Chapter 4: System design
4.3 Algorithm and decision flow
4.3.2 Interaction between user and system
Figure 4.2 Interaction steps between SP and Event Manager
Figure 4.2 is the flow chart between users and Event Manager, Service Provider. Before accessing the service provider, user login from Event Manager. The polling action starts when user login Event Manager successfully. When the event occur, Event Manager will redirect user to service provider site with SAML assertion, and service provider will decide the access right for user due to the assertion provided by Event Manager. Below is the decision flow at Service Provider site.
Figure 4.3 Decision Tree for access right
Figure 4.3 is the decision tree to decide whether service provider should provide the service to the user or not:
Step 1: The first step for user to do is to login local account at Event Manager. Event Manager will check whether the user has the right account and password or not. If he does, then there’s a communication between user and Event Manager to inform the user whether the event is occur or not.
Step 2: This step starts when there is an event occurs, and user has been redirected to Service Provider site, starting access the resource. Service Provider will check the location attributes in SAML assertion from Event Manager to see whether the user is in home network or distinct network.
If the user is from home network, the user gets the full access right to get the information that service provider has.
Step 3: This step means for users is that they passed the account checking, but they are from distinct network. To limit their access rights, when there is a request from user, service providers have to check the assertions from Event Manager, whether there is an pseudonym in it or not. If there is a pseudonym exist corresponding the database in service provider, the user can only access the resource corresponds to the pseudonym but not all the resources in service provider.
Chapter 5: Apply LBAC to case history management system
5.1 Requirement Analysis of case history management system
In this chapter, we apply the location base access control system to a case history management system. Before the implementation, it’s necessary to know the requirement of a case history management system.
A case history management system stores the anamnesis of patients, and it should be able to accept the query and modification from doctors.
The reason why we add the access control to the user (doctor) is because we want to protect the privacy of patients. When the doctor is in hospital, it is necessary to have the full access rights to read the anamnesis of the patients. When doctor leaves hospital, we want to limit the doctor’s right to access the patient’s anamnesis due to the privacy reason. But it’s necessary for a doctor to read the patient’s case history when there’s an emergency situation occurs, even the doctor is not in hospital. By this reason, when the emergency situation occurs, the Event Trigger (a nurse, in this case) will generate an event, and the doctor can access the specific patient’s anamnesis through the pseudonym given by Event manager, even he’s not in hospital.
5.2 LBAC case history management system implementation
This part displays the running of the program step by step with explanation. The system environment is Apache Tomcat version 5.5.20 with MySQL 5.0. Users access the system through the browser. The screen in blue background means it’s at Event Manager, and the screen in red background means it’s at Service Provider.
In this implementation, we use IP address as the attribute value of location information. Users connect from local host means the user from home network in Figure 8, and users from other IP address means the user from distinct network in Figure 8.
Below are screen shots from browser when system running.
Event Trigger Page: This page is for Event Trigger. The main function is to trigger an Event by selecting the doctor and patient.
After insert the correct account and password of Event Trigger, selected the doctor name and patient name, the event will be send to Event Manager, which is not shown on browser. The page will be redirect back after the event is triggered.
User page-1: This is the page for user to login. User will be redirect to page 2 after enter the correct password.
User Page 2: This page sends query to Event Manager every 6 seconds to check if there’s any event corresponds to the user occurs or not. If event occurs, it will come out another button called “Get Event”. The function Query button and “Get Event” is the same.
Service Provider Page: This page displays the result of Query.
The first figure is from home network. Though the user has only one pseudonym on one patient, due to the location attribute is from Local address, service provider lists all patients’ name.
The second figure is from distinct network. Since the user has only one pseudonym, he can only get the patient’s name which corresponding to the pseudonym.
Chapter 6: Conclusion and future work
Access control is an important issue in a web service system. The access control base on location attribute provides the system designer a flexible mechanism on account management and there’s nothing different from user’s view. In this thesis we use SAML assertion to transform the message. The benefit of using SAML in this system is with the standard of SAML, it’s easy to transfer message through different site and easy to recognized through the digital signature in the assertion.
Another benefit of this system is when there’s an integrating between two or more unions, it’s easy to build the communication due to the currency of SAML which is base on XML standard.
In this thesis, we treat the location information (which could be a signal from wireless sensor or GPS) as a parameter due to the different usage. This information is provided from user’s environment, and must not be modified by user. If it’s a medical system described in chapter 5, it could be carry out by placing the sensor in hospital building. If the user’s location is around the hospital and the handset device receives the signal from sensor, it’s recognized as a user from home network.
