Secure Access Policy Generation For Complex Event Handling System

Transcription

1 Secure Access Policy Generation For Complex Event Handling System Sharad Handibag, Sandesh Ugale, Shafik Shaikh Savitribai Phule Pune University Pune Vidyarthi Griha s College of Engineering,Nashik of Computer Engineering Abstract Available Event Processing System has much more demerits to maintain privacy constraints regarding incoming event streams in complex subsequently occurring event operation.this will generate problem for developing large-scale distributed application e.g logistics chain, banking system where operators are work on various distributed domains or number of branches located at various geographical location. This paper presents secure and efficient approach for complex event management.each occurring event stream can be protected secure through access policy and enforced by obfuscation algorithm. it allows to ignore the access requirement and output sufficient obfuscation level holding event which is part of access policy.in this system each operator has predefined access permission and he also responsible for corresponding tasks.obfuscation algorithm acts as a majar role for incoming events that will decide either pass it on or ignore the event. Keywords: Access control; Event processing ; obfuscation threshold; Bayesian network;consolidation.,introduction Business processing requires early detection of inconsistencies or faults. e.g. in case of logistic processes all products while transporting are track until they reaches to the desired destination in case of any failures or any problem occur during transport they should be rerouted. Detection and taking various decision dynamically makes business Fig.1 Processing system)[13],[12] takes incoming event stream from sensors distributed over large geographical area. e.g. From product tracking devices. This system is most powerful replacement for conventional event processing system in which operators are centralized such approach have drawbacks like reducing the communication load due to centralization, which replaces this by distributing them[11],[10],[8],[9]. Today s collaborative nature of various networks which is result of today s economy which is internally collaborative in nature. So to handle events occurring in such environment networks are non-homogeneous in term of working abilities and technical details,various participants and those are distributed over multiple security domains[7],[6]. This hierarchy forces to maintain the security for overcoming the problem due to highly collaborative and interoperability. current centralized system is not capable to work on this type of complex system which lags in the way of controlling data access. E.g. An industry may restrict its subsets from having access to some sort of information. i.e. only authorized users. processing more complex event processing paradigm for continuing industrial application.for detecting runtime raising problem CEP(Complex Event 1524

2 Fig 2 Presenting work provide security,confidentiality by reducing drawbacks available in current event processing system and provide more flexible and user friendly environment[3],[4],[5].in CEP independency between events may loses control of operator over event data which will generate major problem of security.the illustrated below figure depicts the example of logistic process for transporting various products, tracking them until reaches to the destination and handling various processes and control floating through various domains like Manufacturer,shipping company, customer.process of transporting items is like : 1. Manufacturer wants to deliver an product to certain destination. 2. Shipping company determines the specific warehouses which are more closer and convenient to destination before transferring to end user. This logistic process handled by CEP in which different operators are hosted in their perspectives domains and exchange highly confidential information among them while exchanging events during communication.e.g. product destination regarding information sent to shipping company. In this case third party warehouse host does not have access to this information and does not conclude the desired destination.destination information is declared by manufacturer and only shipping company has access to this details. This work objectives are: 1. Accessing rights inheritance over chain of dependent operators 2. A scalable approach to calculate amount of obfuscation enforced by operators for exchanging information regarding various event stream. As result of this obfuscation threshold will be included to decide access policy the event processing system can ignore the access restriction.this will increase number of event that will react for event processing which will in turn increases utility of CEP. I. System Model We make hypothesis about correlative and collaborative networks where distributed operators are interconnected to handle complex system.in this distributed networks each individual machine deployed an operator which is completely responsible for event handling in CEP. We use mathematical modeling of CEP system by directed graph G=(Ω,S) which consists of operator w Ω and event stream (wi, wj) S (Ω Ω) has direction from w j wj. Where w i belongs to procedure set and w j to consumer of events.each event has various attributes.corelation function used for designing collaboration is f: I w O w where I w is indicates incoming events and O w indicate outgoing one.that means f w is responsible for selecting incoming event relate it with outgoing event.fig.2 depicts this overall process.this nothing but the operators graph according to our logistic process example. function f sc operates on incoming event which is produced by w m i.e. by manufacturing domain.f sc carries two event attributes I location of warehouse and ii estimate delivery day. 1525

