11 World-Leading Research with Real-World Impact! Towards Provenance and Risk-Awareness in Social Computing Yuan Cheng, Dang Nguyen, Khalid Bijon, Ram.

Slides:



Advertisements
Similar presentations
INSTITUTE FOR CYBER SECURITY 1 Trusted Computing Models Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University.
Advertisements

INSTITUTE FOR CYBER SECURITY 1 The ASCAA * Principles Applied to Usage Control Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
Privacy-Enhancing Models and Mechanisms for Securing Provenance and its Use October 2010 Lead PI: Ravi Sandhu (UT San Antonio) PIs: Elisa Bertino (Purdue),
A New Modeling Paradigm for Dynamic Authorization in Multi-Domain Systems MMM-ACNS, September 13, 2007 Manoj Sastry, Ram Krishnan, Ravi Sandhu Intel Corporation,
11 World-Leading Research with Real-World Impact! A Framework for Risk-Aware Role Based Access Control Khalid Zaman Bijon, Ram Krishnan and Ravi Sandhu.
Towards A Framework for Cyber Social Status Based Trusted Open Collaboration Oct. 9, 2010 Jaehong Park, Yuan Cheng, Ravi Sandhu Institute for Cyber Security.
Institute for Cyber Security
Towards A Times-based Usage Control Model Baoxian Zhao 1, Ravi Sandhu 2, Xinwen Zhang 3, and Xiaolin Qin 4 1 George Mason University, Fairfax, VA, USA.
11 World-Leading Research with Real-World Impact! A Lattice Interpretation of Group-Centric Collaboration with Expedient Insiders Khalid Zaman Bijon, Tahmina.
Open Provenance Model Tutorial Session 2: OPM Overview and Semantics Luc Moreau University of Southampton.
A Provenance-based Access Control Model for Dynamic Separation of Duties July 10, 2013 PST 2013 Dang Nguyen, Jaehong Park, and Ravi Sandhu Institute for.
Adopting Provenance-based Access Control in OpenStack Cloud IaaS October, 2014 NSS Presentation Institute for Cyber Security University of Texas at San.
1 Authentication with Passwords Prof. Ravi Sandhu Executive Director and Endowed Chair February 1, © Ravi.
A Provenance-based Access Control Model (PBAC) July 18, 2012 PST’12, Paris, France Jaehong Park, Dang Nguyen and Ravi Sandhu Institute for Cyber Security.
11 World-Leading Research with Real-World Impact! Integrated Provenance Data for Access Control in Group-centric Collaboration Dang Nguyen, Jaehong Park.
Provenance-based Access Control Models July 31, 2014 Dissertation Defense Dang Nguyen Institute for Cyber Security University of Texas at San Antonio 1.
1 Security and Trust Convergence: Attributes, Relations and Provenance Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown.
An Approach to Evaluate Data Trustworthiness Based on Data Provenance Department of Computer Science Purdue University.
Attribute-Based Access Control Models and Beyond
11 World-Leading Research with Real-World Impact! Constraints Specification for Virtual Resource Orchestration in Cloud IaaS Constraints Specification.
Project Prism Virtual Remote Control: Preservation Risk Management for Web Resources Nancy Y. McGovern, ECURE 2002.
11 World-Leading Research with Real-World Impact! RT-Based Administrative Models for Community Cyber Security Information Sharing Ravi Sandhu, Khalid Zaman.
11 World-Leading Research with Real-World Impact! Role and Attribute Based Collaborative Administration of Intra-Tenant Cloud IaaS (Invited Paper) Xin.
11 World-Leading Research with Real-World Impact! A Formal Model for Isolation Management in Cloud Infrastructure-as-a-Service Khalid Zaman Bijon, Ram.
1 A Role Based Administration Model For Attribute Xin Jin, Ram Krishnan, Ravi Sandhu SRAS, Sep 19, 2012 World-Leading Research with Real-World Impact!
11 World-Leading Research with Real-World Impact! A Group-Centric Model for Collaboration with Expedient Insiders in Multilevel Systems Khalid Zaman Bijon,
Conostix S.A. Sensible defence.
INSTITUTE FOR CYBER SECURITY 1 Cyber Security: Past, Present and Future Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security.
UTSA Amy(Yun) Zhang, Ram Krishnan, Ravi Sandhu Institute for Cyber Security University of Texas at San Antonio San Antonio, TX Nov 03, 2014 Presented.
1 Institute for Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Chair February 4, 2015
Information flow-based Risk Assessment in Access Control Systems
Provenance-based Access Control in Cloud IaaS August 23, 2013 Dissertation Proposal Dang Nguyen Institute for Cyber Security University of Texas at San.
On Data Provenance in Group-centric Secure Collaboration Oct. 17, 2011 CollaborateCom Jaehong Park, Dang Nguyen and Ravi Sandhu Institute for Cyber Security.
SAML CCOW Work Item HL7 Working Group Meeting San Antonio - January 2008 Presented by: David Staggs, JD CISSP VHA Office of Information Standards.
11 World-Leading Research with Real-World Impact! Risk-Aware RBAC Sessions Khalid Zaman Bijon, Ram Krishnan and Ravi Sandhu Institute for Cyber Security.
A User-to-User Relationship-based Access Control Model for Online Social Networks Yuan Cheng, Jaehong Park and Ravi Sandhu Institute for Cyber Security.
11 World-Leading Research with Real-World Impact! Group-Centric Secure Information Sharing: A Lattice Interpretation Institute for Cyber Security Ravi.
Data Mining Algorithms for Large-Scale Distributed Systems Presenter: Ran Wolff Joint work with Assaf Schuster 2003.
1 Attribute-Aware Relationship-Based Access Control for Online Social Networks World-Leading Research with Real-World Impact! Yuan Cheng, Jaehong Park.
1 RABAC : Role-Centric Attribute-Based Access Control MMM-ACNS 2012 Xin Jin, Ravi Sandhu, Ram Krishnan University of Texas at San Antonio San Antonio,
Relationship-based Access Control for Online Social Networks: Beyond User-to-User Relationships Sep. 3, 2012 PASSAT 2012, Amsterdam, The Netherlands Yuan.
INSTITUTE FOR CYBER SECURITY A Hybrid Enforcement Model for Group-Centric Secure Information Sharing (g-SIS) Co-authored with Ram Krishnan, PhD Candidate,
1 Group-Centric Models for Secure Information Sharing Prof. Ravi Sandhu Executive Director and Endowed Chair March 30, 2012
Harvesting Social Knowledge from Folksonomies Harris Wu, Mohammad Zubair, Kurt Maly, Harvesting social knowledge from folksonomies, Proceedings of the.
Recording Actor Provenance in Scientific Workflows Ian Wootten, Shrija Rajbhandari, Omer Rana Cardiff University, UK.
Dependency Path Patterns as the Foundation of Access Control in Provenance-aware Systems June 14, 2012 TaPP’12 Dang Nguyen, Jaehong Park and Ravi Sandhu.
Preserving User Privacy from Third-party Applications in Online Social Networks Yuan Cheng, Jaehong Park and Ravi Sandhu Institute for Cyber Security University.
1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.
A Conceptual Framework for Group-Centric Secure Information Sharing Ram Krishnan (George Mason University) Ravi Sandhu, Jianwei Niu, William Winsborough.
Describe the potential of IT to improve internal and external communications By Jim Green.
Authorization Policy Specification and Enforcement for Group-Centric Secure Information Sharing Ram Krishnan and Ravi Sandhu University of Texas at San.
Prepared By: Razif Razali 1 TMK 264: COMPUTER SECURITY CHAPTER SIX : ADMINISTERING SECURITY.
1 Security and Privacy in Human-Centric Computing and Big Data Management Prof. Ravi Sandhu Executive Director and Endowed Chair CODASPY 2013 February.
Risk-Aware Mitigation for MANET Routing Attacks Submitted by Sk. Khajavali.
1 Open Discussion PSOSM 2012 Prof. Ravi Sandhu Executive Director and Endowed Chair © Ravi Sandhu.
ReBAC in ABAC Tahmina Ahmed Department of Computer Science University of Texas at San Antonio 4/29/ Institute for Cyber Security World-Leading Research.
1 Provenance-Based Access Control (PBAC) Prof. Ravi Sandhu Executive Director and Endowed Chair April 15, 2016
Extended ReBAC Administrative Models with Cascading Revocation and Provenance Support Yuan Cheng 1 , 2, Khalid Bijon 2, and Ravi Sandhu 1 Institute for.
Object-to-Object Relationship Based Access Control: Model and Multi-Cloud Demonstration Tahmina Ahmed, Farhan Patwa and Ravi Sandhu Department of Computer.
1 Cyber Security Major R&D Challenges Ram Krishnan Cyber Security Research Institute (CSRI) Cyber Security R&D Workshop.
Institute for Cyber Security An Attribute-Based Protection Model
Unified Modeling Language
Wenjing Lou Complex Networks and Security Research (CNSR) Lab
Unified Modeling Language
Cyber Security Research: Applied and Basic Combined*
The Computer as a Medium for Sharing Knowledge
Assured Information Sharing
Cyber Security Research: A Personal Perspective
Cyber Security Research: Applied and Basic Combined*
World-Leading Research with Real-World Impact!
Presentation transcript:

