advisors
Innovation projects (gov, financial, health)
Formerly known as: Telematica Instituut
Senior Advisor Identity, Privacy, Trust
PhD comp. sci. Eindhoven Univ. Tech.
CV: Radboud Univ., Riscure, Novay
Martijn Oostdijk
![Page 3: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/3.jpg)
3
centralization authz
authz for the cloud
nomadic working
extended enterprise
mobile/context
(insider) attacks
+ + + + +
Context- enhanced
Authorization XACML standard
+ Research project with
IBM and Rabobank
![Page 4: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/4.jpg)
Context-enhanced authz
• XACML PoC at a large Dutch bank • Context = location and more • DYNAMIC!! Policies • Usefulness through use cases +
feasibility study through demonstrator • Scope: employees
Context-enhanced Authorization 4
![Page 6: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/6.jpg)
This presentation is NOT:
• Introduction to Attribute based AC • Introduction to XACML standard So that there’s more time for: • Context-enhanced authorization • Use case + demonstrator • Lessons learned
Context-enhanced Authorization 6
![Page 7: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/7.jpg)
Authorization & Context?
Context-enhanced Authorization 7
(Attribute Based Access Control) PoC
• Use cases
• Demonstrator
![Page 8: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/8.jpg)
Environment
- weather -air pollution
Activities
- working - travelling - meeting - sleeping
Social
- people nearby - behaviour
- friends - Twitter activities
Location
- long/lat - proximity
- country/city - @home/@work
Network
- IP-address - VPN - LAN
- WiFi or 3G
Mental
- happy - scared
- sad - stressed
Physiological
- heart rate - skin
- voice
Device
- type - ownership
(BYO) - OS and apps -patch status
Time
-office hours - lunch time
- between points in time
![Page 9: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/9.jpg)
Context-enhanced Authorization 10
Domain Type Source 1. Environment Weather Buienradar
Air polution Weeronline.nl
Security incidents SIEM
2. Physiological Heart rate ECG sensor, Camera
Respiratory rate Camera
Blood pressure BP meter (cuff)
3. Social People nearby Bluetooth, Google Lattitude, Outlook Calendar
SN Friends LinkedIn, Facebook
Activity Twitter
4. Location Long/Lat GPS, GSM Cell-Id
City GPS, Geo-IP
Proximity Bluetooth, RFID/NFC
![Page 10: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/10.jpg)
Context-enhanced Authorization 11
Domain Type Source 5. Time Office hours System time
Lunch time Outlook Calendar
6. Mental Happy/sad Sound sensor
Scared Galvanic skin responses
Stressed
7. Network VPN or localnet Network access gateway
Wireless or Wired IP address
8. Device Type Device mngmt system
Ownership Device mngmt system
![Page 11: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/11.jpg)
Context-enhanced Authorization 12
Domain Type Source 9. Activity Travelling GPS, accelerometer
Meeting Calendar, Proximity sources
Sleeping Heart sensor, ECG, sound
Some observations: • Inter-dependencies between domains/types • Some inference is needed in some types • Most domains/types can benefit from multiple measurements
over time • What characteristics determine which domains / types /
sources are most suitable in a given scenario?
![Page 12: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/12.jpg)
Use-cases – a high level …
• Finer grained access to application with “hit-n-run” functionality
• Data loss prevention when traveling • More flexible authentication Simple context sources
Context-enhanced Authorization 13
![Page 13: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/13.jpg)
Demonstrator
Context-enhanced Authorization 14
Context server
Application
Google Calendar
NFC reader
Proximity dongle
Policies
Policies incl. context variables
Outlook
Google Latitude
Context client
Policy Engine
User
Device Mgmt
![Page 14: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/14.jpg)
Context-enhanced Authorization 17
![Page 15: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/15.jpg)
Context-enhanced Authorization 18
![Page 16: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/16.jpg)
Context-enhanced Authorization 19
![Page 17: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/17.jpg)
Context-enhanced Authorization 20
![Page 18: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/18.jpg)
Context-enhanced Authorization 21
![Page 19: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/19.jpg)
Context-enhanced Authorization 22
![Page 20: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/20.jpg)
Context
• Location, location, location • Stuff derived from location • Type of device (BYOD, enterprise mobility etc.) • Type of network (VPN/local, AP, browser, OS) • Time-of-day • And, of course, normal usage patterns • Please note: context is just another attribute for
XACML, but then dynamic
Context-enhanced Authorization 23
![Page 21: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/21.jpg)
Authenticity of context • Can we trust the source?
• Depends on the precise scenario • and on technology • and on who controls the source • Some sources are more trustworthy than other
• Why not just fuse with more context sources? • Multi-factor context, harder to fake for attacker • But also harder to understand and base policies on
• How to react to incidents?
Context-enhanced Authorization 24
Trust me!
![Page 22: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/22.jpg)
Authenticity of context
Context-enhanced Authorization 25
Needed trust in authenticity of context
CeA vs TM (SIEM, …):
![Page 23: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/23.jpg)
Quality of context
• Sources might provide incorrect data (with certain probability)
• Sources have limited accuracy (resolution, precision, granularity)
• Sources deliver data with certain delay • Data will have a temporal relevancy • Some sensors require user to carry (and not
forget) mobile device …
Context-enhanced Authorization 26
![Page 24: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/24.jpg)
Adoption in applications
• XACML-izing applications • SOA oriented applications easy • Making apps ready for externalization of authz
• (Stable versions of) XACML have been around since before 2006
• “Move to cloud” as driver? • Alternatives: provision authz attributes,
proprietary authorization APIs
Context-enhanced Authorization 27
![Page 25: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/25.jpg)
Privacy consequences
• Acceptance • Trade-off between privacy and usability (or
security?)
• Measure only relevant context • Relevant for (what?) purpose • Degrade information (latency, accuracy) • User control (and transparancy), sensors are
in mobile • Assumes (some) trust in CM system
Context-enhanced Authorization 28
![Page 26: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/26.jpg)
Complexity of policies
• Policies with many different context variables
• Express policies with respect to “raw” context (e.g. long/lat) versus more abstract notions (e.g. @home, @work)
Context-enhanced Authorization 29
![Page 27: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/27.jpg)
Scalability & performance
Context-enhanced Authorization 30
![Page 28: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/28.jpg)
Key take-aways
Yes it’s useful, yes it’s feasible
But w.r.t. context: authenticity, quality & privacy
But w.r.t. dyn attributes / XACML: complexity of policies & scalability
Context is mostly location, KIS
![Page 29: ISSE 2012 Context-enhanced Authorization](https://reader033.fdocuments.net/reader033/viewer/2022051210/54b6bfa24a7959e71b8b459a/html5/thumbnails/29.jpg)
More Information
http://www.novay.nl/digital-identity [email protected] http://linkedin.com/in/martijno
32 Context-enhanced Authorization
This presentation was supported by the Dutch national program COMMIT (project P7 SWELL)