Towards Unifying RBAC with Information Flow Control

The virtual machine in the fine-grained information flow tracking is the basis for realization of transparent cloud platform program level control. The information flow control access to sensitive information in the process, because the authority transfer security level and cannot read or write the non sensitive data, the coarse granularity information flow control is difficult to meet the actual demand of diversification, this paper proposes extended DIFC (Distributed Information Flow Control) model, this model avoids component of cloud platform virtual machine because of the higher level of security sensitive data through reading, it sends or modifies the defects of non sensitive data by transfering the authority, and effectively overcomes the defect that the existing information flow control method for the coarse granularity, and the shortcomings which unable to meet the actual demand, this model guarantees the tracking and control of fine-grained information flow within the virtual machine application, and it does not affect the original cloud service operation.

Event logs often record the execution of business process instances. Detecting traces in the event logs that do not comply with access control policies, such as role-based access control (RBAC) policies, is essential to ensuring system security. Moreover, process mining has been extensively utilized for security analysis in recent years. However, pattern-based approaches for designing and analyzing RBAC policies in the context of business processes through process mining are notably absent. In this paper, we present a systematic framework for checking the conformance of RBAC implemented in the event logs of business processes with the RBAC policies specified in domain knowledge. To facilitate the representation of the RBAC policies derived from the domain knowledge, we employ an RBAC domain-specific language (DSL) combined with our RBAC-driven object constraint language (OCL) invariant patterns built from the various types of RBAC constraints. The implemented RBAC in an event log is represented as snapshots within our framework. Then, we validate the snapshots with the RBAC policies to be able to detect RBAC conformance issues. The proposed framework is experimented with and evaluated on two business process logs, one simulated log and one real-world event log named “BPI Challenge 2017”.

Role-based access control (RBAC) is very widely used but has notable limitations, prompting a shift towards attribute-based access control (ABAC). However, the cost of developing an ABAC policy can be a significant obstacle to migration from RBAC to ABAC. This paper presents the first formal definition of the problem of mining ABAC policies from RBAC policies and attribute data, and the first algorithm specifically designed to mine an ABAC policy from an RBAC policy and attribute data.

Creating effective access control policies is a significant challenge to many organizations. Over-privilege increases security risk from compromised credentials, insider threats, and accidental misuse. Under-privilege prevents users from performing their duties. Policies must balance between these competing goals of minimizing under-privilege vs. over-privilege. The Attribute Based Access Control (ABAC) model has been gaining popularity in recent years because of its advantages in granularity, flexibility, and usability. ABAC allows administrators to create policies based on attributes of users, operations, resources, and the environment. However, in practice, it is often very difficult to create effective ABAC policies in terms of minimizing under-privilege and over-privilege especially for large and complex systems because their ABAC privilege spaces are typically gigantic. In this paper, we take a rule mining approach to mine systems' audit logs for automatically generating ABAC policies which minimize both under-privilege and over-privilege. We propose a rule mining algorithm for creating ABAC policies with rules, a policy scoring algorithm for evaluating ABAC policies from the least privilege perspective, and performance optimization methods for dealing with the challenges of large ABAC privilege spaces. Using a large dataset of 4.7 million Amazon Web Service (AWS) audit log events, we demonstrate that our automated approach can effectively generate least privilege ABAC policies, and can generate policies with less over-privilege and under-privilege than a Role Based Access Control (RBAC) approach. Overall, we hope our work can help promote a wider and faster deployment of the ABAC model, and can help unleash the advantages of ABAC to better protect large and complex computing systems.

Role-based access control (RBAC) policies have been implemented in many social network environments to enforce the security. However, enforcing RBAC policies in a social network environment also brings the design complexity and potential security vulnerabilities which may cause insecure information flows. In this paper, we present a framework for formally modeling and analyzing RBAC policies using high level Petri nets and model checking techniques. The high level Petri nets called PZ nets that have been developed based on Predicate/Transitions nets and Z notation have significant benefits for modeling security models through combining modeling capacities from both formalisms, and the analysis technique based on model checking tool SPIN provides an automatic conformance checking of RBAC policies in applications. A case study of the enforcement of RBAC policies in an online file sharing system is performed to demonstrate the effectiveness of the proposed approach.

