Embed Size (px)
DESCRIPTION
Agent Approaches to Role-Based Security. S. Demurjian, Y. He, T.C. Ting, and M. Saba Computer Science & Engineering Department The University of Connecticut Storrs, Connecticut 06269-3155. {steve, ting, saba}@engr.uconn.edu http://www.engr.uconn.edu/~steve (860) 486 - 4818. - PowerPoint PPT Presentation
Citation preview
CSE333
Agent-1.1
Agent Approaches to Role-Based SecurityAgent Approaches to Role-Based Security
S. Demurjian, Y. He, T.C. Ting, and M. SabaComputer Science & Engineering Department
The University of ConnecticutStorrs, Connecticut 06269-3155
{steve, ting, saba}@engr.uconn.eduhttp://www.engr.uconn.edu/~steve
(860) 486 - 4818
Work Presented Herein appeared atWork Presented Herein appeared at IFIP WG 11.3 13th Conference on DatabaseIFIP WG 11.3 13th Conference on Database
Security, Seattle, WA, 1999.Security, Seattle, WA, 1999.
CSE333
Agent-1.2
Overview of PresentationOverview of Presentation
Background and MotivationBackground and Motivation Distributed and Web Based Applications Software Agent Computing Paradigm Previous and Related Work
Agent Approaches to Role-Based SecurityAgent Approaches to Role-Based Security Experimental Prototype via Java Aglets Experimental Prototype via Java Aglets Concluding Remarks and Future WorkConcluding Remarks and Future Work
CSE333
Agent-1.3
Distributed and Web-Based ApplicationsDistributed and Web-Based Applications
Utilize New and Existing Info. InnovativelyUtilize New and Existing Info. Innovatively Distributed/Web-Based Applications are:Distributed/Web-Based Applications are:
Combo of Legacy, COTS, DBs, New C/S Electronic Banking/Commerce Information Dissemination (Push/Pull)
Leverage Computing and Network ResourcesLeverage Computing and Network Resources Transcend Available AlternativesTranscend Available Alternatives
MAC, DAC, Role-Based Employ as “Local” Solutions?
New Computing Paradigms EmergingNew Computing Paradigms Emerging Software Agents Various Implementations
CSE333
Agent-1.4
Software Agent Computing ParadigmSoftware Agent Computing Paradigm
What is an Agent?What is an Agent? Acts on Behalf of Individuals(Users) on Task State and Behavior in Runtime Environment
Four Mandatory PropertiesFour Mandatory Properties Sense/React to Environment Changes Autonomously Control Own State/Behavior Proactive to Specific User Goals Constantly Executing in Runtime Environment
Stationary Agent: Limited to Single NodeStationary Agent: Limited to Single Node Mobile Agent: Migrate Across Network to Mobile Agent: Migrate Across Network to
Accomplish Required TasksAccomplish Required Tasks
CSE333
Agent-1.5
Software Agent Computing ParadigmSoftware Agent Computing Paradigm
Agents Akin to ObjectsAgents Akin to Objects Created and Destroyed Interact by Passing Messages Remote Method Invocation Prohibited
Attractiveness of Agents for SecurityAttractiveness of Agents for Security Agents Created by Client to Carry Out Secure
Access to Remote Clients Visit Multiple Nodes to Satisfy “Request” Specificity of Role Dictates Agent Behavior
Caveat: Mobile Agents Significant Security Caveat: Mobile Agents Significant Security Concern Due to Potential Ability to Act as Threat!Concern Due to Potential Ability to Act as Threat!
CSE333
Agent-1.6
Influence of Previous and Related WorkInfluence of Previous and Related Work
Our Previous Efforts inOur Previous Efforts in Software Architectural Alternatives with
Limited Distribution Java’s Impact and Potential on Distributed
Computing/Security Related work by Related work by
Hale 1998 Secure Distributed Object and Language
Programming Framework for Internet-Based Apps. Tari 1998
Distributed Object Kernel as Framework to Design and Implement Distributed Security Policies
CSE333
Agent-1.7
Agent Approaches to Role-Based SecurityAgent Approaches to Role-Based Security
Distributed/Web-Based Applications to Access Distributed/Web-Based Applications to Access Remote Objects of Legacy, COTs, DBs, C/S, etc.Remote Objects of Legacy, COTs, DBs, C/S, etc.
