The Environment-Aware Access Control Model For Intrusion Prevention

Intrusion Prevention System(IPS)combines the technical vantages of the Intrusion Detection System (IDS) and firewall. By blocking the intrusive activities and aggressive network flow in advance, IPS can provide the active protection. IPS is widely used in various kinds of"Client/Server"access systems, however, IPS has still some limitations at present. For example, the concept of intrusion is not popular enough, and it is only involved with suspicious data stream, but the actual intrusions should concern more external factors, such as improper time, site and insecure platform etc; it is also restricted to prevent intrusions by coupling IDS with firewall roughly, but not a organic unity of implementing defense.Based on the research of role-based access control (RBAC), an Environment-Awareness-Based Access Control (EABAC) model is put forward to improve the efficiency of IPS and providing the further active prevention. In EABAC, more potential factors that result in intrusions are brought into the prevention system to improve the ability of security defenses, before intrusion occurs. An access system based on EABAC is able to sense the security of environment as well as the proactive protection is implemented.To establish the EABAC model, some new extensions and definitions are explored, such as the design of the formalize description, the access control rules and the security constraint strategy, and also in the aspect of improving the system's robustness. First, EABAC expands the definition of the roles and imports the concept of the environmental roles. All of the objective factors that have an influence on the system's security can be abstracted into the environmental roles. The complete semantic and functional norms about multiple environment factors are presented in the form of mathematic description. According to the rules of RBAC, the core model, hierarchy model and separation of duty of EABAC are set up, by which the system can capture the context of the environment. The bound of traditional roles is broken and the range of intrusion prevention is extended.Second, the assignment policies of roles and permission based on the environmental security are established. The variety of roles results in the variety of"user?role"and"role?permission". Bringing forward environment label and label permission, EABAC builds a relationship between the permission assignment and the environmental states. By the partial order of roles, the model can reflect the sensitivity of environment awareness and provide the fine-grained access control.Third, more abundant security constraints are implemented. The range of role constraint is expanded; different dimensions constraint, environment constraint and correlative constraint are proposed; the related conflict strategies are built. By realizing these security constraints, multiple environment factors are congregated to a whole; access control policies and environment security are coupled tightly. Resolving the conflicts in role model in reason, security defense could be controlled flexibly.Fourth, the intrusion tolerance mechanism is brought forward for EABAC. A perfect access control system need not only prevent intrusions but also resist attacks. Though the attacks still exist, the system can yet provide the full or partial services for user when some emergencies happening and the data of access are kept secret. By this way, the robustness of IPS application is improved.By doing the series of research work, the work-base logic of EABAC is deduced, and a prototype system is implemented. The analysis about the prototype system indicates that EABAC can resist the multifarious intrusions by capturing the information of the time, space, platform, approach and data stream. It implements dynamic access control using role instance as carrier which contains multiplex roles. Besides, EABAC provides the redundant protection as well as the stress of traditional centralized intrusion prevention is dispersed and the execution complexity of EABAC is reduced by the technologies of Virtual Service and Secure Tunnel Division Multiplexing.