FRAMEWORK FOR AGENT-BASED ROLE DELEGATION Presentation by: Ezedin S. Barka UAE University.
Framework for Role-Based Delegation Models (RBDMs)
description
Transcript of Framework for Role-Based Delegation Models (RBDMs)
1
Framework for Role-Based Delegation Models (RBDMs)
By:
Ezedin S.Barka and Ravi SandhuLaboratory Of Information Security Technology
George Mason University
{e.barka, sandhu}@isse.gmu.edu
www.list.gmu.edu
2
Introduction
• What is delegation?
• Forms of delegation
• Our focus
• RBAC96 is the base for our work
3
What is delegation?
• An active entity in a system delegates authority to another active entity to carry out some function on behalf of the former
• Active entities– Human being– Computer– Software agent– Process– etc.
4
Forms of delegation
• human to human
• Human to machine
• Machine to machine
• Perhaps even machine to human
5
Human-to human role-based delegation
• A user who is a member of a role to delegate his/her role to another user who belongs to some other role.
6
The RBAC96 Model
RH Role Hierarchy
UA PA User Assignment Permission Assignment
Figure 1-a: Simplified version of RBAC96 Model
RRoles
UUsers
Constraints
PPermis-sions
7
Example of role Hierarchy Project lead
Production Engineer Quality Engineer
EngineeringProject Lead > Quality Engineer
Quality Engineer > engineering
Production engineerQuality engineer
8
The RBDM Framework
• Identified a number of characteristics related to delegation between humans,– Permanence
– Monotonicity
– Administration
– Levels of delegation
– Multiple delegation
– Bilateral agreements
– Revocation
9
Permanence
• Weather or not the delegating role member looses membership in the delegating role.– Permanent: is permanently replacement by the
delegate user• delegating user can’t get the role back
• Delegate member assumes full power in the role
– Temporary: expires with time or by revocation• Delegating user maintain responsibility over the behavior of
the delegate user in the delegated role
10
Monotonicity
• Weather or not the delegating role member looses the power in the delegating role. – Monotonic: Upon delegation, the delegating user
maintains his power in that role• Can override any action by the delegate user
– Non-monotonic: During delegation, the delegating user looses his power in the delegated role
• Never looses the revoking permissions
• Regains full power upon delegation expiration
11
Totality
• Size of the delegated permission in a role– Total: delegating all the permissions assigned to the
role
– Partial: delegating only subset of the role• Easier to address in hierarchical roles
12
Administration
• who administer the delegation– Self-administered
• The delegating user carryout the actual delegation process
– Agent-based• A third party conducts the actual delegation
• Needed when the delegating user is not available
13
Levels of delegation
• How many times can the role be further delegated– Single-step Delegation
• The role can be delegated only once
– Multi-step delegation• The delegated role is further delegated
• Adds a lots of complexities
14
Multiple delegation
• Number of people to whom a delegating role member can delegate at any given time.– To a single person
• Role is delegated to only one person at a time
– To multiple people simultaneously• Role is delegated to more than one person at a time
• Introduces accountability issues
15
Bilateral agreements
• Both parties have to agree on the delegation
16
Revocation
The process by which a delegating user take away the privileges delegated to another user – Cascading revocation
• Usually a concern in the case of the two step delegation
– grant-dependency revocation• Who can revoke
– Only the delegating user can revoke
– Any member of the delegating role can revoke
17
Delegation
Permanent Temporary
Non-monotonic Monotonic Single step Multi-step (Not useful)
self-acted Total Monotonic Non- Monotonic (eliminated)
Others not relevant
Self Agent (Not useful)
Total/Partial Partial G. D. revocation G.Ind. revocation
Cascading R. Cascading R. Multi-delegation.
(Comprehensive Model)
* G.D revocation means grant-dependent revocation* G.Ind revocation means grant-independent revocation* Cascading R means cascading revocation
Figure 2. Tree structure showing the partitioning process
18
Models in this framework
• Permanent delegation– RBDM-PD , work in progress
• Temporary delegation– self administered
• RBDM-FR, NISSC 2000
• RBDM-HR, NISSC 2000
– Agent-based• ABEDM, work in progress
19
Conclusion
• Identified a number of characteristic related to delegation
• Used a systematic approach to reduce the large number of possibilities to some useful cases
• Used the reduced cases to build delegation models
20
Questions?