Presentation is loading. Please wait.

Presentation is loading. Please wait.

Attribute-Based Access Control: Insights and Challenges

Published byEdwina Morrison Modified over 5 years ago

Similar presentations

Presentation on theme: "Attribute-Based Access Control: Insights and Challenges"— Presentation transcript:

1 Attribute-Based Access Control: Insights and Challenges
Ravi Sandhu Executive Director and Chief Scientist Professor of Computer Science Lutcher Brown Chair in Cyber Security University of South Florida April 4, 2018 World-Leading Research with Real-World Impact!

2 ICS Mission and History
Sustained excellence in graduate-level sponsored research Graduated to a self-sustaining operation Founded by start-up funding from State of Texas Major expansion by winning NSF C-SPECC grant In collaboration with: College of Engineering College of Business College of Education Open Cloud Institute Cyber Center for Security & Analytics Situated in the College of Science, Department of Computer Science Established world class laboratories for: Secure cloud computing and Malware research © Ravi Sandhu World-Leading Research with Real-World Impact!

3 Natural vs Cyber Science
Elephant Problem Cyber-Elephant Problem The cyber-elephant problem requires Applied and Basic research Combined (ABC) * The New ABCs of Research, Ben Schneiderman, 2016 © Ravi Sandhu World-Leading Research with Real-World Impact!

4 ICS Major Research Areas
SECURITY TECHNOLOGIES Access Control Policy Malware Detection and Forensics Security Dynamics APPLICATION DOMAINS Cloud Computing Internet of Things (IoT) Social Networks Enterprise Goal: Broaden and Deepen © Ravi Sandhu World-Leading Research with Real-World Impact!

5 Cyber Security Landscape
Objectives POLICY ATTACKS What? Why? Enforce Enable Defend Respond PROTECT DETECT Complement How? Mechanisms © Ravi Sandhu World-Leading Research with Real-World Impact!

6 Cyber Security Landscape
Objectives POLICY ATTACKS What? Why? Enforce Enable Defend Respond Access Control PROTECT DETECT Complement How? Mechanisms © Ravi Sandhu World-Leading Research with Real-World Impact!

7 Cyber Security Landscape
Objectives POLICY ATTACKS What? Why? Enforce Enable Defend Respond Access Control PROTECT DETECT Complement How? Mechanisms © Ravi Sandhu World-Leading Research with Real-World Impact!

8 Access Control Evolution
Fixed policy Discretionary Access Control (DAC), 1970 Mandatory Access Control (MAC), 1970 Role Based Access Control (RBAC), 1995 Attribute Based Access Control (ABAC), ???? Flexible policy Born 1990s © Ravi Sandhu World-Leading Research with Real-World Impact!

9 ABAC Research Space 7. ABAC Design, Engineering and Applications
5. ABAC Policy Architectures and Languages 2. Core ABAC Models 3. Administrative ABAC Models 4. Extended 6. ABAC Enforcement Architectures 1. Foundational Principles and Theory © Ravi Sandhu World-Leading Research with Real-World Impact!

10 Core ABAC Models: ABACα
Can be configured to do simple forms of DAC, MAC, RBAC (Jin, Krishnan, Sandhu 2012) © Ravi Sandhu World-Leading Research with Real-World Impact!

11 Core ABAC Models: ABACα
Policy Configuration Points Can be configured to do simple forms of DAC, MAC, RBAC (Jin, Krishnan, Sandhu 2012) © Ravi Sandhu World-Leading Research with Real-World Impact!

12 Core ABAC Models: ABACβ
Can further be configured to do many RBAC extensions (Jin, Krishnan, Sandhu 2014) © Ravi Sandhu World-Leading Research with Real-World Impact!

13 Administrative ABAC Models: HGABAC
Hierarchical Group and Attribute Based Access Control (HGABAC) Introduces User and Object Groups Simplifies administration of attributes Servos and Osborn, 2015 © Ravi Sandhu World-Leading Research with Real-World Impact!

14 ABAC Applications: Cloud Enabled IoT
Alsheri, Bhatt, Patwa, Benson, Sandhu 2016 onwards © Ravi Sandhu World-Leading Research with Real-World Impact!

15 Policy Architecture: Amazon AWS style
© Ravi Sandhu World-Leading Research with Real-World Impact!

16 ABAC Research Space * * * *
7. ABAC Design, Engineering and Applications 5. ABAC Policy Architectures and Languages * 2. Core ABAC Models 3. Administrative ABAC Models 4. Extended 6. ABAC Enforcement Architectures * * 1. Foundational Principles and Theory © Ravi Sandhu World-Leading Research with Real-World Impact!