Orthogonal GoalsOrthogonal Goals Security to Control/Limit Interactions Distributed/Web-Based Computing to Enable
Interoperation/Facilitate Access Propose and Discuss Three Agent ArchitecturesPropose and Discuss Three Agent Architectures
Baseline Agent Approach Hierarchical Agent Approach Object-Security Manager Agent Approach
Assume a Role-Based Context, but Other Security Assume a Role-Based Context, but Other Security Approaches may also ApplyApproaches may also Apply
CSE333
Agent-1.8
Architecture for Baseline Agent ApproachArchitecture for Baseline Agent Approach
ClientApplication
UA IRA
IRAOSAObject
Client
Server
Key: UA: User Agent IRA: Information Retrieval Agent OSA: Object Security Agent
CSE333
Agent-1.9
Components and AgentsComponents and Agents
Client Application (CA)Client Application (CA) GUI/Software Tool for User User Limited to Single Role at Any Time Role/User Request Passed to UA Users Modify Single Remote Object/Request CA Manages Multiple Requests in Serial
User Agent (UA)User Agent (UA) Stationary Agent Created by CA for User UA Receives Request from CA UA Transforms Request and Creates IRA UA Forwards Request to IRA and Waits UA Receives Response for IRA and Transforms
for Return to CA
CSE333
Agent-1.10
Components and AgentsComponents and Agents
Information Retrieval Agent (IRA)Information Retrieval Agent (IRA) Mobile Agent Created by UA Limited to Interacting with UA and OSA IRA Created and Dispatched by UA IRA Moves from Client to Server to Client Interact with Remote Object and Return Result
Object Security Agent (OSA)Object Security Agent (OSA) Stationary Agent (or Collection of Security
Objects) or a Mobile Agent Enforce Security Policy for Remote Object Based on Permissible Actions by Role
ObjectObject Remote Object Provides Services to CA
CSE333
Agent-1.11
User Agent (UA)User Agent (UA)
UA Arbitrates Interaction of CA and IRAUA Arbitrates Interaction of CA and IRA UA Allocation StrategiesUA Allocation Strategies
User-Based Allocation (UBA) UA Dedicated to Each User, Created Upon Login,
Lives During Session to Enforce Single Role of CA Multiple CAs Imply Multiple UAs - Resources
Role-Based Allocation (RBA) UA Dedicated to Each Role, Shared by Multiple
Users Playing Same Role Use-Counts for Allocation/Deallocation
UBA Can Support Multiple Roles/User UBA vs. RBA: Number and Activity of Agents
CSE333
Agent-1.12
Information Retrieval Agent (IRA)Information Retrieval Agent (IRA)
Mobile Agent Created by UA to Process CA Mobile Agent Created by UA to Process CA RequestRequest
IRA Access Single Remote ObjectIRA Access Single Remote Object Created on Client and Moves to Host (Server)Created on Client and Moves to Host (Server) Interacts with OSA: Success or Denied AccessInteracts with OSA: Success or Denied Access Returns to Client and Sends Result to UAReturns to Client and Sends Result to UA IRA Allocation/Lifetime StrategiesIRA Allocation/Lifetime Strategies
IRA Active as Long as UA IRA De-allocated when Request Done What are Tradeoffs of Each?
CSE333
Agent-1.13
Object Security Agent (OSA)Object Security Agent (OSA)
OSA as Firewall to Separate Remote Object from OSA as Firewall to Separate Remote Object from Outside WorldOutside World
OSA Embodies Security Policy (Role-Based)OSA Embodies Security Policy (Role-Based) OSA Receives Request from IRAOSA Receives Request from IRA OSA Deny Request or Forward Result to IRAOSA Deny Request or Forward Result to IRA OSA as Agent: Allocation StrategiesOSA as Agent: Allocation Strategies
“Few” Remote Objects, One OSA/Server “Moderate” Remote Objects, OSA/Instance “Many” Remote Objects, Same Type,
OSA/Type What are Tradeoffs of Each Allocation Strategy?What are Tradeoffs of Each Allocation Strategy?
