TRICK news: Domina leads the development of the Security Broker for the management of the access to production data in TRICK platform
TRICK platform will provide a wide range of services, accessible to different types of stakeholders at different stages of confidentiality. In this context the platform architecture, including the skeleton to support both core and business services, cannot miss the security aspects. Therefore, a crucial role is played by the implementation of a component for orchestrating the security related to the access and management of the stored data (e.g. Blockchain infrastructures and databases).
The activity was led by Domina that firstly analysed and defined the security aspects at a design phase, following the principle of privacy by design (Task 2.1) and secondly handled the implementation of the Security Broker as fundamental component to provide all the full security functionalities required for the platform services. This second step was addressed in the Task 2.4 – Secure data access and management, in which the aspects and functions of the Security Broker and the approach used for its development were defined.
Security broker in TRICK: aspects and functions
Security Broker is a core service of TRICK, it regulates the access to production data, assuring the management of authentication, authorization, confidentiality and privacy. It offers the following functions, by means of a set of RESTful APIs:
authentication of users and services
authorization of users and services
privacy/confidentiality of data at rest
Let us go into more detail and explore how Security Broker handles its three main functions:
Authentication of users and services (i.e. the capability to identify a user or service by using a set of credentials) is the first step for accessing a platform and, therefore, it’s critical. Several existing frameworks and libraries are available, the approach is to adopt a well-designed and market-ready open-source software to guarantee the correct and secure implementation of authentication;
Authorization of users and services, can be defined as the capability of evaluate which actions (e.g. read, write) can be performed on a resource (e.g. document) for a particular user/service. It requires a policy model to define the rules for relate users, resources and actions. Also in this case, the adoption of well-known approaches and existing software components is useful;
Privacy/confidentiality of data at rest, (i.e. the capability of encrypt/decrypt data at rest on-demand): generally, an information can be public or private, in the second case, to guarantee its confidentiality the encryption is exploited. Therefore, Security Broker must address this functionality offering it to core and business services.
Authorization and policy model: how to define the relations among users, resources and permissions
In order to define and organise the relationships among users, resources, (e.g. document, service, information) and permissions (e.g. read, write, delete, create) it is required to adopt a policy model. Several approaches have been proposed in the last few years, among them the RBCA model limits the number of policies to be written, with an effective evaluation without inserting latency on the policy decision process. It is a positive advantage, however, this approach in TRICK’s context is not adequate, because it does not allow to represent special permissions, in other words the possibility, for a user to perform a particular action on a resource that is not strictly related to a role. To overcome the limitation of RBCA in the management of policy exceptions,the ACL - Access Control List was adopted. With ACL a policy can define the user’s option to perform a specific action on a specific resource or a group of resources avoiding belonging to a strict role. As a consequence this approach requires to define a policy for each exception and therefore, to be effective, must be engineered correctly.
Authentication and authorization in few steps
The authentication and authorization approach can be summarized in the following 3 steps, useful for verifying if and how a user can proceed to access a requested permission:
authentication of the user
release of a JWT token for the access
finally, the authorization module is responsible for checking user’s permissions