1 / 26

Agent Approaches to Role-Based Security

Agent Approaches to Role-Based Security. S. Demurjian, Y. He, T.C. Ting, and M. Saba Computer Science & Engineering Department The University of Connecticut Storrs, Connecticut 06269-3155. {steve, ting, saba}@engr.uconn.edu http://www.engr.uconn.edu/~steve (860) 486 - 4818.

salena
Télécharger la présentation

Agent Approaches to Role-Based Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Agent Approaches to Role-Based Security S. Demurjian, Y. He, T.C. Ting, and M. Saba Computer Science & Engineering Department The University of Connecticut Storrs, Connecticut 06269-3155 {steve, ting, saba}@engr.uconn.edu http://www.engr.uconn.edu/~steve (860) 486 - 4818 Work Presented Herein appeared at IFIP WG 11.3 13th Conference on Database Security, Seattle, WA, 1999.

  2. Overview of Presentation • Background and Motivation • Distributed and Web Based Applications • Software Agent Computing Paradigm • Previous and Related Work • Agent Approaches to Role-Based Security • Experimental Prototype via Java Aglets • Concluding Remarks and Future Work

  3. Distributed and Web-Based Applications • Utilize New and Existing Info. Innovatively • Distributed/Web-Based Applications are: • Combo of Legacy, COTS, DBs, New C/S • Electronic Banking/Commerce • Information Dissemination (Push/Pull) • Leverage Computing and Network Resources • Transcend Available Alternatives • MAC, DAC, Role-Based • Employ as “Local” Solutions? • New Computing Paradigms Emerging • Software Agents • Various Implementations

  4. Software Agent Computing Paradigm • What is an Agent? • Acts on Behalf of Individuals(Users) on Task • State and Behavior in Runtime Environment • Four Mandatory Properties • Sense/React to Environment Changes • Autonomously Control Own State/Behavior • Proactive to Specific User Goals • Constantly Executing in Runtime Environment • Stationary Agent: Limited to Single Node • Mobile Agent: Migrate Across Network to Accomplish Required Tasks

  5. Software Agent Computing Paradigm • Agents Akin to Objects • Created and Destroyed • Interact by Passing Messages • Remote Method Invocation Prohibited • Attractiveness of Agents for Security • Agents Created by Client to Carry Out Secure Access to Remote Clients • Visit Multiple Nodes to Satisfy “Request” • Specificity of Role Dictates Agent Behavior • Caveat: Mobile Agents Significant Security Concern Due to Potential Ability to Act as Threat!

  6. Influence of Previous and Related Work • Our Previous Efforts in • Software Architectural Alternatives with Limited Distribution • Java’s Impact and Potential on Distributed Computing/Security • Related work by • Hale 1998 • Secure Distributed Object and Language Programming Framework for Internet-Based Apps. • Tari 1998 • Distributed Object Kernel as Framework to Design and Implement Distributed Security Policies

  7. Agent Approaches to Role-Based Security • Distributed/Web-Based Applications to Access Remote Objects of Legacy, COTs, DBs, C/S, etc. • Orthogonal Goals • Security to Control/Limit Interactions • Distributed/Web-Based Computing to Enable Interoperation/Facilitate Access • Propose and Discuss Three Agent Architectures • Baseline Agent Approach • Hierarchical Agent Approach • Object-Security Manager Agent Approach • Assume a Role-Based Context, but Other Security Approaches may also Apply

  8. Architecture for Baseline Agent Approach Client Application UA IRA Client Server Object OSA IRA Key: UA: User Agent IRA: Information Retrieval Agent OSA: Object Security Agent

  9. Components and Agents • Client Application (CA) • GUI/Software Tool for User • User Limited to Single Role at Any Time • Role/User Request Passed to UA • Users Modify Single Remote Object/Request • CA Manages Multiple Requests in Serial • User Agent (UA) • Stationary Agent Created by CA for User • UA Receives Request from CA • UA Transforms Request and Creates IRA • UA Forwards Request to IRA and Waits • UA Receives Response for IRA and Transforms for Return to CA

