Page 1
1
Future of Access Control:Attributes, Automation, Adaptation
Prof. Ravi Sandhu
Executive Director, Institute for Cyber SecurityLutcher Brown Endowed Chair in Cyber Security
University of Texas at San Antonio
PSG College of Technology, ICC3 Conference, KeynoteDecember 19, 2013
[email protected] , www.profsandhu.com, www.ics.utsa.edu
© Ravi Sandhu World-Leading Research with Real-World Impact!
Institute for Cyber Security
Page 2
2
The Science, Engineering, and Business of Cyber Security
Prof. Ravi Sandhu
Executive Director, Institute for Cyber SecurityLutcher Brown Endowed Chair in Cyber Security
University of Texas at San Antonio
PSG College of Technology, ICC3 Conference, KeynoteDecember 19, 2013
[email protected] , www.profsandhu.com, www.ics.utsa.edu
© Ravi Sandhu World-Leading Research with Real-World Impact!
Institute for Cyber Security
Page 3
© Ravi Sandhu 3World-Leading Research with Real-World Impact!
Cyber Security StatusMicroSecurity
Not too bad About as good as it is going to get Criminals can only defraud so many Big government/big business are real threats
MacroSecurity New arena for researchers Highly asymmetric, includes offense, clandestine Dual goals: strong offense, strong defense Cyber should be controllable
Nuclear, chemical, biological have been “controlled”
Page 4
© Ravi Sandhu 4World-Leading Research with Real-World Impact!
Cyber Security StatusMicroSecurity
Not too bad About as good as it is going to get Criminals can only defraud so many Big government/big business are real threats
MacroSecurity New arena for researchers Highly asymmetric, includes offense, clandestine Dual goals: strong offense, strong defense Cyber should be controllable
Nuclear, chemical, biological have been “controlled”
Run as fast as you can to stay in place
Page 5
≈ 2010 US Department of Defense epiphanies A new domain akin to land, sea, air and space Have and use offensive cyber weapons Malware penetrations in highly classified networks
Consumerization of cyberspace Anytime, Anywhere, Anything BYOD: Bring your own device BYOC: Bring your own cyberspace?
Entanglement of cyber-physical-social space Just starting
© Ravi Sandhu 5World-Leading Research with Real-World Impact!
21st Century Cyberspace
Page 6
Enable system designers and operators to say:
This system is secure
There is an infinite supply of low-hanging attacks
© Ravi Sandhu 6World-Leading Research with Real-World Impact!
Cyber Security Goal
Not attainable
Page 7
Enable system designers and operators to say:
This system is secure
There is an infinite supply of low-hanging attacks
Alternate goal:
This system is as secure as possibleMore secure is always better
© Ravi Sandhu 7World-Leading Research with Real-World Impact!
Cyber Security Goal
Not attainable
Not appropriate
Page 8
Enable system designers and operators to say:
This system is secure “enough”
Mass scale, rather low assurance ATM network, On-line banking, E-commerce
One of a kind, extremely high assurance US President’s nuclear football
© Ravi Sandhu 8World-Leading Research with Real-World Impact!
Cyber Security Goal
Many successful examples
Page 9
Enable system designers and operators to say:
This system is secure “enough”
Mass scale, rather low assurance ATM network, On-line banking, E-commerce
One of a kind, extremely high assurance US President’s nuclear football
© Ravi Sandhu 9World-Leading Research with Real-World Impact!
Cyber Security Goal
Many successful examples
Science
Engineering Business
Page 10
© Ravi Sandhu 10World-Leading Research with Real-World Impact!
Cyber Security Ecosystem
Science
Engineering Business
Distinguishing Characteristics of Cyber/Cyber Security Cyberspace is an entirely man-made domain Evolves rapidly and unpredictably Validation primarily with respect to future systems
Science explains the cause of observed phenomenon
Page 11
© Ravi Sandhu 11World-Leading Research with Real-World Impact!
Cyber Security Ecosystem
Science
Engineering Business
Distinguishing Characteristics of Cyber/Cyber Security Cyberspace is an entirely man-made domain Evolves rapidly and unpredictably Validation primarily with respect to future systems
Science explains the cause of observed phenomenon and enables better construction of future systems
Page 12
© Ravi Sandhu 12World-Leading Research with Real-World Impact!
Scientific Method: Natural Sciences
Hypothesis
Prediction
Experimentation
PredictionConfirmed
PredictionFalsified
Hypothesis → Law Reject Hypothesis
Page 13
© Ravi Sandhu 13World-Leading Research with Real-World Impact!
Scientific Method: Natural Sciences
Hypothesis
Prediction
Experimentation
PredictionConfirmed
PredictionFalsified
Hypothesis → Law Reject Hypothesis
Paradigms
Page 14
© Ravi Sandhu 14World-Leading Research with Real-World Impact!
Heliocentric versus Geocentric
Page 15
© Ravi Sandhu 15World-Leading Research with Real-World Impact!
Epicycles
Page 16
© Ravi Sandhu 16World-Leading Research with Real-World Impact!
