Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Concurrency control wikipedia , lookup
Entity–attribute–value model wikipedia , lookup
Open Database Connectivity wikipedia , lookup
Extensible Storage Engine wikipedia , lookup
Microsoft Access wikipedia , lookup
Microsoft Jet Database Engine wikipedia , lookup
Relational model wikipedia , lookup
Clusterpoint wikipedia , lookup
Context Aware RBAC Model For Wearable Devices And NoSQL Databases • • • • Amit Bansal Siddharth Pathak Vijendra Rana Vishal Shah Guided By: Dr. Csilla Farkas Associate Professor Roadmap: ■ Relational Database Management System ■ NoSQL Databases ■ Access Control Models ■ Wearable Devices ■ Proposed Solution ■ Wrap-up RDBMS (Relational Database Management System) What it is ? • Stores Data In The Form Of Related Tables Using Keys Like Primary Keys, Foreign Keys. • Relational operators to manipulate the data. • For Data Manipulation Mostly SQL(Standard Query Language) used • Other vendors are MySQL server, db2, oracle and MySQL. RDBMS •efficient storage •Simple to delete or modify Persistent data storage Complex queries •certain tables can be made confidential Scalability Complexity Better security Hardware performance •Response time •powerful servers •more storage space NoSQL (Not Only SQL) • A non-relational and largely distributed database system • A fast, portable, open-source RDBMS • Support horizontal scaling • Run on clusters of machines • NoSQL does not prohibit structured query language. • Example : Apache Cassandra, Google Big table Why ? • CAP theorem – Confidentiality : data is written only once all other manipulation is stored Availability : Data is available and responsive Partition Tolerance : whole database not get affected due to some part • Big data applications - store massive volumes of data Types of NoSQL : •represented as a graph •elements are interconnected •Neo4j and Titan •indexed key and a value •schema-less •least complex NoSQL options •Riak, Redis, BerkeleyDB •store data tables as sections of columns of data •HBase, Cassandra, Big Table and HyperTable Key-Value store Graph database Column store Document database •idea of key-value stores •document is assigned a unique key •MongoDB and Couch DB Why NoSQL over RDBMS ? RDBMS NoSQL Access Control Mechanism that provides selective restriction of access to specific user. Characteristics: • Cannot be bypassed • Enforce least-privilege • Need-to-know restrictions • Enforce organizational policy • User identification and authentication • Information specifying the access rights is protected form modification Existing Solutions for Access Control DAC Access Control MAC RBAC Mandatory Access Control Classification Label Advantages • Granularity of access. • Only Administrator can grant access Clearance Label Compare Object and User Clearance Disadvantages • Difficult to implement • Not Agile Discretionary Access Control Considerations •Every Object has Owner •Object owner has total control over access granted Control Mechanisms •Security through Views •Stored Procedures •Grant and Revoke •Query modification Advantages •Easy to use •Easy to administer •Aligns to the principle of least privileges. Role Based Access Control Motivation Components Multi-user systems Users Multi-application systems Roles Multiple Roles for a User Permissions Multiple Permissions for User Sessions RBAC Workflow Role Hierarchy Users User Assignment Roles Sessions Permission Assignment Permissions RBAC in NoSQL Challenges •Schema-less •4 Database Models •No implicit User Authentication •Vendor Specific Implemented Basic No Multiple Role Assignment RBAC Implemented NA Internet of Things (IoT): Increase in the no of IoT devices globally: Internet of Amazing Things: Few Wearable Devices: Data Flow Through IoT: Security Concern User Fitness Trainer IOT Provider Wearable Devices Roles 3rd Party Vendors DBA Medical Professional How Can I provide Security? Proposed Solution: Context Aware RBAC Model for Wearable Devices on NoSQL Databases Work Flow: Role Hierarchy Users User Assignment Roles Sessions Permission Assignment Permissions Context Challenges: Conflicting Roles • Occurs when users have multiple roles. • Check from the XACML configuration files to see if access is allowed. Separation of Duties • Separate User Groups should be created that have permission. Sample Illustration: ID Purpose Time Pulse Rate Blood Pressure Distance Potential Roles and Access: User Provider Administrator Medical Professional 3rd Party Trainer •All Data Fields •ID, Purpose, Time, Location •All Fields •(Cannot View Raw Data) •ID, Name, Pulse Rate, Calories •Blood Pressure, Time •DeviceID, ID, Other Columns •(Depending upon User Authorization) •Calories, ID, Pulse Rate, Time Calories Location Steps DeviceID Context in XACML : Protection Object : User U, Permission P, Session S, Role R, Tuple T, Column C, Operation O; When user has access to all columns: Object = { U, R, S, T, ,O, P} When user has access to some columns: Object = { U, R, S, T{ Ci, Cj, ….}, O, P} What is covered: RDBMS Vs NoSQL RBAC and its workflow The Internet of things Context aware RBAC for wearable device Can be a solution • Protection Object for proposal • • • • Challenges Worth Noticing: • Scaling • People Awareness