Abstract
As distributed applications increase in size and complexity, traditional authorization architectures based on a dedicated authorization server become increasingly fragile because this decision point represents a single point of failure and a performance bottleneck. Authorization caching, which enables the reuse of previous authorization decisions, is one technique that has been used to address these challenges.
This article introduces and evaluates the mechanisms for authorization “recycling” in RBAC enterprise systems. The algorithms that support these mechanisms allow making precise and approximate authorization decisions, thereby masking possible failures of the authorization server and reducing its load. We evaluate these algorithms analytically as well as using simulation and a prototype implementation. Our evaluation results demonstrate that authorization recycling can improve the performance of distributed-access control mechanisms.
- Adamic, L. and Huberman, B. 2002. Zipf's law and the Internet. Glottometrics 3, 1, 143--50.Google Scholar
- ANSI. 2004. ANSI INCITS 359-2004 for role based access control. American National Standards Institute, New York, NY.Google Scholar
- Astley, M., Sturman, D. C., and Agha, G. A. 2001. Customizable middleware for modular distributed software. Comm. ACM. 44, 5, 99--107. Google Scholar
Digital Library
- Bell, D. and LaPadula, L. 1973a. Secure computer systems: A mathematical model. Tech. rep. MTR-2547, Volume II. Mitre Corporation, Bedford, MA.Google Scholar
- Bell, D. and LaPadula, L. 1973b. Secure computer systems: Mathematical foundations. Tech. rep. MTR-2547, Volume I. Mitre Corporation, Bedford, MA.Google Scholar
- Beznosov, K. 2005. Flooding and recycling authorizations. In Proceedings of the New Security Paradigms Workshop (NSPW'05). ACM Press, New York, NY, 67--72. Google Scholar
Digital Library
- Borders, K., Zhao, X., and Prakash, A. 2005. CPOL: High-performance policy evaluation. In Proceedings of the 12th ACM Conference on Computer and Communications Security. ACM Press, New York, NY, 147--157. Google Scholar
Digital Library
- Breslau, L., Cao, P., Fan, L., Phillips, G., and Shenker, S. 1999. Web caching and Zipf-like distributions: Evidence and implications. In Proceedings of the Annual Joint Conference of the IEEE Computer and Communications Societies. IEEE Computer Society Press, Los Alamitos, CA, 126--134.Google Scholar
- Bücker, A., Antonius, J., Riexinger, D., Sommer, F., and Sumida, A. 2003. Enterprise Business Portals II with IBM Tivoli Access Manager. IBM Redbooks, Armonk, NY, ibm.com/redbooks.Google Scholar
- Committee, X. T. 2005. OASIS eXtensible Access Control Markup Language (XACML) v. 2.0. OASIS, Burlington, VT.Google Scholar
- Crampton, J., Leung, W., and Beznosov, K. 2006. Secondary and approximate authorizations model and its application to Bell-LaPadula policies. In Proceedings of the ACM Symposium on Access Control Models and Technologies. ACM Press, New York, NY, 111--120. Google Scholar
Digital Library
- DeMichiel, L. G., Yalçinalp, L. Ü., and Krishnan, S. 2001. Enterprise JavaBeans, v. 2.0. Sun. Oracle, Redwood Shores, CA.Google Scholar
- Entrust. 1999. GetAccess design and administration guide. Entrust, Dallas, TX.Google Scholar
- Ferraiolo, D. and Kuhn, R. 1992. Role-based access controls. In Proceedings of the 15th NIST-NCSC National Computer Security Conference. Gaithersburg, MD, 554--563.Google Scholar
- Francis, W. and Kucera, H. 1967. Computational Analysis of Present-Day American English. Brown University Press, Providence, RI.Google Scholar
- Gittler, F. and Hopkins, A. C. 1995. The DCE security service. Hewlett-Packard J. 46, 6, 41--48.Google Scholar
- Internet2. 2008. Shibboleth system. http://shibboleth.internet2.edu.Google Scholar
- Johnson, B. 1996. Fault-Tolerant Computer System Design. Prentice-Hall, Upper Saddle River, NJ, 1--87.Google Scholar
- Kaijser, P. 1998. A review of the SESAME development. In Information Security and Privacy, C. Boyd and E. Dawson, Eds. Lecture Notes in Computer Science, vol. 1438. Springer, Berlin, Germany, 1438, 1--8. Google Scholar
Digital Library
- Kalbarczyk, Z., Lyer, R. K., and Wang, L. 2005. Application fault tolerance with Armor middleware. IEEE Internet Comput. 9, 2, 28--38. Google Scholar
Digital Library
- Karjoth, G. 2003. Access control with IBM Tivoli Access Manager. ACM Trans. Info. Syst. Sec. 6, 2, 232--57. Google Scholar
Digital Library
- Klemm, A., Lindemann, C., Vernon, M. K., and Waldhorst, O. P. 2004. Characterizing the query behavior in peer-to-peer file sharing systems. In Proceedings of the SIGCOMM Internet Measurement Conference. New York, NY, 55--67. Google Scholar
Digital Library
- Lorch, M., Proctor, S., Lepro, R., Kafura, D., and Shah, S. 2003. First experiences using XACML for access control in distributed systems. In Proceedings of XMLSec. ACM, Press, New York, NY, 25--37. Google Scholar
Digital Library
- Markoff, J. and Hansell, S. 2006. Google's not-so-very-secret weapon. International Herald Tribune. June 13.Google Scholar
- Motro, R. 1989. An access authorization model for relational databases based on algebraic manipulation of view definitions. In Proceedings of the International Conference on Data Engineering. IEEE Computer Society Press, Los Alamitos, CA, 339--347. Google Scholar
