A metamodel of access control for distributed environments: Applications and properties

We describe a metamodel for access control, designed to take into account the specific requirements of distributed environments. We see a distributed system consisting of several sites, each with its own resources to protect, as a federation, and propose a framework for the specification (and enforcement) of global access control policies that take into account the local policies specified by each member of the federation. The framework provides mechanisms to specify heterogeneous local access control policies, to define policy composition operators, and to use them to define conflict-free access authorisation decisions. We use a declarative formalism in order to give an operational semantics to the distributed metamodel. We then show how properties of policies can be directly obtained from standard results for the operational semantics of access request evaluation.

[1]  Pierangela Samarati,et al.  Logics for Authorization and Security , 2003, Logics for Emerging Applications of Databases.

[2]  Alberto Martelli,et al.  An Efficient Unification Algorithm , 1982, TOPL.

[3]  Mariangiola Dezani-Ciancaglini,et al.  An extension of the basic functionality theory for the λ-calculus , 1980, Notre Dame J. Formal Log..

[4]  Clara Bertolissi,et al.  A rewriting framework for the composition of access control policies , 2008, PPDP.

[5]  Jorge Lobo,et al.  Access control policy combining: theory meets practice , 2009, SACMAT '09.

[6]  Luigi Liquori,et al.  Addressed Term Rewriting Systems: Syntax, Semantics, and Pragmatics: Extended Abstract , 2005, TERMGRAPH.

[7]  Martín Abadi,et al.  A Calculus for Access Control in Distributed Systems , 1991, CRYPTO.

[8]  Claude Kirchner,et al.  The rewriting calculus - Part I , 2001, Log. J. IGPL.

[9]  Klaus R. Dittrich,et al.  An Approach for Building Secure Database Federations , 1994, VLDB.

[10]  Nobuko Yoshida,et al.  Channel dependent types for higher-order mobile processes , 2004, POPL.

[11]  Clara Bertolissi,et al.  Automated analysis of rule-based access control policies , 2013, PLPV.

[12]  Maribel Fernández,et al.  Normalization Results for Typeable Rewrite Systems , 1997, Inf. Comput..

[13]  Pierre Courtieu,et al.  A3PAT, an approach for certified automated termination proofs , 2010, PEPM '10.

[14]  John M. Boone,et al.  INTEGRITY-ORIENTED CONTROL OBJECTIVES: PROPOSED REVISIONS TO THE TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA (TCSEC), DoD 5200.28-STD , 1991 .

[15]  Frédéric Prost,et al.  Security policy in a declarative style , 2005, PPDP.

[16]  Luigi V. Mancini,et al.  A graph-based formalism for RBAC , 2002, TSEC.

[17]  John McLean,et al.  The algebra of security , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[18]  Clara Bertolissi,et al.  Category-Based Authorisation Models: Operational Semantics and Expressive Power , 2010, ESSoS.

[19]  Claude Kirchner,et al.  Weaving rewrite-based access control policies , 2007, FMSE '07.

[20]  Sabrina De Capitani di Vimercati,et al.  A modular approach to composing access control policies , 2000, CCS.

[21]  Ravi S. Sandhu,et al.  Foundations for group-centric secure information sharing models , 2009, SACMAT '09.

[22]  Luca Viganò,et al.  Automated Security Protocol Analysis With the AVISPA Tool , 2006, MFPS.

[23]  Peter J. Stuckey,et al.  Flexible access control policy specification with constraint logic programming , 2003, TSEC.

[24]  Andrew D. Gordon,et al.  Design and Semantics of a Decentralized Authorization Language , 2007, 20th IEEE Computer Security Foundations Symposium (CSF'07).

[25]  Claude Kirchner,et al.  The rewriting calculus - Part II , 2001, Log. J. IGPL.

[26]  Sushil Jajodia,et al.  Flexible support for multiple access control policies , 2001, TODS.

[27]  Jean-Pierre Jouannaud,et al.  Modular Termination of Term Rewriting Systems Revisited , 1994, COMPASS/ADT.

