An Access Control Perspective on the Science of Security

Slides:



Advertisements
Similar presentations
INSTITUTE FOR CYBER SECURITY 1 Industry-Academia Research Synergy: Fantasy or Reality? Ravi Sandhu Executive Director and Endowed Professor Institute for.
Advertisements

1 PANEL Solving the Access Control Puzzle: Finding the Pieces and Putting Them Together Ravi Sandhu Executive Director Endowed Professor June 2010
SACMAT 2002 Panel Making Access Control More Usable Ravi Sandhu
1 The Future of Access Control: Attributes, Automation and Adaptation Prof. Ravi Sandhu Executive Director and Endowed Chair S&P Symposium IIT Kanpur March.
1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.
Future of Access Control: Attributes, Automation, Adaptation
1 A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC Prof. Ravi Sandhu Executive Director and Endowed Chair DBSEC July 11, 2012.
1 Security and Trust Convergence: Attributes, Relations and Provenance Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown.
Attribute-Based Access Control Models and Beyond
1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.
11 World-Leading Research with Real-World Impact! Role and Attribute Based Collaborative Administration of Intra-Tenant Cloud IaaS (Invited Paper) Xin.
1 Institute for Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Chair February 4, 2015
1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.
1 Big Data Applications in Cloud and Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Professor UTSA COB Symposium on Big Data, Big Challenges.
1 Grand Challenges in Authorization Systems Prof. Ravi Sandhu Executive Director and Endowed Chair November 14, 2011
1 The Authorization Leap from Rights to Attributes: Maturation or Chaos? Prof. Ravi Sandhu Executive Director and Endowed Chair SACMAT June 21, 2012
1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.
1 Cloud Computing and Security Prof. Ravi Sandhu Executive Director and Endowed Chair April 19, © Ravi Sandhu.
1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.
1 Security and Privacy in Human-Centric Computing and Big Data Management Prof. Ravi Sandhu Executive Director and Endowed Chair CODASPY 2013 February.
1 The Authorization Leap from Rights to Attributes: Maturation or Chaos? Prof. Ravi Sandhu Executive Director and Endowed Chair SecurIT 2012 August 17,
ReBAC in ABAC Tahmina Ahmed Department of Computer Science University of Texas at San Antonio 4/29/ Institute for Cyber Security World-Leading Research.
1 Role-Based Access Control (RBAC) Prof. Ravi Sandhu Executive Director and Endowed Chair January 29, © Ravi.
INSTITUTE FOR CYBER SECURITY 1 Purpose-Centric Secure Information Sharing Ravi Sandhu Executive Director and Endowed Professor Institute for Cyber Security.
Institute for Cyber Security
Institute for Cyber Security
Past, Present and Future
Institute for Cyber Security
World-Leading Research with Real-World Impact!
Security and Privacy in the Networked World
Institute for Cyber Security (ICS) & Center for Security and Privacy Enhanced Cloud Computing (C-SPECC) Ravi Sandhu Executive Director Professor of.
UTSA's New Center Center for Security and Privacy Enhanced Cloud Computing (C-SPECC) Ravi Sandhu Executive Director of ICS and C-SPECC Professor.
Introduction to Cyber Security
Institute for Cyber Security: Research Vision
Attribute-Based Access Control: Insights and Challenges
Role-Based Access Control (RBAC)
Identity and Access Control in the
Executive Director and Endowed Chair
The Future of Access Control: Attributes, Automation and Adaptation
Cyber Security Research: Applied and Basic Combined*
On the Value of Access Control Models
Institute for Cyber Security
Institute for Cyber Security
ABAC Panel Prof. Ravi Sandhu Executive Director and Endowed Chair
Institute for Cyber Security
Attribute-Based Access Control (ABAC)
Cyber Security Research: Applied and Basic Combined*
Institute for Cyber Security: Research Vision
Security and Privacy in the Age of the Internet of Things:
Intersection of Data, Policy and Privacy
Authentication and Authorization Federation
UTSA Cyber Security Ecosystem
Attribute-Based Access Control: Insights and Challenges
Cyber Security and Privacy: An Optimist’s Perspective
Identity and Access Control in the
Executive Director and Endowed Chair
Cyber Security Trends and Challenges
World-Leading Research with Real-World Impact!
Institute for Cyber Security Overview
ASCAA Principles for Next-Generation Role-Based Access Control
Assured Information Sharing
Institute for Cyber Security
Cyber Security Research: A Personal Perspective
Cyber Security Research: Applied and Basic Combined*
World-Leading Research with Real-World Impact!
Attribute-Based Access Control (ABAC)
Access Control Evolution and Prospects
Cyber Security R&D: A Personal Perspective
Ph.D. Dissertation Defense
Access Control Evolution and Prospects
Presentation transcript:

An Access Control Perspective on the Science of Security Ravi Sandhu Executive Director and Chief Scientist Professor of Computer Science Lutcher Brown Chair in Cyber Security Keynote Lecture Hot Topics in the Science of Security Raleigh, North Carolina April 11, 2018 ravi.sandhu@utsa.edu www.ics.utsa.edu www.cspecc.utsa.edu www.profsandhu.com World-Leading Research with Real-World Impact!

