Mobile Access Control

1. Mobile Access Control Adriana Compagnoni (www.cs.stevens.edu/~abc/mac.html) • Location Awareness in Access Control Our society is constantly moving towards richer forms of information exchange where wired and wireless devices interact, and an increasingly mobile work-force needs to be able to access corporate information while at work, from home, and on the road. This tendency has prompted the academic community to study the security problems arising from such inter-operations. This exchange of information is regulated by security policies describing who can access the information in question. In Role-Based Access Control a given user is assigned a collection of roles (e.g. employee, faculty, student, etc.). In turn, each role is assigned a collection of access privileges. A user gains access to a resource by activating a role which has the necessary privileges. Mobility adds a new dimension to RBAC, since the services available to a given user also depend on the location of the user, agreements between parties, and the technology underlying the connection. The University of Wizbrau is equipped with intelligent buildings, and students carry their wireless enabled laptops with them to class. While in the classroom, students have only limited Internet access and they are not allowed to use e-mail, instant messenger, or visit general web-sites. However, these activities are allowed when done from the student lounge instead. Since the instructor of the course needs a greater access to resources than the students, those activities temporarily disabled to the students are available to the instructor. For example, during a lecture, the instructor may consult her e-mail to address a question raised by a student in an e-mail message. Joint work with Elsa Gunter (UIUC) and Pablo Garralda (Stevens) Comparison to state of the art • Current approach • Privileges are associated with roles but not locations. • New approach • Privileges are associated with roles and locations. Motivated by our earlier work on BACI (Boxed Ambients with Communication Interfaces-MFCS 2004) we define a typed boxed ambient calculus called BACIR extended with a Distributed Role-Based Access Control mechanism where each ambient controls its own access policy. Following the style of BACI, our new calculus distinguishes between names of ambients and names of communication ports. Ambients are used for mobility and ports are used for communication, either locally within a channel or between a parent and a child. This distinction is instrumental in defining our RBAC mechanism, since it provides for a finer grain in the security policy. Each ambient controls its own access policy by specifying which roles (or which processes with at least one of those roles activated) are allowed to enter it. Similarly, a port specifies its own access policy by specifying which roles can read from it and which roles can write to it. (TGC 2005) • Ambient • Assume set of (public) ambient names Amb • Ambients given by: A ::= mu[P]@ • Where m  Amb •  Roles (representing roles current for that process) • u  Users • P is a Process • Mobile Role-Based Access Control • Have a notion of a location (boxed ambient) • Each ambient assigns privileges to the resources it controls: • Entry into itself • Read access to its channel • Write access to its channel • Priv : Amb  Role set  Role set  Role set enter read write • Role activation and deactivation primitives