1 Cyber Security Research: A Personal Perspective Prof. Ravi Sandhu Executive Director and Endowed Chair January 18, 2013

Slides:



Advertisements
Similar presentations
INSTITUTE FOR CYBER SECURITY 1 Trusted Computing Models Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University.
Advertisements

INSTITUTE FOR CYBER SECURITY 1 The ASCAA * Principles Applied to Usage Control Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
Cyber-Identity, Authority and Trust in an Uncertain World
1 Trust Evidence in Heterogeneous Environments: Towards a Research Agenda Ravi Sandhu Executive Director and Endowed Professor May 2010
INSTITUTE FOR CYBER SECURITY 1 Application-Centric Security: How to Get There Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
INSTITUTE FOR CYBER SECURITY 1 Cyber Security: What You Need to Know Prof. Ravi Sandhu Executive Director and Chief Scientist Institute for Cyber Security.
1 Trust Evidence in Heterogeneous Environments: Towards a Research Agenda Ravi Sandhu Executive Director and Endowed Professor May 2010
INSTITUTE FOR CYBER SECURITY 1 Industry-Academia Research Synergy: Fantasy or Reality? Ravi Sandhu Executive Director and Endowed Professor Institute for.
The Future: Evolution of the Technology Ravi Sandhu Chief Scientist TriCipher, Inc. Los Gatos, California Executive Director and Chaired Professor Institute.
1 PANEL Solving the Access Control Puzzle: Finding the Pieces and Putting Them Together Ravi Sandhu Executive Director Endowed Professor June 2010
1 Speculations on the Future of Cyber Security in 2025 Prof. Ravi Sandhu Executive Director and Chief Scientist Institute for Cyber Security University.
1 Speculations on the Future of Cyber Security in 2025 Prof. Ravi Sandhu Executive Director January 2010
INSTITUTE FOR CYBER SECURITY 1 The PEI + UCON Framework for Application Security Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
1 The Future of Cyber Security Prof. Ravi Sandhu Executive Director February © Ravi Sandhu.
1 The Challenge of Data and Application Security and Privacy (DASPY): Are We Up to It? Ravi Sandhu Executive Director and Endowed Professor February 21,
INSTITUTE FOR CYBER SECURITY 1 The PEI Framework for Application-Centric Security Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for.
Institute for Cyber Security
© 2006 Ravi Sandhu Secure Information Sharing Enabled by Trusted Computing and PEI * Models Ravi Sandhu (George Mason University and TriCipher)
1 Towards a Discipline of Mission-Aware Cloud Computing (A Position Paper) Ravi Sandhu Executive Director and Endowed Professor October 2010
1 Laws of Cyber Security Ravi Sandhu Executive Director and Endowed Professor September 2010
1 New Trends and Challenges in Computer Network Security Ravi Sandhu Executive Director and Endowed Professor September 2010
0 - 0.
Addition Facts
Past Tense Probe. Past Tense Probe Past Tense Probe – Practice 1.
Addition 1’s to 20.
CSTA K-12 Computer Science Standards (rev 2011)
Test B, 100 Subtraction Facts
11 = This is the fact family. You say: 8+3=11 and 3+8=11
Week 1.
1 Cloud Computing Prof. Ravi Sandhu Executive Director and Endowed Chair April 12, © Ravi Sandhu World-Leading.
1 Privacy Prof. Ravi Sandhu Executive Director and Endowed Chair March 8, © Ravi Sandhu World-Leading Research.
1 The Future of Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Chair © Ravi Sandhu.
1 The Challenge of Data and Application Security and Privacy (DASPY): Are We Up to It? Ravi Sandhu Executive Director and Endowed Professor February 21,
1 The Data and Application Security and Privacy (DASPY) Challenge Prof. Ravi Sandhu Executive Director and Endowed Chair 11/11/11
1 Grand Challenges in Data Usage Control Prof. Ravi Sandhu Executive Director and Endowed Chair
1 The Future of Access Control: Attributes, Automation and Adaptation Prof. Ravi Sandhu Executive Director and Endowed Chair S&P Symposium IIT Kanpur March.
1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.
Future of Access Control: Attributes, Automation, Adaptation
1 What is the Game in Cyber Security? Ravi Sandhu Executive Director and Endowed Professor February 2011
1 Cyber Security Grand Challenges and Prognosis Prof. Ravi Sandhu Executive Director and Endowed Chair
1 The Future of Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Chair © Ravi Sandhu.
1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.
1 Challenges of Cyber Security Education at the Graduate Level Ravi Sandhu Executive Director and Endowed Professor Nov. 9, 2012
Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.
1 Grand Challenges in Authorization Systems Prof. Ravi Sandhu Executive Director and Endowed Chair November 14, 2011
1 The Future of Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Chair © Ravi Sandhu.
1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.
1 Cloud Computing and Security Prof. Ravi Sandhu Executive Director and Endowed Chair April 19, © Ravi Sandhu.
1 Panel on Data Usage Management: Technology or Regulation? Prof. Ravi Sandhu Executive Director and Endowed Chair DUMA 2013 May 23, 2013
1 Cyber Security A Personal Perspective Prof. Ravi Sandhu Executive Director and Endowed Chair January 15, 2016
1 Security and Privacy in Human-Centric Computing and Big Data Management Prof. Ravi Sandhu Executive Director and Endowed Chair CODASPY 2013 February.
1 Open Discussion PSOSM 2012 Prof. Ravi Sandhu Executive Director and Endowed Chair © Ravi Sandhu.
Security and Privacy in the Networked World
Introduction to Cyber Security
Introduction and Basic Concepts
The Future of Access Control: Attributes, Automation and Adaptation
Cyber Security Research: Applied and Basic Combined*
Challenge-Response Authentication
Security and Privacy in the Age of the Internet of Things:
Intersection of Data, Policy and Privacy
Cyber Security and Privacy: An Optimist’s Perspective
Big Data and Privacy Panel Prof. Ravi Sandhu
Executive Director and Endowed Chair
Cyber Security Trends and Challenges
World-Leading Research with Real-World Impact!
Challenge-Response Authentication
Institute for Cyber Security
Cyber Security Research: A Personal Perspective
Cyber Security R&D: A Personal Perspective
World-Leading Research with Real-World Impact!
Presentation transcript:

