Homeland Security Issues and Solutions

1
Homeland Security Issues and Solutions
Prof. Steven A. Demurjian, Sr. Director, CSE
Graduate Program Computer Science Engineering
Department The University of Connecticut Storrs,
CT 06269-3155
steve_at_engr.uconn.edu http//www.engr.uconn.edu/st
eve http//www.engr.uconn.edu/steve/DSEC/dsec.htm
l (860) 486 - 4818
Lt. Col. Charles E. Phillips, Jr. Dept. of
Electrical Engineering and Computer
Science United States Military Academy West
Point, NY
Charles.Phillips_at_usma.edu (845) 938 -
5564 (Instructor at USMA/Ph.D. Student at UConn)
2
Dynamic Coalition for Homeland Security

• Crisis
• Any Situation Requiring National or International
  Attention
• Coalition
• Alliance of Organizations
• Military, Civilian, International or any
  Combination
• Dynamic Coalition
• Formed in a Crisis and Changes as Crisis Develops
  
• Key Concern Being the Most Effective way to Solve
  the Crisis
• Dynamic Coalition Problem (DCP)
• Security, Resource, and Information Sharing Risks
  that Occur as a Result of Coalition Being Formed
  Quickly

3
DC for Military Deployment/Engagement
OBJECTIVES Securely Leverage Information in a
Fluid Environment Protect Information While
Simultaneously Promoting the Coalition Security
Infrastructure in Support of DCP
SICF France
LFCS Canada
HEROS Germany
SIACCON Italy
4
DC for Medical Emergency
Transportation
Military Medics
Govt.
Local Health Care
CDC
ISSUES Privacy vs. Availability in Medical
Records Support Life-Threatening Situations via
Availability of Patient Data on Demand
5
Security Issues Information Access and Flow

• What are the Security Requirements for Each User
  in DC Information at What Times?
• What Information Needs to Be Sent (Pushed) to
  Which Users at What Time (Regular Intervals)?
• Delivering Critical Data in Timely Fashion for DC
• Correct and Consistent Information at Right Time
• What Information Needs to Be Available On-demand
  (Pulled) to Which Users at What Time?
• Satisfying Dynamic Data Requirements for DC
• Exactly Enough Information and No More
• Can we Support User Privileges that Change Based
  on the Context and State of DC?

6
Security Issues System Considerations

• How Does Distribution of a DC Affect Security
  Policy Definition and Enforcement?
• Are Security Handlers/Enforcement Mechanisms of
  DC Centralized and/or Distributed for Multiple
  Policies?
• Are there Reusable Security Components that Can
  Be Composed on Demand to Support DC?
• Support for RBAC, DAC, and/or MAC?
• What is the Impact of Legacy/COTs/GOTs of a DC on
  Delivering the Information Securely?
• At What Level, If Any, is Secure Access
  Available?
• How is Security Added If it is Not Present?
• What Techniques Are Needed to Control Access to
  Legacy/COTS?

7
Security Issues Different Approaches

• Discretionary Access Control (DAC)
• Restricts Access Based on Identity of
  Group/Subject
• Discretion Supports the Pass-on of Permissions
• Role-Based Access Control (RBAC)
• Permissions Based on Responsibilities or Roles
• Users may Play Multiple Roles Each
• RBAC Flexible in both Management and Usage
• Mandatory Access Control (MAC)
• Restrict Access Based on Sensitivity Level (Top
  Secret, Secret, Confidential, Unclassified)
• If Clearance of User Dominates Classification of
  Object, Access is Allowed
• Homeland Security Likely Requires All Three at
  Times!

8
Security Issues Confidence in Security

• Assurance
• Are the Security Privileges for Each User of DC
  Adequate (and Limited) to Support their Needs?
• What Guarantees are Given by the Security
  Infra-structure of DC in Order to Attain
• Safety Nothing Bad Happens During Execution
• Liveness All Good Things can Happen During
  Execution
• Consistency
• Are the Defined Security Privileges for Each User
  Internally Consistent? Least-Privilege Principle
• Are the Defined Security Privileges for Related
  Users Globally Consistent? Mutual-Exclusion

9
Solution RBAC/MAC at Design Level

• Security as First Class Citizen in the Design
  Process
• Use Cases and Actors (Roles) Marked with Security
  Levels
• Dynamic Assurance Checks to Insure that
  Connections Do Not ViolateMAC Rules

10
Solution UML-Based RBAC/MAC
Other Possibilities Reverse Engineer Existing
Policy to Logic Based Definition UML Model with
Security Capture all Security Requirements!
11
Solution Unifying RBAC/MAC

• Interacting Software Artifacts
• New/Existing Clients use APIs
• Control Access to APIs by
• Role (who)
• Classification (MAC)
• Time (when)
• Data (what)
• Delegation

NETWORK
Working Prototype Available using CORBA, JINI,
Java, Oracle
12
Solution Unifying RBAC/MAC

• Security Model that Unifies RBAC/MAC with
  Method-Level Approach
• Constraints using Role, MAC, Time, and Data
• Customized Access to APIs of Artifacts
• Contrast with Object Level Approach
• Security Policy and Enforcement Assurance
• Design Time (During Security Policy Definition)
  Security Assurance
• Run Time (Executing Application) Security
  Enforcement
• RBAC/MAC for a Distributed Setting (Middleware)
• Flexible, Portable, Platform Independent
• Security with Minimal/Controlled Impact

13
Concluding Remarks

• Dynamic Coalitions will play a Critical Role in
  Homeland Security during Crisis Situations
• Critical to Understand the Security Issues for
  Users and System of Dynamic Coalitions
• At UConn, Multi-Faceted Approach to Security
• Attaining Consistency and Assurance at Policy
  Definition and Enforcement
• Capturing Security Requirements at Early Stages
  via UML Enhancements/Extensions
• Providing a Security Infrastructure that Unifies
  RBAC and MAC for Distributed Setting
• http//www.engr.uconn.edu/steve/DSEC/dsec.html