Secure Access Policy Generation For Complex
Event Handling System
Sharad Handibag , Sandesh Ugale, Shafik Shaikh
Savitribai Phule Pune University
Pune Vidyarthi Griha’s College of Engineering,Nashik of Computer Engineering
Abstract— Available Event Processing System has much more demerits to maintain privacy constraints regarding incoming event streams in complex subsequently occurring event operation .this will generate problem for developing large-scale distributed application e.g logistics chain, banking system where operators are work on various distributed domains or number of branches located at various geographical location. This paper presents secure and efficient approach for complex event management .Each occurring event stream can be protected secure through access policy and enforced by obfuscation algorithm . it allows to ignore the access requirement and output sufficient obfuscation level holding event which is part of access policy .In this system each operator has predefined access permission and he also responsible for corresponding tasks .Obfuscation algorithm acts as a majar role for incoming events that will decide either pass it on or ignore the event.
Keywords: Access control; Event processing ; obfuscation threshold; Bayesian network;consolidation .
,
INTRODUCTION
Business processing requires early detection of inconsistencies or faults . e.g. in case of logistic processes all products while transporting are track until they reaches to the desired destination in case of any failures or any problem occur during transport they should be rerouted . Detection and taking various decision dynamically makes business
processing more complex event processing paradigm for continuing industrial application .For detecting runtime raising problem CEP(Complex Event
Fig.1
Processing system)[13],[12] takes incoming event stream from sensors distributed over large geographical area . e.g. From product tracking devices. This system is most powerful replacement for conventional event processing system in which operators are centralized such approach have drawbacks like reducing the communication load due to centralization, which replaces this by distributing them[11],[10],[8],[9]. Today’s collaborative nature of various networks which is result of today’s economy which is internally collaborative in nature. So to handle events occurring in such environment networks are non-homogeneous in term of working abilities and technical details ,various participants and those are distributed over multiple security domains[7],[6]. This hierarchy forces to maintain the security for overcoming the problem due to highly collaborative and interoperability. current centralized system is not capable to work on this type of complex system which lags in the way of controlling data access. E.g. An industry may restrict its subsets from having access to some sort of information. i.e. only authorized users.
Fig 2
Presenting work provide security ,confidentiality by reducing drawbacks available in current event processing system and provide more flexible and user friendly environment[3],[4],[5].In CEP independency between events may loses control of operator over event data which will generate major problem of security.The illustrated below figure depicts the example of logistic process for transporting various products, tracking them until reaches to the destination and handling various processes and control floating through various domains like Manufacturer ,shipping company, customer.process of transporting items is like :
1. Manufacturer wants to deliver an product to certain destination.
2. Shipping company determines the specific warehouses which are more closer and convenient to destination before transferring to end user.
This logistic process handled by CEP in which different operators are hosted in their perspectives domains and exchange highly confidential information among them while exchanging events during communication .e.g. product destination regarding information sent to shipping company. In this case third party warehouse host does not have access to this information and does not conclude the desired destination .Destination information is declared by manufacturer and only shipping company has access to this details.
This work objectives are:
1. Accessing rights inheritance over chain of dependent operators
2. A scalable approach to calculate amount of obfuscation enforced by operators for exchanging information regarding various event stream .
As result of this obfuscation threshold will be included to decide access policy the event processing system can ignore the access restriction.This will increase number of event that will react for event processing which will in turn increases utility of CEP.
I. System Model
We make hypothesis about correlative and collaborative networks where distributed operators are interconnected to handle complex system .in this distributed networks each individual machine deployed an operator which is completely responsible for event handling in CEP . We use mathematical modeling of CEP system by directed graph G=(Ω,S) which consists of operator w € Ω and event stream (wi, wj) ∈ S ⊆ (Ω × Ω) has direction from wj →wj. Where wi belongs to procedure set and wj to consumer of events .each event has various attributes .corelation function used for designing collaboration is f: Iw →Ow where Iw is indicates incoming events and Ow indicate outgoing one .that means fw is responsible for selecting incoming event relate it with outgoing event .fig .2 depicts this overall process .this nothing but the operators graph according to our logistic process example .
II. Access control for CEP
Access policy is process of inheriting access requirements by assigning them to event attributes thus access policy retains requirement as it is although any number of correlation steps are followed in operator attribute of occurring event as long as value of threshold of obfuscation is valid for particular event attribute that event are allowed otherwise ignored.
A. Access policy
Access rights are specified through access control of particular host for available set of event attribute access rights are provided by event procedure and many granted to operator based on event requirement these requirement may be a domain affiliation or a location a role .we will specify set of granted rights for access in AP for operator w as:
APw= {(att1, ar1), ..., (attn, arn)} .
Unspecified event attribute requirement can be accessed by any operator i.e. consumer of event in network. We assume event attributes are distinct due to they are produced at different operators .
