Design of an Access Control Model for Distributed

Design of an Access Control Model for Distributed Object System With Mobile Code John Melvin Antony

Motivation n Security n n Agent Attacking Agent Platform/Host Attacking Agent Attacking Another Agent. Types of Attacks n n n Masquerading. Denial of Service. Unauthorized Access.

n Challenges Who Implements Security Policies in a Mobile environment. n Access control At What Granularity? n How Will Access control Policies be Implemented Uniformly n

Background n n Access Control Approaches For Mobile Code n Conditional Access Control n Domain & Type Enforcement. n Signed Code. n Using Certificates (SPKI, Attribute & Policy). Bond Security n Pre-emptive Probe n Access Control Embedded In Communication Fabric n Bond Ticket.

Specific Objectives n n n An Access Control Model For Mobile Code Which Can Be Integrated Into Security Frameworks. Milestones n Study & Identify different Access Control Models (DTE, Conditional Enforcement, SPKI based) Which Can Be Used. n Design Model For Integration With Bond Framework Initial Ideas n Provide Independent Access Control Policy(agent & Host Policy) n Use Certificates To Encode Constraints(SPKI)

Literature n Providing Fine Grained Access Control For Java Programs – Raju Pandey & Brant Hashii http: //www. ifs. uni-linz. ac. at/~ecoop/cd/papers/16280449. pdf n A Distributed Access Control Model For Java – Refik Molva & Yves Roudier http: //citeseer. nj. nec. com/cache/papers/cs/20254/http: z. Szwww. eurecom. frz. Sz~nsteamz. Sz. Papersz. Szesorics 2000. pdf/adistributed-access-control. pdf n Scalable Access Control For Distributed Object Systems – Daniel F Sterne et all…. . http: //www. usenix. org/publications/library/proceedings/sec 99/full_p apers/sterne. pdf

n NIST Special Publication – Mobile agent security – Wayne Jensen & Tom Karygiannis http: //csrc. nist. gov/mobileagents/publication/sp 800 -19. pdf Bond System Security & Access Control Model – Ruibing Hao, K Jun & Dan C Marinescu n http: //citeseer. nj. nec. com/cache/papers/cs/19176/http: z. Szbond. cs. purd ue. eduz. Szpublicationsz. Szsecuritypdcn. pdf/hao 98 bond. pdf n SPKI – Yulian Wang http: //www. hut. fi/~yuwang/publications/SPKI. html n Privilege Management Scheme for Mobile Agents – W. A. Jensen http: //www. acsac. org/2001/papers/121. pdf