Natural vs Cyber Science Elephant Problem Cyber-Elephant Problem The cyber-elephant problem requires Applied and Basic research Combined (ABC) * The New ABCs of Research, Ben Schneiderman, 2016 © Ravi Sandhu World-Leading Research with Real-World Impact!

Applied and Basic Combined Utility Engineering Science H L Edison Pasteur Fundamental Understanding L H junk Bohr Donald Stokes, 1997 Pasteur’s Quadrant: Basic Science and Technological Innovation © Ravi Sandhu World-Leading Research with Real-World Impact!

Applied and Basic Combined Utility Engineering Science H L Edison Pasteur Fundamental Understanding L H junk Bohr Combine the science quadrants Donald Stokes, 1997 Pasteur’s Quadrant: Basic Science and Technological Innovation © Ravi Sandhu World-Leading Research with Real-World Impact!

Holistic Cyber Security Objectives POLICY ATTACKS What? Why? Enforce Enable Defend Respond PROTECT DETECT Complement How? Mechanisms © Ravi Sandhu World-Leading Research with Real-World Impact!

Access Control Evolution Fixed policy Discretionary Access Control (DAC), 1970 Mandatory Access Control (MAC), 1970 Role Based Access Control (RBAC), 1995 Attribute Based Access Control (ABAC), ???? Flexible policy Born 1990s © Ravi Sandhu World-Leading Research with Real-World Impact!

ABAC Research Space 7. ABAC Design, Engineering and Applications 5. ABAC Policy Architectures and Languages 2. Core ABAC Models 3. Administrative ABAC Models 4. Extended 6. ABAC Enforcement Architectures 1. Foundational Principles and Theory © Ravi Sandhu World-Leading Research with Real-World Impact!

World-Leading Research with Real-World Impact! 2. Core ABAC Models Policy Configuration Points ABACα Can be configured to do simple forms of DAC, MAC, RBAC (Jin, Krishnan, Sandhu 2012) © Ravi Sandhu World-Leading Research with Real-World Impact!

2. Core ABAC Models ABACβ Can further be configured to do many RBAC extensions (Jin, Krishnan, Sandhu 2014) © Ravi Sandhu World-Leading Research with Real-World Impact!

3. Administrative ABAC Models HGABAC Hierarchical Group and Attribute Based Access Control (HGABAC) Introduces User and Object Groups Simplifies administration of attributes Servos and Osborn, 2015 © Ravi Sandhu World-Leading Research with Real-World Impact!

7. ABAC Design, Engineering and Applications Cloud Enabled IoT Alsheri, Bhatt, Patwa, Benson, Sandhu 2016 onwards © Ravi Sandhu World-Leading Research with Real-World Impact!

5. ABAC Policy Architectures and Languages Amazon AWS Style © Ravi Sandhu World-Leading Research with Real-World Impact!

ReBAC and ABAC are not that different 4. Extended ABAC Models ReBAC vs ABAC ReBAC and ABAC are not that different (Tahmina, Sandhu 2017) © Ravi Sandhu World-Leading Research with Real-World Impact!

6. ABAC Enforcement Architectures Federated ABAC Fisher 2015 NCCOE, NIST, Building Block © Ravi Sandhu World-Leading Research with Real-World Impact!

1. Foundational Principles and Theory Safety Analysis Discretionary Access Control (DAC), 1970 Mandatory Access Control (MAC), 1970 Role Based Access Control (RBAC), 1995 Attribute Based Access Control (ABAC), ???? Can subject s obtain a right r on object o? Current state? Some future state? Safety Complexity Ahmed, Rajkumar, Sandhu 2016 onwards © Ravi Sandhu World-Leading Research with Real-World Impact!

ABAC Research Space 7. ABAC Design, Engineering and Applications 5. ABAC Policy Architectures and Languages 2. Core ABAC Models 3. Administrative ABAC Models 4. Extended 6. ABAC Enforcement Architectures 1. Foundational Principles and Theory © Ravi Sandhu World-Leading Research with Real-World Impact!

Take-Aways for Science of Security Applied and Basic Combined Holistic © Ravi Sandhu World-Leading Research with Real-World Impact!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.