3 II. Access control for CEP Access policy is process of inheriting access requirements by assigning them to event attributes thus access policy retains requirement as it is although any number of correlation steps are followed in operator attribute of occurring event as long as value of threshold of obfuscation is valid for particular event attribute that event are allowed otherwise ignored. A. Access policy Access rights are specified through access control of particular host for available set of event attribute access rights are provided by event procedure and many granted to operator based on event requirement these requirement may be a domain affiliation or a location a role.we will specify set of granted rights for access in AP for operator w as: AP w = {(att1, ar1),..., (attn, arn)}. Unspecified event attribute requirement can be accessed by any operator i.e. consumer of event in network. We assume event attributes are distinct due to they are produced at different operators. Val: ar=(p,op,val) where val may contain range of values and op may be ( =,<,>,<=,>=,є) in this paper for reason of simplicity attribute can be specified as: ar 1 =(domain є,{ domain A, domain B}). In our logistic process example manufacturer events attribute retains different attribute. Details about destinations accessible by customers where production place and pickup time is restricted to the shipping. AP manufacturer ={({(destination,(domain,,{shi ppingcomp,customer})),(pickuptime,(domai n,=,shippingcomp)),(productionplace, (domain,=,shippingcomp))} Enforcing and assuring access policy at particular producer consumer can access attributes iff it s properties are matches with access requirements predefined for that attributes B. Obfuscation of given event information Producers are allowed to specify the access requirement in sophisticated way as per the access policies, due to restrictive nature in the chain of operators operating all different level in inheritance can affect the reliability of CEP system : in correlation demand for access from different producers may increase in consolidation that s lead to deny access to numbers of consumer that are trying to get access to the events attributes of producer event streams.this will change the main objective of event processing system due to which even basic event has little influence on its outcome related complex event processing system. In case of our example of logistic process in it attributes place of production,pick time are utilized to confirm day of delivery of the ordered item. As consequence customer has no right to quote estimated day of delivery since the customer doesn t fulfill access requirement for production place and day of delivery.but still customer has quite interest in this information. We say the correlation process will obfuscate attributes values and attained level of threshold access requirement become invalid. Thus obfuscation measure decide event infer the original attribute value. Calculation of obfuscation is dependant on both attribute value as well as knowledge of event consumer this work.we will use obf( att old, att new, ω) refers retain level of obfuscation by att new for att old the knowledge available at consumer given by w Ω. Every operator assigned with access policy as well as obfuscation policy.threshold value for attribute produced by operator is given by obfuscation policy.during processing of event attribute with respect to each interested user obfuscation value is calculated.once the threshold value is reach for that particular users event attribute sent in place of that confusing requirement.obfuscation Policy(OP) for operator w as set of pairs : OP w = {(att 1, ot 1 ),..(att n, ot n )}. For example,op: OP manufacturer = {(destination, 0.9)}. Will allows shipping company to restrict access rights for designated destination in case of attribute day of delivery if obf(destination, day of delivery, ωc) 0.9. C. Security perspectives Let att old w att new denote that 1526

4 i. At some of the operator ω Ω, att old taken as input to the correlation function f w ii. f w generate att new corresponding to att old. After that att old att new is transitive closure of dependency relation mainly we want to preserve privacy of event attributes after number of correlation steps considering relationship among attributes for any policy consolidation we must have to consider following conditions: Condition 1. For all attributes att O w produced at w AR init (att) AP w. (1) Condition 2. For all dependent attribute pairs This proposed system attaches pair of operators in G through secure event stream.for generating secure stream we rely on publish or subscribe system in addition with this work.e.g. [4],[3],[5],[2],[1].in this work only important thing is that each consumer w c needs to request required attributes. a) Inheritance in access policy Two basic conceptual steps in policy inheritance are: 1.for each operator domain experts must identify dependency between incoming and outgoing events 2.An operator must have to map access requirement related to incoming events for outputting outgoing events in case of our example operator w sc determine Fig 3.Bayesian Network (att old, att new ) with 1) w i has generated att old with access requirement AR(att old ) and obfuscation threshold (att old, x) OP wi, 2) att new is generated by w j 3) att new is get by w k the access requirement in AP wj yield AR(att old ) AP wj if obf(att old, att new, w k ) < x. (2) Consolidation algo must acquired condition 1 as well as condition 2 to provide access rights according to access policy. The main objective of this is not to allow sensitive information access by unauthorized users. III. Access policy consolidation and event obfuscation value of warehouse attribute.mapping given by : (domain,, {shippingcompany, customer}) b) Obfuscation semantics. While dealing with obfuscation our objective is not to change the way in which participant uses CEP. Some major assumptions regarding to obfuscation are : we assume consumer of event has knowledge about an att 1.semantic of correlation function that is responsible for generating att. 2.possible value of attribute att depends on. c) Discussed characteristics up to this point leads us to formalize inference of attribute in form of probability value. This inference probability know as Bayesian Network. which gives solution to the question 1527

