Auditing authorization decisions
First Claim
1. A system implementing a security authorization paradigm comprising:
- memory and a processor;
an access control module, stored in the memory and executable on the processor; and
an auditing module, stored in the memory and executable on the processor;
wherein the access control module is configured to include a semantic framework comprising assertions, authorization queries, and an evaluation algorithm for producing a proof graph comprising dependency relationships between each assertion,wherein the auditing module is configured to include an audit policy that is coupled to the semantic framework of the access control module such that the audit policy is specified using at least a portion of the semantic framework, andwherein each authorization query is a logical English expression comprising facts, conditions, and a logical operator including at least “
NOT,”
wherein the audit policy comprises audit policy rules including audit trigger rules that specify when auditing is triggered utilizing the semantic framework of the access control module,wherein the semantic framework is at least partially defined by the assertions comprising token assertions and policy assertions, by the authorization queries being respectively associated with resource-specific operations that respectively correspond to access requests, and by the evaluation algorithm that attempts to satisfy a given authorization query in conjunction with an assertion context having token assertions that are authenticated and policy assertions that are related to a given access request, andwherein an audit record includes the proof graph.
2 Assignments
0 Petitions
Accused Products
Abstract
The auditing of authorization decisions is facilitated by integrating or coupling an audit policy to access control decisions. In an example implementation, an audit policy of an auditing scheme is coupled to a semantic framework of an access control scheme such that the audit policy is specified using at least a portion of the semantic framework. In another example implementation, audit policy rules include audit content rules that specify what audit information from any of the inputs, the outputs, or the internal data of authorization decisions is to be included in an audit record. In yet another example implementation, a semantic of an audit trigger rule comports with a semantic framework of an access request and of a logical evaluation for an authorization decision.
90 Citations
9 Claims
-
1. A system implementing a security authorization paradigm comprising:
-
memory and a processor; an access control module, stored in the memory and executable on the processor; and an auditing module, stored in the memory and executable on the processor; wherein the access control module is configured to include a semantic framework comprising assertions, authorization queries, and an evaluation algorithm for producing a proof graph comprising dependency relationships between each assertion, wherein the auditing module is configured to include an audit policy that is coupled to the semantic framework of the access control module such that the audit policy is specified using at least a portion of the semantic framework, and wherein each authorization query is a logical English expression comprising facts, conditions, and a logical operator including at least “
NOT,”wherein the audit policy comprises audit policy rules including audit trigger rules that specify when auditing is triggered utilizing the semantic framework of the access control module, wherein the semantic framework is at least partially defined by the assertions comprising token assertions and policy assertions, by the authorization queries being respectively associated with resource-specific operations that respectively correspond to access requests, and by the evaluation algorithm that attempts to satisfy a given authorization query in conjunction with an assertion context having token assertions that are authenticated and policy assertions that are related to a given access request, and wherein an audit record includes the proof graph. - View Dependent Claims (2, 3, 4)
-
-
5. A computer-implemented method configured to execute instructions which, when executed by a computer processor, direct the computer to perform acts comprising:
-
specifying at least one audit trigger rule that indicates when an audit record is to be generated; receiving an access request from an input device targeting a particular resource stored in a memory; performing, in response to the access request, a logical evaluation of an authorization query in conjunction with an assertion context to make an authorization decision about the particular resource stored in the memory; detecting if the at least one audit trigger rule matches the access request or the logical evaluation; if the at least one audit trigger rule is detected to match, generating an audit record; wherein a semantic of the at least one audit trigger rule comports with a semantic framework of the access request including the particular resource stored in the memory and the logical evaluation including both the authorization query and the assertion context;
the performing comprises developing a logical chain of deduction starting from assertions of the assertion context and leading to the authorization query;
the method further comprises producing a proof graph having nodes representing assertions and directed edges representing logical deduction links of the logical chain of deductions; and
the audit record includes the proof graph; andspecifying at least one audit content rule that indicates what audit information is to be included as part of an audit record, wherein the generating comprises generating an audit record based on the at least one audit content rule, and wherein the specifying at least one audit content rule comprises specifying policy assertions that are input to the logical evaluation from an authorization and trust policy. - View Dependent Claims (6, 7, 8, 9)
-
Specification