Presentation is loading. Please wait.

Presentation is loading. Please wait.

An Access Control Perspective on the Science of Security

Published by윤경 채 Modified over 5 years ago

Similar presentations

Presentation on theme: "An Access Control Perspective on the Science of Security"— Presentation transcript:

1 An Access Control Perspective on the Science of Security
Ravi Sandhu Executive Director and Chief Scientist Professor of Computer Science Lutcher Brown Chair in Cyber Security Keynote Lecture Hot Topics in the Science of Security Raleigh, North Carolina April 11, 2018 World-Leading Research with Real-World Impact!

2 Natural vs Cyber Science
Elephant Problem Cyber-Elephant Problem The cyber-elephant problem requires Applied and Basic research Combined (ABC) * The New ABCs of Research, Ben Schneiderman, 2016 © Ravi Sandhu World-Leading Research with Real-World Impact!

3 Applied and Basic Combined
Utility Engineering Science H L Edison Pasteur Fundamental Understanding L H junk Bohr Donald Stokes, 1997 Pasteur’s Quadrant: Basic Science and Technological Innovation © Ravi Sandhu World-Leading Research with Real-World Impact!

4 Applied and Basic Combined
Utility Engineering Science H L Edison Pasteur Fundamental Understanding L H junk Bohr Combine the science quadrants Donald Stokes, 1997 Pasteur’s Quadrant: Basic Science and Technological Innovation © Ravi Sandhu World-Leading Research with Real-World Impact!

5 Holistic Cyber Security
Objectives POLICY ATTACKS What? Why? Enforce Enable Defend Respond PROTECT DETECT Complement How? Mechanisms © Ravi Sandhu World-Leading Research with Real-World Impact!

6 Access Control Evolution
Fixed policy Discretionary Access Control (DAC), 1970 Mandatory Access Control (MAC), 1970 Role Based Access Control (RBAC), 1995 Attribute Based Access Control (ABAC), ???? Flexible policy Born 1990s © Ravi Sandhu World-Leading Research with Real-World Impact!

7 ABAC Research Space 7. ABAC Design, Engineering and Applications
5. ABAC Policy Architectures and Languages 2. Core ABAC Models 3. Administrative ABAC Models 4. Extended 6. ABAC Enforcement Architectures 1. Foundational Principles and Theory © Ravi Sandhu World-Leading Research with Real-World Impact!

8 World-Leading Research with Real-World Impact!
2. Core ABAC Models Policy Configuration Points ABACα Can be configured to do simple forms of DAC, MAC, RBAC (Jin, Krishnan, Sandhu 2012) © Ravi Sandhu World-Leading Research with Real-World Impact!

9 2. Core ABAC Models ABACβ Can further be configured to do many
RBAC extensions (Jin, Krishnan, Sandhu 2014) © Ravi Sandhu World-Leading Research with Real-World Impact!

10 3. Administrative ABAC Models
HGABAC Hierarchical Group and Attribute Based Access Control (HGABAC) Introduces User and Object Groups Simplifies administration of attributes Servos and Osborn, 2015 © Ravi Sandhu World-Leading Research with Real-World Impact!

11 7. ABAC Design, Engineering and Applications
Cloud Enabled IoT Alsheri, Bhatt, Patwa, Benson, Sandhu 2016 onwards © Ravi Sandhu World-Leading Research with Real-World Impact!

12 5. ABAC Policy Architectures and Languages
Amazon AWS Style © Ravi Sandhu World-Leading Research with Real-World Impact!

13 ReBAC and ABAC are not that different
4. Extended ABAC Models ReBAC vs ABAC ReBAC and ABAC are not that different (Tahmina, Sandhu 2017) © Ravi Sandhu World-Leading Research with Real-World Impact!

14 6. ABAC Enforcement Architectures
Federated ABAC Fisher 2015 NCCOE, NIST, Building Block © Ravi Sandhu World-Leading Research with Real-World Impact!

15 1. Foundational Principles and Theory
Safety Analysis Discretionary Access Control (DAC), 1970 Mandatory Access Control (MAC), 1970 Role Based Access Control (RBAC), 1995 Attribute Based Access Control (ABAC), ???? Can subject s obtain a right r on object o? Current state? Some future state? Safety Complexity Ahmed, Rajkumar, Sandhu 2016 onwards © Ravi Sandhu World-Leading Research with Real-World Impact!