5 IV. Given a certain output attribute, and a certain set of input attributes the consumer knows, how likely is a specific value for the incoming attribute we need to secure? the conditional probability distribution for att old : ip(att old, att new, w c ) =P(att old knownw c (I (att new )\I (att old )),att new )) (3) inference probability is set of values over inferred event attribute att old.ip is dependant on knowledge of consumer as well as operator function we Can calculate entropy of the inference probability of distribution: obf(att old, att new, w c ) = H(ip(att old, att new, w c )) (4) entropy value gives desired association measure. If incoming and outgoing event attribute are equal then entropy=1 Scalability of access policy consolidation In spite of global value calculation of Bayesian Network,we use knowledge of each local host.which allows reduced extra relation of outgoing incoming attributes which in turns reduces very large overhead of processing. According to algorithm handling of each occurring events based on locally generating obfuscation. V. CONCLUSION This work present the CEP mechanism based on inheritance and consolidation of access policy in heterogeneous networks. We identifying drawbacks of currently available event processing system and create solution from overcoming this drawbacks. Specifically we set an approach allowing inheritance of access requirement.local obfuscation calculation algorithm includes information obfuscation raised during correlation process and make use of obfuscation value for decision making.we presented implementation of our approach referring to Bayesian Network calculations of inference probability.this will shows our approach is intensive to calculation. Future work will forces on enhance method of obfuscation calculation and methods regarding size of Bayesian Network to calculate obfuscation value over more than one correlation network. ALGORITHM : LOCAL OBFUSCATION CALCULATIOIN procedure INITIALIZE(w) for all operator w do D w FINDMULTIPATHOPERATORS(w) for all w D w do relatts FINDRELATEDATTRIBUTES for all (att new, att old ) relatts do TRANSMIT P(att new att old ) TO w end procedure procedure UPONRECEIVEEVENT(e) for all att e do if multpathdependency(att) then CALCULATEWORSTCASEOBFUSCATION(ATT) else CALCULATELOCALOBFUSCATION(ATT) end if end procedure VI ACKNOWLEGEMENT This work is supported by contract research Access Policy consolidation For Event Processing System of the Boris Koldehofe.The authors would like to thanks Umakishore Ramchandran.Bjorn Schilling and the reviewer s for their helpful comments. REFERENCES [1] S. Rizou, F. D urr, and K. Rothermel, Providing qos guarantees in large-scale operator networks, in High Performance Computing and Communications (HPCC), th IEEE International Conference on, 2010, pp [2] M. A. Tariq, B. Koldehofe, G. G. Koch, I. Khan, And K. Rothermel, Meeting subscriber-defined QoS constraints in publish/subscribe systems, Concurrency and Computation: Practice and Experience, vol. 23, no. 17, pp ,2011 [3] J. Bacon, D. M. Eyers, J. Singh, and P. R. Pietzuch, Access control in publish/subscribe 1528

6 systems, in Proc. of the 2 nd ACM International Conference on Distributed Event-Based Systems (DEBS), 2008, pp [4] L. I. W. Pesonen, D. M. Eyers, and J. Bacon, Encryption-enforced access control in dynamic Multidomain publish/subscribe networks, in Proc. of the 2007 ACM International Conference on Distributed Event-Based Systems (DEBS), 2007, pp [5] M. A. Tariq, B. Koldehofe, A. Altaweel, and K. Rothermel, Providing basic security mechanisms in broker-less publish/ subscribe systems, in Proceedings of the 4th ACM Int. Conf. on Distributed Event-Based Systems (DEBS), 2010, pp [12] A. Hinze, K. Sachs, and A. Buchmann, Event- Based applications and enabling technologies, in Proceedings of the Third ACM International Conference on Distributed Event-Based Systems, ser. DEBS 09. New York, NY, USA: ACM, 2009, pp. 1:1 1:15. [13] A. Buchmann and B. Koldehofe, Complex event processing, it - Information Technology, vol. 51:5, pp , [6] B. Schilling, B. Koldehofe, and K. Rothermel, Efficient and distributed rule placement in heavy constraint-driven event systems, in Proc. of the 10th IEEE International Conference on High Performance Computing and Communications (HPCC), 2011, pp [7] B. Schilling, B. Koldehofe, U. Pletat, and K. Rothermel, Distributed heterogeneous event processing: Enhancing scalability and interoperability of CEP in an industrial context, in Proc. of the 4th ACM International Conference on Distributed Event-Based Systems (DEBS), 2010, pp [8] B. Koldehofe, B. Ottenw alder, K. Rothermel, and U. Ramachandran, Moving range queries in distributed complex event processing, in Proc. of the 6th ACM International Conference on Distributed Event-Based Systems (DEBS), 2012, pp [9] G. G. Koch, B. Koldehofe, and K. Rothermel, Cordies: expressive event correlation in distributed systems, in Proc. of the 4th ACM International Conference on Distributed Event-Based Systems (DEBS), 2010, pp [10] G. Li and H.-A. Jacobsen, Composite s subscriptions in content-based publish/subscribe systems, in Proc of the 6t Int. Middleware Conf., 2005, pp [11] P. Pietzuch, Hermes: A scalable event-based middleware, Ph.D. dissertation, University of Cambridge,