Val: ar=(p,op,val) where val may contain range of values and op may be ( =,<,>,<=,>=,є) in this paper for reason of simplicity attribute can be specified as: ar1=(domain є,{ domain A, domain B}). In our logistic process example manufacturer events attribute retains different attribute. Details about destinations accessible by customers where production place and pickup time is restricted to the shipping.
APmanufacturer={({(destination,(domain,∈,{shi
ppingComp,customer})),(pickuptime,(domai n,=,shippingComp)),(productionplace, (domain,=,shippingComp))}
Enforcing and assuring access policy at particular producer consumer can access attributes iff it’s properties are matches with
access requirements predefined for that attributes
B. Obfuscation of given event information
Producers are allowed to specify the access requirement in sophisticated way as per the access policies, due to restrictive nature in the chain of operators operating all
different level in inheritance can affect the reliability of CEP system : in correlation demand for access from different producers may increase in consolidation that’s lead to deny access to numbers of consumer that are trying to get access to the events attributes of producer event streams .This will change the main objective of event processing system due to which even basic event has little influence on its outcome related complex event processing system.
In case of our example of logistic process in it attributes place of production ,pick time are utilized to confirm day of delivery of the ordered item. As consequence customer has no right to quote estimated day of delivery since the customer doesn’t fulfill access requirement for production place and day of delivery .But still customer has quite interest in this information. We say the correlation process will obfuscate attributes values and attained level of threshold access requirement become invalid. Thus obfuscation measure decide event infer the original attribute value. Calculation of obfuscation is dependant on both attribute value as well as knowledge of event consumer this work .we will use
obf( attold, attnew, ω) refers retain level of obfuscation by attnew for attold the knowledge available at consumer given by w ∈ Ω. Every operator assigned with access policy as well as obfuscation policy .threshold value for attribute produced by operator is given by obfuscation policy .During processing of event attribute with respect to each interested user obfuscation value is calculated .once the threshold value is reach for that particular users event attribute sent in place of that confusing requirement .Obfuscation Policy(OP) for operator w as set of pairs :
OPw = {(att1, ot1), ..(attn, otn)}.
For example ,OP:
OPmanufacturer = {(destination, 0.9)}.
Will allows shipping company to restrict access rights for designated destination in case of attribute day of delivery if obf(destination, day of delivery, ωC) ≥ 0.9.
C. Security perspectives
i. At some of the operator ω ∈ Ω, attold taken as input to the correlation function fw
ii. fw generate attnew corresponding to attold .
After that attold →∗ attnew is transitive closure of dependency relation mainly we want to preserve privacy of event attributes after number of correlation steps considering relationship among attributes for any policy consolidation we must have to consider following conditions: Condition 1. For all attributes att ∈ Owproduced at w
ARinit(att) ⊂ APw. (1)
Condition 2. For all dependent attribute pairs
Fig 3.Bayesian Network
(attold, attnew ) ∈→∗ with
1) wi has generated attold with
access requirement
AR(attold) and obfuscation
threshold (attold, x) ∈
OPwi ,
2) attnew is generated by wj
3) attnew is get by wk
the access requirement in APwj yield
AR(attold) ⊂ APwj if obf(attold, attnew,
wk) < x. (2)
Consolidation algo must acquired condition 1 as well as condition 2 to provide access rights according to access policy .
The main objective of this is not to allow sensitive information access by unauthorized users .
III. Access policy consolidation and event obfuscation
This proposed system attaches pair of operators in G through secure event stream.For generating secure stream we rely on publish or subscribe system in addition with this work .e.g. [4],[3],[5],[2],[1].in this work only important thing is that each consumer wc needs to request
required attributes.
a) Inheritance in access policy
Two basic conceptual steps in policy inheritance are:
1.for each operator domain experts must identify dependency between incoming and outgoing events
2.An operator must have to map access requirement related to incoming events for outputting outgoing events in case of our example operator wsc determine
value of warehouse attribute .mapping given by :
(domain, ∈, {shippingCompany,
customer})
b) Obfuscation semantics.
While dealing with obfuscation our objective is not to change the way in which participant uses CEP .
Some major assumptions regarding to obfuscation are : we assume consumer of event has knowledge about an att 1.semantic of correlation function that is responsible for generating att . 2.possible value of attribute att depends on.
Given a certain output attribute, and a certain set of input attributes the consumer knows, how likely is a specific value for the incoming attribute we need to secure?
the conditional probability distribution for attold :
ip(attold, attnew, wc) =P(attold|knownwc
(I∗(attnew)\I∗(attold)),attnew)) (3)
inference probability is set of values over inferred event attribute attold .ip is dependant on knowledge of consumer as well as operator function we Can calculate entropy of the inference probability of distribution:
obf(attold, attnew, wc) = H(ip(attold, attnew,
wc)) (4)
entropy value gives desired association measure. If incoming and outgoing event attribute are equal then entropy=1
IV. Scalability of access policy consolidation
In spite of global value calculation of Bayesian Network ,we use knowledge of each local host .which allows reduced extra relation of outgoing incoming attributes which in turns reduces very large overhead of p
rocessing.
