Security Management, Integrity, and Internal Control in Information Systems
IFIP TC-11 WG 11.1 & WG 11.5 Joint Working Conference
1st Edition
Published on 3. June 2006
XIV, 370 pages
978-0-387-31167-8 (ISBN)
Description
This is the first joint working conference between the IFIP Working Groups 11. 1 and 11. 5. We hope this joint conference will promote collaboration among researchers who focus on the security management issues and those who are interested in integrity and control of information systems. Indeed, as management at any level may be increasingly held answerable for the reliable and secure operation of the information systems and services in their respective organizations in the same manner as they are for financial aspects of the enterprise, there is an increasing need for ensuring proper standards of integrity and control in information systems in order to ensure that data, software and, ultimately, the business processes are complete, adequate and valid for intended functionality and expectations of the owner (i. e. the user organization). As organizers, we would like to thank the members of the international program committee for their review work during the paper selection process. We would also like to thank the authors of the invited papers, who added valuable contribution to this first joint working conference. Paul Dowland X. Sean Wang December 2005 Contents Preface vii Session 1 - Security Standards Information Security Standards: Adoption Drivers (Invited Paper) 1 JEAN-NOEL EZINGEARD AND DAVID BIRCHALL Data Quality Dimensions for Information Systems Security: A Theorectical Exposition (Invited Paper) 21 GURVIRENDER TEJAY, GURPREET DHILLON, AND AMITA GOYAL CHIN From XML to RDF: Syntax, Semantics, Security, and Integrity (Invited Paper) 41 C. FARKAS, V. GowADiA, A. JAIN, AND D.
More details
Other editions
Additional editions
Steve Furnell | Bhavani Thuraisingham | X. Sean Wang
Security Management, Integrity, and Internal Control in Information Systems
IFIP TC-11 WG 11.1 & WG 11.5 Joint Working Conference
Book
11/2005
Springer
€106.50
Shipment within 5-7 days
Persons
Content
Security Standards.- Information Security Standards: Adoption Drivers (Invited Paper).- Data Quality Dimensions for Information Systems Security: A Theoretical Exposition (Invited Paper).- From XML to RDF: Syntax, Semantics, Security, and Integrity (Invited Paper).- Security Culture.- How Much Should We Pay for Security? (Invited Paper).- Do Not Ship, or Receive, Trojan Horses.- Employee Security Perception in Cultivating Information Security Culture.- Access Management.- A Policy Framework for Access Management in Federated Information Sharing.- A Hierarchical Release Control Policy Framework.- Risk Management.- Managing Uncertainty in Security Risk Model Forecasts with RAPSA/MC.- The Mitigation of ICT Risks Using Emitl Tool: An Empirical Study.- Risk Communication, Risk Perception and Information Security.- A Holistic Risk Analysis Method for Identifying Information Security Risks.- Security Culture.- A Responsibility Framework for Information Security.- Information Security Governance - A Re-Definition.- Can We Tune Information Security Management Into Meeting Corporate Governance Needs? (Invited Paper).- Security Management.- Measurement of Information Security in Processes and Products.- A Protection Profiles Approach to Risk Analysis for Small and Medium Enterprises.- A UML Approach in the ISMS Implementation.- Applications.- Attack Aware Integrity Control in Databases (Invited Abstract).- Characteristics and Measures for Mobile-Masquerader Detection.- A Distributed Service Registry for Resource Sharing Among Ad-Hoc Dynamic Coalitions.- Access Management.- A Trust-Based Model for Information Integrity in Open Systems.- Scalable Access Policy Administration (Invited Paper).- Semantic Information Infrastructure Protection (Invited Abstract).
3. X-GTRBAC POLICY FRAMEWORK (p. 99-101)
This section describes the key features of X-GTRBAC (XML-based Generalized Temporal Role Based Access Control), our XML-based policy specification framework. Our specification language is an extension of the RBAC model suitable for addressing the access management challenges in federated systems discussed in this paper.
3.1 Language Specification
X-GTRBAC language specification is captured through a contextfree grammar called X-Grammar, which follows the same notion of terminals and non-terminals as in BNF, but supports the tagging notation of XML which also allows expressing attributes within element tags. The use of attributes helps maintain compatibility with XML schema syntax, which serves as the type definition model for our language. Since it follows BNF convention, X-Grammar can be accepted by a well-defined automaton to allow automatic translation into XML schema documents.
