A Survey of GraphBased RBAC Efficiency

1
A Survey of Graph-Based RBAC Efficiency

• Barry Wittman
• CS526 Research Project

2
Introduction

• RBAC has gained a lot of popularity in the access
  control research world.
• Most papers discuss the power of various versions
  of RBAC in terms of security capabilities.
• What are the complexity and performance issues?

3
Overview

• Basic Operations
• Conflicting Privileges
• Multidomain Policy Integration
• Safety
• Information Flow
• Conclusions

4
Basic Operations

• We examine the hierarchical framework discussed
  by Koch et al. in 5 and 9.
• We look at all the basic operations and try to
  find the minimum time for an operation, based on
  an adjacency list implementation.
• R is the set of roles
• U is the set of all users
• S is the set of active sessions
• t(p) is the upper bound on the number of
  operations it takes to determine if a role has
  permission p

5
Conflicting Privileges

• We examine the algorithms introduced by Nyanchama
  and Osborn 13 which take into account
  conflicting privileges.
• R is the set of roles
• P is the set of all permissions

6
Multidomain Policy Integration

• Shafiq et al. 1 introduce a framework in which
  different domains with different RBAC policies
  can integrate their policies to allow for secure
  interoperation.
• To find the optimum assignment of roles to users,
  an integer programming problem must be solved.
• Unfortunately, this problem is NP-hard but can be
  approximated.
• There is no generic approximation bound on IP
  problems.

7
Safety

• Koch et al. 8 describe a graph-based RBAC
  formulation whose safety can be checked.
• The model has very similar expressive power to
  the Take-Grant model.
• The decidability algorithm is exponential.

8
Information Flow

• MAC models are heavily concerned with the flow of
  information.
• Some work has been done to analyze information
  flow in RBAC as well, particularly by 14.
• Analysis is based on two algorithms
• FlowStart O(RP2)
• CanFlow O(n3)

9
Conclusions

• Basic Operations
• At least a simple implementation of graph-based
  RBAC can be quite efficient.
• Conflicting Permissions
• The algorithms provided by 13 have serious
  performance problems, since most operations
  require checking every permission in the entire
  system.
• Multidomain Policy Integration
• The approximation of the IP problem warrants
  further study. Although it is beyond the scope
  of this work, an approximation bound (hopefully
  constant) for the IP should be found.
• Safety
• The time taken to determine safety with the
  current algorithm is exponential. Work should be
  done to see if a more efficient algorithm is
  possible or if the problem is NP-complete.
• Information Flow
• The information flow algorithms have a P2 term
  in them. However, this is a worst case value
  that will seldom actually be seen. Likewise,
  information flow analysis does not necessarily
  need to be done in real time.

10
References

• 1 Secure interoperation in a multidomain
  environment employing RBAC policies. IEEE
  Transactions on Knowledge and Data Engineering,
  17(11)15571577, 2005. Student Member-Basit
  Shafiq and Member-James B. D. Joshi and
  Fellow-Elisa Bertino and Fellow-Arif Ghafoor.
• 2 D. F. Ferraiolo, R. Sandhu, S. Gavrila, D. R.
  Kuhn, and R. Chandramouli. Proposed NIST standard
  for role-based access control. ACM Trans. Inf.
  Syst. Secur., 4(3)224274, 2001.
• 3 L. Giuri and P. Iglio. A formal model for
  role-based access control with constraints. In
  CSFW 96 Proceedings of the Ninth IEEE Computer
  Security Foundations Workshop, page 136,
  Washington, DC, USA, 1996. IEEE Computer Society.
• 4 F. Glover and M. Laguna. Tabu Search. Kluwer
  Academic Publishers, Dordrecht, The Netherlands,
  1998.
• 5 M. Koch, L. V. Mancini, and F.
  Parisi-Presicce. A formal model for role-based
  access control using graph transformation. In
  ESORICS 00 Proceedings of the 6th European
  Symposium on Research in Computer Security, pages
  122139, London, UK, 2000. Springer-Verlag.
• 6 M. Koch, L. V. Mancini, and F.
  Parisi-Presicce. Foundations for a graph-based
  approach to the specification of access control
  policies. In FoSSaCS 01 Proceedings of the 4th
  International Conference on Foundations of
  Software Science and Computation Structures,
  pages 287302, London, UK, 2001. Springer-Verlag.
• 7 M. Koch, L. V. Mancini, and F.
  Parisi-Presicce. Conflict detection and
  resolution in access control policy
  specifications. In FoSSaCS 02 Proceedings of
  the 5th International Conference on Foundations
  of Software Science and Computation Structures,
  pages 223237, London, UK, 2002. Springer-Verlag.
• 8 M. Koch, L. V. Mancini, and F.
  Parisi-Presicce. Decidability of safety in
  graph-based models for access control. In ESORICS
  02 Proceedings of the 7th European Symposium on
  Research in Computer Security, pages 229243,
  London, UK, 2002. Springer-Verlag.

11
References (cont.)

• 9 M. Koch, L. V. Mancini, and F.
  Parisi-Presicce. A graph-based formalism for
  RBAC. ACM Trans. Inf. Syst. Secur., 5(3)332365,
  2002.
• 10 M. Koch, L. V. Mancini, and F.
  Parisi-Presicce. Administrative scope in the
  graph-based framework. In SACMAT 04 Proceedings
  of the ninth ACM symposium on Access control
  models and technologies, pages 97104, New York,
  NY, USA, 2004. ACM Press.
• 11 M. Koch, L. V. Mancini, and F.
  Parisi-Presicce. Graph-based specification of
  access control policies. J. Comput. Syst. Sci.,
  71(1)133, 2005.
• 12 G. L. Nemhauser and L. A. Wolsey. Integer
  and Combinatorial Optimization.
  Wiley-Interscience Series in Discrete Mathematics
  and Optimization. Wiley, 1988. NEM g 881 P-Ex.
• 13 M. Nyanchama and S. Osborn. The role graph
  model and conflict of interest. ACM Trans. Inf.
  Syst. Secur., 2(1)333, 1999.
• 14 S. L. Osborn. Information flow analysis of
  an RBAC system. In SACMAT 02 Proceedings of the
  seventh ACM symposium on Access control models
  and technologies, pages 163168, New York, NY,
  USA, 2002. ACM Press.
• 15 R. S. Sandhu, E. J. Coyne, H. L. Feinstein,
  and C. E. Youman. Rolebased access control
  models. Computer, 29(2)3847, 1996.