Flexible Regulation of Virtual Enterprises - PowerPoint PPT Presentation

About This Presentation
Title:

Flexible Regulation of Virtual Enterprises

Description:

Flexible Regulation of Virtual Enterprises Naftaly Minsky Rutgers University Joint work with Xuhui Ao Outline The challenges to access control posed by e-commerce. – PowerPoint PPT presentation

Number of Views:36
Avg rating:3.0/5.0
Slides: 23
Provided by: Naftaly4
Category:

less

Transcript and Presenter's Notes

Title: Flexible Regulation of Virtual Enterprises


1
Flexible Regulation of Virtual Enterprises
Naftaly Minsky Rutgers University
Joint work with Xuhui Ao
2
Outline
  • The challenges to access control posed by
    e-commerce.
  • Regulation of virtual enterprises a case study.
  • The law-governed interaction (LGI) mechanism, and
    how it meets the challenges to access control.
  • Conclusion

3
The Challenges to AC
  • The distributed and open nature of E-commerce,
    and its scale.
  • PKI facilitates scalability
  • but enforcement of AC policies is still done
    largely in a centralized fashion, making it hard
    to scale.
  • The need for more sophisticated policies, e.g.,
  • Stateful policies, sensitive to the history of
    interaction, like budgetary control.
  • Policies that mandate extra actions, like state
    change, or auditing.

4
The Challenges to AC (cont)
  • The need for communal (rather than
    server-centric) policies, such as
  • An enterprise-wide policy governing a set of
    servers.
  • Decentralized electronic marketplace.
  • B2B commerce, and supply chains.
  • The need for interoperation between different
    policies, and for hierarchical organization of
    policies.
  • All these challenges need to be met via a single
    scalable mechanismfor specifying policies, and
    for enforcing them.

5
Governance of Virtual Enterprise(a Case Study)
  • Consider a coalition C of enterprises E1,...,
    En, governed by a coalition-policy PC---where
    each Ei is governed by its own internal-policy
    Pi .
  • As in virtual enterprises, supply chains, grid
    computing, etc.

6
Policies Governing a Virtual Enterprise(an
Example)
Roles each Ei should have its director Di()
and the coalition C a director DC.
A director Di can mint Ei-currency i needed to
pay for services provided by Ei and it can give
DC some of this currency
A director DC can distribute some of its i
currency among other directors.
i Currency cannot be forgedby anyone!
Servers at E1 can send their earning in 1 back
to their director
A director D2 can distribute its i budget among
agents at its enterprise

7
The Main Challenges
  • The flexible formulation of such policies, so
    that
  • they will be consistent, and
  • their specification and evolution would be
    manageable.
  • Enforcement of such policies, and in a scalable
    manner.

8
The Compositions Approach
  • Given the set PC , P1,. . ., Pn of policies.
  • Construct a set composed policies Pi,j
    composition (Pi , PC , Pj)
  • Provide these compositions to the reference
    monitor (RM) that mediates all
    coalition-relevant interactions.
  • Compositions were studied by Gong Qian 96,
    and by Bidan Issarny 98, ...

9
and its Problematics
  • It is unlikely for arbitrary, and independently
    formulated, policies to be consistentso such
    composition is likely to fail.
  • Policy composition is computationally
    intractable(McDaniel Prakash 2002)and, we
    need N2 such compositions!
  • Inflexibility consider changing a single Pi . .
    .

10
The Proposed Approach
  • Instead of creating N2 compositions (Pi , PC ,
    Pj), we will enable each enterprise Ei to create
    it own policy Pi , subject only to the constraint
    that Pi would conform to PC .
  • We will then allow Ei and Ej to interoperate,
    each enforcing its own policy, Pi Pj
    respectively
  • We will do this via the control mechanism called
    law-governed interaction (LGI).

11
Law-Governed Interaction (LGI)(main
characteristics)
  • LGI is an access-control and coordination
    mechanism
  • LGI is communal can impose mandatory policies
    (called laws) over an entire community.
  • Enforcement is decentralized for scalability
    (actually, supports a whole spectrum of
    decentralization).
  • Supports a wide range of laws including those
    that mandate extra actions, in a stateful
    manner.
  • Supports hierarchy and interoperability.
  • Efficient (overhead of about 0.1 ms), and
    incremental.
  • Due to be released this summer.

12
Centralized Enforcement of Communal Policies
The problems potential congestion, and single
point of failure
Replication does not help, if S changes
rapidly enough
13
Distributed Law-Enforcement under LGI
14
Deployment of LGIvia a Distributed TCB (DTCB)
15
On the basis for trust between members of a
community
  • For a pair of interlocutors to trust each other
    to comply with the same law, one needs to ensure
  • that the exchange of messages is mediated by
    correctly implemented controllers .
  • that interacting controllers operate under the
    same law L.
  • Such assurances are provided, basically, via
    certification of controllers, and the exchange of
    the hash of the law.

16
Hierarchy Organization of Coalition
Policies(back to the case study)
PC
superior
subordinate
P1
P2
Pn
Pi is defined as subordinate to Pc, as thus
constrained to conform to it.
17
Interoperability
  • Let us focus on the interoperability between E2
    and E1

18
Interoperability (cont.)
19
Conclusion
  • LGI implementation via the Moses middleware is to
    be released in May 2005, viahttp//www.cs.rutger
    s.edu/moses/
  • This initial release would not support policy
    hierarchy.
  • For a complete treatment of the coalition
    problem, see Flexible Regulation of Distributed
    Coalitions Ao and Minsky In Proc. of the 8th
    European Symposium on Research in Computer
    Security (ESORICS) October 2003.

20
Questions?
21
Server-Centric Access-Control (AC)
server
Reference Monitor(RM)
It generally supports only stateless, purely
reactive, ACL-based policies, enhanced with
RBACand this is far from sufficient.
22
Enforcing a Communal AC Policy
The communal policy may be that certain type of
transactions need to be monitores
Enterprise-wide (communal) policy P
Enterprise
Write a Comment
User Comments (0)
About PowerShow.com