Managing Cyber-Identity, Authorization and Trust (and their inter-relationships) Prof. Ravi Sandhu Laboratory for Information Security Technology George.

Slides:



Advertisements
Similar presentations
INSTITUTE FOR CYBER SECURITY 1 Trusted Computing Models Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University.
Advertisements

Cyber-Identity, Authority and Trust in an Uncertain World
Cyber-Identity, Authority and Trust in an Uncertain World
INSTITUTE FOR CYBER SECURITY 1 Application-Centric Security: How to Get There Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
INSTITUTE FOR CYBER SECURITY 1 Cyber Security: What You Need to Know Prof. Ravi Sandhu Executive Director and Chief Scientist Institute for Cyber Security.
Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University
The Future: Evolution of the Technology Ravi Sandhu Chief Scientist TriCipher, Inc. Los Gatos, California Executive Director and Chaired Professor Institute.
Cyber-Identity and Authorization in an Uncertain World Ravi Sandhu Laboratory for Information Security Technology Department of Information.
© 2004 Ravi Sandhu The Schematic Protection Model (SPM) Ravi Sandhu Laboratory for Information Security Technology George Mason University.
© 2004 Ravi Sandhu The Safety Problem in Access Control HRU Model Ravi Sandhu Laboratory for Information Security Technology George Mason.
1 Framework for Role-Based Delegation Models (RBDMs) By: Ezedin S.Barka and Ravi Sandhu Laboratory Of Information Security Technology George Mason University.
© 2004 Ravi Sandhu A Perspective on Graphs and Access Control Models Ravi Sandhu Laboratory for Information Security Technology George.
SACMAT 2002 Panel Making Access Control More Usable Ravi Sandhu
INSTITUTE FOR CYBER SECURITY 1 The PEI Framework for Application-Centric Security Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for.
Towards Usage Control Models: Beyond Traditional Access Control 7 th SACMAT, June 3, 2002 Jaehong Park and Ravi Sandhu Laboratory for Information Security.
Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu
© 2006 Ravi Sandhu Secure Information Sharing Enabled by Trusted Computing and PEI * Models Ravi Sandhu (George Mason University and TriCipher)
ENGINEERING AUTHORITY AND TRUST IN CYBERSPACE: A ROLE-BASED APPROACH Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University.
1 New Trends and Challenges in Computer Network Security Ravi Sandhu Executive Director and Endowed Professor September 2010
© 2006 Ravi Sandhu Cyber-Identity, Authority and Trust Systems Prof. Ravi Sandhu Professor of Information Security and Assurance Director,
Safety in Access Control Take-Grant (best viewed in slide-show mode)
© Ravi Sandhu Introduction to Information Security Ravi Sandhu.
© Ravi Sandhu Security Issues in P2P Systems Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University.
© 2005 Ravi Sandhu Permissions and Inheritance (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology.
© 2005 Ravi Sandhu Administrative Scope (continued) (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology.
© 2005 Ravi Sandhu Role Usage and Activation Hierarchies (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security.
OM-AM and RBAC Ravi Sandhu * Laboratory for Information Security Technology (LIST) George Mason University.
Engineering Authority and Trust in Cyberspace: The OM-AM and RBAC Way Prof. Ravi Sandhu George Mason University
1 Cyber Security Research: A Personal Perspective Prof. Ravi Sandhu Executive Director and Endowed Chair January 18, 2013
S CENARIOS FOR THE F UTURE OF THE C ANADIAN P AYMENTS S YSTEM A UTHENTICATION AND I DENTITY W ORKSHOP N OVEMBER 3, 2010 Greg Wolfond.
Attribute-Based Access Control Models and Beyond
CoreGRID Workpackage 5 Virtual Institute on Grid Information and Monitoring Services Authorizing Grid Resource Access and Consumption Erik Elmroth, Michał.
FI-WARE – Future Internet Core Platform FI-WARE Security July 2011 High-level Description.
1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.
The Business of Identity Management Barry R. Ribbeck Director Systems Architecture & Infrastructure Rice University
The Beneficent the MERCIFUL In the NAME of. “ASSURING RELIABLE AND SECURE IT SERVICES”
