10/2/14
10/2/14
Risk-‐based Iden-ty and Access Management
Nadia METOUI
Topic 1
Instead of : Risk-‐based Access Control
10/2/14
Context and Problema-c
• In TradiBonal Access Control Systems Trust and Risk are pre-‐computed [1]
• The unawareness of context variaBon and misuse of authorized access, exposes these systems to many vulnerabiliBes [2] and flexibility issues [3]
2
[1] R.A. Shaikh, K. Adi, L. Logrippo “Dynamic Risk-‐based Decision Methods for Access Control Systems” 2012 [2] C. S. InsBtute. CSI computer crime and security survey, 2010/11. [3] L. Krautsevich, A. Lazouski, F. MarBnelli, and A. Yautsiukhin “Cost-‐EffecBve Enforcement of Access and Usage Control Policies under UncertainBes” 2013
10/2/14
Background
Risk
“Risk is defined by the likelihood of a hazardous situa5on and its consequences if it occurs.” [4]
3
[4] N. Baracaldo and J. Joshi “A Trust-‐and-‐Risk Aware RBAC Framework: Tackling Insider Threat” 2012
10/2/14
Exis-ng Solu-ons
• Context Aware and Event Driven – Define a set of Context parameters and include them in the access evaluaBon process
– Set reacBve policies triggered by context-‐generated events[5]
4
[5] P. Bona`, C. Galdi and D. Torres “ERBAC: Event-‐Driven RBAC”, 2013
Context
LocaBon
Time Device
Access EvaluaBon Engine
10/2/14
Exis-ng Solu-ons
• Risk Aware SoluBon (Risk MiBgaBon) [4,6,7] – Define a risk threshold
– Compute the access risk related to • User trustworthiness, competence, behavior… • Role appropriateness • Session risk …
– In include computed risk and risk threshold values in the Access Decision
5
[4] N. Baracaldo and J. Joshi “A Trust-‐and-‐Risk Aware RBAC Framework: Tackling Insider Threat” 2012 [6] L. Chen and J. Crampton, “Risk-‐Aware Role-‐Based Access Control”, 2012 [7] K.Z. Bijon, R. Krishnan, and R. Sandhu “Risk-‐Aware RBAC Sessions”, 2012
10/2/14
Exis-ng Solu-ons
• Risk AdapBve SoluBon[1, 8] – Include user access history in the trustworthiness computaBon
– Include Resources access history in the risk computaBon
– Infer new access control funcBons or modify exisBng policies, using an evaluaBon history based logic
6
[1] R.A. Shaikh, K. Adi, L. Logrippo “Dynamic Risk-‐based Decision Methods for Access Control Systems” 2012 [8] S. Kandala, R. Sandhu, V. BhamidipaB, “An Akribute Based Framework for Risk-‐AdapBve Access Control Models” 2011
10/2/14
Limita-ons
• Trust management and Risk assessment are assumed but not explicit
• No model is taking in consideraBon both context risk and user risk at the same Bme
• Risk AdapBve AC Models propose to modify risk values for future access control evaluaBon but don’t propose real Bme reacBon strategies
• No model is taking consideraBon, the context and risk constraints' impacts, on the Access Control process performance
7
10/2/14
Possible Alterna-ves Solu-ons
• Including the context in the trust and risk computaBon
• Developing Real Bme risk treatment strategies
• Managing risk-‐originated "access deny" incidents
• Working on complexity and performance issues
8
10/2/14
References • [1] R.A. Shaikh, K. Adi, L. Logrippo “Dynamic Risk-‐based Decision Methods
for Access Control Systems” 2012 • [2] C. S. InsBtute. CSI computer crime and security survey, 2010/11. • [3] L. Krautsevich, A. Lazouski, F. MarBnelli, and A. Yautsiukhin “Cost-‐
EffecBve Enforcement of Access and Usage Control Policies under UncertainBes” 2013
• [5] P. Bona`, C. Galdi and D. Torres “ERBAC: Event-‐Driven RBAC”, 2013 • [4] N. Baracaldo and J. Joshi “A Trust-‐and-‐Risk Aware RBAC Framework:
Tackling Insider Threat” 2012 • [6] L. Chen and J. Crampton, “Risk-‐Aware Role-‐Based Access Control”,
2012 • [7] K.Z. Bijon, R. Krishnan, and R. Sandhu “Risk-‐Aware RBAC Sessions”,
2012 • [8] S. Kandala, R. Sandhu, V. BhamidipaB, “An Akribute Based Framework
for Risk-‐AdapBve Access Control Models” 2011 9
10/2/14
10/2/14
Thank you !
QuesBons