Circles versus Ellipses
Page 17
© Ravi Sandhu 17World-Leading Research with Real-World Impact!
Scientific Method: Cyber Sciences
Hypothesis
Prediction
Experimentation
PredictionConfirmed
PredictionFalsified
Hypothesis → Law Reject Hypothesis
Science explains the cause of observed phenomenon and enables better construction of future systems
Paradigms
Page 18
© Ravi Sandhu 18World-Leading Research with Real-World Impact!
Science Quadrants
FundamentalUnderstanding
L H
H
L
Utility
Edison Pasteur
Bohrjunk
Donald Stokes, 1997Pasteur’s Quadrant: BasicScience and Technological Innovation
Page 19
© Ravi Sandhu 19World-Leading Research with Real-World Impact!
Cyber Science Quadrants
FundamentalUnderstanding
L H
H
L
Jobs Cerf-Kahn
Turingjunk
Utility
Page 20
© Ravi Sandhu 20World-Leading Research with Real-World Impact!
Cyber Security Quadrants
FundamentalUnderstanding
L H
H
L
?? ??
??junk
Utility
Page 21
21World-Leading Research with Real-World Impact!
Access Control Decomposition
© Ravi Sandhu
PolicySpecification
PolicyEnforcement
PolicyAdministration
Page 22
22World-Leading Research with Real-World Impact!
Access Control Decomposition
© Ravi Sandhu
PolicySpecification
PolicyReality
PolicyEnforcement
PolicyAdministration
Page 23
© Ravi Sandhu 23World-Leading Research with Real-World Impact!
Access Control
Discretionary Access Control (DAC), 1970
Mandatory Access Control (MAC), 1970
Role Based Access Control (RBAC), 1995
Attribute Based Access Control (ABAC), ????
Page 24
© Ravi Sandhu 24World-Leading Research with Real-World Impact!
Access Control
Discretionary Access Control (DAC), 1970
Mandatory Access Control (MAC), 1970
Role Based Access Control (RBAC), 1995
Attribute Based Access Control (ABAC), ????
RBAC can be configured to do
MAC or DAC
Page 25
© Ravi Sandhu 25World-Leading Research with Real-World Impact!
Access Control
Discretionary Access Control (DAC), 1970
Mandatory Access Control (MAC), 1970
Role Based Access Control (RBAC), 1995
Attribute Based Access Control (ABAC), ????
FixedPolicy
FlexiblePolicy
Page 26
© Ravi Sandhu 26World-Leading Research with Real-World Impact!
Access Control
Discretionary Access Control (DAC), 1970
Mandatory Access Control (MAC), 1970
Role Based Access Control (RBAC), 1995
Attribute Based Access Control (ABAC), ????
HumanDriven
AutomatedAdaptive
Page 27
© Ravi Sandhu 27World-Leading Research with Real-World Impact!
Access Control
Discretionary Access Control (DAC), 1970
Mandatory Access Control (MAC), 1970
Role Based Access Control (RBAC), 1995
Attribute Based Access Control (ABAC), ????
Messy or Chaotic?
Page 28
28World-Leading Research with Real-World Impact!
ABAC Model Structure
© Ravi Sandhu
Policy Configuration Points
Page 29
Usage Control Model (UCON)
© Ravi Sandhu 29
Rights(R)
Authorizations
(A)
Subjects(S)
Objects(O)
Subject Attributes (SA) Object Attributes (OA)
Obligations(B)
Conditions(C)
UsageDecisions
before-usage ongoing-Usage after-usage
Continuity ofDecisions
pre-decision ongoing-decision
pre-update ongoing-update post-update
Mutability ofAttributes
• unified model integrating• authorization• obligation• conditions
• and incorporating• continuity of decisions• mutability of attributes
Page 30
© Ravi Sandhu 30World-Leading Research with Real-World Impact!
Risk Adaptive Access Control (RAdAC)
Page 31
© Ravi Sandhu 31World-Leading Research with Real-World Impact!
The RBAC Story
2nd expansion phase1st expansion phase
1995 2000 2005 2008
Amount ofPublications
Year of Publication
28 30 30 35 40 48 53 88 85 88 112 103 111 866
1992
3 2 7 3
80
60
40
20
0
Pre-RBAC Early RBAC
100
RBAC96paper
ProposedStandard
StandardAdopted
Page 32
© Ravi Sandhu 32World-Leading Research with Real-World Impact!
ABAC Status
2nd expansion phase1st expansion phase
1995 2000 2005 2008
Amount ofPublications
Year of Publication
28 30 30 35 40 48 53 88 85 88 112 103 111 866
1992
3 2 7 3
80
60
40
20
0
Pre-RBAC Early RBAC
100
RBAC96paper
ProposedStandard
StandardAdopted
ABAC still in pre/early phase
199x? 2013
Page 33
Cyber technologies and systems trends will drive pervasive adoption of ABAC
ABAC deployment is going to be messy but need not be chaotic
Researchers can facilitate ABAC adoption and reduce chaos by developing Models Theories Systems
© Ravi Sandhu 33World-Leading Research with Real-World Impact!
Access Control Prognosis