Digital Library
- Netegrity. 2000. Siteminder concepts guide. Tech. rep. Netegrity, Waltham, MA.Google Scholar
- Nicomette, V. and Deswarte, Y. 1997. An authorization scheme for distributed object systems. In Proceedings of the 1997 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Los Alamitos, CA, 21--30. Google Scholar
Digital Library
- OMG. 2002. Common object services specification, security service specification v1.8. OMG, Needham, MA.Google Scholar
- Oracle. 2008. Oracle entitlements server: Programming security for web services. Tech. rep. Oracle. Redwood Shores, CA.Google Scholar
- Rizvi, S., Mendelzon, A., Sudarshan, S., and Roy, P. 2004. Extending query rewriting techniques for fine-grained access control. In Proceedings of the SIGMOD International Conference on Management of Data. ACM, Press, New York, NY. Google Scholar
Digital Library
- Rosenthal, A. and Sciore, E. 2001. Administering permissions for distributed data: Factoring and automated inference. In Proceedings of AWCDAS. Kluwer, Norwell, MA, 91--104. Google Scholar
Digital Library
- Ryutov, T. and Neuman, C. 2000. Generic authorization and access control application program interface: C-bindings. Internet Draft draft-ietf-cat-gaa-bind-03, Internet Engineering Task Force. www.ietf.orgo.Google Scholar
- Saltzer, J. and Schroeder, M. 1975. The protection of information in computer systems. Proc. IEEE 63, 6, 1278--1308.Google Scholar
Cross Ref
- Sandhu, R., Coyne, E., Feinstein, H., and Youman, C. 1996. Role-based access control models. IEEE Comput. 29, 2, 38--47. Google Scholar
Digital Library
- Schaad, A., Moffett, J., and Jacob, J. 2001. The role-based access control system of a European bank: A case study and discussion. In Proceedings of the ACM Symposium on Access Control Models and Technologies. ACM Press, New York, NY, 3--9. Google Scholar
Digital Library
- Schroder-Preikschat, W., Lohmann, D., Scheler, F., Gilani, W., and Spinczyk, O. 2006. Static and dynamic weaving in system software with AspectC++. In Proceedings of the Hawaii International Conference on System Sciences. 214.1. Google Scholar
Digital Library
- Securant. 1999. Unified access management: A model for integrated Web security. Tech. rep. Securant Technologies. Belford, MA.Google Scholar
- Spencer, R., Smalley, S., Loscocco, P., Hibler, M., Andersen, D., and Lepreau, J. 1999. The Flask security architecture: System support for diverse security policies. In Proceedings of the 8th USENIX Security Symposium. USENIX Berkeley, CA, 123--140. Google Scholar
Digital Library
- Strong, P. 2007. How ebay scales with networks and the challenges. In Proceedings of the 16th ACM/IEEE International Symposium on High-Performance Distributed Computing. ACM Press, New York, NY. Invited talk.Google Scholar
- Tripunitara, M. V. and Carbunar, B. 2009. Efficient access enforcement in distributed role-based access control (RBAC) deployments. In Proceedings of the ACM Symposium on Access Control Models and Technologies ACM Press, Press, New York, NY, 155--164. Google Scholar
Digital Library
- Vaidya, J., Atluri, V., and Guo, Q. 2007. The role mining problem: Finding a minimal descriptive set of roles. In Proceedings of the ACM Symposium on Access Control Models and Technologies ACM Press. New York, NY, 175--184. Google Scholar
Digital Library
- Vogels, W. 2004. How wrong can you be? Getting lost on the road to massive scalability. In Proceedings of the 5th International Middleware Conference. ACM Press, New York, NY. Keynote address.Google Scholar
- Wei, Q., Ripeanu, M., and Beznosov, K. 2007. Cooperative secondary authorization recycling. In Proceedings of the IEEE International on High-Performance Distributed Computing. IEEE, Coputer Society Press, Los Alamitos, CA, 65--74. Google Scholar
Digital Library
Index Terms
Authorization recycling in hierarchical RBAC systems
Recommendations
Authorization recycling in RBAC systems
SACMAT '08: Proceedings of the 13th ACM symposium on Access control models and technologiesAs distributed applications increase in size and complexity, traditional authorization mechanisms based on a single policy decision point are increasingly fragile because this decision point represents a single point of failure and a performance ...
PBDM: a flexible delegation model in RBAC
SACMAT '03: Proceedings of the eighth ACM symposium on Access control models and technologiesRole-based access control (RBAC) is recognized as an efficient access control model for large organizations. Most organizations have some business rules related to access control policy. Delegation of authority is among these rules. RBDM0 and RDM2000 ...
The secondary and approximate authorization model and its application to Bell-LaPadula policies
SACMAT '06: Proceedings of the eleventh ACM symposium on Access control models and technologiesWe introduce the concept, model, and policy-specific algorithms for inferring new access control decisions from previous ones. Our secondary and approximate authorization model (SAAM) defines the notions of primary vs. secondary and precise vs. ...






Comments