1 / 7

Designing Access Control Models for Distributed Object Systems with Mobile Code

This work explores the creation of an access control model tailored for distributed object systems utilizing mobile code. It addresses various motivation factors including security from agent attacks on platforms and hosts. The text discusses multiple types of security challenges such as unauthorized access, masquerading, and denial of service. It evaluates key access control approaches, like conditional access control and the use of certificates, while outlining steps towards implementing a secure environment. The model aims to be integrated into existing security frameworks, ensuring fine-grained policy enforcement.

norris
Télécharger la présentation

Designing Access Control Models for Distributed Object Systems with Mobile Code

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Design of an Access Control Model for Distributed Object System With Mobile Code John Melvin Antony

  2. Motivation • Security • Agent Attacking Agent Platform/Host. • Agent Platform/Host Attacking Agent. • Agent Attacking Another Agent. • Types of Attacks • Masquerading. • Denial of Service. • Unauthorized Access.

  3. Challenges • Who Implements Security Policies in a Mobile environment. • Access control At What Granularity? • How Will Access control Policies be Implemented Uniformly

  4. Background • Access Control Approaches For Mobile Code • Conditional Access Control • Domain & Type Enforcement. • Signed Code. • Using Certificates (SPKI, Attribute & Policy). • Bond Security • Pre-emptive Probe • Access Control Embedded In Communication Fabric • Bond Ticket.

  5. Specific Objectives • An Access Control Model For Mobile Code Which Can Be Integrated Into Security Frameworks. • Milestones • Study & Identify different Access Control Models (DTE, Conditional Enforcement, SPKI based) Which Can Be Used. • Design Model For Integration With Bond Framework • Initial Ideas • Provide Independent Access Control Policy(agent & Host Policy) • Use Certificates To Encode Constraints(SPKI)

  6. Literature • Providing Fine Grained Access Control For Java Programs – Raju Pandey & Brant Hashii http://www.ifs.uni-linz.ac.at/~ecoop/cd/papers/1628/16280449.pdf • A Distributed Access Control Model For Java – Refik Molva & Yves Roudier http://citeseer.nj.nec.com/cache/papers/cs/20254/http:zSzzSzwww.eurecom.frzSz~nsteamzSzPaperszSzesorics2000.pdf/a-distributed-access-control.pdf • Scalable Access Control For Distributed Object Systems – Daniel F Sterne et all….. http://www.usenix.org/publications/library/proceedings/sec99/full_papers/sterne/sterne.pdf

  7. NIST Special Publication – Mobile agent security – Wayne Jensen & Tom Karygiannis http://csrc.nist.gov/mobileagents/publication/sp800-19.pdf • Bond System Security & Access Control Model – Ruibing Hao, K Jun & Dan C Marinescu http://citeseer.nj.nec.com/cache/papers/cs/19176/http:zSzzSzbond.cs.purdue.eduzSzpublicationszSzsecuritypdcn.pdf/hao98bond.pdf • SPKI – Yulian Wang http://www.hut.fi/~yuwang/publications/SPKI/SPKI.html • Privilege Management Scheme for Mobile Agents – W.A.Jensen http://www.acsac.org/2001/papers/121.pdf

More Related