Presentation is loading. Please wait.

Presentation is loading. Please wait.

11 World-Leading Research with Real-World Impact! RT-Based Administrative Models for Community Cyber Security Information Sharing Ravi Sandhu, Khalid Zaman.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "11 World-Leading Research with Real-World Impact! RT-Based Administrative Models for Community Cyber Security Information Sharing Ravi Sandhu, Khalid Zaman."— Presentation transcript:

1 11 World-Leading Research with Real-World Impact! RT-Based Administrative Models for Community Cyber Security Information Sharing Ravi Sandhu, Khalid Zaman Bijon, Xin Jin, Ram Krishnan Institute for Cyber Security University of Texas at San Antonio Oct. 15, 2011 International Workshop on Trusted Collaboration Institute for Cyber Security

2 2 Community is well demarcated geographical boundary  E.g. county or larger city Secure Information Sharing in Community Center for Infrastructure Assurance and Security (CIAS)  communication, incident response, disaster recovery, etc Sandhu et al 1 proposed an informal requirements for information sharing for cooperative cyber incident management in a community World-Leading Research with Real-World Impact! Community Cyber Security 1 R. Sandhu, R. Krishnan, and G. White. Towards secure information sharing models for community cyber security. In Proc. 6th IEEE Int. Conf. on Collaborative Computing, 2010.

3 3 Community Cyber Security Core Group Incident Group Open Group Automatic Membership Administered Membership Filtered RW Administered Membership Filtered RW Administered Membership Domain Experts World-Leading Research with Real-World Impact!

4 4 1 Role Based Trust Management (RT) framework  Strong mathematical foundation, explicit inclusions of roles, sizeable literature The basic constructs of RT 0  Entities (A, B 1, Alice, etc)  Role names (r, r 1, student, etc)  Role (A.r, B 1.r 1, U 1.student, etc) Four types of credentials (An Entity can issue)  Simple Member: A.r ← D  Simple Inclusion: A.r ← B.r  Linking Inclusion: A.r ← A.r 1.r 2  Intersection Inclusion: A.r ← B 1.r 1 ∩B 2.r 2 Administrative Model World-Leading Research with Real-World Impact! 1 N. Li, J. C. Mitchell, and W. H. Winsborough. Design of a rolebased trust management framework. In Proc. of the IEEE Symposium on Security and Privacy, May 2002, 2010.

5 Community Elements Community Entities  CG (core group), OG (open group), IG (incident group)  CPS (San Antonio Energy Utility), SAWS (San Antonio Water System), SAPD (San Antonio Police Department)  SAT (Hypothetical Entity that represents the community), etc Roles  CG.user (All core group users)  SAT.member (Members of San Antonio Community)  CPS.itmember (IT members of CPS), etc World-Leading Research with Real-World Impact!

6 6 Membership Management (Core Group) SAT CG.user <- SAT.member.cgrep SAT.member <- CPS “Core” Group SAWS.cgrep <- Carol SAWS SAT.member <- SAPD SAT.member <- SAWS CPS SAPD CPS.cgrep <-Alice SAPD.cgrep <- Danl Alice Dan Carol World-Leading Research with Real-World Impact!

7 7 Membership Management (Open Group) SAT SAT.member <- CPS SAWS.itmembere <- Bob SAWS SAT.member <- SAPD SAT.member <- SAWS CPS SAPD CPS.itmember <-Eve SAPD.itmember <- Gray Eve Gray Bob “Open” Group OG.user <- CG.user ∩ OG.volunteer <-Eve OG.user <- SAT.member.itmember ∩ OG.volunteer I want! I don’t! World-Leading Research with Real-World Impact!

8 Membership Management (Incident Group) Core Group Alice Hilda Eve “Incident” Group ∩ ∩ ∩ Open Group Domain Expert CG.user IG.authorized ← Alice OG.user IG.authorized ← Eve SAT.domainexpert IG.authorized ← Hilda IG.user ← CG.user ∩ IG.authorized IG.user ← OG.user ∩ IG.authorized IG.user ← SAT.domainexpert ∩ IG.authorized World-Leading Research with Real-World Impact! 8

9 9 Single Document Releases to An Incident Group  Using RT 1 and RT Θ  An incident group can request a particular document to core  Parameterized Role CG.read(?o) can read single object ?o upon approval from core  A CG.user can approve it if he is not an IG.user of that Incident group Delegation of Role Activation  Using RT D Extended Features World-Leading Research with Real-World Impact!

10 10 Core Group Incident Groups Open Group Automatic Membership Administered Membership Filtered RW Administered Membership Domain Experts Community Cyber Security write Administered Membership Filtered Read Administered Membership World-Leading Research with Real-World Impact!

11 11 RT as an administrative model in this context Limitations of RT approach  Entity-Owned only membership  Reverse Credential Chains  Unable to Support Administration from an External Entity Conclusion World-Leading Research with Real-World Impact!

