Identity switching for federated access control
暂无分享,去创建一个
The traditional database security solutions are proving to be inadequate to solve the problems in a federated database system. These problems are largely based on the federation's structure and the degree of local autonomy of participating component systems. In a tightly coupled federated database environment, federation-wide security can be achieved by enforcing discretionary access control at both the federation layer and the component layer when degrees of autonomy of components are known.
Authentication in federated systems presents difficulties because the autonomously operated components may not know the identity of the federation users. The identity of a federation user needs to be validated either at the federation level or at both the federation and component levels, depending upon the degree of authorization autonomy preserved in the federation. The main focus of this dissertation is to provide a solution by defining the proximity minimizing mappings between federation subjects and component subjects, and between federation roles and component roles to ensure that the federation-to-component mapping is within a tolerable margin of its permission requirements.
The concept of subject switching is extended to accommodate approximate mapping between federation and component subjects. Due to the unavailability of component subjects having the same access privileges requested by a federation user, identity translation becomes an issue. Therefore we develop disparity metrics to quantify the degree of disparities between the requested access and those that are possible to be granted. A set of subject switching algorithms is also developed to minimize the disparities. Furthermore, subject switching is extended so as to manage complex objects in federated systems. This extension considers the complications introduced by sub-objects that are not equally weighted and incorporates an offset analysis derived from disparity measures used to verify the subject matching process.
The concept of role switching is defined and introduced here for the role based federations. The whole exported RBAC (Role Based Access Control) systems and the fully enhanced sub-RBAC systems are developed to preserve the constraints of the RBAC systems including role hierarchy constraints, separation of duty constraints, role assignment constraints and permission assignment constraints, etc., for legitimate role switching. Finally, an approximate role switching theory is developed by defining a metric which measures the distances between permission sets and provides an increase of chances to obtain roles endowed with more acceptable permission sets.