As the future work, we would like to study about SAML usage on handheld device, and the integration of unions according to the attributes which contains location attribute by SAML assertion.
Appendix
This appendix includes the java code we used to implement the system in chapter 5.
A.1 Event Manager
A.1.1 Event Manager Page for Event Trigger: (index.jsp)
<%@ page import="java.io.*" %>
<%@ page import="java.sql.*"%>
<%@ page import="java.util.*"%>
<body BACKGROUND="bg.jpg">
<%for(int j=0;j<13;j++){out.println("<br>");}%>
<center>
<%String _username = request.getParameter("username");
String _password = request.getParameter("pw");
if((_username==null)&&(_password==null)){%>
//Initial page, no user id and password insert
<font size="20">Insert Event Trigger Account Password:</font>
<br>
<form action="index.jsp" method="post">
<font size="5">Account:
</font><input type="text" name="username" size="30">
<br>
<font size="5">Password:</font>
<input type="password" name="pw" size="30"><br>
<%
try
{//Database Connection
Class.forName("com.mysql.jdbc.Driver").newInstance();
String dbuserName = "root";
String dbpassword = "crypto123";
String url="jdbc:mysql://localhost:3306/saml";
//Database name and address
Connection con=DriverManager.getConnection(url, dbuserName, dbpassword);
System.out.println("Database connection establish");
java.sql.Statement stmt = con.createStatement();
ResultSet rs = stmt.executeQuery("select DoctorID,Name from
rs = stmt.executeQuery("select Name from patientinfo");
out.println("Select patient:");
out.println("<select NAME=Patient>");
while(rs.next()){
out.println("<option>");
out.println(rs.getString("Name"));
}
<input name="Apply" value="Apply" type="submit"></form>
<%
}
else if(_username.equals("Trigger")&&(_password.equals("cx1346"))){
//Event Trigger recognized by ID:Trigger Password:cx1346
String pseudonym="";{//database connection
Class.forName("com.mysql.jdbc.Driver").newInstance();
String dbuserName = "root";
String dbpassword = "crypto123";
String url="jdbc:mysql://localhost:3306/saml";
Connection con = DriverManager.getConnection (url, dbuserName, dbpassword);
System.out.println("Database connection establish");
java.sql.Statement stmt = con.createStatement();
ResultSet rs1 = stmt.executeQuery("select Name,EventID from DoctorInfo");
while(rs1.next()){
if(LookupID.equals(rs1.getString("Name"))) {
if(rs1.getString("EventID")==null){
//If the doctor do not have Event
String SQLcommand1 ="update DoctorInfo set EventID=
'"+pseudonym+"' where Name='"+LookupID+"'";
String SQLcommand2 ="update patientinfo set EventID=
'"+pseudonym+"' where Name='"+PatientID+"'";
stmt.executeUpdate(SQLcommand1);
stmt.executeUpdate(SQLcommand2);
out.println("Event ID:");
out.println(pseudonym);
out.println(" has been added into Database.<br>");
out.println("Doctor :");
out.println(LookupID);
out.println("<br>");
out.println("Patient :");
out.println(PatientID);
}//If the doctor does not have Event “End”
else{//The doctor already has event waiting for handle out.println("<br><font size=\"5\">
The doctor has one Event waiting for handle</font>");
out.println("<br><font size=\"5\">
Please choose another doctor</font>");
response.setHeader("Refresh","5;URL=index.jsp");
}
//The doctor already has event waiting for handle “END”
System.err.println("cannot connect to SAML database!");
}
out.println("<font size=\"5\"><br>Redirect back in 5 seconds...</font>");
response.setHeader("Refresh","5;URL=index.jsp");
}//Return to index else{
out.println("<font size=\"8\">Password or account not valid !</font>");
A.1.2 Event Manager Page for User: (user.jsp)
//This page receives user’s input and check the password. The information will be send to Servlet auth.class
<%@ page import="java.io.*" %>
<%@ page import="java.sql.*"%>
Please Select Doctor ID and Input Password.
