Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security
-
Upload
forgerock -
Category
Technology
-
view
852 -
download
0
description
Transcript of Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security
![Page 1: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/1.jpg)
Consumerizing Industrial IoT Access Control
Using UMA to Add Privacy and Usability to Strong Security
FORGEROCK.COM
Eve Maler VP Innovation & Emerging Technology [email protected] @xmlgrrl
October 2014
![Page 2: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/2.jpg)
2
Agenda
■ Who am I? ■ Authorization challenges ■ Testing out web authorization solutions
■ Introducing User-Managed Access (UMA) ■ Conclusions and future work
![Page 3: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/3.jpg)
Constrained environments present major authorization
challenges
h/t @gffletch, @domcat
![Page 4: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/4.jpg)
4
We need it for Internet-connected dishwashers…
flickr.com | n1ct4yl0r | CC BY-NC-ND 2.0 | link
![Page 5: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/5.jpg)
5
…smart medical thingies…
![Page 6: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/6.jpg)
6
…and Solar Freakin’ Roadways
![Page 7: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/7.jpg)
7
What are the requirements?
Scale Discovery
![Page 8: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/8.jpg)
8
What are the requirements?
Privacy Flexibility
flickr.com | ahilliker | CC BY-NC-ND 2.0 | link
![Page 9: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/9.jpg)
9
What are the requirements?
Partitioning
![Page 10: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/10.jpg)
How far do existing web authorization and consent
technologies take us?
flickr.com | smemon | CC BY 2.0 | link
![Page 11: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/11.jpg)
11
Extensible Access Control Markup Language (XACML)
Scale Discovery Privacy
Flexibility Partitioning
X ?
X
X ?
![Page 12: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/12.jpg)
12
OAuth 2.0 Authorization Framework
Scale Discovery Privacy
Flexibility Partitioning
?
?
? ?
![Page 13: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/13.jpg)
13
How do we share data informally on the web? It’s not good…
![Page 14: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/14.jpg)
flickr.com | thomashawk | CC BY-NC 2.0 | link
Introducing User-Managed Access (UMA)
![Page 15: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/15.jpg)
15
UMA in a nutshell
■ Draft standard for “authorization V.next” ■ Profile and application of OAuth V2.0 ■ Set of authorization, privacy, and consent APIs
■ Work Group of the Kantara Initiative ■ Founder, chair, and “chief UMAnitarian”:
■ Heading to V1.0 in Q1 2015 ■ In interop testing now
![Page 16: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/16.jpg)
16
The UMA protocol enables key new selective sharing options
I want to share this stuff selectively • Among my own apps • With family and friends • With organizations
I want to protect this stuff from being seen by everyone in the world
I want to control access proactively, not just feel forced to consent over and over
![Page 17: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/17.jpg)
17
Under the hood, it’s “OAuth++”
Loosely coupled to enable an AS to onboard multiple RS’s, residing in any security domains
This concept is new, to enable person-to-person sharing driven by RO policy vs. run-time consent
![Page 18: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/18.jpg)
18
UMA is about interoperable, RESTful authorization-as-a-service
Has standardized APIs for privacy and “selective sharing”
Outsources protection to a centralizable authorization server
“authz provider”
(AzP)
“authz relying party”
(AzRP)
identity provider
(IdP)
SSO relying party (RP)
![Page 19: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/19.jpg)
19
UMA-enabled systems can respect policies such as…
Only let my tax preparer with email [email protected] and using client app TaxThis access my bank account data if they have authenticated strongly, and not after tax season is over.
Let my health aggregation app, my doctor’s office client app, and the client for my husband’s employer’s insurance plan (which covers me) get access to my wifi-enabled scale API and my fitness wearable API to read the results they generate.
When a person driving a vehicle with an unknown ID comes into contact with my Solar Freakin’ Driveway, alert me and require my access approval.
