• PDF / 326,173 Bytes
• 24 Pages / 439.37 x 666.142 pts Page_size
• 89 Downloads / 234 Views

DOWNLOAD

REPORT

Abstract. In this tutorial, we present an authorization model for distributed systems that operate with limited internet connectivity. Reliable internet access remains a luxury for a majority of the world’s population. Even for those who can afford it, a dependence on internet connectivity may lead to sub-optimal user experiences. With a focus on decentralized deployment, we present an authorization model that is suitable for scenarios where devices right next to each other (such as a sensor or a friend’s phone) should be able to communicate securely in a peer-topeer manner. The model has been deployed as part of an open-source distributed application framework called Vanadium. As part of this tutorial, we survey some of the key ideas and techniques used in distributed authorization, and explain how they are combined in the design of our model.

1

Introduction

Authorization is a fundamental problem in computer security that deals with whether a request to access a resource must be granted. The decision is made by a reference monitor guarding the resource. Authorization is fairly straightforward in closed systems where all resources of interest are held on a small set of devices, and reference monitors have pre-existing relationships with all authorized principals. In these systems, authorizing a request involves identifying the principal making the request, and then verifying that this identity is allowed by the resource’s access control policy. The former is called authentication, and the latter is called access control. Authorization in distributed systems is significantly more complex as the resources are spread across a network of devices under different administrative domains [22]. Moreover, not all devices and principals in the system may know each other beforehand, making even authentication complicated. For instance, consider the fairly common scenario of a user Alice trying to play a movie from her internet video service on her television (TV). It involves the TV authorizing the request from Alice to play a movie, and the video service authorizing the request from the TV to access Alice’s account. The video service may recognize only Alice, and not her TV. The TV must convince the video service that it is acting on Alice’s behalf. With the advent of the Internet of Things (IoT), various physical devices that we commonly interact with in our daily lives are controllable over the network, c Springer International Publishing Switzerland 2016  A. Aldini et al. (Eds.): FOSAD VIII, LNCS 9808, pp. 139–162, 2016. DOI: 10.1007/978-3-319-43005-8 4

140

A. Taly and A. Shankar

and are thus part of a large distributed system. These devices range from tiny embedded devices, to wearables, to large home appliances, and automobiles. The promise of IoT lies in multiple devices interacting with each other to accomplish complex tasks for the user. For instance, a home security system may interact with security cameras and locks around the house to ensure that the house is protected from intruders at all times, and all susp

Recommend Documents

Geospatial Authorization

196 6 239KB

Authorization Verification

161 18 2MB

Authorization Policy Languages

212 88 2MB

Authorization Administration Privileges

151 14 2MB

Object-Oriented Authorization

170 102 35MB

Authentication and Authorization

170 26 18MB

Authorization Administration Policies

170 0 2MB

Authentication and Authorization

170 5 5MB

Authentication and Authorization

163 33 8MB

Access Control and Authorization

170 53 9MB

Authorization Constraints Specification of RBAC

176 16 11MB

Vanadium

171 66 5KB