[28]  Kathi Fisler,et al.  Specifying and Reasoning About Dynamic Access-Control Policies , 2006, IJCAR.

[29]  Sabrina De Capitani di Vimercati,et al.  Authorization Specification and Enforcement in Federated Database Systems , 1997, Journal of computing and security.

[30]  Clara Bertolissi,et al.  Dynamic Event-Based Access Control as Term Rewriting , 2007, DBSec.

[31]  Maribel Fernández,et al.  Term Rewriting for Access Control , 2006, DBSec.

[32]  Steve Barker The next 700 access control models or a unifying meta-model? , 2009, SACMAT '09.

[33]  Anderson Santana de Oliveira,et al.  Réécriture et Modularité pour les Politiques de Sécurité. (Term Rewriting and Modularity for Security Policies) , 2008 .

[34]  Maribel Fernández,et al.  Intersection Type Assignment Systems with Higher-Order Algebraic Rewriting , 1996, Theor. Comput. Sci..

[35]  Ravi S. Sandhu,et al.  Group-Centric Models for Secure and Agile Information Sharing , 2010, MMM-ACNS.

[36]  José Meseguer,et al.  A rewriting-based inference system for the NRL Protocol Analyzer and its meta-logical properties , 2006, Theor. Comput. Sci..

[37]  Clara Bertolissi,et al.  Distributed event-based access control , 2009, Int. J. Inf. Comput. Secur..

[38]  José Meseguer,et al.  A Sufficient Completeness Reasoning Tool for Partial Specifications , 2005, RTA.

[39]  Clara Bertolissi,et al.  Time and Location Based Services with Access Control , 2008, 2008 New Technologies, Mobility and Security.

[40]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[41]  Maribel Fernández Narrowing based procedures for equational disunification , 2005, Applicable Algebra in Engineering, Communication and Computing.

[42]  Charles Morisset,et al.  Formal definition and comparison of access control models , 2009 .

[43]  Joseph A. Goguen,et al.  Software Engineering with Obj: Algebraic Specification In Action , 2010 .

[44]  Vincent van Oostrom,et al.  Combinatory Reduction Systems: Introduction and Survey , 1993, Theor. Comput. Sci..

[45]  James B. D. Joshi,et al.  LoT-RBAC: A Location and Time-Based RBAC Model , 2005, WISE.

[46]  Claude Kirchner,et al.  Modular Access Control Via Strategic Rewriting , 2007, ESORICS.

[47]  Narciso Martí-Oliet,et al.  The Maude 2.0 System , 2003, RTA.

[48]  Dov M. Gabbay,et al.  A Meta-model of Access Control in a Fibred Security Language , 2009, Stud Logica.

[49]  Sushil Jajodia,et al.  A propositional policy algebra for access control , 2003, TSEC.

[50]  Yuliya Lierler,et al.  Automatic Compilation of Protocol Insecurity Problems into Logic Programming , 2004, JELIA.

[51]  Chitta Baral,et al.  Logic Programming and Knowledge Representation , 1994, J. Log. Program..

[52]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[53]  Elisa Bertino,et al.  A unified framework for enforcing multiple access control policies , 1997, SIGMOD '97.

[54]  Elisa Bertino,et al.  A logical framework for reasoning about access control models , 2001, SACMAT '01.

[55]  Clara Bertolissi,et al.  Rewrite Specifications of Access Control Policies in Distributed Environments , 2010, STM.

[56]  Andrew D. Gordon,et al.  SecPAL: Design and semantics of a decentralized authorization language , 2010, J. Comput. Secur..

[57]  M. Newman On Theories with a Combinatorial Definition of "Equivalence" , 1942 .

[58]  Radha Jagadeesan,et al.  Timed constraint programming: a declarative approach to usage control , 2005, PPDP '05.

[59]  Ninghui Li,et al.  Design of a role-based trust-management framework , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[60]  Chang Liu,et al.  Term rewriting and all that , 2000, SOEN.

[61]  Henk Barendregt,et al.  The Lambda Calculus: Its Syntax and Semantics , 1985 .