Secure Group Collaboration in an Open Environment

1. Secure Group Collaboration in an Open Environment May, 2006 Zhengyi Le DEVLAB, Dartmouth College

2. What are Group Collaboration Systems? A Group Collaboration System provides two services: ● Group administration → Create a group → Maintain a group → Destroy a group ● Data sharing → Access to data → Store data → Transmit data Lecturer Program Coordinator Group collaboration application Audience A Secretary Audience B

3. What are Open Environments ? A Group Collaboration System runs in such environments where entities are diverse and autonomous ● Diverse : →a stranger should be allowed to join a collaboration if he is qualified. ●Autonomous → an entity is self-motivated and self-governed. Other collaboration applications Carlo Hanover High School Bob Univ. of NH Lecturer Program Coordinator Group collaboration application Alice Dartmouth Audience A Secretary Audience B

4. Our Goals and Approaches • Goals: • Allowing qualified strangers to join a collaboration. • Removing the need for a server and a central administration. • Giving users privacy they can control and security they can understand. • Approaches • introduce Automated Trust Negotiation (ATN) (serve Goal 1). • use p2p solutions (serve Goal 2). • adopt human readable and writable policies to protect data (serve Goal 3).

5. Examples of Existing Work

6. Details in approach (1) Background : Automated Trust Negotiation (ATN)[William Winsborough et al. 2000] • ATN helps two strangers build mutual trust through exchanging certificates. A simple example: • Alice is an AIDS patient with a credential to prove it. • DHMC is a hospital, which is offering a free on-line service to AIDS patients who are US citizens. DHMC is also a certified hospital which protects patients’ privacy very well (HIPAA). req R Alice P1: CAIDS CHIPAA P2: Ccitizen True DHMC Pa: R  CAIDS Ccitizen Pb: CHIPAA  True req CAIDS Ccitizen Ccitizen, counter req CHIPAA CHIPAA CAIDS R (succeed)

7. Details in approach (1) • When a stranger asks to join, it is not always feasible to apply Automatic Trust Negotiation (ATN) straightforwardly into collaboration systems. • Reason: ATN handles only two-party cases while in collaborations there are many entities. It will be very inefficient if the stranger performs 1-to-1 trust negotiations with every existing member. • Our approach: take advantage of the implication of trust relationships among Roles.

8. I personally know her. She is another lecturer we want. Invitation Professor Yes or No Lecturer Program Coordinator Group collaboration application I am interested in joining this group. But I know nobody there. Audience A Req to join Perform ATN Secretary Audience B Yes, Pending, or No Details in approach (1) • Why use role-based approach ? • The roles imply some existing trust relationship • A role could be viewed as an integration of some attributes • Where does the existing RT family not work • RT:role-based trust management. • In the RT, roles are determined by and belong to a single party. • RT doesn’t describe the requirements of assigning a role. • We add RTAto the RT family to do this. [Zhengyi Le et al. SecPerU05] • “A” stands for role assignment

9. Details in approach (1) • Our observation: there are three different kinds of requirements: • Attribute requirement • Identity requirement • Majority requirement • RTA (1)Attribute requirement R  (A1 V  V Ai) Λ (Ai+1V  V Aj) Λ  Ai A A is the set of all the types of attribute certificates. e.g. RManager (AMBA V ADBA ) Λ AAge>30

10. Details in approach (1) • RTA (2)Identity requirement R  I.i • I.i  {truename, anonym, proxyname} • Why do we support these three kinds of different identities? • In open environments, entities are independent and autonomous. • They define their own privacy and make decisions whether to join. • If we support only one kind of identity, we will lose some potential opportunity of collaborations.

11. Details in approach (1) • RTA (3)Majority requirement R  (α1R1 V  V αiRi ) Λ (αi+1Ri+1 V  V αjRj ) Λ  αi [0,1] is the percentage of approvals from a specific role. For example: RChairman  (50%RProf V 50%Rgrad) Λ 50%Rtrustee

12. Details in approach (2) • Group Profile (shared data) • ------------------- •  Group name • Mission description • Join requirements •  Current time • A list of members → • Alice (Lecturer) • Bob (TA) • Carlo (Student) • A list of files → • final exam (lecturer only) • grades (lecturer and TA) • HW (all) • Group Profile (shared data) • ------------------- •  Group name • Mission description • Join requirements •  Current time • A list of members  (with their hierarchical or latticed roles) • A list of files  • (and associated policies) Private Profile (private data) --------------------  Memberships  Personal certificates (and associated policies)  Files (and associated policies)  Local strategies Group Profile has two parts:  Publicly accessible part  Selectively accessible part 

13. Details in approach (2) • OC disseminates group profiles in a p2p fashion with two modes. •  Passive mode • Every on-line entity passively receives group profile from its neighbor entities. In other words, every entity sends out its group profile to others periodically. The receiving party decides to accept or discard according to the timestamp and the version. •  Active mode • An entity can actively send a request of updating its group profile to its neighbor entities. This is the complementary mechanism for the passive mode because an entity might show up at any time and then disconnect after several seconds.

14. Details in approach (3) • Group members write policies to assign roles, e.g. • RManager (AMBA V ADBA ) Λ AAge>30 • R  truename • RChairman  (50%RProf V 50%Rgrad) Λ 50%Rtrustee • Users (members or not) write policies to protect their own data (files, credentials, resources), e.g. for a AIDS patient • P1: CAIDS CHIPAA • P2: Ccitizen True

15. Details in approach (3) RSA: n = p*q (n) = (p-1)*(q-1) e is relatively prime to (n) d = e-1 mod (n) ------------------------------- Md mod n = C Ce mod n = M Proactive RSA: [Frankel et al crypto97] d = Σ di ------------------------------ ΠMdi = MΣdi= Md (mod n) Ce mod n = M Two-party Mediated RSA: [zhengyi Le et al in progress] d = du0 + ds0 dui = dui-1 + r dsi = dsi-1 – r ------------------------------ Mdui * Mdsi = Md (mod n) Ce mod n = M • Proactive RSA in majority requirements • For example: RProf  70%Rtrustee • Generate an RSA key pair and distribute the private key shares among trustees and no one knows the entire private key. [Gilboa crypto99] • Only a subset (over 70%) of trustees can generate a valid complete signature for that public key. • Using this method our program can automatically collect votes and assign roles to applicant according to the majority policy. Another example: RProf  100%Rtrustee (there are only two trustees)

16. Current Status of Our On-going Project • Any entities can log on to OC with any names they want. • Collaborative groups can be created by any entity and are propagated in a P2P fashion. current online peers in OC current collaborative groups

17. Current Status of Our On-going Project● OC currently supports simple operations on groups, roles and shared files. Group operations Role operations File operations

18. Current Status of Our On-going Project • OC supports simple roles. Currently, in order to obtain a role, the peer node needs to get the role password. • OC supports file sharing in a P2P fashion. We are implementing role based policies to secure file propagation. 4 roles in CS25 Group a shared file among CS25