Download ppt "11 World-Leading Research with Real-World Impact! RT-Based Administrative Models for Community Cyber Security Information Sharing Ravi Sandhu, Khalid Zaman."

Similar presentations

INSTITUTE FOR CYBER SECURITY 1 Trusted Computing Models Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University.

INSTITUTE FOR CYBER SECURITY 1 Trusted Computing Models Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University.
Towards Secure Information Sharing Models for Community Cyber Security Ravi Sandhu, Ram Krishnan and Gregory B. White Institute for Cyber Security University.

Towards Secure Information Sharing Models for Community Cyber Security Ravi Sandhu, Ram Krishnan and Gregory B. White Institute for Cyber Security University.
11 World-Leading Research with Real-World Impact! A Framework for Risk-Aware Role Based Access Control Khalid Zaman Bijon, Ram Krishnan and Ravi Sandhu.

11 World-Leading Research with Real-World Impact! A Framework for Risk-Aware Role Based Access Control Khalid Zaman Bijon, Ram Krishnan and Ravi Sandhu.
Institute for Cyber Security

Institute for Cyber Security
Towards A Framework for Cyber Social Status Based Trusted Open Collaboration Oct. 9, 2010 Jaehong Park, Yuan Cheng, Ravi Sandhu Institute for Cyber Security.

Towards A Framework for Cyber Social Status Based Trusted Open Collaboration Oct. 9, 2010 Jaehong Park, Yuan Cheng, Ravi Sandhu Institute for Cyber Security.
Institute for Cyber Security

Institute for Cyber Security
11 World-Leading Research with Real-World Impact! A Lattice Interpretation of Group-Centric Collaboration with Expedient Insiders Khalid Zaman Bijon, Tahmina.

11 World-Leading Research with Real-World Impact! A Lattice Interpretation of Group-Centric Collaboration with Expedient Insiders Khalid Zaman Bijon, Tahmina.
1 April 12, 2010 Information Security Officer Meeting.

1 April 12, 2010 Information Security Officer Meeting.
11 World-Leading Research with Real-World Impact! Integrated Provenance Data for Access Control in Group-centric Collaboration Dang Nguyen, Jaehong Park.

11 World-Leading Research with Real-World Impact! Integrated Provenance Data for Access Control in Group-centric Collaboration Dang Nguyen, Jaehong Park.
Secure Cyber Incident Information Sharing UTSA Team Leads Dr. Ram Krishnan, Assistant Professor, ECE Dr. Ravi Sandhu, Executive Director, ICS April 30,

Secure Cyber Incident Information Sharing UTSA Team Leads Dr. Ram Krishnan, Assistant Professor, ECE Dr. Ravi Sandhu, Executive Director, ICS April 30,
1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.

1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.
1 A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC Prof. Ravi Sandhu Executive Director and Endowed Chair DBSEC July 11, 2012.

1 A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC Prof. Ravi Sandhu Executive Director and Endowed Chair DBSEC July 11, 2012.
1 Security and Trust Convergence: Attributes, Relations and Provenance Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown.

1 Security and Trust Convergence: Attributes, Relations and Provenance Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown.
Institute for Cyber Security Extending OpenStack Access Control with Domain Trust World-Leading Research with Real-World Impact! 1 Bo Tang and Ravi Sandhu.

Institute for Cyber Security Extending OpenStack Access Control with Domain Trust World-Leading Research with Real-World Impact! 1 Bo Tang and Ravi Sandhu.
Attribute-Based Access Control Models and Beyond

Attribute-Based Access Control Models and Beyond
11 World-Leading Research with Real-World Impact! Constraints Specification for Virtual Resource Orchestration in Cloud IaaS Constraints Specification.

11 World-Leading Research with Real-World Impact! Constraints Specification for Virtual Resource Orchestration in Cloud IaaS Constraints Specification.
1 Plenary Panel on Cloud Security and Privacy: What is new and What needs to be done? Ravi Sandhu Executive Director and Endowed Professor December 2010.

1 Plenary Panel on Cloud Security and Privacy: What is new and What needs to be done? Ravi Sandhu Executive Director and Endowed Professor December 2010.
An Introduction to Decentralized Trust Management Sandro Etalle University of Twente thanks to William H. Winsborough – University of Texas S. Antonio.

An Introduction to Decentralized Trust Management Sandro Etalle University of Twente thanks to William H. Winsborough – University of Texas S. Antonio.
1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.

1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.
11 World-Leading Research with Real-World Impact! Role and Attribute Based Collaborative Administration of Intra-Tenant Cloud IaaS (Invited Paper) Xin.

11 World-Leading Research with Real-World Impact! Role and Attribute Based Collaborative Administration of Intra-Tenant Cloud IaaS (Invited Paper) Xin.

Similar presentations

Ads by Google