Data and Applications Security Developments and Directions

Slides:



Advertisements
Similar presentations
INSTITUTE FOR CYBER SECURITY 1 Application-Centric Security: How to Get There Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
Advertisements

Towards Usage Control Models: Beyond Traditional Access Control 7 th SACMAT, June 3, 2002 Jaehong Park and Ravi Sandhu Laboratory for Information Security.
© 2006 Ravi Sandhu Cyber-Identity, Authority and Trust Systems Prof. Ravi Sandhu Professor of Information Security and Assurance Director,
ROLE-BASED ACCESS CONTROL: A MULTI-DIMENSIONAL VIEW Ravi Sandhu, Edward Coyne, Hal Feinstein and Charles Youman Seta Corporation McLean, VA Ravi Sandhu.
A THREE TIER ARCHITECTURE FOR ROLE-BASED ACCESS CONTROL Ravi Sandhu and Hal Feinstein Seta Corporation McLean, VA Ongoing NIST-funded project Other Project.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course August.
Access Control RBAC Database Activity Monitoring.
Developing and Securing the Cloud Dr. Bhavani Thuraisingham The University of Texas at Dallas Papers to be Presented on May 1.
Cyber Security Essentials Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Secure Knowledge Management: and.
11 World-Leading Research with Real-World Impact! Role and Attribute Based Collaborative Administration of Intra-Tenant Cloud IaaS (Invited Paper) Xin.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course January.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course August.
Data and Applications Security Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #1 Introduction to Data and Applications Security August.
CSCE 201 Introduction to Information Security Fall 2010 Access Control.
Data and Applications Security Developments and Directions Guest Lecture Dr. Kevin Hamlen Given in February 2012.
Information Security Analytics Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #5 Assignment #1 on Access.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Policies September 7, 2010.
Trustworthy Semantic Webs Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course.
CSCE 201 Introduction to Information Security Fall 2010 Access Control Models.
Information Security Analytics Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Policies June 2011.
INSTITUTE FOR CYBER SECURITY 1 Purpose-Centric Secure Information Sharing Ravi Sandhu Executive Director and Endowed Professor Institute for Cyber Security.
Data and Applications Security
Institute for Cyber Security
Data and Applications Security Developments and Directions
Prof. Bhavani Thuraisingham The University of Texas at Dallas
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security
Dr. Bhavani Thuraisingham The University of Texas at Dallas
Intersection of Data, Policy and Privacy
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Prof. Bhavani Thuraisingham The University of Texas at Dallas
Building Trustworthy Semantic Web
Prof. Bhavani Thuraisingham The University of Texas at Dallas
Prof. Bhavani Thuraisingham The University of Texas at Dallas
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Assured Information Sharing
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Building Trustworthy Semantic Web
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security
World-Leading Research with Real-World Impact!
Data and Applications Security
Presentation transcript:

Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #6 Assignment #1 on Access Control and Policies January 28, 2011

References Lecture Notes Text Book for Class Additional Papers RBAC: Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein, Charles E. Youman: Role-Based Access Control Models. IEEE Computer 29(2): 38-47 (1996) UCON: Jaehong Park, Ravi S. Sandhu: The UCONABC usage control model. ACM Trans. Inf. Syst. Secur. 7(1): 128-174 (2004) http://delivery.acm.org/10.1145/510000/507722/p57- park.pdf?key1=507722&key2=2341065321&coll=ACM&dl= ACM&CFID=23616711&CFTOKEN=10325487 DCON: Roshan K. Thomas, Ravi S. Sandhu: Towards a Multi-dimensional Characterization of Dissemination Control. POLICY 2004: 197-200 (IEEE)

Problem #1 Consider an example application (e.g., from healthcare, defense, financial) Specify some meaningful policies for this application that address confidentiality, privacy and trust

Problem #2 Consider an example application where there is a need for organizations to share data Example: Defense: Army, Navy, Air Force Healthcare: Doctor, Hospital, Insurance company Give meaningful security policies illustrating the need for organizations share data and yet having to enforce the policies Policies may include confidentiality, privacy and trust

Problem #3 Read the papers on RBAC, UCON and DCON listed in this unit For an example application (or applications) specify policies for RBAC, UCON and DCON