1 / 15

Design of Secure CAMIN Application System based on Dependable and Secure TMO and RT-UCON

Design of Secure CAMIN Application System based on Dependable and Secure TMO and RT-UCON. Jungin Kim Dr. Bhavani Thuraisingham The University of Texas at Dallas May 08, 2007. Contents. Introduction Background TMO RT-RBAC RT-UCON Secure CAMIN Access control TMO object

galia
Télécharger la présentation

Design of Secure CAMIN Application System based on Dependable and Secure TMO and RT-UCON

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Design of Secure CAMIN Application System based on Dependable and Secure TMO and RT-UCON Jungin Kim Dr. Bhavani Thuraisingham The University of Texas at Dallas May 08, 2007

  2. Contents • Introduction • Background • TMO • RT-RBAC • RT-UCON • Secure CAMIN • Access control TMO object • Application Interfaces • Summary

  3. Introduction Computing paradigm shift More security concerns Serving real-time services with sufficient security features Objective Ensure security for real-time system (TMO scheme) Incorporate access control mechanisms, RT-UCONinto the CAMIN

  4. Background • TMO scheme • Time-triggered Message-triggered Object • High-level real-time and distributed computing object • A new paradigm for object-oriented real-time distributed computing • Proposed by Dr. Kane Kim and Hermann Kopetz [94] • Components of the TMO • ODS (Object Data Store) • SpM (Spontaneous Method) • SvM (Service Method) • EAC (Environment Access Capability) • AAC (Autonomous Activation Condition)

  5. Background • TMO model Capability for accessing other TMOs and network environment including logical multicast channels and I/O devices A TMO object ODSS1 ODSS2 EAC Object Data Store (ODS) Lock/Condition/CREW for Concurrent Access AAC: Autonomous Activation Condition AAC Time-triggered(TT) Spontaneous Methods(SpMs) SpM1 AAC SpM2 ServiceRequestQueue Deadlines SvM1 Message-triggered(MT) Service Methods(SvMs) Remote TMOClients SvM2 Concurrency Control

  6. RT-RBAC • Access Control mechanisms • Role Based Access Control (RBAC) model • Users (TMO objects) are associated with roles • Roles are associated with permissions (Write, Read, Execution, All) • A user has permission only if the user has an authorized role which is associated with that permission • Inadequate for distributed real-time system • Server side centralized model • Need constraints on temporal behaviors of spontaneous methods in TMO

  7. RT-UCON • Access Control mechanisms • Usage Control (UCON) Model encompasses traditional access control models • Authorization rules, conditions and obligations are involved in authorization process • Continuityof decision being either pre or ongoing with respect to the access • Mutabilitythat can allow updates on subject or object attributes at different times Rights Usage Decision Objects Subjects Conditions Obligations Authorizations

  8. RT-UCON • Basic authorization components for access control in TMO • Continuity: dynamic and seamless constraints • Mutability: control the scope of access • Conditions: control the amount of access, access time, etc • Obligations: pre-conditions for determining access decisions • Adequate for distributed real-time system • Space and Time domain • Server and Client side control • Dynamic and Flexible

  9. CAMIN(Coordinated anti-missile interceptor network) • Developed at UC Irvine DREAM Lab • Mission: Defend target objects both in the sea and on the land from the hostile objects in the sky • Application • Theater: application environment • Alien: enemy and flying objects • Command post, Command ship

  10. Secure CAMIN • Mission: Defend target objects both in the sea and on the land from the hostile objects in the sky • Access control checks policies and security levels • Some malicious objects are added

  11. Access control TMO object • Implemented with through a separated object or included inside object • Checks access right, maintain access policies in the system • ODS: stores static and dynamic access policies • SpM: controls access policies in ODS • SvM: handles access decision requests

  12. Structure of the TMO application with access control TMO object Access control TMO object

  13. Application Interfaces Access decision process boolean access_control ( void get_rights( in name, in object_name, in attributes list, in object_attributs_list, out TRUE or FALSE out rights = appropriate rights (read | ); write| execute | NULL) ); Access Policies Attributes Attributes decision Access control TMO Client TMO Server TMO get rights access request (name, attributes)

  14. Temporal constraints and environmental conditions of applications Access decision are performed many times during continuous activities Conditions can be changed over time To fully utilize the RT-UCON We need: set_access_time() to restrict the access time resume_access() block_access(time domain) set_access_count(attributes) More functions should be designed according to the application specification in the design phase Application Interfaces

  15. Summary and Directions Designed a model named the RT-UCON and secure real-time application utilizing CAMIN Need to designsophisticatedsecurity APIs

More Related