Upload
pierce-watson
View
212
Download
0
Embed Size (px)
Citation preview
Design of an Access Control Model for Distributed Object System With Mobile Code
John Melvin Antony
Motivation Security
Agent Attacking Agent Platform/Host. Agent Platform/Host Attacking Agent. Agent Attacking Another Agent.
Types of Attacks Masquerading. Denial of Service. Unauthorized Access.
Challenges Who Implements Security
Policies in a Mobile environment. Access control At What
Granularity? How Will Access control Policies
be Implemented Uniformly
Background
Access Control Approaches For Mobile Code Conditional Access Control Domain & Type Enforcement. Signed Code. Using Certificates (SPKI, Attribute & Policy).
Bond Security Pre-emptive Probe Access Control Embedded In
Communication Fabric Bond Ticket.
Specific Objectives An Access Control Model For Mobile Code Which
Can Be Integrated Into Security Frameworks. Milestones
Study & Identify different Access Control Models (DTE, Conditional Enforcement, SPKI based) Which Can Be Used.
Design Model For Integration With Bond Framework
Initial Ideas Provide Independent Access Control
Policy(agent & Host Policy) Use Certificates To Encode Constraints(SPKI)
Literature Providing Fine Grained Access Control For Java
Programs – Raju Pandey & Brant Hashiihttp://www.ifs.uni-linz.ac.at/~ecoop/cd/papers/1628/16280449.
pdf A Distributed Access Control Model For Java –
Refik Molva & Yves Roudierhttp://citeseer.nj.nec.com/cache/papers/cs/20254/http:zSzzSzwww.eurecom.frzSz~nsteamzSzPaperszSzesorics2000.pdf/a-distributed-access-control.pdf
Scalable Access Control For Distributed Object Systems – Daniel F Sterne et all…..
http://www.usenix.org/publications/library/proceedings/sec99/full_papers/sterne/sterne.
NIST Special Publication – Mobile agent security – Wayne Jensen & Tom Karygiannis
http://csrc.nist.gov/mobileagents/publication/sp800-19.pdf
Bond System Security & Access Control Model – Ruibing Hao, K Jun & Dan C Marinescuhttp://citeseer.nj.nec.com/cache/papers/cs/19176/
http:zSzzSzbond.cs.purdue.eduzSzpublicationszSzsecuritypdcn.pdf/hao98bond.pdf
SPKI – Yulian Wanghttp://www.hut.fi/~yuwang/publications/SPKI/SPKI.html
Privilege Management Scheme for Mobile Agents – W.A.Jensen
http://www.acsac.org/2001/papers/121.pdf