La presentazione è in caricamento. Aspetta per favore

La presentazione è in caricamento. Aspetta per favore

C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Reasoning about Secure Interoperation using Soft Constraints.

Presentazioni simili


Presentazione sul tema: "C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Reasoning about Secure Interoperation using Soft Constraints."— Transcript della presentazione:

1 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Reasoning about Secure Interoperation using Soft Constraints Stefano Bistarelli Dipartimento di Scienze, Università di Pescara, Italy; IIT, CNR, Pisa, Italy Simon Foley, Barry OSullivan Department of Computer Science University College Cork Ireland Speaker: Stefano Bistarelli

2 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Thanks to my co-authors…. Barry OSullivan University College Cork, Ireland Cork Constraint Computation Centre Constraints Simon Foley University College Cork, Ireland Security, Policy, Formal Methods

3 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Motivations Admin System Sales System

4 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Basic Security Modeling Subject Do Operation Security Mechanism Object Security Policy Subject: processes, … Objects: memory, files, … Security policy defines rules that govern access to objects by subjects. Security mechanism ensures security policy is upheld.

5 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Secure Composition of Systems Systems are individually secure. Is it safe to allow file sharing between Personnel and Sales systems? Clare not authorized to access Bobs files, but, Clare may access Bobs files via Sales system. Need to reconfigure connections to close this circuitous access route [COLOPS2003,SAC2004,IAAI2004]. Need to reconfigure system access configurations! Admin System Sales System Alice allowed access Bobs files Clare allowed access Alices files connection

6 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Secure Interoperation Computation Foundations [Gong&Qian, 1994] Analyzing the security of interoperating and individually secure systems can be done in polynomial time. Given a non-secure network configuration, then re-configuring the connections in an optimal way (to minimize the impact on interoperability) is NP.

7 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Talk Outline: describe how constraints provide a natural approach to modelling and solving the secure interoperation problem Basic Security Modelling Secure Composition of systems Secure Interoperation What are Soft Constraints? Semiring Framework Using constraints for Access Configuration Access Reconfiguration Access Interoperation Dealing with Transitivity Future Work

8 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Crisp toward soft constraints P={ x3x3 x4x4 x1x1 x2x2 V, {red,blue,yellow} {blue,yellow} {red,blue} {yellow} D, C={pairwise-different} C, PC, con, def, a} x1x1 x2x2 x3x3 x4x4 combination projection

9 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Crisp toward soft constraints x3x3 x4x4 x1x1 x2x2 {red,blue,yellow} {blue,yellow} {red,blue} {yellow} C={pairwise-different} 5$ 3$ 2$ 15$ x1x1 x2x2 x3x3 x4x4 Combination (+) Projection (min) 15$ 13$ Probabilistic Fuzzy Classical Weighted C-semiring :

10 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica The Semiring Framework A c-semiring is a tuple such that: A is the set of all consistency values and 0, 1 A. 0 is the lowest consistency value and 1 is the highest consistency value; +, the additive operator, is a closed, commutative, associative and idempotent operation such that 1 is its absorbing element and 0 is its unit element; ×, the multiplicative operator, is a closed and associative operation such that 0 is its absorbing element, 1 is its unit element and × distributes over +. Stefano Bistarelli, Ugo Montanari, and Francesca Rossi, Semiring-based Constraint Solving and Optimization Journal of the ACM, 44(2):201–236, Mar 1997. Stefano Bistarelli, Ugo Montanari, and Francesca Rossi, Semiring-based Constraint Solving and Optimization Journal of the ACM, 44(2):201–236, Mar 1997.

11 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Semiring-based Constraints Given a semiring, an ordered set of variables V over a finite domain D, a constraint is a function which maps an assignment of the variables in the support of c, supp(c) to an element of A. Notation c represents the constraint function c evaluated under instantiation, returning a semiring value. Given two constraints c 1 and c 2, their combination is defined as (c 1 c 2 ) = c 1 ×c 2. The operation C represents the combination of a set of constraints C. a · b iff a+b=b c 1 v c 2 iff 8 c 1 · c 2 Stefano Bistarelli, Ugo Montanari and Francesca Rossi, Soft Concurrent Constraint Programming, Proceedings of ESOP-2002, LNCS, April 2002. Stefano Bistarelli, Ugo Montanari and Francesca Rossi, Soft Concurrent Constraint Programming, Proceedings of ESOP-2002, LNCS, April 2002.

12 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Talk Outline: describe how constraints provide a natural approach to modelling and solving the secure interoperation problem Basic Security Modelling Secure Composition of systems Secure Interoperation What are Soft Constraints? Semiring Framework Using constraints for Access Configuration Access Reconfiguration Access Interoperation Dealing with Transitivity Future Work

13 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Access Configuration A collection of constraints between entities (subjects, objects) specifying access permissions Represented as a semiring S= > S rw = S bool = ab {w} C S,O (a,b)={w}

14 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Access Configuration A collection of constraints between entities (subjects, objects) specifying access permissions Represented as a semiring S= > S rw = S bool = ab F C S,O (a,b)=F ab T C S,O (a,b)=T

15 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Access Configuration: Example S bool = C S,O (b,a)=F C S,O (c,b)=F C S,O (x,y)=T c ba

16 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Access Configuration: Example S bool = C S,O (b,a)=F C S,O (c,b)=F C S,O (x,y)=T c ba

17 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Access Configuration: Example S bool = C S,O (b,a)=F C S,O (c,b)=F C S,O (x,y)=T c ba

18 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Access Configuration: Example S bool = C S,O (b,a)=F C S,O (c,b)=F C S,O (x,y)=T c ba

19 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Access Configuration: Example S bool = C S,O (b,a)=F C S,O (c,b)=F C S,O (x,y)=T c ba

20 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Access Reconfiguration Existing configuration C S may be safely re-configured to C S when C S v C S C>C> CSCS C?C? v Secure reconfigurations CSCS

21 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Access Reconfiguration: Example c ba c ba c ba r rw c ba w r

22 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Access Interoperation Has to be a secure reconfiguration of both the sistems S 1 and S 3 C S1 C S3 c ba a cd

23 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Access Interoperation C S1 C S3 c ba a cd

24 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Access Interoperation C S1 C S3 c ba a cd C S1 ­ C S3 c ba a cd c ba a cd

25 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Access Transitivity C S1 c ba C S3 a cd

26 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Access Transitivity C S1 C S3 C S1 ­ C S3 c ba a cd

27 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Access Transitivity C S1 C S3 a cd C S1 ­ C S3 c ba c ba a cd c ba a cd

28 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Access Transitivity vs non-transitivity C S1 c ba C S3 a cd C S1 ­ C S3 C S1 c ba c ba c ba

29 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Where to from here? Real world implementation: Currently seeking funding to work with a company based in New Hampshire, USA.

30 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Conclusion We described how constraints provide a natural approach to modelling and solving the secure interoperation problem Access Configuration Access Reconfiguration Access Interoperation Transitivity entities All naturally represented with constraint operations

31 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica

32 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Questions? Thank you for your attention You have been listening to: Reasoning about Secure Interoperation using Soft Constraints Stefano Bistarelli, Simon Foley and Barry OSullivan Proceedings of FAST2004, pag. 183-196


Scaricare ppt "C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto per lInformatica e la Telematica Reasoning about Secure Interoperation using Soft Constraints."

Presentazioni simili


Annunci Google