Information plays a vital role in decision-making and driving the world further in the ever-growing digital world. Authorization, which comes immediately after authentication, is essential in restricting access to information in the digital world. Various access control models have been proposed to ensure authorization by specifying access control policies. Security analysis of access control policies is a highly challenging task. Additionally, the security analysis of decentralized access control policies is complex because decentralization simplifies policy administration but raises security concerns. Therefore, an efficient security analysis approach is required to ensure the correctness of access control policies. This chapter presents a propositional rule-based machine learning approach for analyzing the Role-Based Access Control (RBAC) policies. Specifically, the proposed method maps RBAC policies into propositional rules to analyze security policies. Extensive experiments on various datasets containing RBAC policies demonstrate that the machine learning-based approach can offer valuable insight into analyzing RBAC policies.

Attribute-based access control (ABAC) provides a high level of flexibility that promotes security and information sharing. ABAC policy mining algorithms have potential to significantly reduce the cost of migration to ABAC, by partially automating the development of an ABAC policy from an access control list (ACL) policy or role-based access control (RBAC) policy with accompanying attribute data. This paper presents an ABAC policy mining algorithm. To the best of our knowledge, it is the first ABAC policy mining algorithm. Our algorithm iterates over tuples in the given user-permission relation, uses selected tuples as seeds for constructing candidate rules, and attempts to generalize each candidate rule to cover additional tuples in the user-permission relation by replacing conjuncts in attribute expressions with constraints. Our algorithm attempts to improve the policy by merging and simplifying candidate rules, and then it selects the highest-quality candidate rules for inclusion in the generated policy.

The access control plays a critical role in securing the  digital systems, especially multi-tenant full-stack applications contains various organizations or users operating under the same infrastructure. This article examines Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) in the context of applications. RBAC provides a straightforward way of assigning permissions depends upon the user roles, it is simple and easy to understand, but  ABAC takes into consideration various attributes of users, resources, and the environments, giving a fine-grained level of control. Nonetheless, using one or another of these models in multi-tenant systems presents trade-offs that incorporate scalability, flexibility, complexity of enforcement, and overhead administration. In this paper, both RBAC and ABAC are considered in different multi-tenant full-stack settings. Since RBAC lacks the flexibility of policy enforcement provided by ABAC, we suggest a hybrid model; we would take the hierarchical characteristic nature of RBAC and combine it with the granularity of the issue that is presented by the acronym, which is ABAC. The steps will involve the development of a working prototype system, policy schema definition, incorporation of an authentication layer and experimentation on real-world datasets in order to emulate multi-tenant settings. Scalability, response time, and policy evaluation time are the metrics used in evaluation. Administrative overhead is also used as an evaluation metric. The most important conclusions are that ABAC is more flexible in dynamic, attribute-rich conditions, whereas RBAC does offer good policy enforcement practices and easy integration. The weaknesses of the two are alleviated in the hybrid approach, and contextual attributes can result in dynamic role assignment. There are also case studies of multi-tenant access management at various organizations with the help of various models. In the paper, future work on machine learning-based policy suggestion engines and interoperability frameworks across cloud ecosystems will be highlighted, as well as several recommendations about how to address the need

The flexibility, portability and identity-less access control features of Attribute Based Access Control (ABAC) make it an attractive choice to be employed in many application domains. However, commercially viable methods for implementation of ABAC do not exist while a vast majority of organizations use Role Based Access Control (RBAC) systems. In this paper, we present a way in which organizations having a RBAC system can deploy an ABAC policy. Thus, we propose a method for the translation of an ABAC policy into a form that can be adopted by an RBAC system. We compare the cost of enforcement in ABAC and RBAC with respect to time taken to evaluate an access request, and experimentally demonstrate that RBAC is significantly better in this respect. Since the cost of security management is more expensive under RBAC when compared to ABAC, we present an analysis of the different management costs and present mitigation approaches by considering various administrative operations.

The rise of Internet of things technology has been exponential in the last few years. With its wide range of applications like smart home, healthcare and industries it is associated with huge amounts of data generation. The involvement of data that may be private or sensitive has introduced challenges like privacy and security as the most researched challenges. The traditional centralized access control policies are not best suited in IoT inviting decentralized mechanisms. The Blockchain technology intrinsic features help to solve this problem. Also as Blockchain technology involves computing which is also an IoT concern due to latency issues Edge computing fills this gap of bringing computing closer to IoT nodes. As discussed earlier in our research the integration of Blockchain does not quantitatively affect the performance of IoT. As the traditional access control policies like attribute-based access control(ABAC), role-based access control(RBAC) and capability-based access control(CBAC) use centralized mechanisms, custom access control policy for distributed environments is required for IoT. In this research, we propose a hybrid of ABAC and RBAC that is embedded in Blockchain nodes over edge devices to achieve a better access control mechanism than using a traditional single access control model. Features of both role-based and attribute-based access control mechanisms are combined to grant access to IoT devices. Through our experimentation we intend to show that through negligible performance changes that are less than 300 milliseconds delay, we can improve the security in IoT. We say that security is improved as all the transactions of users accessing IoT devices either to retrieve the data or modify the state of the device are passed through smart contracts and logged in Blockchain. Any illegal access to the IoT device is denied and users are penalized.

