INSTITUTE FOR CYBER SECURITY April 20081 Access Control and Semantic Web Technologies Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.

Slides:



Advertisements
Similar presentations
FERRARA`S GROUP DISCUSSION COMPARISON BETWEEN OLD NTUPLA vs THE NEW ONE.
Advertisements

INSTITUTE FOR CYBER SECURITY 1 Trusted Computing Models Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University.
INSTITUTE FOR CYBER SECURITY 1 The ASCAA * Principles Applied to Usage Control Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
CDISC based eSubmission Key Points of the CDISC SDTM/ADaM Pilot
1 Mesures détalement Mesures détalement par SiProt avec TimePix CEA Saclay Réunion RESIST 7 avril 2008 David ATTIÉ
SiTPC status in Saclay David Attié SiTPC Phone Meeting,
Cyber-Identity, Authority and Trust in an Uncertain World
INSTITUTE FOR CYBER SECURITY 1 Application-Centric Security: How to Get There Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
INSTITUTE FOR CYBER SECURITY 1 Industry-Academia Research Synergy: Fantasy or Reality? Ravi Sandhu Executive Director and Endowed Professor Institute for.
INSTITUTE FOR CYBER SECURITY 1 The PEI + UCON Framework for Application Security Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
Institute for Cyber Security ASCAA Principles for Next- Generation Role-Based Access Control Ravi Sandhu Executive Director & Endowed Professor Institute.
INSTITUTE FOR CYBER SECURITY 1 The PEI Framework for Application-Centric Security Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for.
Institute for Cyber Security
Institute for Cyber Security ASCAA Principles for Next-Generation Role-Based Access Control Ravi Sandhu Executive Director and Endowed Chair Institute.
© 2006 Ravi Sandhu Cyber-Identity, Authority and Trust Systems Prof. Ravi Sandhu Professor of Information Security and Assurance Director,
Resource Description And Access: The Practical Impact of RDA Patricia Longo OLA Conference February 2, 2008.
PRAGMA 14 – Taichung March High Performance and Grid Computing Group Faculty of Computer Science and Engineering Ho Chi Minh City University.
GL10 – December 8-9, Grey literature in French digital repositories: a survey J. Schöpfel (University of Lille 3) C. Stock (INIST-CNRS)
Financial and Grants Management Institute - March 18-20, Federal Grants Management for Fiscal Staff.
Financial and Grants Management Institute - March 18-20, Developing and Managing Your Budget.
29 May GNSO Improvements Top Level Plan 29 May 2009 Plan distributed 22 May by Avri.
Sep 3, 2008NVOSS Mobile VO Mike Fitzpatrick NOAO.
December Extraction of exclusive neutral pions electro-production cross sections in Hall Jefferson Laboratory. Eric FUCHEY Ph.D
Masterclass Introduction to hands-on Exercise Aim of the exercise Find out what happens in proton-proton collisions at the LHC as seen by the ATLAS.
Masterclass Introduction to hands-on Exercise Aim of the exercise Identify electrons, muons, neutrinos in the ATLAS detector Types of Events (particles.
Copyright Josep Torrellas 2003,20081 Cache Coherence Instructor: Josep Torrellas CS533 Term: Spring 2008.
10/04/20081 TWG of ESF Committee 10 April 2008 Franck Sébert Head of unit DG EMPL/I/1 Relations with Control Authorities Action plan to strengthen the.
EPI809/Spring Chapter 10 Hypothesis testing: Categorical Data Analysis.
Determination of Forward and Futures Prices Chapter 5 Options, Futures, and Other Derivatives, 7th Edition, Copyright © John C. Hull
National greenhouse gas inventories and official statistics - Finnish experiences Riitta Pipatti Statistics Finland Conference on Climate Change, Development.
Martin Wolpers & Erik Duval 7 Dezember  Today – LAST LECTURE!  Student presentations  Wrap-up  Oral examens  Feedback  About the course 
April 18, iContent Document Management StudentHRPAYFinance Other.
Warschauer, M. (2002). A developmental perspective on technology in language education. TESOL Quarterly, 36(3) ELTAM A Developmental Perspective.
Patterns and Algebra in Stages 3 and 4 Judy Anderson The University of Sydney AIS Conference 2008.
Interplay of the ADA, FMLA, and Workers’ Compensation Training for Supervisors •
Competitive Intelligence – It’s Not Just For Spies! March 10, 2008 Linda Rink President.
System Level Interconnect Prediction (SLIP) Sidewinder: A Scalable ILP-Based Router Jin Hu, Jarrod Roy, and Igor Markov Dept. of Computer Science.
© IPC, IPC Initiative Future of Mail by Air; why we started.
02/12/ a tutorial on Markov Chain Monte Carlo (MCMC) Dima Damen Maths Club December 2 nd 2008.
TRD alignment with Muenster cosmics, D. Miskowiec, TRD status, 07-Jun TRD alignment with (German) cosmics Dariusz Miśkowiec (GSI), Eva Sicking (Uni.
Modular – Flexible – Networked
UK Higher Education library statistics The role of SCONUL.
REVISION 3 Present Perfect Simple Past Simple Conversation
Future of Access Control: Attributes, Automation, Adaptation
1 A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC Prof. Ravi Sandhu Executive Director and Endowed Chair DBSEC July 11, 2012.
Attribute-Based Access Control Models and Beyond
1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.
11 World-Leading Research with Real-World Impact! Role and Attribute Based Collaborative Administration of Intra-Tenant Cloud IaaS (Invited Paper) Xin.
1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.
1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.
1 T. Hill Review of: ROWLBAC – Representing Role Based Access Control in OWL T. Finin, A. Joshi L. Kagal, B. Thuraisingham, J. Niu, R. Sandhu, W. Winsborough.
INSTITUTE FOR CYBER SECURITY 1 Purpose-Centric Secure Information Sharing Ravi Sandhu Executive Director and Endowed Professor Institute for Cyber Security.
Institute for Cyber Security
Institute for Cyber Security
Past, Present and Future
Institute for Cyber Security
On the Value of Access Control Models
Institute for Cyber Security
Institute for Cyber Security
ABAC Panel Prof. Ravi Sandhu Executive Director and Endowed Chair
Institute for Cyber Security
Attribute-Based Access Control (ABAC)
Cyber Security Research: Applied and Basic Combined*
Application-Centric Security
ASCAA Principles for Next-Generation Role-Based Access Control
Assured Information Sharing
Institute for Cyber Security
Cyber Security Research: A Personal Perspective
Cyber Security Research: Applied and Basic Combined*
Attribute-Based Access Control (ABAC)
Presentation transcript:

