Submitter: Darran Rolls, SailPoint
Description/User Story
Title:
Employing a “Reliability Index” in federated policy decision
flows
Abstract:
When designing a policy within a federated authorization
system, the policy designer places a high degree of overall
system integrity in the ‘quality” of the attributes used in a
given policy decision. The
active exchange of attributes and data between relying parties
in distributed cloud / federated authorization systems, makes
it hard to design policies that allow for the varying levels
of controls & assurance placed around attribute management
lifecycle controls.
This user story introduces the use of a “reliability index” to
help providers and consumers define, model and understand an
integrity rating for a given attribute, set of attributes or
attribute provider By
employing a reliability index for the attribute provider and
for the specific attributes it provides, the policy designer
is able to create more meaningful access policies, policies
that reflect the dependencies, reliability and overall risks
inherent in the authorization system as a whole.
Goal or Desired Outcome
The policy author is
able to define a policy that allows for the real-time
assessment of the reliability of an attribute provider or the
individual reliability for any attribute it provides. This allows for varying
levels of access control policy to be applied dependent on the
value of the reliability index retrieved for the provider
and/or its attributes. When reliability is low, the policy
author defines more approval/controls and less access for the
same decision matrix, applied to the same set of identity
attributes. This
should allow for better decisions to be made.
Applicable Deployment and Service Models
This user story
applies to the following cloud deployment and service models
Cloud Deployment
Models: Private, Public, Community, Hybrid
Service Models: Software-as-a-Service (SaaS),
Platform-as-a-Service (PaaS)
Actors
The Attribute
Authority
The logical
entity that provides an attribute for use
in the evaluation of a policy
The Policy
Author
The author or creator of a given access authorization decision
policy
The Policy
Decision Point
The logical
entity that makes policy decisions for itself or for other
network elements that request such decision.
Systems
TBD
Notable Services
TBD
Assumptions
1. An
operating trust model exits within a federated access
authorization system. The
overall system is appropriately configured to allow for policy
decision flows in accordance with the use case.
2. More
TDB…
Process Flow
The POLICY_AUTHOR
writes a policy that only provides access to
PROTECTED_RESOURCE if the SPECIFIC _SUBJECT is OVER_21.
The ATTRIBUTE_PROVIDER
asserts that SPECIFIC_SUBJECT is over 21 and carries out a
physical driving license inspection and an in person
interview. ATTRIBUTE_PROVIDER
places a very high ATTRIBUTE_RELIABIITY_INDEX to its OVER_21
attribute due to its strong internal control procedures.
In this case, the
ATTRIBUTE_PROVIDER is awarded a high PROVIDER_RELIABIITY_INDEX
because it is the Texas DMV and is the actual issuer of the
driving license in question.
When OVER_21 is true
and either of the ATTRIBUTE_RELIABIITY_INDEX or the
PROVIDER_RELIABIITY_INDEX are high, the SPECIFIC_SUBJECT is
provides direct access to PROTECTED_RESOURCE. If either the
ATTRIBUTE_RELIABIITY_INDEX or the PROVIDER_RELIABIITY_INDEX
are not high, then SPECIFIC_SUBJECT is asked to confirm their
age before being provided access to PROTECTED_RESOURCE.