17 Extended ABAC Models: ReBAC versus ABAC
ReBAC and ABAC are not that different (Tahmina, Sandhu 2017) © Ravi Sandhu World-Leading Research with Real-World Impact!

18 ABAC Enforcement Architecture: Federated ABAC
Fisher 2015 NCCOE, NIST, Building Block © Ravi Sandhu World-Leading Research with Real-World Impact!

19 Foundations: Safety Analysis
Discretionary Access Control (DAC), 1970 Mandatory Access Control (MAC), 1970 Role Based Access Control (RBAC), 1995 Attribute Based Access Control (ABAC), ???? Can subject s obtain a right r on object o? Current state? Some future state? Safety Complexity Ahmed, Rajkumar, Sandhu 2016 onwards © Ravi Sandhu World-Leading Research with Real-World Impact!

Download ppt "Attribute-Based Access Control: Insights and Challenges"

Similar presentations

INSTITUTE FOR CYBER SECURITY 1 Application-Centric Security: How to Get There Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.

INSTITUTE FOR CYBER SECURITY 1 Application-Centric Security: How to Get There Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
1 PANEL Solving the Access Control Puzzle: Finding the Pieces and Putting Them Together Ravi Sandhu Executive Director Endowed Professor June 2010

1 PANEL Solving the Access Control Puzzle: Finding the Pieces and Putting Them Together Ravi Sandhu Executive Director Endowed Professor June 2010
Institute for Cyber Security

Institute for Cyber Security
1 New Trends and Challenges in Computer Network Security Ravi Sandhu Executive Director and Endowed Professor September 2010

1 New Trends and Challenges in Computer Network Security Ravi Sandhu Executive Director and Endowed Professor September 2010
1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.

1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.
Future of Access Control: Attributes, Automation, Adaptation

Future of Access Control: Attributes, Automation, Adaptation
1 A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC Prof. Ravi Sandhu Executive Director and Endowed Chair DBSEC July 11, 2012.

1 A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC Prof. Ravi Sandhu Executive Director and Endowed Chair DBSEC July 11, 2012.
1 Security and Trust Convergence: Attributes, Relations and Provenance Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown.

1 Security and Trust Convergence: Attributes, Relations and Provenance Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown.
Attribute-Based Access Control Models and Beyond

Attribute-Based Access Control Models and Beyond
1 Plenary Panel on Cloud Security and Privacy: What is new and What needs to be done? Ravi Sandhu Executive Director and Endowed Professor December 2010.

1 Plenary Panel on Cloud Security and Privacy: What is new and What needs to be done? Ravi Sandhu Executive Director and Endowed Professor December 2010.
1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.

1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.
11 World-Leading Research with Real-World Impact! Role and Attribute Based Collaborative Administration of Intra-Tenant Cloud IaaS (Invited Paper) Xin.

11 World-Leading Research with Real-World Impact! Role and Attribute Based Collaborative Administration of Intra-Tenant Cloud IaaS (Invited Paper) Xin.
1 Institute for Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Chair February 4, 2015

1 Institute for Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Chair February 4, 2015
1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.

1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.
1 Big Data Applications in Cloud and Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Professor UTSA COB Symposium on Big Data, Big Challenges.

1 Big Data Applications in Cloud and Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Professor UTSA COB Symposium on Big Data, Big Challenges.
1 Grand Challenges in Authorization Systems Prof. Ravi Sandhu Executive Director and Endowed Chair November 14, 2011

1 Grand Challenges in Authorization Systems Prof. Ravi Sandhu Executive Director and Endowed Chair November 14, 2011
1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.

1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.
1 Cloud Computing and Security Prof. Ravi Sandhu Executive Director and Endowed Chair April 19, 2013 © Ravi Sandhu.

1 Cloud Computing and Security Prof. Ravi Sandhu Executive Director and Endowed Chair April 19, © Ravi Sandhu.
1 Group-Centric Models for Secure Information Sharing Prof. Ravi Sandhu Executive Director and Endowed Chair March 30, 2012

1 Group-Centric Models for Secure Information Sharing Prof. Ravi Sandhu Executive Director and Endowed Chair March 30, 2012
1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.

1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.

Similar presentations

Ads by Google