16 ABAC Research Space 7. ABAC Design, Engineering and Applications
5. ABAC Policy Architectures and Languages 2. Core ABAC Models 3. Administrative ABAC Models 4. Extended 6. ABAC Enforcement Architectures 1. Foundational Principles and Theory © Ravi Sandhu World-Leading Research with Real-World Impact!

17 Take-Aways for Science of Security
Applied and Basic Combined Holistic © Ravi Sandhu World-Leading Research with Real-World Impact!

Download ppt "An Access Control Perspective on the Science of Security"

Similar presentations

INSTITUTE FOR CYBER SECURITY 1 Industry-Academia Research Synergy: Fantasy or Reality? Ravi Sandhu Executive Director and Endowed Professor Institute for.

INSTITUTE FOR CYBER SECURITY 1 Industry-Academia Research Synergy: Fantasy or Reality? Ravi Sandhu Executive Director and Endowed Professor Institute for.
1 PANEL Solving the Access Control Puzzle: Finding the Pieces and Putting Them Together Ravi Sandhu Executive Director Endowed Professor June 2010

1 PANEL Solving the Access Control Puzzle: Finding the Pieces and Putting Them Together Ravi Sandhu Executive Director Endowed Professor June 2010
SACMAT 2002 Panel Making Access Control More Usable Ravi Sandhu www.list.gmu.edu.

SACMAT 2002 Panel Making Access Control More Usable Ravi Sandhu
1 The Future of Access Control: Attributes, Automation and Adaptation Prof. Ravi Sandhu Executive Director and Endowed Chair S&P Symposium IIT Kanpur March.

1 The Future of Access Control: Attributes, Automation and Adaptation Prof. Ravi Sandhu Executive Director and Endowed Chair S&P Symposium IIT Kanpur March.
1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.

1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.
Future of Access Control: Attributes, Automation, Adaptation

Future of Access Control: Attributes, Automation, Adaptation
1 A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC Prof. Ravi Sandhu Executive Director and Endowed Chair DBSEC July 11, 2012.

1 A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC Prof. Ravi Sandhu Executive Director and Endowed Chair DBSEC July 11, 2012.
1 Security and Trust Convergence: Attributes, Relations and Provenance Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown.

1 Security and Trust Convergence: Attributes, Relations and Provenance Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown.
Attribute-Based Access Control Models and Beyond

Attribute-Based Access Control Models and Beyond
1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.

1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.
11 World-Leading Research with Real-World Impact! Role and Attribute Based Collaborative Administration of Intra-Tenant Cloud IaaS (Invited Paper) Xin.

11 World-Leading Research with Real-World Impact! Role and Attribute Based Collaborative Administration of Intra-Tenant Cloud IaaS (Invited Paper) Xin.
1 Institute for Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Chair February 4, 2015

1 Institute for Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Chair February 4, 2015
1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.

1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.
1 Big Data Applications in Cloud and Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Professor UTSA COB Symposium on Big Data, Big Challenges.

1 Big Data Applications in Cloud and Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Professor UTSA COB Symposium on Big Data, Big Challenges.
1 Grand Challenges in Authorization Systems Prof. Ravi Sandhu Executive Director and Endowed Chair November 14, 2011

1 Grand Challenges in Authorization Systems Prof. Ravi Sandhu Executive Director and Endowed Chair November 14, 2011
1 The Authorization Leap from Rights to Attributes: Maturation or Chaos? Prof. Ravi Sandhu Executive Director and Endowed Chair SACMAT June 21, 2012

1 The Authorization Leap from Rights to Attributes: Maturation or Chaos? Prof. Ravi Sandhu Executive Director and Endowed Chair SACMAT June 21, 2012
1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.

1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.
1 Cloud Computing and Security Prof. Ravi Sandhu Executive Director and Endowed Chair April 19, 2013 © Ravi Sandhu.

1 Cloud Computing and Security Prof. Ravi Sandhu Executive Director and Endowed Chair April 19, © Ravi Sandhu.
1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.

1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.
1 Security and Privacy in Human-Centric Computing and Big Data Management Prof. Ravi Sandhu Executive Director and Endowed Chair CODASPY 2013 February.

1 Security and Privacy in Human-Centric Computing and Big Data Management Prof. Ravi Sandhu Executive Director and Endowed Chair CODASPY 2013 February.

Similar presentations

Ads by Google