運用屬性憑證於以角色為基礎的授權管理之研究

Abstract

資訊系統須能夠判定使用者是否有權限使用或更動某一項資訊資源，稱為執行權管制，在網際網路的應用愈來愈廣泛時，使用者如何適當地被授權，及如何提供應用系統執行權管制服務等議題將愈加重要。授權管理基礎建設(Privilege Management Infrastructure)是植基於屬性憑證，提供執行權管制服務的架構，但相較於公開金鑰基礎建設目前已有甚多的應用及討論，授權管理基礎建設則尚在起步階段。 以角色為基礎的執行權管制(Role Based Access Control)為近年來較受重視及應用的一種執行權管制機制，它反映了組織的角色功能，符合組織的資訊安全政策，因此，本論文結合PMI與RBAC理論機制，設計了一個以角色為基礎的授權管理模型，以作為組織於實行授權管理基礎建設的運作架構；另外， X.509憑證標準第四版定義的屬性憑證並無法完全承載以角色為基礎的授權管理所需要的授權管制資訊，本論文提出了利用屬性憑證的acceptablePrivilegePolicies擴充欄位及自訂擴充欄位等二種方法來支援RBAC，將使用者於啟動角色及執行權限時所需的授權資訊均承載於屬性憑證，可增加屬性憑證的應用性。 最後，有鑑於XML已普遍被認為為目前網際網路應用系統間資料格式交換的標準，本論文採用ASN.1的XML編碼規則(XER)標示屬性憑證，以XACML政策語言設計RBAC授權管理規則，並說明採用XML屬性憑證及授權管理規則的權限驗證流程，以期透過XML可使屬性憑證能於網際網路上更廣泛的應用。

Access control is the function of deciding whether a user is permitted to use or change information contents in information systems. Based on the concept of attribute certificate, Privilege Management Infrastructures (PMI) is a framework for access control. Extended from PKI (Public-key Infrastructure), PMI is comparatively new. Role-Based Access Control (RBAC) has been paid much attention in recent years. RBAC reflects the needs for implementing separation of duties and other security policies in organizations. Using a combination of PMI and RBAC, the author of thesis presents a role-based privilege management model. The proposed model works as a framework for practicing PMI. In the proposed model an X-509 attribute certificate does not necessarily include all information for access control. Part of the information is role related. The information about role assignment is either written into an extension field named acceptablePrivilegePolicies or is written into a new extension field. Therefore, user privileges are verified when a user starts a role. Accordingly, the proposed approach broadens applications of the X.509 based attribute certificate. Because XML has been widely considered as a standard for data exchange among various Internet application systems nowadays, this thesis utilizes an XML encoding rule for ASN.1 (XER), to encode an attribute certificate and uses an XML-based language, named XACML, to design a set of RBAC security policies. A verification procedure is also proposed; therefore, the research result of this thesis is ready for real-world applications.