![Page 20: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/20.jpg)
20
The user experience can simulate OAuth or proprietary sharing paradigms, or even be invisible (“better than OAuth”)
![Page 21: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/21.jpg)
21
The RS exposes whatever value-add API it wants, protected by an AS The RPT is the main “access token” and (by default – it’s profilable) is associated with time-limited, scoped permissions
App-specific API
UM
A-enabled
client
RPT
requesting party token
![Page 22: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/22.jpg)
22
The AS exposes an UMA-standardized protection API to the RS The PAT protects the API and binds the RO, RS, and AS
Protection A
PI P
rote
ctio
n cl
ient
PAT
protection API token
• Resource registration endpoint • Permission registration endpoint • Token introspection endpoint
![Page 23: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/23.jpg)
23
The AS exposes an UMA-standardized authorization API to the client The AAT protects the API and binds the RqP, client, and AS The client may be told: “need_claims”
Authorization API
Authorization client
AAT authorization API token
• Authorization request endpoint
![Page 24: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/24.jpg)
24
The AS can collect requesting party “claims” to assess policy
A “claims-aware” client can proactively push an OpenID Connect ID token, a SAML assertion, a SCIM record, or other available user data to the AS per the access federation’s trust framework
A “claims-unaware” client can, at minimum, redirect the requesting party to the AS to log in, press an “I Agree” button, fill in a form, follow a NASCAR for federated login, etc.
![Page 25: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/25.jpg)
25
Applying the UMA paradigm to a fitness wearable use case ■ The device user is the resource owner,
with discretionary resource access control rights – Access control confers proactive privacy
capabilities through policy
■ The device+service combination is likely to use an (out-of-band wrt UMA) constrained-device IoT protocol
![Page 26: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/26.jpg)
26
Benefits of the approach ■ Flexibility in binding an individual to a device and to a corresponding service
account – Enables persistent or temporary device controllers
■ Flexibility and centralization in letting an individual choose sharing settings – Accommodating OAuth-style sharing with apps that the device user himself uses and also third
parties
■ Comprehensive yet simple platform approach to device service protection and access control – Enabling third-party services and devices to join an ecosystem
■ Future-proofing if the platform operator needs to outsource protection to regulation-driven, consumer-driven, or healthcare-ecosystem-driven authorization services
![Page 27: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/27.jpg)
27
Concept mappings ■ Device user
■ Device + service
■ Device certificate
■ Service APIs exposing PII
■ IoT identity/authorization platform
■ PII-accessing web/native app
■ PII-accessing app credentials
■ User of PII-accessing app
■ Onboarding device + user
■ Onboarding app + user
■ Device user sharing policy
■ Dynamic entitlement management
■ UMA resource owner (RO)
■ UMA resource server (RS)
■ UMA RS OAuth client credentials
■ UMA protected resources
■ UMA authz server (AS)
■ UMA client
■ UMA client OAuth client credentials
■ UMA requesting party (RqP)
■ Protection API token (PAT)
■ Authz API token (AAT)
■ RqP claims-gathering
■ UMA requesting party token (RPT)
![Page 28: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/28.jpg)
Conclusion and next steps
![Page 29: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/29.jpg)
29
UMA use-case scenario domains Health
Financial
Education
Personal
Citizen
Media
Behavioral
Web
Mobile
API
IoT
![Page 30: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/30.jpg)
30
UMA wrt the the “ACE actors”
Partitioning
![Page 31: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/31.jpg)
31
How does User-Managed Access do?
Scale Discovery Privacy
Flexibility Partitioning
?
![Page 32: Consumerizing Industrial Access Control: Using UMA to Add Privacy and Usability to Strong Security](https://reader033.fdocuments.in/reader033/viewer/2022060110/555dbf14d8b42a63328b58e9/html5/thumbnails/32.jpg)
32
Next steps and future work ■ A variety of IoT, web, and API case studies have been
contributed ■ Enterprise API use cases have been deployed in
production ■ Open source is available and more is expected ■ Intel has done an experimental industrial IoT
implementation in node.js ■ V1.0 of the protocol is slated to be completed in Q1
2015 ■ Further IoT investigation on disconnected operation
modes, proof-of-possession tokens, etc. is warranted