Muhammad Ihsanulhaq Sarfraz, Peter Baker, Jia Xu, Elisa Bertino
NSSIT 2013
A Comprehensive Access Control System for
Scientific Applications
Presented By:
Aditi Gupta
Presented By
Harry Mills / PRESENTATIONPRO
2
Outline
Introduction:
- Motivation
- Data Model
Access Control Requirements
Access Control Model
CRIS Access Control System
3
Motivation
• Scientific data is shared beyond the local computing
environment
• Scientific data is of sensitive nature
There is a need for a robust authorization mechanism to
prevent unauthorized access to scientific data
• We present an access control system for scientific
applications
4
Data Model
Description
Impact on Authorization
Model
Scientific Workflows
Key impediment for scientists – Authorizations can be
automate manual repetitive tasks
specified on:
1. individual workflow
2. individual task within a
workflow
Computational Tools
Integration of large amount of
heterogeneous data
- assisting users comprehend large
datasets
- extracting meaning and useful
information from large amounts of
data
A
user
having
authorization to execute a
tool should not have any
authorization to directly
modify
the
dataset
accessed by the tool
5
Data Model (2)
Description
Impact on Authorization
Model
Datasets and
Versions
- large scientific datasets are assembled Authorizations must be
from samples collected over time
specified on:
1. individual datasets
- datasets versioned for the purpose of 2. individual versions of
long-term preservation and re-use of
the dataset
primary research data
Data
Hierarchy
Stores
A common approach to organize large hierarchical organization of
amounts of data by exploiting relationships data
objects
should
among the various data objects.
effectively reduce the
authorization assignments
Example. Project/Experiment/Job/Workflow
6
Data Model (3)
Agronomy Center Project
Visualization
Tool
Extract Tool
Water Quality Experiment
Elemental Analysis Experiment
Job 2
Job 1
Plant Growth Data
Collection Workflow
Job 3
Job 4
Phosphorus Data
Collection Workflow
Plant Growth Dataset
Version 1
1
Extract
Information
Phosphorus Dataset
Plant Growth Dataset
Version 2
Computational Tools and Datasets
Data Hierarchy Stores
Collect Phosphorus
data file
Plant Growth Dataset
2
No
Is
Valid?
Scientific Workflows
Yes
Display Failure
Message
Display Success
Message
3
4
7
Outline
Introduction:
- Motivation
- Data Model
Access Control Requirements
Access Control Model
CRIS Access Control System
8
Requirements
• Implicit Authorization
– explicitly store all authorizations – inefficient
– implicit authorization makes it unnecessary to store all authorizations
explicitly
– authorizations can be automatically propagated
• Dataset Security
– Should the authorization of a user to access dataset must be checked the
dataset is invoked as part of the execution of the tool?
• accesses made during execution of the tool are further checked
• A user has no authorization to directly access or modify the dataset
9
Requirements (2)
• Sandbox Search
– allows user to search whether data exists but does not imply the right to
see the actual data
• Temporal Constraints
– temporal constraints surrounding an access request must be evaluated
and supported by the authorization model
• Conflict Resolution
– implicit authorization and presence of positive/negative authorization can
give rise to conflicts and hence must be resolved to prevent denial of a
legitimate access request
10
Outline
Introduction:
- Motivation
- Data Model
Access Control Requirements
Access Control Model
CRIS Access Control System
11
Authorization Model
• The authorization model is extension of the earlier work by Rabitti et
al.
• An authorization is defines as a 5 tuple <s, o, p, s’, c>:
– s ∈ S is the set of subjects; a user or a group
– o ∈ O is the set of objects
– p ∈ P is the set of permissions
– s’ ∈ S is the owner of object o
– c ∈ C is the class of object i.e. Tools, Workflow, Project etc.
• A function f is defined to determine if an authorization <s, o, p, s’, c>
is True or False
– f : S x O x P x S x C ⟶(True, False)
• An authorization base AB is a set of explicit authorizations where an
authorization can be positive or negative:
– AB ⊆ S x O x P x S x C
12
Authorization Model (2)
• Implicit Authorization
– Function i <s, o, p, s’, c> is
defined as:
• if an explicit authorization exists in
AB, then i is True
• else if the authorization is implied
by an explicit authorization then i
is True
• else if the authorization implied is a
negative authorization, the i is
False
13
Authorization Model (3)
• Dataset Security
– Function check enforces authorization on the tool
– Function grant and revoke ensure execute authorizations on dataset have been
done correctly
14
Authorization Model (4)
• Sandbox Search
– the function match is called to check whether the object being searched
exists
• Temporal Constraints
– temporal authorization ([t1, t2]< s, o, p, s’, c >) states that user s has
permission p on object o between period t1 and t2.
• Conflict Resolution
– Function checkState ensures any operation on AB satisfies the resolution
and redundancy invariant.
15
Outline
Introduction:
- Motivation
- Data Model
Access Control Requirements
Access Control Model
CRIS Access Control System
16
Computational Research Infrastructure for Science (CRIS)
• easy to use, scalable and
collaborative
scientific
infrastructure for scientists
• implemented
using
open
source software and free Web
APIs
• initial user community at
Purdue
University
in
Agronomy,
Biochemistry,
Bioinformatics and Biology
17
Access Control for CRIS
18
Conclusion
• The sensitive nature of scientific data requires a robust
authorization mechanism to prevent unauthorized access
• We present an access control system for scientific applications
• It has been deployed in CRIS
19
Questions and Thank You
• Please refer your questions to [email protected]
• THANK YOU!