INSTITUTE FOR CYBER SECURITY April Access Control and Semantic Web Technologies Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University of Texas at San Antonio April 2008

INSTITUTE FOR CYBER SECURITY April Theme Access control has always had to adjust as new Information Technologies came into play Operating systems Relational DBMSs Object oriented systems XML: XACML, XRML Therefore, semantic web technologies will also require a change in access control But in the meantime access control itself has evolved DAC and MAC RBAC Trust Management, Obligations, Attribute-based access control Policy languages Usage control So semantic web technologies may also need to change to accommodate some of these developments

INSTITUTE FOR CYBER SECURITY April Theme Security itself has fundamentally changed Enterprise security Multi-party security Black-and-white security Gray security Limited points of access Access anytime anywhere Engage with one service at a time Engage with multiple services concurrently

INSTITUTE FOR CYBER SECURITY April Models versus Policy Languages Access control models Built on abstractions Incomplete Testable for conformance Guidance for security architects DAC, MAC, RBAC, UCON Policy languages Specify what authorizations apply under various circumstances Industry standard: XACML Academic implementation oriented: Ponder Several theoretical languages Semantic web: Kaos, Rei, Rein, KAoS Need synergy between these two streams of research Models provide a framework but are necessarily incomplete Languages by themselves provide no guidance or framework

INSTITUTE FOR CYBER SECURITY April Partners in Crime Proceedings ACM Symposium on Access Control Models and Technologies (SACMAT), 2008, to appear

INSTITUTE FOR CYBER SECURITY April NIST RBAC Standard Model

INSTITUTE FOR CYBER SECURITY April NIST RBAC Standard Model

INSTITUTE FOR CYBER SECURITY April NIST RBAC Standard RBAC

INSTITUTE FOR CYBER SECURITY April US Persons Role Hierarchy

INSTITUTE FOR CYBER SECURITY April ROWLBAC: 2 Approaches

INSTITUTE FOR CYBER SECURITY April Common Elements

INSTITUTE FOR CYBER SECURITY April Roles as Classes: Role Hierarchies

INSTITUTE FOR CYBER SECURITY April Roles as Classes: SSD, DSD

INSTITUTE FOR CYBER SECURITY April Roles as Classes: Role- Permission

INSTITUTE FOR CYBER SECURITY April Roles as Classes: Enforcing DSD

INSTITUTE FOR CYBER SECURITY April Roles as Values

INSTITUTE FOR CYBER SECURITY April Roles as Values: Hierarchical Roles

INSTITUTE FOR CYBER SECURITY April Roles as Values: SSD, DSD

INSTITUTE FOR CYBER SECURITY April Roles as Values: Role Permissions

INSTITUTE FOR CYBER SECURITY April Roles as Values: Enforcing RBAC

INSTITUTE FOR CYBER SECURITY April ROWLBAC: 2 Approaches

INSTITUTE FOR CYBER SECURITY April The UCON Model unified model integrating authorization obligation conditions and incorporating continuity of decisions mutability of attributes

INSTITUTE FOR CYBER SECURITY April UCON Extensions UCON future obligations UCON system obligations

INSTITUTE FOR CYBER SECURITY April Unifying Policy Framework

INSTITUTE FOR CYBER SECURITY April Unifying Policy Framework

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.