A role-based access control (RBAC) policy restricts a user to perform operations based on her role within an organization. Several RBAC models have been proposed to represent different types of RBAC policies. However, the expressiveness of these models has not been matched by specification languages for RBAC policies. Indeed, existing policy specification languages do not support all the types of RBAC policies defined in the literature.In this paper we aim to bridge the gap between highly-expressive RBAC models and policy specification languages, by presenting GemRBAC-DSL, a new specification language designed on top of an existing, generalized conceptual model for RBAC. The language sports a syntax close to natural language, to encourage its adoption among practitioners. We also define semantic checks to detect conflicts and inconsistencies among the policies written in a GemRBAC-DSL specification. We show how the semantics of GemRBAC-DSL can be expressed in terms of an existing formalization of RBAC policies as OCL (Object Constraint Language) constraints on the corresponding RBAC conceptual model. This formalization paves the way to define a model-driven approach for the enforcement of policies written in GemRBAC-DSL.

The flexibility, portability and identity-less access control features of Attribute Based Access Control(ABAC) make it an attractive choice to be employed in many application domains. However, commercially viable methods for implementation of ABAC do not exist while a vast majority of organizations use Role Based Access Control (RBAC) or their temporal extensions, such as Temporal Role Based Access Control (TRBAC). In this paper, we present a solution for organizations having a RBAC/TRBAC that can deploy an ABAC policy. Essentially, we propose a method for the translation of an ABAC policy (including time constraints) into a form that can be adopted by an RBAC/TRBAC system. We experimentally demonstrate that time taken to evaluate an access request in RBAC and TRBAC systems is significantly less than that of the corresponding ABAC system. Since the cost of security management is more expensive under RBAC when compared to ABAC, we present an analysis of the different management costs and present mitigation approaches by considering various administrative operations.

Mining access control policies can reduce the burden of adopting more modern access control models by automating the process of generating policies based on existing authorization information in a system. Previous work in this area has focused on mining positive authorizations only. That includes the literature on mining role-based access control policies (which are naturally about positive authorization) and even more recent work on mining attribute-based access control (ABAC) policies. However, various theoretical access control models (including ABAC), specification standards (such as XACML), and implementations (such as operating systems and databases) support negative authorization as well as positive authorization. In this paper, we propose a novel approach to mine ABAC policies that may contain both positive and negative authorization rules. We evaluate our approach using two different policies in terms of correctness, quality of rules (conciseness), and time. We show that while achieving the new goal of supporting negative authorizations, our proposed algorithm outperforms existing approach to ABAC mining in terms of time.

The Attribute-Based Access Control (ABAC) model is one of the most powerful access control models in use. It subsumes popular models, such as the Role-Based Access Control (RBAC) model, and can also enforce dynamic policies where authorisations depend on values of user, resource or environment attributes. However, in its general form, ABAC does not lend itself well to some operations, such as review queries, and ABAC policies are in general more difficult to specify and analyse than simpler RBAC policies. In this paper we propose a formal specification of ABAC in the category-based metamodel of access control, which adds structure to ABAC policies, making them easier to design and understand. We provide an axiomatic and an operational semantics for ABAC policies, and show how to use them to analyse policies and evaluate review queries.

Over the past few years, several efforts have been made to enable specification and enforcement of flexible and dynamic access control policies using traditional access control (such as role based access control (RBAC), etc.) and attribute based access control (ABAC). Recently, a unified framework, named MPBAC (meta-policy based access control), has been developed to enable specification and enforcement of heterogeneous access control policies such as ABAC, RBAC and a combination of policies (such as ABAC and RBAC). However, one significant limitation is that no complete administrative model has been developed for heterogeneous access control policies. In this article, we present a complete role-based administrative model (named as RAMHAC) for managing heterogeneous access control policies. We also introduce a novel methodology for analyzing heterogeneous access control policies in the presence of RAMHAC by modeling the policies through Datalog facts and using the μz tool. The administrative model includes a wide range of administrative relations, commands, pre-constraints and post-constraints. A comprehensive experimental evaluation demonstrates the scalability of the proposed approach.