</font>
<form action="Handler.do" method="post">
<%//Handler.do could be found at web.xml in WEB-INF folder, it maps
session.invalidate();
try
{//Query database
Class.forName("com.mysql.jdbc.Driver").newInstance();
String dbuserName = "root";
String dbpassword = "crypto123";
String url="jdbc:mysql://localhost:3306/saml";
Connection con = DriverManager.getConnection (url, dbuserName, dbpassword);
System.out.println("Database connection establish");
java.sql.Statement stmt = con.createStatement();
ResultSet rs = stmt.executeQuery("select DoctorID,Name from DoctorInfo");
out.println("<font size=\"4\">Select Doctor:</font>");
out.println("<select NAME=doctor>");
while(rs.next()){
out.println("<option>");
out.println(rs.getString("Name"));
}
<input type="password" name="pw" size="15">
<br>
<input name="Apply" value="Apply" type="submit"></form>
</center>
</body>
</html>
A.1.3 Event Manager Servlet-1: (Auth.java)
//This servlet receives information from user.jsp and pass to polling.jsp
package com.SAML;import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;
import java.sql.*;
public class auth extends HttpServlet {
public void doPost(HttpServletRequest request,HttpServletResponse response) throws IOException, ServletException{
boolean auth = false;
String doctorid=null;
String password=null;
HttpSession session = request.getSession();
doctorid = request.getParameter("doctor");
password = request.getParameter("pw");
try
{//Database connection
Class.forName("com.mysql.jdbc.Driver").newInstance();
String dbuserName = "root";
String dbpassword = "crypto123";
String url="jdbc:mysql://localhost:3306/saml";
Connection con = DriverManager.getConnection (url, dbuserName,dbpassword);
System.out.println("Database connection establish by auth");
java.sql.Statement stmt = con.createStatement();
//connect database done
String query ="select name,password from doctorinfo";
//SQL command
ResultSet rs = stmt.executeQuery(query);
while(rs.next()){
if((doctorid.equals(rs.getString("name"))
&&(password.equals(rs.getString("password")))) {
synchronized(session){
session.setAttribute("LoginResult","YES");
session.setAttribute("doctorid",doctorid);
session.setAttribute("password",password);
}
}
}//While done if(!auth){
session.setAttribute("LoginResult","NO");
}
public void doGet(HttpServletRequest request, HttpServletResponse response)throws IOException, ServletException{
doPost(request,response);
} }
A.1.4 Event Manager Page for User: (polling.jsp)
//This page is for user polling the Event Manager and will update every //6 seconds
<%@ page import="java.io.*" %>
<%@ page import="java.sql.*"%>
<%@ page import="java.util.*"%>
<%for(int j=0;j<13;j++){out.println("<br>");}%>
<%
String doctorid = null;
String password = null;
String LoginResult =(String)session.getAttribute("LoginResult");
if((LoginResult!=null)&&(LoginResult.equals("YES"))){
doctorid =(String)session.getAttribute("doctorid");
password =(String)session.getAttribute("password");
%>
<center><font size="8">Login success, Waiting for event.<br>
This page will update every 6 seconds.
</font><br>
<form action="Event.do" method="post">
<input name="query" value="Query" type="submit">
</form>
//This form will pass request to Event.do, which could be found at //web.xml, mapping to the Servlet “AssertionPass.java”
<%try {
Class.forName("com.mysql.jdbc.Driver").newInstance();
String dbuserName = "root";
String dbpassword = "crypto123";
String url="jdbc:mysql://localhost:3306/saml";
Connection con = DriverManager.getConnection (url, dbuserName, dbpassword);
System.out.println("Database connection establish");
java.sql.Statement stmt = con.createStatement();
ResultSet rs = stmt.executeQuery("select Name,EventID from DoctorInfo");
while(rs.next()){
if(doctorid.equals(rs.getString("Name"))
&&!(rs.getString("EventID")==null)){
synchronized(session){
session.setAttribute("pseudonym",rs.getString("EventID"));
}
%> //Executes when theres an pseudonym mapping to doctor id
<input name="query" value="Get Event" type="submit">
out.println("Login Fail");
out.println("<br>");
out.println("Password Error,Access Deny.");
response.setHeader("Refresh","5;URL=user.jsp");
A.1.5 Event Manager Servlet-2 :(AssertionPass.java)
//this servlet is to accept the user's input from polling.jsp and save it to an //XML format file for transform
package com.SAML;
public class AssertionPass extends HttpServlet {
public void doPost(HttpServletRequest request,HttpServletResponse response)throws IOException, ServletException{
HttpSession session = request.getSession();
String pseudonym = (String)session.getAttribute("pseudonym");