ALGORITHM
:LOCAL OBFUSCATION CALCULATIOIN
procedure INITIALIZE(w) for all operator w do
Dw ← FINDMULTIPATHOPERATORS(w)
end for
for all w ∈ Dwdo
relAtts ←FINDRELATEDATTRIBUTES
for all (attnew, attold) ∈ relAtts do
TRANSMIT P(attnew|attold) TO w
end for end for end procedure
procedure UPONRECEIVEEVENT(e)
for all att ∈ e do
if∃ multPathDependency(att) then
CALCULATEWORSTCASEOBFUSCATION(ATT)
else
CALCULATELOCALOBFUSCATION(ATT)
end if end for end procedure
According to algorithm handling of each occurring events based on locally generating obfuscation .
V. CONCLUSION
This work present the CEP mechanism based on inheritance and consolidation of access policy in heterogeneous networks . We identifying drawbacks of currently available event processing system and create solution from overcoming this drawbacks . Specifically we set an approach allowing inheritance of access requirement .Local obfuscation calculation algorithm includes information obfuscation raised during correlation process and make use of obfuscation value for decision making.we presented implementation of our approach referring to Bayesian Network calculations of inference probability .this will shows our approach is intensive to calculation. Future work will forces on enhance method of obfuscation calculation and methods regarding size of Bayesian Network to calculate obfuscation value over more than one correlation network .
VI ACKNOWLEGEMENT
This work is supported by contract research ―Access Policy consolidation For Event Processing System ― of the Boris Koldehofe.The authors would like to thanks Umakishore Ramchandran .Bjorn Schilling and the reviewer’s for their helpful comments.
REFERENCES
[1] S. Rizou, F. D¨urr, and K. Rothermel, ―Providing
qos guarantees in large-scale operator networks,‖ in High Performance Computing and
Communications (HPCC), 2010 12th IEEE International Conference on, 2010, pp. 337 –345.
[2] M. A. Tariq, B. Koldehofe, G. G. Koch, I. Khan, And K. Rothermel, ―Meeting subscriber-defined QoS constraints in publish/subscribe systems,‖ Concurrency and Computation: Practice and Experience, vol. 23, no. 17, pp. 2140–2153,2011
systems,‖ in Proc. of the 2nd ACM International Conference on Distributed Event-Based Systems (DEBS), 2008, pp. 23–34.
[4] L. I. W. Pesonen, D. M. Eyers, and J. Bacon, ―Encryption-enforced access control in dynamic Multidomain publish/subscribe networks,‖ in Proc. of the 2007 ACM International Conference on Distributed Event-Based Systems (DEBS), 2007, pp. 104–115.
[5] M. A. Tariq, B. Koldehofe, A. Altaweel, and K. Rothermel, ―Providing basic security
mechanisms in broker-less publish/ subscribe systems,‖ in Proceedings of the 4th ACM Int. Conf. on Distributed Event-Based Systems (DEBS), 2010, pp. 38–49.
[6] B. Schilling, B. Koldehofe, and K. Rothermel, ―Efficient and distributed rule placement in heavy constraint-driven event systems,‖ in Proc. of the 10th IEEE International Conference on High Performance Computing and Communications (HPCC), 2011, pp. 355–364.
[7] B. Schilling, B. Koldehofe, U. Pletat, and K. Rothermel, ―Distributed heterogeneous event processing: Enhancing scalability and
interoperability of CEP in an industrial context,‖ in Proc. of the 4th ACM International Conference on Distributed Event-Based Systems (DEBS), 2010, pp. 150–159.
[8] B. Koldehofe, B. Ottenw¨alder, K. Rothermel, and U. Ramachandran, ―Moving range queries in distributed complex event processing,‖ in Proc. of the 6th ACM International Conference on Distributed Event-Based Systems (DEBS), 2012, pp. 201–212.
[9] G. G. Koch, B. Koldehofe, and K. Rothermel, ―Cordies: expressive event correlation in distributed systems,‖ in Proc. of the 4th ACM International Conference on Distributed Event-Based Systems (DEBS), 2010, pp. 26–37.
[10] G. Li and H.-A. Jacobsen, ―Composite s subscriptions in content-based publish/subscribe
systems,‖ in Proc of the 6t Int. Middleware Conf., 2005, pp. 249–269.
[11] P. Pietzuch, ―Hermes: A scalable event-based middleware,‖ Ph.D. dissertation, University of Cambridge, 2004.
[12] A. Hinze, K. Sachs, and A. Buchmann, ―Event- Based applications and enabling technologies,‖ in Proceedings of the Third ACM International Conference on Distributed Event-Based Systems, ser. DEBS ’09. New York, NY, USA:
ACM, 2009, pp. 1:1–1:15.