1 Grand Challenges in Authorization Systems Prof. Ravi Sandhu Executive Director and Endowed Chair November 14, 2011
1 Cloud Computing and Security Prof. Ravi Sandhu Executive Director and Endowed Chair April 19, © Ravi Sandhu.
Internet2 AdvCollab Apps 1 Access Grid Vision To create virtual spaces where distributed people can work together. Challenges:
Need for Security Control access to servicesControl access to services Ensure confidentialityEnsure confidentiality Guard against attacksGuard against.
1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.
University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.
Security Issues and Challenges in High Performance Grid Computing SASA SUBOTIC SASA SUBOTIC University of Pretoria.
2-Oct-0101 October 2001 Directories as Middleware Keith Hazelton, Senior IT Architect University of Wisconsin-Madison Keith Hazelton, Senior IT Architect.
1 Cyber Security A Personal Perspective Prof. Ravi Sandhu Executive Director and Endowed Chair January 15, 2016
Author: Krishna P.C. Madhavan And Sebastien Goasguen Saurabh Goyal Purnima Mandava.
1 Security and Privacy in Human-Centric Computing and Big Data Management Prof. Ravi Sandhu Executive Director and Endowed Chair CODASPY 2013 February.
1 Open Discussion PSOSM 2012 Prof. Ravi Sandhu Executive Director and Endowed Chair © Ravi Sandhu.
1 Views of Cloud Computing Prof. Ravi Sandhu Executive Director and Endowed Chair March 25, © Ravi Sandhu.
A Study of Certification Authority Integration Model in a PKI Trust Federation on Distributed Infrastructures for Academic Research Eisaku SAKANE, Takeshi.
CompTIA Security+ Certification Exam SY COMPTIA SECURITY+SY0-401 Q&A is a straight forward,efficient,and effective method of preparing for the new.
Introduction to Information Security Module 1. Objectives Definitions of information technology and information security Fundamental Security Concepts.
The IT Industry Computer and Information Systems Systems Security Understand how organisations use business information and the issues related to the use.
Institute for Cyber Security
Solving the Identity Crisis
Introduction to Cyber Security
Introduction and Basic Concepts
Attribute-Based Access Control (ABAC)
Identity Infrastructure Fundamentals and Key Capabilities
Security and Privacy in the Age of the Internet of Things:
Intersection of Data, Policy and Privacy
Authentication and Authorization Federation
Challenges? We got challenges!!!
Lecture 10: Usable Security
Views of Cloud Computing
Cyber Security Research: A Personal Perspective
Attribute-Based Access Control (ABAC)
World-Leading Research with Real-World Impact!
Presentation transcript:

Managing Cyber-Identity, Authorization and Trust (and their inter-relationships) Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University

2 Problem Drivers and Consequences PROBLEM DRIVERS Uncertain threat: We always fight the last war Technological change: B2B integration, Pervasive (ubiquitous) computing, Peer-to-peer, grid and utility computing, Intels LaGrande and Microsofts Longhorn, the next Intel, Microsoft, Cisco, … Business change: Outsourcing/globalization, Cost/ROI, federated identity (relying party is NOT the identity provider), identity grades (identity vetting, authentication strength, purpose, privacy all vary) CONSEQUENCES The 3-decade old problem of managing identity, authorization and trust is rapidly becoming more difficult, challenging and essential Real progress requires radical shifts in our approach and fundamental advances in basic research

3 Radical Shifts: get real Focus on what needs to be done rather than how it is to be done real-word business requirements rather than hypothetical academic scenarios the 80% problem rather than the 120% problem soft and informal rather than hard and formal constructing the policy rather than auditing the policy constructive safety via policy articulation and evolution rather than post-facto algorithmic safety ordinary consumers as end-users and administrators rather than techno-geeks or math-geeks

4 Radical Shifts: good enough beats perfect EASY SECURE COST Security geeksReal-world users System owner

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.