secure group collaboration in an open environment

1

Secure Group Collaboration in an Open Environment

May, 2006

Zhengyi Le

DEVLAB, Dartmouth College

2

What are Group Collaboration Systems?

Group collaboration application

Lecturer Program Coordinator

SecretaryAudience B

Audience A

A Group Collaboration System provides two services:

● Group administration → Create a group→ Maintain a group→ Destroy a group

● Data sharing→ Access to data→ Store data→ Transmit data

3

What are Open Environments ?

A Group Collaboration System runs in such environments where entities are diverse and autonomous

● Diverse : →a stranger should be allowed to join a collaboration if he is qualified.

●Autonomous→ an entity is self-motivated and self-governed.



SecretaryAudience B

Audience AAlice

Dartmouth

BobUniv. of NH

Carlo Hanover High School

Othercollaboration applications

4

Our Goals and Approaches

• Goals:1. Allowing qualified strangers to join a collaboration.2. Removing the need for a server and a central

administration.3. Giving users privacy they can control and security

they can understand.

• Approaches– introduce Automated Trust Negotiation (ATN)

(serve Goal 1).– use p2p solutions (serve Goal 2).– adopt human readable and writable policies to

protect data (serve Goal 3).

5

Examples of Existing Work

Roles Policies Centralized Enrollment

Open-Xchange

eGroup-Ware

2

(adm, user)

fixed C adm

Groove 4 fixed C & D adm & invite

NGC

[Ellision and Dohrmann 03]

3 fixed D adm & invite

GCS

[Nita-Rotaru and Li’s 04]

Many

(3+n)

dynamic C Not given

6

Background : Automated Trust Negotiation (ATN) [William Winsborough et al. 2000]

• ATN helps two strangers build mutual trust through exchanging certificates. A simple example:

• Alice is an AIDS patient with a credential to prove it.• DHMC is a hospital, which is offering a free on-line service to AIDS

patients who are US citizens. DHMC is also a certified hospital which protects patients’ privacy very well (HIPAA).

Alice

P1: CAIDS CHIPAA

P2: Ccitizen True

DHMC

Pa: R CAIDS Ccitizen

Pb: CHIPAA True

req R

req CAIDS Ccitizen

Ccitizen, counter req CHIPAA

CHIPAA

R (succeed)

CAIDS

Details in approach (1)

7

• When a stranger asks to join, it is not always feasible to apply Automatic Trust Negotiation (ATN) straightforwardly into collaboration systems.

– Reason: ATN handles only two-party cases while in collaborations there are many entities. It will be very inefficient if the stranger performs 1-to-1 trust negotiations with every existing member.

– Our approach: take advantage of the implication of trust relationships among Roles.


8

• Where does the existing RT family not work– RT: role-based trust management.– In the RT, roles are determined by and belong to a single party.– RT doesn’t describe the requirements of assigning a role. – We add RTA to the RT family to do this.

[Zhengyi Le et al. SecPerU05]• “A” stands for role assignment


Invitation

Yes or No

I personally know her. She is another lecturer

we want.

I am interested in joining this group. But I know nobody there.

Req to join

Perform ATN

Yes, Pending, or No



SecretaryAudience B

Audience A

Professor

• Why use role-based approach ?– The roles imply some

existing trust relationship

– A role could be viewed as an integration of some attributes

9

• Our observation: there are three different kinds of requirements:

• Attribute requirement

• Identity requirement

• Majority requirement

• RTA (1)Attribute requirementR (A1 V V Ai) Λ (Ai+1V V Aj) Λ

Ai A

A is the set of all the types of attribute certificates.

e.g.

RManager (AMBA V ADBA ) Λ AAge>30


10

Real World Digital World

True name X.509, or PGP identity certificate

Anonym temporary X.509 certificate with pseudonyms, or

SPKI certificate.

Proxy name SDSI certificate, or

X.509 proxy certificate

• RTA (2)Identity requirementR I.i– I.i {truename, anonym, proxyname}

– Why do we support these three kinds of different identities?• In open environments, entities are independent and autonomous. • They define their own privacy and make decisions whether to join. • If we support only one kind of identity, we will lose some potential

opportunity of collaborations.


11

• RTA (3)Majority requirement

R (α1R1 V V αiRi ) Λ (αi+1Ri+1 V V αjRj ) Λ α i [0,1] is the percentage of approvals from a specific role.

For example:

RChairman (50%RProf V 50%Rgrad) Λ 50%Rtrustee


12

Group Profile (shared data)------------------- Group name Mission description Join requirements Current time A list of members (with their hierarchical or latticed roles) A list of files (and associated policies)

Private Profile (private data)-------------------- Memberships Personal certificates (and associated policies) Files (and associated policies) Local strategies

Group Profile has two parts:

Publicly accessible part Selectively accessible part


Group Profile (shared data)------------------- Group name Mission description Join requirements Current time A list of members →

Alice (Lecturer)Bob (TA)Carlo (Student)

A list of files → final exam (lecturer only) grades (lecturer and TA) HW (all)

13

• OC disseminates group profiles in a p2p fashion with two modes.

Passive mode– Every on-line entity passively receives group profile from its

neighbor entities. In other words, every entity sends out its group profile to others periodically. The receiving party decides to accept or discard according to the timestamp and the version.

Active mode– An entity can actively send a request of updating its group

profile to its neighbor entities. This is the complementary mechanism for the passive mode because an entity might show up at any time and then disconnect after several seconds.


14

• Group members write policies to assign roles, e.g.– RManager (AMBA V ADBA ) Λ AAge>30

– R truename

– RChairman (50%RProf V 50%Rgrad) Λ 50%Rtrustee

• Users (members or not) write policies to protect their own data (files, credentials, resources),e.g. for a AIDS patient

– P1: CAIDS CHIPAA

– P2: Ccitizen True


15

• Proactive RSA in majority requirementsDetails in approach (3)

RSA:n = p*q(n) = (p-1)*(q-1)e is relatively prime to (n)d = e-1 mod (n) -------------------------------Md mod n = CCe mod n = M

Proactive RSA: [Frankel et al crypto97]

d = Σ di

------------------------------Π Mdi = MΣdi = Md (mod n)Ce mod n = M

• For example:

RProf 70%Rtrustee – Generate an RSA key pair and distribute the private key shares among trustees and

no one knows the entire private key. [Gilboa crypto99]– Only a subset (over 70%) of trustees can generate a valid complete signature for that

public key. – Using this method our program can automatically collect votes and assign roles to

applicant according to the majority policy.

Another example: RProf 100%Rtrustee (there are only two trustees)

Two-party Mediated RSA: [zhengyi Le et al in progress]

d = du0 + ds0

dui = dui-1 + rdsi = dsi-1 – r------------------------------Mdui * Mdsi = Md (mod n)Ce mod n = M

16

Current Status of Our On-going Project

• Any entities can log on to OC with any names they want.

• Collaborative groups can be created by any entity and are propagated in a P2P fashion.

current collaborativegroups

current online peersin OC

17Group operations Role operations File operations

Current Status of Our On-going Project● OC currently supports simple operations on groups, roles and shared files.

18

Current Status of Our On-going Project

• OC supports simple roles. Currently, in order to obtain a role, the peer node needs to get the role password.

• OC supports file sharing in a P2P fashion. We are implementing role based policies to secure file propagation.

4 roles in CS25 Groupa shared file among CS25

secure group collaboration in an open environment

Documents

group collaboration

secure group collaboration

group administration

mutual trust

trust negotiations

existing trust relationship

group data sharing access

rolebased trust management