CSE333
Agent-1.14
Architecture for Architecture for Hierarchical Agent ApproachHierarchical Agent Approach
Key: UA: User Agent IRA: Information Retrieval Agent OSA: Object Security Agent
ClientApplication
UA IRA
IRAOSAObject
Security Policy
IRAIRAClient
Server
CSE333
Agent-1.15
Components and AgentsComponents and Agents
CA, UA, OSA (Security Policy), Object as in CA, UA, OSA (Security Policy), Object as in BaselineBaseline
Hierarchical Approach for Complex RequestsHierarchical Approach for Complex Requests Complex Request to Access Multiple-Remote
Objects In Baseline, Serially Processed by CA or UA In Hierarchical, Complex Request Sent to IRA
as a Single Serializable Request Processing in IRA by Hierarchy of
Root-IRA Internal-IRA Leaf-IRA
CSE333
Agent-1.16
IRA ProcessingIRA Processing
Root-IRA for Complex Request of Multiple RosRoot-IRA for Complex Request of Multiple Ros Root-IRA Spawned by UARoot-IRA Spawned by UA Root-IRA can Spawn Internal and Leaf IRAsRoot-IRA can Spawn Internal and Leaf IRAs Root-IRA Spawns All Leaf-IRAs ifRoot-IRA Spawns All Leaf-IRAs if
Complex Request Consists of Series of Simple Request to Single Remote Objects
Leaf-IRA Mobile Agent ala IRA (Baseline) Leaf-IRAs can Move to Same/Different Nodes Each Leaf-IRA Interacts with OSA, Collects
Response, and Returns Result to Root-IRA Root-IRA Processes all Leaf-IRA Results
CSE333
Agent-1.17
IRA ProcessingIRA Processing
Root-IRA Spawns Internal-IRAs and Leaf-IRAsRoot-IRA Spawns Internal-IRAs and Leaf-IRAs Multi-Level Process to Handle Complex
Request with Root-IRA Stationary Internal-IRAs can Spawn Internal-IRAs and
Leaf-IRAs as Request is Decomposed Internal-IRAs may be Stationary or Mobile Recursive Spawning of IRA Nodes As Leaf-IRAs and Internal-IRAs Complete,
Results are Collected by Internal-IRAs and Eventually Root-IRA
Allocate one Root-IRA per UA
CSE333
Agent-1.18
Architecture for Architecture for Object-Security Manager Agent ApproachObject-Security Manager Agent Approach
Key: UA: User Agent IRA: Information Retrieval Agent OSA: Object Security Agent
ClientApplication
UA IRA
IRAOSAObject
Security Policy
IRAIRA
OSA Manager
Client
Server
CSE333
Agent-1.19
OSA ManagerOSA Manager
OSA Manager has Active Role in AllocationOSA Manager has Active Role in Allocation OSA Manager Oversees OSA Allocation: RecallOSA Manager Oversees OSA Allocation: Recall
“Few” Remote Objects, One OSA/Server “Moderate” Remote Objects, OSA/Instance “Many” Remote Objects, Same Type,
OSA/Type OSA Manager Dynamically Chooses One or More OSA Manager Dynamically Chooses One or More
Allocation Strategies Most Suited to System StateAllocation Strategies Most Suited to System State OSA Manager Adjust Strategies DynamicallyOSA Manager Adjust Strategies Dynamically Mobile IRAs Ask OSA Manager for “Right” OSAMobile IRAs Ask OSA Manager for “Right” OSA Well-Suited to Evolving Security PolicyWell-Suited to Evolving Security Policy
CSE333
Agent-1.20
Aglets - Java AgentsAglets - Java Agents
Many Java-Based Agent Computing SystemsMany Java-Based Agent Computing Systems Aglets http://aglets.trl.ibm.co.jp Odyssey, Concordia, and Voyager
Aglets are Agents + AppletsAglets are Agents + Applets Aglets Start Execute on Node Suspend and Move to Another Node Continue Execution where Left Off Aglet Actions Restricted to Sandbox Aglets can Ask Security Manager for
Permission to Perform Local Operations
CSE333
Agent-1.21
Architecture for Agent ImplementationArchitecture for Agent Implementation
Key: UA: User Agent IRA: Information Retrieval Agent OSA: Object Security Agent
