Access Control in Runtime System - PowerPoint PPT Presentation

1 / 11
About This Presentation
Title:

Access Control in Runtime System

Description:

Two directions of information flow: system resources and user privacy. ... Privilege depends not only the creator of code, but also user, deployor, ... – PowerPoint PPT presentation

Number of Views:44
Avg rating:3.0/5.0
Slides: 12
Provided by: LEX1
Category:

less

Transcript and Presenter's Notes

Title: Access Control in Runtime System


1
Access Control in Runtime System
  • Xinwen Zhang
  • Lab for Information Security Technology(LIST)
  • George Mason University

2
Access Control
  • General security requirements
  • Authentication
  • Authorization
  • Confidentiality
  • Integrity
  • Availability
  • AC solves the problem of Authorization
  • Who can (cannot) do what
  • subject permission object

3
Runtime Environment
  • Original source code compiled to byte code Java
    Bytecode, Microsoft Intermediate Language (MSIL),
    etc.
  • Remotely running of these byte code needs support
    of runtime virtual machine
  • Advantages
  • Highly flexible software development deployment
  • Highly distributed computing
  • New business model
  • CLR (.Net) and JRE (Java) are two mainstream
    runtime system currently

4
Runtime Security
  • Same security problem as mobile code, executable
    content, component software, etc
  • New security risks and requirements in runtime
    environment
  • Two directions of information flow system
    resources and user privacy.
  • Consistence of security policy between local host
    system, runtime configure, and code
    creator/deployer.
  • Privilege depends not only the creator of code,
    but also user, deployor, supplier, administrator,
    etc. Standalone system security cannot satisfy
    anymore.
  • Malicious code is everywhere
  • Trojan horse program
  • Virus

5
Access Control in Runtime
  • Who? (subjects)
  • Code owner, developer, deployer
  • Multi-level users
  • Security administrator
  • Mobile agents
  • What? (objects)
  • All kinds of resources in local host
  • Files, directories, I/O, network ports, services,
    registry items, DB, etc)
  • Sensitive information presented by mobile code
    (input and output)
  • Access control enforce the security policies
  • Platform security policies
  • Business logic policies

6
Related Work
  • JDK1.0, 1.1, 1.2 security models
  • Code-identity based access control
  • URL, developer, signature, etc.
  • Main references
  • Li Gong, New Security Architecture Directions for
    Java, In Proc. of IEEE COMPCON, 1997
  • T.Lindholm, and F.Yellin, The Java Virtual
    Machine Specification, Addison-Wesley, New York
  • Li Gong, Inside Java 2 Platform Security
    Architecture, API Design, and Implementation. Sun
    Microsystems Press, Santa Clara, California
  • Java Authentication and Authorization
    Service(JAAS)
  • user-identity based access control
  • Local user, role, group, etc
  • Main references
  • Charlie Lai, Gong Li, Larry Koved, Anthony
    Nadalin, Roland Schemers, User Authentication and
    Authorization in the Java Platform, ACSAC, 1999

7
Related Work(cont)
  • .NET Runtime Security
  • Code evidence sources, URL, creator, etc.
  • User authentication and authorization Windows
    platform enforced
  • .NET runtime architecture strongly depends on
    lost host platform
  • References
  • B.A.Lamacchia, S.Lange, M.Lyons, R.Martin and
    K.T.Price, .Net Framework Security,
    Addison-wesley, 2002
  • Selim Aissi, Runtime Environment Security Models,
    Intel Technology Journal, Feb, 2003

8
Related Work(cont)
  • G.Karjoth et al, An Operational Semantics of Java
    2 Access Control, IEEE CSFW, 2000
  • A.Corradi et al, A Flexible Access Control
    Service for Java Mobile Code
  • 1. M.Hauswirth et al, A Secure Execution
    Framework for Java, CCS00
  • M.Schaefer, S.Pinskey, D.Dean, L.Gong, J.Roskind,
    B.Fox, Ensuring Assurance in Mobile Computing,
    Oakland, 1997
  • M.Abadi, C.Fournet, Access Control based on
    Execution History, NDSS 2003
  • Vijay Varadharajan, Security Enhanced Mobile
    Agents, CCS 2000
  • L.Gong, M.Mueller, H.Prafullchandra, R.Schemers,
    Going Beyong the Sandbox An Overview of the New
    Security Architecture in the JDK1.2, USENIX, 1997
  • Trent Jaeger, A.parakash, J.Liedtke, N.Islam,
    Flexible Control of Downloaded Executable
    Content, TISSEC Vol. 2, No. 2, May 1999

9
Related Work(cont)
  • Summary
  • Real architecture and implementation mechanism
    for runtime environment security
  • Formal model
  • Some extensions based on current models
  • Significance of the works
  • the popularity of Java and .Net mobile code in
    IT, even not so secure
  • Problems
  • Application developer must be security expert
  • Scalability in enterprise and Internet computing
  • Flexible and configurable

10
Motivations
  • Configurable access control policy
  • Only security administrator is expert
  • A uniform access control model and mechanism
  • Supporting MAC, DAC, RBAC, DRM, etc main access
    control models
  • Abstraction of general runtime systems
  • Not only Java and .Net, but some other small
    runtime systems in industry (Intel MRTE, mobile
    devices, etc)

11
Statement
  • Try to develop a common authorization layer
    between various abstract access control models
    and current concrete runtime security models, as
    well uniform architecture and implementation
    mechanism in mobile computing environment.
Write a Comment
User Comments (0)
About PowerShow.com