© 2006 Ravi Sandhu www.list.gmu.edu Cyber-Identity, Authority and Trust Systems Prof. Ravi Sandhu Professor of Information Security and Assurance Director,

Slides:



Advertisements
Similar presentations
INSTITUTE FOR CYBER SECURITY 1 Trusted Computing Models Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University.
Advertisements

INSTITUTE FOR CYBER SECURITY 1 The ASCAA * Principles Applied to Usage Control Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
Cyber-Identity, Authority and Trust in an Uncertain World
INSTITUTE FOR CYBER SECURITY 11 Research Opportunities at the Institute for Cyber Security (ICS) Ravi Sandhu Executive Director and Endowed Professor
1 Trust Evidence in Heterogeneous Environments: Towards a Research Agenda Ravi Sandhu Executive Director and Endowed Professor May 2010
Cyber-Identity, Authority and Trust in an Uncertain World
INSTITUTE FOR CYBER SECURITY 1 Application-Centric Security: How to Get There Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
INSTITUTE FOR CYBER SECURITY April Access Control and Semantic Web Technologies Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
1 Trust Evidence in Heterogeneous Environments: Towards a Research Agenda Ravi Sandhu Executive Director and Endowed Professor May 2010
Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University
INSTITUTE FOR CYBER SECURITY 1 The PEI + UCON Framework for Application Security Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
Cyber-Identity and Authorization in an Uncertain World Ravi Sandhu Laboratory for Information Security Technology Department of Information.
© Ravi Sandhu Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology.
© 2004 Ravi Sandhu A Perspective on Graphs and Access Control Models Ravi Sandhu Laboratory for Information Security Technology George.
Managing Cyber-Identity, Authorization and Trust (and their inter-relationships) Prof. Ravi Sandhu Laboratory for Information Security Technology George.
Information Assurance: A Personal Perspective
Institute for Cyber Security ASCAA Principles for Next- Generation Role-Based Access Control Ravi Sandhu Executive Director & Endowed Professor Institute.
INSTITUTE FOR CYBER SECURITY 1 The PEI Framework for Application-Centric Security Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for.
INFS 767 Fall 2003 The RBAC96 Model Prof. Ravi Sandhu George Mason University.
1 Safety Analysis of Usage Control (UCON) Authorization Model Xinwen Zhang, Ravi Sandhu, and Francesco Parisi-Presicce George Mason University AsiaCCS.
Towards Usage Control Models: Beyond Traditional Access Control 7 th SACMAT, June 3, 2002 Jaehong Park and Ravi Sandhu Laboratory for Information Security.
Institute for Cyber Security
© 2006 Ravi Sandhu Secure Information Sharing Enabled by Trusted Computing and PEI * Models Ravi Sandhu (George Mason University and TriCipher)
A Usage-based Authorization Framework for Collaborative Computing Systems Xinwen Zhang George Mason University Masayuki Nakae NEC Corporation Michael J.
ACCESS CONTROL: THE NEGLECTED FRONTIER Ravi Sandhu George Mason University.
SECURING CYBERSPACE: THE OM-AM, RBAC AND PKI ROADMAP Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University
Institute for Cyber Security ASCAA Principles for Next-Generation Role-Based Access Control Ravi Sandhu Executive Director and Endowed Chair Institute.
ENGINEERING AUTHORITY AND TRUST IN CYBERSPACE: A ROLE-BASED APPROACH Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University.
© Ravi Sandhu Introduction to Information Security Ravi Sandhu.
© Ravi Sandhu Security Issues in P2P Systems Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University.
© 2005 Ravi Sandhu Permissions and Inheritance (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology.
© 2005 Ravi Sandhu Role Usage and Activation Hierarchies (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security.
OM-AM and RBAC Ravi Sandhu * Laboratory for Information Security Technology (LIST) George Mason University.
Engineering Authority and Trust in Cyberspace: The OM-AM and RBAC Way Prof. Ravi Sandhu George Mason University
1 Privacy Prof. Ravi Sandhu Executive Director and Endowed Chair March 8, © Ravi Sandhu World-Leading Research.
1 The Future of Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Chair © Ravi Sandhu.
1 Access Control Models Prof. Ravi Sandhu Executive Director and Endowed Chair January 25, 2013 & February 1, 2013
1 Grand Challenges in Data Usage Control Prof. Ravi Sandhu Executive Director and Endowed Chair
1 A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC Prof. Ravi Sandhu Executive Director and Endowed Chair DBSEC July 11, 2012.
Attribute-Based Access Control Models and Beyond
1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.
Extended Role Based Access Control – Based Design and Implementation for a Secure Data Warehouse Dr. Bhavani Thuraisingham Srinivasan Iyer.
1 The Future of Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Chair © Ravi Sandhu.
1 Grand Challenges in Authorization Systems Prof. Ravi Sandhu Executive Director and Endowed Chair November 14, 2011
1 The Future of Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Chair © Ravi Sandhu.
Features Governmental organization Critically important ICT objects Distributed infrastructure Three levels of confidentiality Dozens of subsidiary organizations.
1 © Ravi Sandhu OM-AM and PEI Prof. Ravi Sandhu. 2 © Ravi Sandhu THE OM-AM WAY Objectives Model Architecture Mechanism What? How? AssuranceAssurance.
1 The Authorization Leap from Rights to Attributes: Maturation or Chaos? Prof. Ravi Sandhu Executive Director and Endowed Chair SecurIT 2012 August 17,
INSTITUTE FOR CYBER SECURITY 1 Purpose-Centric Secure Information Sharing Ravi Sandhu Executive Director and Endowed Professor Institute for Cyber Security.
Institute for Cyber Security
Past, Present and Future
Introduction to Cyber Security
Institute for Cyber Security
Institute for Cyber Security
Security and Privacy in the Age of the Internet of Things:
Big Data and Privacy Panel Prof. Ravi Sandhu
Data and Applications Security Developments and Directions
Application-Centric Security
ASCAA Principles for Next-Generation Role-Based Access Control
Engineering Authority and Trust in Cyberspace: George Mason University
Assured Information Sharing
Institute for Cyber Security
Institute for Cyber Security
Cyber Security Research: A Personal Perspective
Data and Applications Security Developments and Directions
Attribute-Based Access Control (ABAC)
Access Control Evolution and Prospects
Cyber Security R&D: A Personal Perspective
Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham
Access Control Evolution and Prospects
Presentation transcript:

