skip to main content
article

Requirements for scalable access control and security management architectures

Published:01 May 2007Publication History
Skip Abstract Section

Abstract

Maximizing local autonomy by delegating functionality to end nodes when possible (the end-to-end design principle) has led to a scalable Internet. Scalability and the capacity for distributed control have unfortunately not extended well to resource access-control policies and mechanisms. Yet management of security is becoming an increasingly challenging problem in no small part due to scaling up of measures such as number of users, protocols, applications, network elements, topological constraints, and functionality expectations.

In this article, we discuss scalability challenges for traditional access-control mechanisms at the architectural level and present a set of fundamental requirements for authorization services in large-scale networks. We show why existing mechanisms fail to meet these requirements and investigate the current design options for a scalable access-control architecture.

We argue that the key design options to achieve scalability are the choice of the representation of access control policy, the distribution mechanism for policy, and the choice of the access-rights revocation scheme. Although these ideas have been considered in the past, current access-control systems in use continue to use simpler but restrictive architectural models. With this article, we hope to influence the design of future access-control systems towards more decentralized and scalable mechanisms.

References

  1. Bartal, Y., Mayer, A., Nissim, K., and Wool, A. 1999. Firmato: A novel firewall management toolkit. In Proceedings of the 1999 IEEE Symposium on Security and Privacy. 17--31.Google ScholarGoogle Scholar
  2. Bellovin, S. M. 1999. Distributed Firewalls. ;login: The USENIX Magazine (Special Issue on Security).Google ScholarGoogle Scholar
  3. Bhatti, R., Ghafoor, A., Bertino, E., and Joshi, J. B. D. 2005. X-GTRBAC: An XML-based policy specification framework and architecture for enterprise-wide access control. ACM Trans. Inform. Syst. Secur. 8, 2 (May), 187--227. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Bonatti, P., di Vimercati, S. D. C., and Samarati, P. 2000. A modular approach to composing access policies. In Proceedings of Computer and Communications Security (CCS'00). 164--173. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Boyle, J., Cohen, R., Durham, D., Herzog, S., Rajan, R., and Sastry, A. 2000. The COPS (Common Open Policy Service) Protocol. Request for comments (proposed standard), Internet Engineering Task Force.Google ScholarGoogle Scholar
  6. Bull, J., Gong, L., and Sollins, K. 1992. Towards security in an open systems Federation. In Lecture Notes in Computer Science. vol. 648. Springer-Verlag, 3--20. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Calhoun, P., Rubens, A., Akhtar, H., and Guttman, E. 1999. DIAMETER Base Protocol. Internet Draft, Internet Engineering Task Force. Google ScholarGoogle Scholar
  8. Chinitz, J. and Sonnenberg, S. 1996. A transparent security framework for TCP/IP and Legacy applications. Tech. rep., Intellisoft Corp.Google ScholarGoogle Scholar
  9. Clark, D. D. 1988. The design philosophy of the DARPA Internet protocols. In Proceedings of SIGCOMM 1988. 106--114. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Damianou, M. 2002. A policy framework for management of distributed systems. Ph.D. thesis Imperial College, University of London.Google ScholarGoogle Scholar
  11. Ferraiolo, D. F. and amd S. Gavrila, G.-J. A. 2003. The role control center: Features and case studies. In Proceedings of the 8th ACM Symposium on Access Control Models and Technologies (SACMAT). Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Ferraiolo, D. F., Kuhn, D. R., and Chandramouli, R. 2003. Role Based Access Control. Artech House. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Ferraiolo, D. F., Sandhu, R. S., Gavrila, S., Kuhn, D. R., and Chandramouli, R. 2001. Proposed NIST standard for role-based access control. ACM Trans. Inform. Syst. Secur. 4, 3, 224--274. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Guttman, J. D. 1997. Filtering postures: Local enforcement for global policies. In IEEE Security and Privacy Conference, Oakland, CA. 120--129. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Hale, J., Galiasso, P., Papa, M., and Shenoi, S. 1999. Security policy coordination for heterogeneous information systems. In Proceedings of the 15th Annual Computer Security Applications Conference (ACSAC). Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Hayton, R., Bacon, J., and Moody, K. 1998. Access control in an open distributed environment. In IEEE Symposium on Security and Privacy, Oakland, CA.Google ScholarGoogle Scholar