String RemoteAddr = request.getRemoteAddr();
//call assertion generator
try {//Writing into XML file
FileWriter Writer = new FileWriter("Assertion.xml");
Writer.write(Ass);
//redirect user to Service Provider
}public void doGet(HttpServletRequest request, HttpServletResponse response)throws IOException, ServletException{
doPost(request,response);
} }
A.1.6 Event Manager java class:(SamlAssertion.java)
//This class generates assertion in xml format package com.SAML;
import java.io.*;
import org.apache.xml.security.utils.Base64;
import java.util.Date;
public class SamlAssertion {
//XML namespace content
private String samlLink="\"urn:oasis:names:tc:SAML:2.0:assertion\"";
//three requirement attribute in Assertion // " " is include in the parameter Content
private String Version="\"2.0\"";//requirement elements
public SamlAssertion(){}
public String getSamlAssertion(String Issuer, String pseudonym, String locationinfo){
//for Event Manager to SP use
String Assertion="<?xml version=\"1.0\" encoding=\"utf-8\"?>";
Date tmp=new Date();
String ID="\"";
String str="abcdefghijklmnopqrstuvwxyz1234567890";
for(int i=0;i<=30;i++){
ID+=str.charAt((int)(Math.random()*(36)));
}
ID+="\"";
//assertion attributes setting
Assertion+="<saml:Assertion xmlns:saml="+samlLink;
Assertion+=" ";
Assertion+="Version="+Version; //設定 version attribute Assertion+=" ";
Assertion+="ID="+ID;//設定 Id attribute Assertion+=" ";
Assertion+="IssueInstant=\""+tmp.toString()+"\">";
// assertion attribute end
//building Issuer Element;
Assertion+=Issuer(Issuer);
//building Subject Element;
Assertion+=Subject(pseudonym,1);
//building Condition Element, user the method without parameter
Assertion+=Conditions();Assertion+=AttributeStatement("Location",locationinfo);
Assertion+="</saml:Assertion>";
//building assertion end
tmp=null;
return Assertion;
}
//this method is for generating the issuer element
public String Issuer(String Issuer){String Element="<saml:Issuer>";
Element+=Issuer;
Element+="</saml:Issuer>";
return Element;
}
//this method is for generating subject element
//if this function not called, then there wont be any subject
//IDType 1,2,3 means the ID is BaseID, NameID, or EncryptedID //IDType 0 means no ID selected
public String Subject(String Content, int IDType){
String Element="<saml:Subject>";
//if this function is called, then string no longer empty;
//SubjectContent+="<saml:Subject>";
}
Element+="</saml:Subject>";
return Element;
}
//saml:Condition
//ConditionType 1,2,3,4 means Condition,AudienceRestriction, //OneTimeUse,ProxyRestriction
//ConditionType 0 means no Condition Element
public String Conditions(String Condition, int ConditionType){
//set condition available time attribute //20 minutes
Date NotBefore = new Date();
Date NotOnOrAfter = new Date(NotBefore.getTime()+1200000);
String Element="<saml:Conditions ";
Element+="NotBefore="+"\""+NotBefore.toString()+"\""+"
";
else if(ConditionType==2) {
Element+="<saml:AudienceRestriction>";
Element+=Condition;
Element+="</saml:AudienceRestriction>";
}
else if(ConditionType==3) {
Element+="<saml:OneTimeUse>";
Element+=Condition;
Element+="</saml:OneTimeUse>";
}
else if(ConditionType==4) {
//set condition available time attribute //20 minutes
Date NotBefore = new Date();
Date NotOnOrAfter = new Date(NotBefore.getTime()+1200000);
String Element="<saml:Conditions ";
Element+="NotBefore="+"\""+NotBefore.toString()+"\""+" ";
Element+="NotOnOrAfter="+"\""+NotOnOrAfter.toString()+"\""+">
";
Element+="</saml:Conditions>";
return Element;
}
public String AttributeStatement(String AttributeName, String AttributeValue){
String Element="<saml:AttributeStatement>";
Element+="<saml:Attribute Name=\"";
Element+="</saml:AttributeValue>";
Element+="</saml:Attribute>";
Element+="</saml:AttributeStatement>";
return Element;
}
A.1.7 Event Manager assertion server: (Server.java)
//This java program receives the request from service provider and pass //assertion to service provider
import java.io.*;
import java.net.*;
class Server{
public static void main(String[] args){
int counter = 0;
try{
ServerSocket serverSock = new ServerSocket(5568);
while(true) {
String input="";
System.out.print("Waiting...");
Socket sock = serverSock.accept();
System.out.println("Get request:"+counter);
File f = new File("Assertion.xml");
FileReader FReader = new FileReader(f);
BufferedReader BReader = new BufferedReader(FReader);
String line ="";
while((line = BReader.readLine())!=null) { input=input+line; } BReader.close();
PrintWriter PWriter = new PrintWriter(sock.getOutputStream());
PWriter.println(input);
