Location Awareness Extensions to XGTRBAC

1
Location Awareness Extensions toX-GTRBAC

• David W. Bettis
• CS526, Purdue University
• Fall 2005

2
Summary

• Background
• RBAC
• GEO-RBAC
• X-GTRBAC
• Adapting X-GTRBAC to GEO-RBAC
• Spatial structure definitions (GML)
• Encoding spatial constraints
• Implementation

3
Background RBAC Central

• RBAC Role Based Access Control
• Breaks the traditional link between users and
  permissions by inserting an intermediate entity
  called a Role
• Standardized by NIST
• TRBAC Temporal RBAC
• Introduces temporal constraints on role
  activation
• GEO-RBAC Spatially Aware RBAC
• Introduces geographic location as a further
  constraint on role activations

4
Policy Languages for RBAC

• X-RBAC XML formulation to describe RBAC
  policies
• X-GTRBAC augmented version of X-RBAC to handle
• Temporal constraints (GTRBAC)
• A predicate evaluation framework to encode
  arbitrary policies (GTRBAC)
• Project goal Describe GEO-RBAC policies in the
  X-GTRBAC framework.

5
GEO-RBAC Snippets

• Spatial information
• Absolute Representation how to describe where
  things are wrt a reference model
• Geometry a spatial representation (e.g. Point
  at lt45.89,74.07gt for Earth)
• Logical Representation items superimposed which
  have some semantic meaning
• Feature Type type of logical representation
  (e.g. University)
• Feature instance of a feature type (e.g.
  Purdue)

6
Central Ideas of GEO-RBAC

• Spatial Role
• ltrole_name, extentgt, where
• Role has the same meaning as in CORE RBAC
• extent is a set of feature types where the role
  will be enabled
• Role Schema
• ltrole_name, extent, loc, mlocgt
• Same as above, plus
• loc is a set of feature types where the user may
  be
• mloc maps absolute positions (geometries) to
  features of type loc
• Role Instance
• ltrole_name, featuregt
• role_name maps this role instance to a particular
  role schema
• feature has a feature type that is compatible
  with extent above
• role is enabled if mloc(GPS) is contained in
  extent

7
Example

• Role schema
• StudentSchema ltStudent, University, Building,
  GPS?Buildinggt
• Role instance
• PurdueStudent StudentSchema(Purdue)
• IuStudent StudentSchema(IU)

8
Credentials in X-GTRBAC

• X-GTRBAC has the concept of a credential
• A credential is a container for a set of
  entity-defined attributes
• Example

ltXCredTypeDefgt ltCredentialType
cred_type_idcAgegt ltAttributeListgt
ltAttribute nameage
typeinteger /gt lt/XCredTypeDefgt
ltRole nameRealAdultgt ltCredType
cred_type_idcAgegt ltCredExprgt
ltAttribute nameage"gt21lt/Attributegt
lt/CredExprgt lt/CredTypegt lt/Rolegt
9
Predicates in X-GTRBAC

• Credential attributes can be used in predicate
  functions
• Example

ltURA role_nameAdult"gt ltPredicategt
ltOperatorgtgt lt/Operatorgt ltFuncNamegtEntity.has
CredAttributeValue lt/FuncNamegt ltParamName
order"1"gtagelt/ParamNamegt ltRetValuegt18
lt/RetValuegt lt/Predicategt lt/URAgt
10
Spatial Structures

• Need to have a way to represent features and
  geometries in XML
• Use Geographic Markup Language (GML) as
  attributes in credentials
• GML has the concepts of
• Features, which have a set of pre-defined
  attributes (name, description, boundedBy), but
  are abstract, so depend on an application schema
• Geometries, points, polygons, so on and so forth.
• Define an element ltFeaturegt derived from
  ltgml_Featuregt which has a single required
  element gmlextentOf

11
Spatial Structures (example)
ltFeaturegt lt!-- optional descriptive metadata
--gt ltgmlnamegtPurdue University-West
Lafayettelt/gmlnamegt ltgmldescriptiongtA
fantastic school.lt/gmldescriptiongt lt!--
This is the rectangular area defining Purdue.
--gt ltgmlextentOfgt ltgmlEnvelopegt
ltgmllowerCornergt0 0lt/gmllowerCornergt
ltgmlupperCornergt100 100lt/gmlupperCornergt
lt/gmlEnvelopegt lt/gmlextentOfgt lt/Featuregt
12
Spatial Constraints

• Use credentials to specify spatial constraints
• The ltFuncNamegt needs to go and fetch the users
  absolute position and translate it to a feature
• Augment the set of operators with contained_in,
  which tests for geometric containment

13
Spatial Constraints Example
ltRole role_id"rSS" role_namePurdueStudent"gt
ltEnabConstraintgt ltEnabConditiongt
ltLogicalExprgt ltPredicategt
ltOperatorgtcontained_inlt/Operatorgt
ltFuncNamegtgetCampusSectorlt/FuncNamegt
ltRetValuegtltFeaturegt.lt/Featuregtlt/RetValuegt
lt/Predicategt lt/LogicalExprgt
lt/EnabConditiongt lt/EnabConstraintgt lt/Rolegt
14
Role Schemas

• This approach results in rather lengthy policy
  descriptions
• Would rather have ltFeaturegt not be duplicated
• So role schemas are implemented as credentials
  that reference other credentials

15
Role Schema Example (I)
ltRole role_id"rSS" role_name"StudentSchemaRole"gt
ltCredType cred_type_id"cSS" type_name"StudentS
chema"gt ltEnabConstraintgt ltEnabConditiongt
ltLogicalExprgt ltPredicategt
ltOperatorgtcontained_inlt/Operatorgt
ltFuncNamegtEnvironment.getCampusSectorlt/FuncNamegt
ltRetValue type"reference"gtcampuslt/RetValuegt
lt/Predicategt lt/LogicalExprgt
lt/EnabConditiongt lt/EnabConstraintgt
lt/CredTypegt lt/Rolegt
16
Role Schema Example (II)
ltRole role_id"rSP" role_name"SPurdue"gt
ltCredType cred_type_id"cSS" type_name"Student"gt
ltCredExprgt ltAttribute name"campus"gt
ltFeaturegt lt/Featuregt lt/Attributegt
lt/CredExprgt lt/CredTypegt lt/Rolegt
Users sign up for the role SPurdue. In
evaluation, how do we know that SPurdue should
look to StudentSchema for the enabling
credentials?
17
Role Schema Example (III)
ltXCredTypeDef xctd_id"Campus_XCTD"gt
ltCredentialType cred_type_id"cS
type_name"Student
ref"StudentSchema"gt
ltAttributeListgt ltAttribute name"campus"
type"Feature" usage"mand" /gt
lt/AttributeListgt lt/CredentialTypegt
ltCredentialType cred_type_id"cSS"
type_name"StudentSchema" /gt lt/XCredTypeDefgt
18
Implemenation Issues

• Use of Java reflection to allow user-defined
  functions
• Integral to the system because the mapping of
  absolute position to feature is
  application-dependent
• Elementary type checking for attributes defined
  in a credential (previously limited to basic
  types such as ints and strings)

19
Acknowledgements

• Rafae Bhatti, author of X-GTRBAC
• Maria Luisa Damiani, integrating X-GTRBAC and
  GEO-RBAC
• References
• GEO-RBAC, http//portal.acm.org/citation.cfm?id10
  63979.1063985
• X-GTRBAC, http//portal.acm.org/citation.cfm?id10
  65545.1065547