© 2006 Ravi Sandhu Cyber-Identity, Authority and Trust Systems Prof. Ravi Sandhu Professor of Information Security and Assurance Director, Laboratory for Information Security Technology George Mason University

© 2006 Ravi Sandhu 2 Three Megatrends Fundamental changes in Cyber-security goals Cyber-security threats Cyber-security technology

© 2006 Ravi Sandhu 3 Cyber-security goals have changedCyber-security goals electronic commerce information sharing etcetera multi-party security objectives fuzzy objectives INTEGRITY modification AVAILABILITY access CONFIDENTIALITY disclosure USAGE purpose USAGE

© 2006 Ravi Sandhu 4 Cyber-security attacks have changed The professionals have moved in Hacking for fun and fame Hacking for cash, espionage and sabotage

© 2006 Ravi Sandhu 5 Basic premise Software alone cannot provide an adequate foundation for trust Old style Trusted Computing (1970 – 1990s) Multics system Capability-based computers –Intel 432 Trust with security kernel based on military-style security labels –Orange Book, eliminate trust from applications Modern trusted computing (2000s) Hardware and cryptography-based root of trust –Ubiquitous availability Trust within a platform Trust across platforms Trust in applications –No Trojan Horses, ergo no covert channels Combination of cryptography and access control Cyber-security technology has changed Massive paradigm shift

© 2006 Ravi Sandhu 6 Cyber-Identity, Authority and Trust Systems Prof. Ravi Sandhu, ACM Fellow, IEEE Fellow Identity AuthorityTrust Secure Easy Affordable Overall Goal (Functional View) Technical Means (Structural View) Layered Models RBAC (Role-Based Access Control) Info Sharing UCON (Usage Control) PKI (Public-Key Infrastructure) TM (Trust Management) TC (Trusted Computing) TONs (Trusted Overlay Networks) DPM (Distributed Policy Management) ETC (……………) DRM (Digital Rights Management) SA (Situational Awareness) Business Means (Process View) Business Models Legal Social Regulations Reputational Risk Liability Privacy Cost Recourse etc ETC (……………) PeopleMachines Organizations

© 2006 Ravi Sandhu 7 RBAC96 Model for Role-Based Access Control: evolved into the 2004 NIST/ANSI/ISO standard ROLES USER-ROLE ASSIGNMENT PERMISSIONS-ROLE ASSIGNMENT USERSPERMISSIONS... SESSIONS ROLE HIERARCHIES CONSTRAINTS

© 2006 Ravi Sandhu 8 Usage Control: The UCON Model for Next-Generation Access Control, 2002 onwards unified model integrating authorization obligation conditions and incorporating continuity of decisions mutability of attributes

© 2006 Ravi Sandhu 9 Security and system goals (objectives/policy) Trusted Computing Technology (mechanisms/implementation) How do we bridge this gap? Enforcement-oriented models Policy-oriented models Implementation-oriented models P-E-I Models

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.