  10. Components and Agents • Information Retrieval Agent (IRA) • Mobile Agent Created by UA • Limited to Interacting with UA and OSA • IRA Created and Dispatched by UA • IRA Moves from Client to Server to Client • Interact with Remote Object and Return Result • Object Security Agent (OSA) • Stationary Agent (or Collection of Security Objects) or a Mobile Agent • Enforce Security Policy for Remote Object • Based on Permissible Actions by Role • Object • Remote Object Provides Services to CA

  11. User Agent (UA) • UA Arbitrates Interaction of CA and IRA • UA Allocation Strategies • User-Based Allocation (UBA) • UA Dedicated to Each User, Created Upon Login, Lives During Session to Enforce Single Role of CA • Multiple CAs Imply Multiple UAs - Resources • Role-Based Allocation (RBA) • UA Dedicated to Each Role, Shared by Multiple Users Playing Same Role • Use-Counts for Allocation/Deallocation • UBA Can Support Multiple Roles/User • UBA vs. RBA: Number and Activity of Agents

  12. Information Retrieval Agent (IRA) • Mobile Agent Created by UA to Process CA Request • IRA Access Single Remote Object • Created on Client and Moves to Host (Server) • Interacts with OSA: Success or Denied Access • Returns to Client and Sends Result to UA • IRA Allocation/Lifetime Strategies • IRA Active as Long as UA • IRA De-allocated when Request Done • What are Tradeoffs of Each?

  13. Object Security Agent (OSA) • OSA as Firewall to Separate Remote Object from Outside World • OSA Embodies Security Policy (Role-Based) • OSA Receives Request from IRA • OSA Deny Request or Forward Result to IRA • OSA as Agent: Allocation Strategies • “Few” Remote Objects, One OSA/Server • “Moderate” Remote Objects, OSA/Instance • “Many” Remote Objects, Same Type, OSA/Type • What are Tradeoffs of Each Allocation Strategy?

  14. Architecture for Hierarchical Agent Approach Client Application UA IRA Client IRA IRA Server Object OSA IRA Security Policy Key: UA: User Agent IRA: Information Retrieval Agent OSA: Object Security Agent

  15. Components and Agents • CA, UA, OSA (Security Policy), Object as in Baseline • Hierarchical Approach for Complex Requests • Complex Request to Access Multiple-Remote Objects • In Baseline, Serially Processed by CA or UA • In Hierarchical, Complex Request Sent to IRA as a Single Serializable Request • Processing in IRA by Hierarchy of • Root-IRA • Internal-IRA • Leaf-IRA

  16. IRA Processing • Root-IRA for Complex Request of Multiple Ros • Root-IRA Spawned by UA • Root-IRA can Spawn Internal and Leaf IRAs • Root-IRA Spawns All Leaf-IRAs if • Complex Request Consists of Series of Simple Request to Single Remote Objects • Leaf-IRA Mobile Agent ala IRA (Baseline) • Leaf-IRAs can Move to Same/Different Nodes • Each Leaf-IRA Interacts with OSA, Collects Response, and Returns Result to Root-IRA • Root-IRA Processes all Leaf-IRA Results

  17. IRA Processing • Root-IRA Spawns Internal-IRAs and Leaf-IRAs • Multi-Level Process to Handle Complex Request with Root-IRA Stationary • Internal-IRAs can Spawn Internal-IRAs and Leaf-IRAs as Request is Decomposed • Internal-IRAs may be Stationary or Mobile • Recursive Spawning of IRA Nodes • As Leaf-IRAs and Internal-IRAs Complete, Results are Collected by Internal-IRAs and Eventually Root-IRA • Allocate one Root-IRA per UA

  18. Architecture for Object-Security Manager Agent Approach Client Application UA IRA IRA IRA OSA Manager Object OSA IRA Security Policy Client Server Key: UA: User Agent IRA: Information Retrieval Agent OSA: Object Security Agent

  19. OSA Manager • OSA Manager has Active Role in Allocation • OSA Manager Oversees OSA Allocation: Recall • “Few” Remote Objects, One OSA/Server • “Moderate” Remote Objects, OSA/Instance • “Many” Remote Objects, Same Type, OSA/Type • OSA Manager Dynamically Chooses One or More Allocation Strategies Most Suited to System State • OSA Manager Adjust Strategies Dynamically • Mobile IRAs Ask OSA Manager for “Right” OSA • Well-Suited to Evolving Security Policy

