Theses and Dissertations
Permanent URI for this collection
Browse
Browsing Theses and Dissertations by Subject "access control"
Now showing 1 - 5 of 5
Results Per Page
Sort Options
Item Open Access An access control framework for mobile applications(Colorado State University. Libraries, 2013) Abdunabi, Ramadan, author; Ray, Indrakshi, advisor; France, Robert, committee member; Ray, Indrajit, committee member; Turk, Daniel, committee memberWith the advent of wireless and mobile devices, many new applications are being developed that make use of the spatio-temporal information of a user in order to provide better functionality. Such applications also necessitate sophisticated authorization models where access to a resource depends on the credentials of the user and also on the location and time of access. Consequently, traditional access control models, such as, Role-Based Access Control (RBAC), has been augmented to provide spatio-temporal access control. However, the velocity of technological development imposes sophisticated constraints that might not be possible to support with earlier works. In this dissertation, we provide an access control framework that allows one to specify, verify, and enforce spatio-temporal policies of mobile applications. Our specification of spatio-temporal access control improves the expressiveness upon earlier works by providing features that are useful for mobile applications. Thus, an application using our model can specify different types of spatio-temporal constraints. It defines a number of novel concepts that allow ease of integration of access control policies with applications and make policy models more amenable to analysis. Our access control models are presented using both theoretical and practical methods. Our models have numerous features that may interact to produce conflicts. Towards this end, we also develop automated analysis approaches for conflict detection and correction at model and application levels. These approaches rigorously check policy models and provide feedback when some properties do not hold. For strict temporal behaviour, our analysis can be used to perform a quantitative verification of the temporal properties while considering mobility. We also provide a number of techniques to reduce the state-space explosion problem that is inherent in model checkers. Furthermore, we introduce a policy enforcement mechanism illustrates the practical viability of our models and discusses potential challenges with possible solutions. Specifically, we propose an event-based architecture for enforcing spatio-temporal access control and demonstrate its feasibility by developing a prototype. We also provide a number of protocols for granting and revoking access and formally analyze these protocols in order to provide assurance that our proposed architecture is indeed secure.Item Open Access CPS security testbed: requirement analysis, prototype design and protection framework(Colorado State University. Libraries, 2023) Talukder, Md Rakibul Hasan, author; Ray, Indrajit, advisor; Malaiya, Yashwant, committee member; Vijayasarathy, Leo, committee memberTestbeds are a practical way to perform security exercises on cyber physical systems (CPS) to understand vulnerabilities and the progression/impact of cyber-attacks. However, it is challenging to replicate a large CPS, such as nuclear power plant or an electrical power grid, within the confines of a laboratory that would allow security experiments to be carried out. Thus, software-based simulations are getting increasingly popular as opposed to hardware-in-the-loop based simulations for CPS that form a critical infrastructure. Unfortunately, a software-based CPS testbed oriented towards security-centric experiments requires a careful re-examination of requirements and architectural design different from a CPS testbed for non-security related experiments. On a security-focused testbed there is a need to run real attack scripts for red-teaming/blue-teaming exercises, which are, in the strictest sense of the term, malicious in nature. Thus, there is a need to protect the testbed itself from these attack experiments that have the potential to go awry. The overall effect of an exploit on the whole system or vulnerabilities at communication channels needs to be particularly explored while building a simulator for a security-centric CPS. Besides, when multiple experiments are conducted on the same testbed, there is a need to maintain isolation among these experiments so that no experiment can accidentally or maliciously compromise others and affect the fidelity of those results. Specific security experiment-related supports are essential when designing such a testbed but integrating a software-based simulator within the testbed to provide necessary experiment support is challenging. In this thesis, we make three contributions. First, we present the design of an ideal testbed based on a set of requirements and supports that we have identified, focusing specifically on security experiment as the primary use case. Next, following these requirements analysis, we integrate a software-based simulator (Generic Pressurized Water Reactor) into a testbed design by modifying the implementation architecture to allow the execution of attack experiments on different networking architectures and protocols. Finally, we describe a novel security architecture and framework to ensure the protection of security-related experiments on a CPS testbed.Item Open Access Integration of task-attribute based access control model for mobile workflow authorization and management(Colorado State University. Libraries, 2019) Basnet, Rejina, author; Ray, Indrakshi, advisor; Abdunabi, Ramadan, advisor; Ray, Indrajit, committee member; Vijayasarathy, Leo R., committee memberWorkflow is the automation of process logistics for managing simple every day to complex multi-user tasks. By defining a workflow with proper constraints, an organization can improve its efficiency, responsiveness, profitability, and security. In addition, mobile technology and cloud computing has enabled wireless data transmission, receipt and allows the workflows to be executed at any time and from