PWriter.close();
f.delete();
}
}catch(IOException ex){ex.printStackTrace();}
} }
A.2 Service Provider
A.2.1 Service Provider Servlet : (EventHandler.java)
package com.SAML;
//this servlet is at Service Provider site and open an socket to connect the //SocketServer and Receives the xml file from socket
public class EventHandler extends HttpServlet {
public void doPost(HttpServletRequest request,HttpServletResponse response)throws IOException, ServletException{
FileWriter Writer = new FileWriter("SPAssertion.xml");
Writer.write(Assertion);
//parsing xml file
Document AssertionDoc = DocBuilder.parse(f);
Node node = AssertionDoc.getDocumentElement();
NodeList nodelist = node.getChildNodes();
Issuer = nodelist.item(0).getFirstChild().getNodeValue();
sEventID =
session.setAttribute("sIssuer",Issuer);
session.setAttribute("sLoc",Loc);
session.setAttribute("sEventID",sEventID);
f.delete();
}catch(Exception ex){
ex.printStackTrace();
}
System.out.println("EventHandler Start");
System.out.println(Issuer);
System.out.println(Loc);
System.out.println(sEventID);
System.out.println("EventHandler Done");
//print in system log for further checking
RequestDispatcher view =request.getRequestDispatcher("handler.jsp");
view.forward(request,response);
//pass to handler.jsp }
public void doGet(HttpServletRequest request, HttpServletResponse response)throws IOException, ServletException{
doPost(request,response);
} }
A.2.2 Service Provider Page : (handler.jsp)
this page is at service provider site , to display the information handled by Event.do
<body BACKGROUND="bg2.jpg">
<%@ page import="java.io.*" %>
<%@ page import="java.net.*"%>
<%@ page import="java.sql.*"%>
<%@ page import="java.util.*"%>
<%for(int j=0;j<13;j++){out.println("<br>");}%>
<center>
This message is from:
<%
String Issuer = (String)session.getAttribute("sIssuer");
String Attribute = (String)session.getAttribute("sLoc");
String EventID = (String)session.getAttribute("sEventID");
out.println(Issuer);
if(Attribute.equals("127.0.0.1")){ isLocal = true; } if(isLocal)
{
try{//this section executes when user from homenetwork Class.forName("com.mysql.jdbc.Driver").newInstance();
String dbuserName = "root";
String dbpassword = "crypto123";
String url="jdbc:mysql://localhost:3306/saml";
Connection con = DriverManager.getConnection (url, dbuserName, dbpassword);
System.out.println("Database connection establish");
System.out.println("Database connection establish by Service Provider");
java.sql.Statement stmt = con.createStatement();
ResultSet rs = stmt.executeQuery(query);
out.println("<table>");
out.println("<font size=\"5\">");
while(rs.next())
String url="jdbc:mysql://localhost:3306/saml";
Connection con = DriverManager.getConnection (url, dbuserName, dbpassword);
System.out.println("Database connection establish");
System.out.println("Database connection establish by Service Provider");
java.sql.Statement stmt = con.createStatement();
String query ="select PatientID,Name,EventID from PatientInfo";
ResultSet rs = stmt.executeQuery(query);
while(rs.next()) {
if(EventID.equals(rs.getString("EventID"))) { //get Event
noEvent = false;
out.println(rs.getString("PatientID"));
out.println("Patient Name :");
out.println(rs.getString("Name"));
out.println(" The Event ID is :");
out.println(rs.getString("EventID"));
} }
}
catch (Exception e) {
System.err.println("Error Generate by isLocal FALSE part");
}
if(noEvent){//no access right
out.println("You do not have Event ID, also not in Home Network. ");
out.println("System Will redirect you to user login page.");
response.setHeader("Refresh","5;URL=http://140.113.208.138:8080/Eve ntManager/user.jsp");
}
} %>
</center>
</body>
Reference:
[1]Extensible Markup Language (XML) 1.0 (Fourth Edition) http://www.w3.org/TR/xml/
[2]XML Encryption Syntax and Processing http://www.w3.org/TR/xmlenc-core/
[3]”Debunking SAML myths and misunderstandings” by Frank Cohen [4]OASIS, Authentication context for the OASIS Security Assertion Markup Language V 2.0, 2005
[5]OASIS, Conformance requirements for the OASIS Security Assertion Markup Language V2.0, 2005
[6]OASIS, Glossary for the OASIS Security Assertion Markup Language V2.0, 2005
[7]OASIS, Profiles for the OASIS Security Assertion Markup Language V2.0, 2005
[8]OASIS, Binding for the OASIS Security Assertion Markup Language V2.0, 2005
[9]OASIS, Assertion and Protocols for the OASIS Security Assertion Markup Language V2.0, 2005
[10]OASIS, Metadata for the OASIS Security Assertion Markup Language V2.0, 2005
[11]OASIS, Security Assertion Markup Language V2.0 Technical Overview, 2005