Self-adaptive federated authorization infrastructures

Abstract: Abstract-Authorization infrastructures are an integral part of any network where resources need to be protected. They act as the gateway for providing (or denying) subjects (users) access to resources. As networks expand and organizations start to federate access to their resources, authorization infrastructures become increasingly difficult to manage. In this paper, we explore the automatic adaptation of authorization assets (policies and subject access rights) in order to manage federated authorization infra… Show more

“…This differs to previous work [4,5] whereby all solutions were assumed to result in a verified state of access, and adaptation constraints were not considered.…”

“…SAAF is based on the MAPE-K [23] feedback loop for identifying and responding to insider threats [13], which are typically conducted through user exploitation of legitimately assigned access rights. The provision of self-adaptation to authorisation infrastructures has shown to be a promising solution to respond to insider threats [4,5], as the adaptation of access control can prevent or limit a malicious user's ability to access protected resources, thus mitigating the attack. The SAAF controller performs adaptations when reacting to identified insider attacks, either by modifying access control policies or user access rights (e.g., the removal of user RBAC roles).…”

“…As such, the chemical company case study provides the basis to highlighting the benefits of using models, and their run-time verification, in self-adaptive authorisation infrastructures. We do not discuss the detection of insider threats since in a previous work [4] we have shown how the SAAF controller identifies and responds to extreme usage of resources. Such detection techniques can be improved upon with existing approaches, including, anomalous detection through machine learning [10] to handle the detection of unknown attacks.…”

“…We assume for the purpose of the experiment that the average number of downloads is considered to be at most 16, as discussed in the adaptation scenario. In addition, to classify severe behaviour, a composite rule is applied [4], which indicates after the deviation rule has been broken multiple times, the behaviour is severe enough to warrant adaptations to policies (which generate greater impact).…”

“…This RBAC model is then verified using the rbacDSML verification tool [1,27], which is able to verify a UML model of RBAC against OCL constraints. To evaluate our approach, we simulate a documented case of insider attack within our own deployed self-adaptive authorisation infrastructure [4]. The simulation has demonstrated the ability of our prototype to handle multiple attacks using verified adaptations of the authorisation infrastructure.…”

Run-time generation, transformation, and verification of access control models for self-protection

“…This differs to previous work [4,5] whereby all solutions were assumed to result in a verified state of access, and adaptation constraints were not considered.…”

“…SAAF is based on the MAPE-K [23] feedback loop for identifying and responding to insider threats [13], which are typically conducted through user exploitation of legitimately assigned access rights. The provision of self-adaptation to authorisation infrastructures has shown to be a promising solution to respond to insider threats [4,5], as the adaptation of access control can prevent or limit a malicious user's ability to access protected resources, thus mitigating the attack. The SAAF controller performs adaptations when reacting to identified insider attacks, either by modifying access control policies or user access rights (e.g., the removal of user RBAC roles).…”

“…As such, the chemical company case study provides the basis to highlighting the benefits of using models, and their run-time verification, in self-adaptive authorisation infrastructures. We do not discuss the detection of insider threats since in a previous work [4] we have shown how the SAAF controller identifies and responds to extreme usage of resources. Such detection techniques can be improved upon with existing approaches, including, anomalous detection through machine learning [10] to handle the detection of unknown attacks.…”

“…We assume for the purpose of the experiment that the average number of downloads is considered to be at most 16, as discussed in the adaptation scenario. In addition, to classify severe behaviour, a composite rule is applied [4], which indicates after the deviation rule has been broken multiple times, the behaviour is severe enough to warrant adaptations to policies (which generate greater impact).…”

“…This RBAC model is then verified using the rbacDSML verification tool [1,27], which is able to verify a UML model of RBAC against OCL constraints. To evaluate our approach, we simulate a documented case of insider attack within our own deployed self-adaptive authorisation infrastructure [4]. The simulation has demonstrated the ability of our prototype to handle multiple attacks using verified adaptations of the authorisation infrastructure.…”

Run-time generation, transformation, and verification of access control models for self-protection

Dynamic Access Control in Industry 4.0 Systems

Challenges in Engineering Self-Adaptive Authorisation Infrastructures