On the Value of Access Control Models

Slides:



Advertisements
Similar presentations
INSTITUTE FOR CYBER SECURITY 1 Industry-Academia Research Synergy: Fantasy or Reality? Ravi Sandhu Executive Director and Endowed Professor Institute for.
Advertisements

1 PANEL Solving the Access Control Puzzle: Finding the Pieces and Putting Them Together Ravi Sandhu Executive Director Endowed Professor June 2010
Institute for Cyber Security
1 New Trends and Challenges in Computer Network Security Ravi Sandhu Executive Director and Endowed Professor September 2010
Future of Access Control: Attributes, Automation, Adaptation
1 Security and Trust Convergence: Attributes, Relations and Provenance Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown.
Attribute-Based Access Control Models and Beyond
1 Plenary Panel on Cloud Security and Privacy: What is new and What needs to be done? Ravi Sandhu Executive Director and Endowed Professor December 2010.
1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.
1 Privacy and Access Control: How are These Two Concepts Related? Prof. Ravi Sandhu Executive Director and Endowed Chair SACMAT Panel June 3, 2015
1 Institute for Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Chair February 4, 2015
1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.
1 Big Data Applications in Cloud and Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Professor UTSA COB Symposium on Big Data, Big Challenges.
1 Grand Challenges in Authorization Systems Prof. Ravi Sandhu Executive Director and Endowed Chair November 14, 2011
1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.
1 Cloud Computing and Security Prof. Ravi Sandhu Executive Director and Endowed Chair April 19, © Ravi Sandhu.
1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.
1 Panel on Data Usage Management: Technology or Regulation? Prof. Ravi Sandhu Executive Director and Endowed Chair DUMA 2013 May 23, 2013
1 Security and Privacy in Human-Centric Computing and Big Data Management Prof. Ravi Sandhu Executive Director and Endowed Chair CODASPY 2013 February.
1 Open Discussion PSOSM 2012 Prof. Ravi Sandhu Executive Director and Endowed Chair © Ravi Sandhu.
1 Role-Based Access Control (RBAC) Prof. Ravi Sandhu Executive Director and Endowed Chair January 29, © Ravi.
1 Secure Cloud Computing: A Research Perspective Prof. Ravi Sandhu Executive Director and Endowed Chair Texas Fresh Air Big Data and Data Analytics Conference.
INSTITUTE FOR CYBER SECURITY 1 Purpose-Centric Secure Information Sharing Ravi Sandhu Executive Director and Endowed Professor Institute for Cyber Security.
Role-Based Access Control (RBAC)
Institute for Cyber Security
Institute for Cyber Security
Institute for Cyber Security
Security and Privacy in the Networked World
An Access Control Perspective on the Science of Security
Institute for Cyber Security (ICS) & Center for Security and Privacy Enhanced Cloud Computing (C-SPECC) Ravi Sandhu Executive Director Professor of.
UTSA's New Center Center for Security and Privacy Enhanced Cloud Computing (C-SPECC) Ravi Sandhu Executive Director of ICS and C-SPECC Professor.
Institute for Cyber Security: Research Vision
Attribute-Based Access Control (ABAC)
Attribute-Based Access Control: Insights and Challenges
Role-Based Access Control (RBAC)
Identity and Access Control in the
Executive Director and Endowed Chair
Executive Director and Endowed Chair
Cyber Security Research: Applied and Basic Combined*
Challenge-Response Authentication
Institute for Cyber Security
Institute for Cyber Security
ABAC Panel Prof. Ravi Sandhu Executive Director and Endowed Chair
Institute for Cyber Security
Attribute-Based Access Control (ABAC)
Cyber Security Research: Applied and Basic Combined*
Institute for Cyber Security: Research Vision
Security and Privacy in the Age of the Internet of Things:
Intersection of Data, Policy and Privacy
Authentication and Authorization Federation
Executive Director and Endowed Chair
UTSA Cyber Security Ecosystem
Attribute-Based Access Control: Insights and Challenges
Cyber Security and Privacy: An Optimist’s Perspective
Identity and Access Control in the
Big Data and Privacy Panel Prof. Ravi Sandhu
Executive Director and Endowed Chair
NIST-ANSI RBAC Model Prof. Ravi Sandhu.
Institute for Cyber Security Overview
Challenge-Response Authentication
Assured Information Sharing
Institute for Cyber Security
Cyber Security Research: A Personal Perspective
Cyber Security Research: Applied and Basic Combined*
World-Leading Research with Real-World Impact!
Attribute-Based Access Control (ABAC)
Access Control Evolution and Prospects
Cyber Security R&D: A Personal Perspective
World-Leading Research with Real-World Impact!
Access Control Evolution and Prospects
Presentation transcript:

On the Value of Access Control Models Ravi Sandhu Executive Director and Chief Scientist Professor of Computer Science Lutcher Brown Chair in Cyber Security SACMAT Panel, June 14, 2018 www.profsandhu.com World-Leading Research with Real-World Impact!

Ravi Sandhu Executive Director and Chief Scientist Attributes? Roles? Relationships? or no model at all? Model base vs Learnt Policies: Finding balance between expressible and usable policies Ravi Sandhu Executive Director and Chief Scientist Professor of Computer Science Lutcher Brown Chair in Cyber Security SACMAT Panel, June 14, 2018 www.profsandhu.com World-Leading Research with Real-World Impact!

World-Leading Research with Real-World Impact! Value of a “Good” Model NIST-ANSI Standard Adopted NIST-ANSI Standard Proposed RBAC96 model Ludwig Fuchs, Gunther Pernul and Ravi Sandhu, Roles in Information Security-A Survey and Classification of the Research Area, Computers & Security, Volume 30, Number 8, Nov. 2011, pages 748-76 © Ravi Sandhu World-Leading Research with Real-World Impact!

World-Leading Research with Real-World Impact! ABAC Status NIST-ANSI Standard Adopted NIST-ANSI Standard Proposed RBAC96 model 1990? 2018 ABAC still in pre/early phase © Ravi Sandhu World-Leading Research with Real-World Impact!

Risk of “Bad” Models for ABAC Adoption Good model is missing Incomplete model: ABAC = XACML Enforcement model: ABAC = ABE X X © Ravi Sandhu World-Leading Research with Real-World Impact!

Cyber Challenge: Evaluation of Models Elephant Problem Cyber-Elephant Problem Natural vs Cyber Science © Ravi Sandhu World-Leading Research with Real-World Impact!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.