This allows automatic creation of strongly typed policy Schemas based on the supplied grammar specification. We choose to use X-Grammar syntax instead of directly working with XML Schemas for ease of analysis (since existing compiler tools for BNF grammars can be applied) and better readability and presentation. Examples of X-Grammar policies are given in following sections. The complete syntax of X-GTRBAC language specification appears in Appendix A.
3.2 Policy Components
We now describe the main components of our policy language. While doing so, we motivate our design decision by evaluating existing approaches against our stated requirements, and pointing out the merits of our design with respect to our objectives.
3.2.1 Credentials
Credentials are a key component of an access control language. A credential encodes the authentication and authorization information for the users. We have earlier motivated that a heterogeneous and unfamiliar user and resource pool in a federated system complicates credential specification, since it precludes the use of traditional approaches to distributed authorization (such as X.509 based PKI) that assume knowledge of user identities and resource locations.
[12, 13] are well-known examples of distributed schemes that have used identity-based X.509 certificates for user authentication. The authentication information (i.e. public keys) is then used to construct an authorization credential that comprises of a set of resource-specific rules. The credentials are bound to user identities and therefore this approach to credential specification is not scalable. Even when knowledge of identities is available, the requirement of fine-grained access control would lead to rule-explosion in the access control policy given the size of federated population in open systems. Additionally, this approach tightly couples authentication with authorization, and is therefore inflexible, and violates one of our design principles.
Our policy framework addresses this problem through the use of attributebased (as opposed to identity-based) credential specification. We adopt a modular approach and allow independent specification of credentials used in authentication and authorization. The authenticating credential comprises of authentication information expressed in terms of user attributes which are used by the access control processor for role assignment. This idea is similar to the one used in [14]. However, unlike in [14], we do not require reliance on X.509 identity-based certificates to encode user authentication information. Instead, the user attributes may be supplied in any mutually agreed format, such as an Attribute Statement in the emerging identity federation standard SAML [7]. This supports the requirement for credential federation (See Section 3.3.3).
This section describes the key features of X-GTRBAC (XML-based Generalized Temporal Role Based Access Control), our XML-based policy specification framework. Our specification language is an extension of the RBAC model suitable for addressing the access management challenges in federated systems discussed in this paper.
3.1 Language Specification
X-GTRBAC language specification is captured through a contextfree grammar called X-Grammar, which follows the same notion of terminals and non-terminals as in BNF, but supports the tagging notation of XML which also allows expressing attributes within element tags. The use of attributes helps maintain compatibility with XML schema syntax, which serves as the type definition model for our language. Since it follows BNF convention, X-Grammar can be accepted by a well-defined automaton to allow automatic translation into XML schema documents.
This allows automatic creation of strongly typed policy Schemas based on the supplied grammar specification. We choose to use X-Grammar syntax instead of directly working with XML Schemas for ease of analysis (since existing compiler tools for BNF grammars can be applied) and better readability and presentation. Examples of X-Grammar policies are given in following sections. The complete syntax of X-GTRBAC language specification appears in Appendix A.
3.2 Policy Components
We now describe the main components of our policy language. While doing so, we motivate our design decision by evaluating existing approaches against our stated requirements, and pointing out the merits of our design with respect to our objectives.
3.2.1 Credentials
Credentials are a key component of an access control language. A credential encodes the authentication and authorization information for the users. We have earlier motivated that a heterogeneous and unfamiliar user and resource pool in a federated system complicates credential specification, since it precludes the use of traditional approaches to distributed authorization (such as X.509 based PKI) that assume knowledge of user identities and resource locations.
[12, 13] are well-known examples of distributed schemes that have used identity-based X.509 certificates for user authentication. The authentication information (i.e. public keys) is then used to construct an authorization credential that comprises of a set of resource-specific rules. The credentials are bound to user identities and therefore this approach to credential specification is not scalable. Even when knowledge of identities is available, the requirement of fine-grained access control would lead to rule-explosion in the access control policy given the size of federated population in open systems. Additionally, this approach tightly couples authentication with authorization, and is therefore inflexible, and violates one of our design principles.
Our policy framework addresses this problem through the use of attributebased (as opposed to identity-based) credential specification. We adopt a modular approach and allow independent specification of credentials used in authentication and authorization. The authenticating credential comprises of authentication information expressed in terms of user attributes which are used by the access control processor for role assignment. This idea is similar to the one used in [14]. However, unlike in [14], we do not require reliance on X.509 identity-based certificates to encode user authentication information. Instead, the user attributes may be supplied in any mutually agreed format, such as an Attribute Statement in the emerging identity federation standard SAML [7]. This supports the requirement for credential federation (See Section 3.3.3).