  20. Aglets - Java Agents • Many Java-Based Agent Computing Systems • Aglets http://aglets.trl.ibm.co.jp • Odyssey, Concordia, and Voyager • Aglets are Agents + Applets • Aglets Start Execute on Node • Suspend and Move to Another Node • Continue Execution where Left Off • Aglet Actions Restricted to Sandbox • Aglets can Ask Security Manager for Permission to Perform Local Operations

  21. Architecture for Agent Implementation Client Application UA IRA Client Translator Database Server Translator OSA IRA Security Policy Key: UA: User Agent IRA: Information Retrieval Agent OSA: Object Security Agent

  22. Version of Baseline Approach • Main Difference: Presence of Translator • Translator Encodes Outgoing Data from CA • Translator Decodes Incoming Data from UA • Similar Activities at Server Side • Implementation Includes User Identity in Message • Client Side Translator Does Authentication • Server Side Translator Invokes Methods on RO • Two Allocation Variants of Prototype • Two ROs (Course/Person DBs)/Single OSA • Two ROs (Course/Person DBs) on Different Servers with Dedicated OSAs

  23. Illustration of Aglet Interaction Code • CA CODE TO INITIATE PROCESS BY SENDING MESSAGE TO UA • try{ • reply =(Message)userAgent.sendMessage(new Message("request", request)); • }catch(Exception e) {e.printStackTrace();} • UA COUNTERPART: FORWARDS TO IRA AND RECEIVES RESPONSE • public boolean handleMessage(Message msg) { • if (msg.sameKind("request")) // Request from CA • { • try{ // Dispatch message to IRA • iraProxy = (AgletProxy)iraProxy.sendMessage((Message)msg.getArg()); • waitMessage(); // Wait for Reply from IRA • msg.sendReply(reply); // Route Reply back to CA • } catch(Exception e) {e.printStackTrace();} • } • else • if (msg.sameKind("reply")) {// Upon Receipt of Reply • reply = msg; // Record the Reply from IRA • notifyAllMessages(); // Awaken UA • } • ... • }

  24. Illustration of Aglet Interaction Code • IRA CODE FOR STATIONARY AND MOBILE INTERACTIONS • public boolean handleMessage(Message msg) { • if (msg.sameKind("askservice")) {// IRA Arrives at Server • try{ // Obtain OSA Proxy to Facilitate IRA-OSA Interaction • AgletProxy proxy = • (AgletProxy)getAgletContext().getProperty(osaName); • // Send Request to OSA and Receive Reply • reply = (Message)proxy.sendMessage(msg); • itinerary.go(home, "back"); // Return Back to Client • } catch(Exception e) {e.printStackTrace();} • } else if (msg.sameKind("back")) {// IRA Arrives Back at Client • // Obtain UA Proxy to Facilitate IRA-UA Interaction • AgletProxy proxy = getAgletContext().getAgletProxy( parentID ); • // Send the Request Response to UA • try{ proxy.sendMessage( reply ); • } catch( Exception e ) { e.printStackTrace(); } • } } • INTERACTIONS OF IRA WITH OSA • public boolean handleMessage( Message msg ) { • // Utilize Translator to Decode Message from IRA and Create Reply • Message reply = translator.GetReply( msg ); • // Route the Reply Back to IRA • msg.sendReply( reply ); return true;}

  25. Bitmap from Experimental Prototype • Still Looking • Could Not Find a Record of Any Bit Maps!

  26. Concluding Remarks • Explored Architectures for Constructing Secure Distributed and Web-Based Applications: • Emerging Agent Computing Paradigm • Mobile and Stationary Agents to Realize Role-Based Security of Dynamic Remote Objects • Architectures with Varied Capabilities • Successful Prototyping Implementation • Future Work • Continued Exploration of Agent Approaches • Applicability to Other Agent Systems Such as Concordia, Voyager, etc. • Ph.D. Topic Related to Security, Agents, and IOA

More Related