Auditing authorization decisions

US 7,814,534 B2
Filed: 09/08/2006
Issued: 10/12/2010
Est. Priority Date: 09/08/2006
Status: Active Grant

First Claim

Patent Images

1. A system implementing a security authorization paradigm comprising:

memory and a processor;

an access control module, stored in the memory and executable on the processor; and

an auditing module, stored in the memory and executable on the processor;

wherein the access control module is configured to include a semantic framework comprising assertions, authorization queries, and an evaluation algorithm for producing a proof graph comprising dependency relationships between each assertion,wherein the auditing module is configured to include an audit policy that is coupled to the semantic framework of the access control module such that the audit policy is specified using at least a portion of the semantic framework, andwherein each authorization query is a logical English expression comprising facts, conditions, and a logical operator including at least “

NOT,”

wherein the audit policy comprises audit policy rules including audit trigger rules that specify when auditing is triggered utilizing the semantic framework of the access control module,wherein the semantic framework is at least partially defined by the assertions comprising token assertions and policy assertions, by the authorization queries being respectively associated with resource-specific operations that respectively correspond to access requests, and by the evaluation algorithm that attempts to satisfy a given authorization query in conjunction with an assertion context having token assertions that are authenticated and policy assertions that are related to a given access request, andwherein an audit record includes the proof graph.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The auditing of authorization decisions is facilitated by integrating or coupling an audit policy to access control decisions. In an example implementation, an audit policy of an auditing scheme is coupled to a semantic framework of an access control scheme such that the audit policy is specified using at least a portion of the semantic framework. In another example implementation, audit policy rules include audit content rules that specify what audit information from any of the inputs, the outputs, or the internal data of authorization decisions is to be included in an audit record. In yet another example implementation, a semantic of an audit trigger rule comports with a semantic framework of an access request and of a logical evaluation for an authorization decision.

90 Citations

View as Search Results

9 Claims

1. A system implementing a security authorization paradigm comprising:
- memory and a processor;
  
  an access control module, stored in the memory and executable on the processor; and
  
  an auditing module, stored in the memory and executable on the processor;
  
  wherein the access control module is configured to include a semantic framework comprising assertions, authorization queries, and an evaluation algorithm for producing a proof graph comprising dependency relationships between each assertion,wherein the auditing module is configured to include an audit policy that is coupled to the semantic framework of the access control module such that the audit policy is specified using at least a portion of the semantic framework, andwherein each authorization query is a logical English expression comprising facts, conditions, and a logical operator including at least “
  
  NOT,”
  
  wherein the audit policy comprises audit policy rules including audit trigger rules that specify when auditing is triggered utilizing the semantic framework of the access control module,wherein the semantic framework is at least partially defined by the assertions comprising token assertions and policy assertions, by the authorization queries being respectively associated with resource-specific operations that respectively correspond to access requests, and by the evaluation algorithm that attempts to satisfy a given authorization query in conjunction with an assertion context having token assertions that are authenticated and policy assertions that are related to a given access request, andwherein an audit record includes the proof graph.
- View Dependent Claims (2, 3, 4)
- - 2. The system as recited in claim 1, wherein the audit trigger rules generate auditing responsive to at least one of:
    - an authorization decision result, a targeted resource, a requested action, or an operation on a resource.
  - 3. The system as recited in claim 1, wherein the audit policy rules further include audit content rules that specify what information relating to an authorization decision is audited utilizing the semantic framework of the access control module.
  - 4. The system as recited in claim 3, wherein the audit content rules record audit information based on at least one of:
    - one or more token assertions, one or more policy assertions, a requested authorization decision, or logical deduction data.

5. A computer-implemented method configured to execute instructions which, when executed by a computer processor, direct the computer to perform acts comprising:
- specifying at least one audit trigger rule that indicates when an audit record is to be generated;
  
  receiving an access request from an input device targeting a particular resource stored in a memory;
  
  performing, in response to the access request, a logical evaluation of an authorization query in conjunction with an assertion context to make an authorization decision about the particular resource stored in the memory;
  
  detecting if the at least one audit trigger rule matches the access request or the logical evaluation;
  
  if the at least one audit trigger rule is detected to match, generating an audit record;
  
  wherein a semantic of the at least one audit trigger rule comports with a semantic framework of the access request including the particular resource stored in the memory and the logical evaluation including both the authorization query and the assertion context;
  
  the performing comprises developing a logical chain of deduction starting from assertions of the assertion context and leading to the authorization query;
  
  the method further comprises producing a proof graph having nodes representing assertions and directed edges representing logical deduction links of the logical chain of deductions; and
  
  the audit record includes the proof graph; and
  
  specifying at least one audit content rule that indicates what audit information is to be included as part of an audit record,wherein the generating comprises generating an audit record based on the at least one audit content rule, and wherein the specifying at least one audit content rule comprises specifying policy assertions that are input to the logical evaluation from an authorization and trust policy.
- View Dependent Claims (6, 7, 8, 9)
- - 6. The computer-implemented method as recited in claim 5, wherein the specifying comprises at least one of:
    - specifying an authorization decision result;
      
      specifying a targeted resource;
      
      specifying a requested action;
      
      orspecifying an operation on a resource stored in the memory.
  - 7. The computer-implemented method as recited in claim 5,wherein a semantic of the at least one audit content rule comports with the semantic framework of the access request including the particular resource and the logical evaluation including both the authorization query and the assertion context.
  - 8. The computer-implemented method as recited in claim 7, wherein the specifying at least one audit content rule further comprises at least one of:
    - specifying token assertions that are provided with the access request;
      
      specifying a requested authorization decision that includes the access request or the authorization query;
      
      orspecifying logical deduction data produced by the logical evaluation.
  - 9. The computer-implemented method as recited in claim 7, wherein the particular resource can be specified by the at least one audit trigger rule or the at least one audit content rule using a resource naming mechanism that is identical to the resource naming mechanism utilized by both the authorization query and one or more assertions of the assertion context.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Dillaway, Blair B.
Primary Examiner(s)
Moazzami; Nasser
Assistant Examiner(s)
ABEDIN, SHANTO

Application Number

US11/530,439
Publication Number

US 20080066146A1
Time in Patent Office

1,495 Days
Field of Search

726/1, 726/2, 726/4, 726/5, 726/3, 726/6, 726/9, 726/14, 713/155, 713/165, 713/167, 713/185, 713/182, 717/114, 717/117
US Class Current

726/4
CPC Class Codes

G06F 21/6218 to a system of files or obj...

G06F 2221/2101 Auditing as a secondary aspect

Auditing authorization decisions

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

90 Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Auditing authorization decisions

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

90 Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links