NANO SCIENTIFIC RESEARCH CENTRE PVT.LTD., AMEERPET, HYD
WWW.NSRCNANO.COM, 09640648777, 09652926926
DOT NET PROJECTS LIST--2013
DOT NET 2013 IEEE PAPERS
Privacy-Preserving
Enforcement
of Spatially Aware RBAC
ABSRACT:
Several
models for incorporating spatial constraints into role-based access control
(RBAC) have been proposed, and researchers are now focusing on the challenge of
ensuring such policies are enforced correctly. However, existing approaches
have a major shortcoming, as they assume the server is trustworthy and require
complete disclosure of sensitive location information by the user. In this
work, we propose a novel framework and a set of protocols to solve this
problem. Specifically, in our scheme, a user provides a service provider with
role and location tokens along with a request. The service provider consults
with a role authority and a location authority to verify the tokens and
evaluate the policy. However, none of the servers learn the requesting user’s
identity, role, or location. In this paper, we define the protocols and the
policy enforcement scheme, and present a formal proof of a number of security properties.
EXISTING SYSTEM:
In the
Existing system the server has to check for everything about user and his
behavior this makes server busy. While the challenge of creating enforcement architectures
has received some focus, existing solutions require disclosure of the requesting
user’s logical location or physical coordinates. Previous work has acknowledged
the severe privacy threats that may occur as a result of disclosing
fine-grained location information with high frequency. This problem becomes
even more serious in a decentralized, loosely coupled environment, such as
cloud computing, where services (e.g., data storage) are outsourced to an
external provider. Thus, it is no longer the case that all components involved
in the authorization process can be fully trusted to protect the privacy of the
principals. Even though authorization and auditing mechanisms may prevent
unauthorized disclosure of sensitive records and reduce the impact of a leak,
similar protection mechanisms for the privacy of the requesting principals’
locations do not exist. Even when a centralized authorization infrastructure exists
and all GEO-RBAC components reside within the administrative control of a
single organization, it is possible for a rogue administrator to collect and
use principals’ locations for malicious purposes (e.g., stalking, blackmail). Furthermore,
the presence of malware at the service provider (SP) can also be a threat to
users.
PROPOSED SYSTEM:
(RBAC)
has become the industry standard for authorization, and it is widely deployed
as it provides organizations with a simplified mechanism for granting
privileged access to sensitive
resources. Although RBAC systems traditionally consider only
identity attributes, such as job title, the emergence of location-based
applications has led to the enrichment of the model with spatial features. A
number of RBAC extensions incorporate location constraints into access control
policies, providing organizations with the ability to control resource access
based on the physical coordinates ofthe requesting users.
Geo-spatial RBAC (GEO-RBAC) has
a large number of applications, in both military and civilian applications. Consider
a military application, where physical presence in a secured room is required
for a principal to access a confidential document. Such a protection model can
prevent personnel from unintentionally exposing secrets in an environment where
principals without the appropriate clearance are present. Alternatively, a
policy may state that strictly confidential documents must only be accessed in
a room that has been checked thoroughly to ensure there are no unauthorized
surveillance devices present. GEO-RBAC addresses these needs and supports
permission manipulation at a fine granularity. In this work, we propose a
framework for privacy preserving GEO-RBAC (Privacy) that enforces location-based
authorization without revealing the identity attributes or physical coordinates
of requesting users to the policy enforcement point (PEP). Our approach uses a combination
of cryptographic techniques and separation of functionality. The trust
assumption in our model is reduced to one component, which generates all
cryptographic secrets required for evaluation but does not participate in the
online operations of the PEP; therefore, this component can be effectively
shielded from attacks. The protocols we define ensure that the other components
that participate in the online enforcement cannot learn the user’s identity,
role, or location, even under very powerful adversarial assumptions. Our work
reconciles competing goals of security and privacy by supporting fine-grained spatially
aware RBAC while simultaneously preserving the privacy of requesting users. There
are clear parallels between our work and access control mechanisms built on
attribute-based encryption, That is, location and role are used as attributes
for policy evaluation.
However, existing attribute-based schemes are built
on the premise that attributes (e.g., a driver’s license number or date of
birth) are fairly persistent for a user, and the user simply needs a credential
that certifies that the user possesses the respective attributes. In GEO-RBAC,
roles and locations are inherently transient. While one user may activate a
role for a short time, he will eventually be replaced by another user; additionally,
users are assumed to be mobile. Given the high frequency of attribute changes, temporary
credentials that are dynamically and automatically generated are mandatory for
usability. To the best of our knowledge, ours is the first work to address the challenge
of attribute-based access control with transient credentials. Based on the
results of this work, we believe that future work in this direction would be
valuable.
The encoded roles, locations, and policies are then delivered
to the Role Authority (RA), Location Authority (LA), and Service Provider,
respectively. The SP stores the protected objects and ultimately makes the
decision of whether to grant access or not. Based on the encoded values, the
RA, LA, and SP are not able to link real roles or locations with the access
request. the user initiates a role session with the RA, acquiring a role token,
then presents the role token to a Location Device (LD), acquiring a location
token that is bound to the role token . The user then sends the credentials
(which do not reveal the role and location) to the SP, who subsequently
performs an oblivious transfer (OT) and a private information retrieval (PIR) protocol
with the RA and LA, respectively, thus retrieving data to evaluate the access
control policy. The private retrieval steps are necessary in order to protect
the access pattern of the principals: the RA and the LA do not learn anything
about the encrypted credentials that are being used in the current access. The
SP evaluates the access condition , and if the condition is satisfied, it
grants access to the user.
HARDWARE REQUIREMENTS
Processor: Pentium IV
RAM: 1GB
Operating System: Windows XP (ServicePack3)
Working Environment: Microsoft Visual Studio 2010
Framework: DOTNET Framework 4.0
Language: visual C#
Back End: Microsoft SQL SERVER 2005
MODULES
·
Role Authority
·
Location Authority
·
Service Provider
·
User
No comments:
Post a Comment