any place. At the same time, security concerns arise because unauthorized users may get access to sensitive data or services from lost or stolen nomadic devices. Additionally, some tasks and information associated are location and time sensitive in nature. These security and usability challenges demand the employment of access control in a mobile workflow system to express fine-grained authorization rules for actors to perform tasks on-site and at certain time intervals. For example, if an individual is assigned a task to survey certain location, it is crucial that the individual is present in the very location while entering the data and all the data entered remotely is safe and secure. In this work, we formally defined an authorization model for mobile workflows. The authorization model was based on the NIST(Next Generation Access Control) where user attributes, resources attributes, and environment attributes decide who has access to what resources. In our model, we introduced the concept of spatio temporal zone attribute that captures the time and location as to when and where tasks could be executed. The model also captured the relationships between the various components and identified how they were dependent on time and location. It captured separation of duty constraints that prevented an authorized user from executing conflicting tasks and dependency of task constraints which imposed further restrictions on who could execute the tasks. The model was dynamic and allowed the access control configuration to change through obligations. The model had various constraints that may conflict with each other or introduce inconsistencies. Towards this end, we simulated the model using Timed Colored Petri Nets (TCPN) and ran queries to ensure the integrity of the model. The access control information was stored in the Neo4j graph database. We demonstrated the feasibility and usefulness of this method through performance analysis. Overall, we tended to explore and verify the necessity of access control for security as well as management of workflows. This work resulted in the development of secure, accountable, transparent, efficient, and usable workflows that could be deployed by enterprises.Item Open Access On component-oriented access control in lightweight virtualized server environments(Colorado State University. Libraries, 2017) Belyaev, Kirill, author; Ray, Indrakshi, advisor; Ray, Indrajit, committee member; Malaiya, Yashwant, committee member; Vijayasarathy, Leo, committee memberWith the advancements in contemporary multi-core CPU architectures and increase in main memory capacity, it is now possible for a server operating system (OS), such as Linux, to handle a large number of concurrent services on a single server instance. Individual components of such services may run in different isolated runtime environments, such as chrooted jails or related forms of OS-level containers, and may need restricted access to system resources and the ability to share data and coordinate with each other in a regulated and secure manner. In this dissertation we describe our work on the access control framework for policy formulation, management, and enforcement that allows access to OS resources and also permits controlled data sharing and coordination for service components running in disjoint containerized environments within a single Linux OS server instance. The framework consists of two models and the policy formulation is based on the concept of policy classes for ease of administration and enforcement. The policy classes are managed and enforced through a Lightweight Policy Machine for Linux (LPM) that acts as the centralized reference monitor and provides a uniform interface for regulating access to system resources and requesting data and control objects. We present the details of our framework and also discuss the preliminary implementation and evaluation to demonstrate the feasibility of our approach.Item Open Access On the design of a moving target defense framework for the resiliency of critical services in large distributed networks(Colorado State University. Libraries, 2018) Amarnath, Athith, author; Ray, Indrajit, advisor; Ray, Indrakshi, committee member; Hayne, Stephen, committee memberSecurity is a very serious concern in this era of digital world. Protecting and controlling access to secured data and services has given more emphasis to access control enforcement and management. Where, access control enforcement with strong policies ensures the data confidentiality, availability and integrity, protecting the access control service itself is equally important. When these services are hosted on a single server for a lengthy period of time, the attackers have potentially unlimited time to periodically explore and enumerate the vulnerabilities with respect to the configuration of the server and launch targeted attacks on the service. Constant proliferation of cloud usage and distributed systems over the last decade have materialized the possibilities of distributing data or hosting services over a group of servers located in different geographical locations. Existing election algorithms used to provide service continuity hosted in the distributed setup work well in a benign environment. However, these algorithms are not secure against skillful attackers who intends to manipulate or bring down the data or service. In this thesis, we design and implement the protection of critical services, such as access-control reference monitors, using the concept of moving target defense. This concept increases the level of difficulty faced by the attacker to compromise the point of service by periodically moving the critical service among a group of heterogeneous servers, thereby changing the attacker surface and increasing uncertainty and randomness in the point of service chosen. We describe an efficient Byzantine fault-tolerant leader election protocol for small networks that achieves the security and performance goals described in the problem statement. We then extend this solution to large enterprise networks by introducing random walk protocol that randomly chooses a subset of servers taking part in the election protocol.