MotOrBAC

logo

MotOrBAC is an OrBAC security policy editor, i.e it can be used to specify security policies following the OrBAC model. It uses the OrBAC Application Programming Interface (API) to manipulate OrBAC policies.The tool source code is open and available for download on the official sourceforge website

General information

MotOrBAC is an implementation of the OrBAC access control model. MotOrBAC aims at providing an OrBAC policy specification tool. Additionally it can be used to simulate OrBAC policies. The graphical user interface (GUI) is open source. The OrBAC API, on top of which MotOrBAC has been developed, has been developed to help software developers to include security mechanisms in their software.
The following image briefly shows how the tool uses the OrBAC API:

motorbac_architecture

Interface screenshot:

motorbac_gui

Security policy specification

t is easy to create OrBAC abstract security policy using MotOrBAC. Policy designers can create role or organization hierarchies for example or separate two roles using separation constraints. The GUI features a context editor allowing the user to easily define context definitions and test them.

Simulation

Given an abstract policy defined by administrators, MotOrBAC can derive and simulate a concrete security policy when subjects, actions and objects are added. Subjects, actions and objects have attributes which can be used when specifying contexts and abstract entities definitions.

Analysis

Since the OrBAC model can be used to express mixed policies containing permissions and prohibitions, conflicting concrete rules can be derived. For example a permission and a prohibition for the same subject to do the same action on the same object can be derived. MotOrBAC can detect those conflict at the abstract or the concrete level. Once detected, MotOrBAC contains conflict solving strategies which are proposed to the policy designer to restore coherence.

Administration

The API implements AdOrBAC, the OrBAC administration model. The administration policy expresses who is permitted to modify a policy, for example add roles, create hierarchies, add rules, empower a subject into a role, etc… In general other administration models consider only one administrator who possess all the rights to express a security policy. This hypothesis is not well suited for today’s infrastructures since information systems are more and more distributed. Since the AdOrBAC model uses the same concepts than the OrBAC model, OrBAC is a self-administered model. One of the main advantages is the possibility to distribute administrative rights, which can be restricted, over a set of roles.

Here are some AdOrBAC properties:

  • No separation between standard and administrative roles
  • Self-administration (same formalism for standard and administrative rules)
  • Multi granularity administration
  • Enforcement of confinement principle

Policy enforcement

Policies created with MotOrBAC can be interpreted by the OrBAC API. Hence it is possible to integrate the API into an application to secure it. The two approaches are to integrating the API during the software development phase or to use of the aspect oriented programming (AOP) paradigm to modify an existing application.
It is also possible to translate an OrBAC policy to configure a security component. For example a plug-in can written to translate an OrBAC policy into a target language, for example a firewall configuration language.

Extending MotOrBAC

MotOrBAC can be extended through the use of the plug-in system. Some plug-ins are distributed with MotOrBAC, along with the plug-ins specification.