  17. Hinrichs, S. 1999. Policy-based management: Bridging the gap. In Proceedings of the 15th Annual Computer Security Applications Conference (ACSAC). Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Howard, J. D. 1997. An analysis of security on the Internet 1989--1995. Ph.D. thesis. Carnegie Mellon University. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Ioannidis, S., Keromytis, A., Bellovin, S., and Smith, J. 2000. Implementing a distributed firewall. In Proceedings of Computer and Communications Security (CCS'00). 190--199. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Keromytis, A. D. 2001. Strongman: A scalable solution to trust management in networks. Ph.D. thesis, University of Pennsylvania, Philadelphia, PA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Keromytis, A. D., Ioannidis, S., Greenwald, M. B., and Smith, J. M. 2003. The STRONGMAN architecture. In Proceedings of the 3rd DARPA Information Survivability Conference and Exposition (DISCEX III). 178--188.Google ScholarGoogle Scholar
  22. Lampson, B. 1971. Protection. In Proceedings of the 5th Princeton Symposium on Information Sciences and Systems. 473--443.Google ScholarGoogle Scholar
  23. Lampson, B. 1974. Protection. Operat. Syst. Rev. 8, 1 (Jan), 18--24. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Miller, S. P., Neuman, B. C., Schiller, J. I., and Saltzer, J. H. 1987. Kerberos authentication and authorization system. Tech. rep., MIT.Google ScholarGoogle Scholar
  25. Molitor, A. 1995. An architecture for advanced packet filtering. In Proceedings of the 5th USENIX UNIX Security Symposium. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Network Wizards. Internet Domain Survey. http://www.isc.org/ds.Google ScholarGoogle Scholar
  27. RFC Editor. RFCs issued by year. http://www.rfceditor.org/num_rfc_year.html.Google ScholarGoogle Scholar
  28. Rigney, C., Rubens, A., Simpson, W., and Willens, S. 1997. Remote Authentication Dial In User Service (RADIUS). Request for Comments (Proposed Standard) 2138, Internet Engineering Task Force. Google ScholarGoogle Scholar
  29. Saltzer, J. H., Reed, D. P., and Clark, D. D. 1984. End-to-end arguments in system design. ACM Trans. on Comput. Syst. 2, 4 (Nov), 277--288. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Sandhu, R. S., Coyne, E. J., Feinstein, H. L., and Youman, C. E. 1996. Role-based access control models. IEEE Comput. 29, 2 (Feb), 38--47. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Sandhu, R. S. and Park, J. S. 1998. Decentralized user-role assignment for web-based intranets. In ACM Workshop on Role-Based Access Control. 1--12. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Telcordia Technologies. Evaluating the size of the Internet. http://www.netsizer.com/.Google ScholarGoogle Scholar
  33. Thomsen, D., O'Brien, D., and Bogle, J. 1998. Role based access control framework for network enterprises. In Proceedings of the 14th Annual Computer Security Applications Conference. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Thomsen, D., O'Brien, R., and Payne, C. 1999. Napoleon network application policy environment. In Proceedings of the 4th ACM Workshop on Role-Based Acess Control (RBAC). 145--152. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Trostle, J., Kosinovsky, I., and Swift, M. M. 2001. Implementation of crossrealm referral handling in the MIT Kerberos client. In Proceedings of the Network and Distributed System Security Symposium (SNDSS). 109--124.Google ScholarGoogle Scholar
  36. Vandenwauver, M., Claessens, J., Moreau, W., Vaduva, C., and Maier, R. 1999. Why enterprises need more than firewalls and intrusion detection systems. In IEEE 8th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE'99). Stanford, CA. IEEE Computer Society, 152--7. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Westerlund, A. and Danielsson, J. 2001. Heimdal and Windows 2000 Kerberos---How to get them to play together. In Proceedings of the USENIX Annual Technical Conference, Freenix Track. 267--272. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Wobber, E., Abadi, M., Burrows, M., and Lampson, B. 1994. Authentication in the Taos operating system. ACM Trans. Comput. Syst. 12, 1 (Feb), 3--32. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Wool, A. 2001. Architecting the Lumeta firewall analyzer. In Proceedings of the 10th USENIX Security Symposium. 85--97. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Requirements for scalable access control and security management architectures

          Recommendations

          Comments

          Login options

          Check if you have access through your login credentials or your institution to get full access on this article.

          Sign in

          Full Access

          PDF Format

          View or Download as a PDF file.

          PDF

          eReader

          View online with eReader.

          eReader
          About Cookies On This Site

          We use cookies to ensure that we give you the best experience on our website.

          Learn more

          Got it!