ClientApplication
UA IRA
IRAOSATranslator
Client
Server
Translator
Database
Security Policy
CSE333
Agent-1.22
Version of Baseline ApproachVersion of Baseline Approach
Main Difference: Presence of TranslatorMain Difference: Presence of Translator Translator Encodes Outgoing Data from CA Translator Decodes Incoming Data from UA Similar Activities at Server Side
Implementation Includes User Identity in MessageImplementation Includes User Identity in Message Client Side Translator Does AuthenticationClient Side Translator Does Authentication Server Side Translator Invokes Methods on ROServer Side Translator Invokes Methods on RO Two Allocation Variants of PrototypeTwo Allocation Variants of Prototype
Two ROs (Course/Person DBs)/Single OSA Two ROs (Course/Person DBs) on Different
Servers with Dedicated OSAs
CSE333
Agent-1.23
Illustration of Aglet Interaction CodeIllustration of Aglet Interaction Code
CA CODE TO INITIATE PROCESS BY SENDING MESSAGE TO UAtry{ reply =(Message)userAgent.sendMessage(new Message("request", request));
}catch(Exception e) {e.printStackTrace();}
UA COUNTERPART: FORWARDS TO IRA AND RECEIVES RESPONSEpublic boolean handleMessage(Message msg) {if (msg.sameKind("request")) // Request from CA { try{ // Dispatch message to IRA iraProxy = (AgletProxy)iraProxy.sendMessage((Message)msg.getArg());
waitMessage(); // Wait for Reply from IRAmsg.sendReply(reply); // Route Reply back to CA
} catch(Exception e) {e.printStackTrace();} }else if (msg.sameKind("reply")) {// Upon Receipt of Reply
reply = msg; // Record the Reply from IRA notifyAllMessages(); // Awaken UA
} ...
}
CSE333
Agent-1.24
Illustration of Aglet Interaction CodeIllustration of Aglet Interaction Code
IRA CODE FOR STATIONARY AND MOBILE INTERACTIONSpublic boolean handleMessage(Message msg) {if (msg.sameKind("askservice")) {// IRA Arrives at Server
try{ // Obtain OSA Proxy to Facilitate IRA-OSA Interaction AgletProxy proxy =
(AgletProxy)getAgletContext().getProperty(osaName); // Send Request to OSA and Receive Reply reply = (Message)proxy.sendMessage(msg); itinerary.go(home, "back"); // Return Back to Client} catch(Exception e) {e.printStackTrace();}
} else if (msg.sameKind("back")) {// IRA Arrives Back at Client // Obtain UA Proxy to Facilitate IRA-UA Interaction
AgletProxy proxy = getAgletContext().getAgletProxy( parentID ); // Send the Request Response to UA try{ proxy.sendMessage( reply ); } catch( Exception e ) { e.printStackTrace(); }
} }
INTERACTIONS OF IRA WITH OSApublic boolean handleMessage( Message msg ) { // Utilize Translator to Decode Message from IRA and Create Reply Message reply = translator.GetReply( msg ); // Route the Reply Back to IRA msg.sendReply( reply ); return true;}
CSE333
Agent-1.25
Bitmap from Experimental PrototypeBitmap from Experimental Prototype
Still LookingStill Looking Could Not Find a Record of Any Bit Maps!Could Not Find a Record of Any Bit Maps!
CSE333
Agent-1.26
Concluding RemarksConcluding Remarks
Explored Architectures for Constructing Secure Explored Architectures for Constructing Secure Distributed and Web-Based Applications:Distributed and Web-Based Applications: Emerging Agent Computing Paradigm Mobile and Stationary Agents to Realize Role-
Based Security of Dynamic Remote Objects Architectures with Varied Capabilities Successful Prototyping Implementation
Future WorkFuture Work Continued Exploration of Agent Approaches Applicability to Other Agent Systems Such as
Concordia, Voyager, etc. Ph.D. Topic Related to Security, Agents, and
IOA