1 Cyber Security Research: A Personal Perspective Prof. Ravi Sandhu Executive Director and Endowed Chair January 18, © Ravi Sandhu World-Leading Research with Real-World Impact! CS 6393 Lecture 1

Cyberspace will become orders of magnitude more complex and confused very quickly Overall this is a very positive development and will enrich human society It will be messy but need not be chaotic! Cyber security research and practice are loosing ground © Ravi Sandhu 2 World-Leading Research with Real-World Impact! Prognosis

© Ravi Sandhu 3 World-Leading Research with Real-World Impact! Security Objectives INTEGRITY modification AVAILABILITY access CONFIDENTIALITY disclosure

© Ravi Sandhu 4 World-Leading Research with Real-World Impact! Security Objectives INTEGRITY modification AVAILABILITY access CONFIDENTIALITY disclosure USAGE purpose

© Ravi Sandhu 5 World-Leading Research with Real-World Impact! Security Objectives INTEGRITY modification AVAILABILITY access CONFIDENTIALITY disclosure USAGE purpose USAGE

© Ravi Sandhu 6 World-Leading Research with Real-World Impact! Security Objectives Single Enterprise owns all the information employs all the users Multiple Interacting Parties no one owns all the information no one can unilaterally impose policy on all the users

Computer security Information security = Computer security + Communications security Information assurance Mission assurance Includes cyber physical © Ravi Sandhu 7 World-Leading Research with Real-World Impact! Cyber Security Scope

What is fundamental to cyber security? Where are the boundaries of a cyber system? What are the goals of cyber security? © Ravi Sandhu 8 World-Leading Research with Real-World Impact! Fundamental Challenge

Enable system designers and operators to say: This system is secure © Ravi Sandhu 9 World-Leading Research with Real-World Impact! Cyber Security Goal

Enable system designers and operators to say: This system is secure There is an infinite supply of attacks © Ravi Sandhu 10 World-Leading Research with Real-World Impact! Cyber Security Goal Not attainable

Enable system designers and operators to say: This system is secure enough © Ravi Sandhu 11 World-Leading Research with Real-World Impact! Cyber Security Goal Many successful examples

The ATM (Automatic Teller Machine) system is secure enough global in scope Not attainable via current cyber security science, engineering, doctrine not studied as a success story Similar paradoxes apply to on-line banking e-commerce payments © Ravi Sandhu 12 World-Leading Research with Real-World Impact! The ATM Paradox

US Presidents nuclear football © Ravi Sandhu 13 World-Leading Research with Real-World Impact! High Assurance Cyber Security

Enable system designers and operators to say: This system is secure enough In an innovative ecosystem the innovation drive will ensure that the bar for enough will be fairly low © Ravi Sandhu 14 World-Leading Research with Real-World Impact! Cyber Security Goal

Productivity-Security Cyber Security is all about tradeoffs © Ravi Sandhu 15 World-Leading Research with Real-World Impact! ProductivitySecurity Lets build it Cash out the benefits Next generation can secure it Lets not build it Lets bake in super-security to make it unusable/unaffordable Lets sell unproven solutions There is a middle ground We dont know how to predictably find it

Develop a scientific discipline to predictably find the sweet spots for different application and mission contexts to predictably find, incentivize and deploy microsec that leads to desirable macrosec outcomes that can be meaningfully taught in Universities at all levels: BS, MS, PhD Prognosis we shall succeed (we have no choice) but we need to change to succeed © Ravi Sandhu 16 World-Leading Research with Real-World Impact! Grand Challenges

Computer scientists could never have designed the web because they would have tried to make it work. But the Web does work. What does it mean for the Web to work? Security geeks could never have designed the ATM network because they would have tried to make it secure. But the ATM network is secure. What does it mean for the ATM network to be secure? © Ravi Sandhu 17 World-Leading Research with Real-World Impact! Butler Lampson Paraphrased (I think)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.