11 World-Leading Research with Real-World Impact! Towards Provenance and Risk-Awareness in Social Computing Yuan Cheng, Dang Nguyen, Khalid Bijon, Ram Krishnan, Jaehong Park and Ravi Sandhu Institute for Cyber Security University of Texas at San Antonio September 19, 2012 SRAS 2012, Minneapolis, MN Institute for Cyber Security

Access Control in Social Computing Content is almost contributed by users Access control policies are specified by users rather than the system alone Policies are expressed in terms of attributes In terms of relationships in online social networks BUT, all of them are pre-defined static policies that always give the same outcome Unfortunately, social computing environment is dynamically changing over time World-Leading Research with Real-World Impact!

Motivating Example A user starts an event to discuss on the upcoming US election outcome. Anyone registered in the social network can join the discussion group. However, joining the group requires to vote on an election poll. In order to vote, one must demonstrate his knowledge of the candidate through an action such as to like the candidate’s fan page. Furthermore, each candidate might want users to share their page before liking. How to place control on the dependency of these actions? How to place control on the occurrence and frequency of these actions? World-Leading Research with Real-World Impact!

Risk-Aware Access Control Risk is the possibility of future loss or damage Future needs and user behaviors are essentially unpredictable by static access control policies Risk-aware Access Control grants or denies an access dynamically based on estimated risk instead of some predefined policies Two key issues to assess risk: Estimate the cost of permission being misused (sensitivity) Determine the likelihood of misusing permissions (trustworthiness) World-Leading Research with Real-World Impact!

Provenance-Aware System Provenance of a digital data object is defined as the documentation of its origin and all the processes that influence and lead to its current state. In a provenance-aware system, related provenance information of system transactions/events are captured, stored, and maintained. Provenance potentially provides many enhanced benefits: usage tracking, workflow control, versioning, trustworthiness, repeatability, access control, etc.. Can we use provenance for dynamic risk assessment? World-Leading Research with Real-World Impact!

Risk Aware Access Control for SC World-Leading Research with Real-World Impact!

Risk value represents the level of misuse granting requester access would result in Risk threshold denotes the level of sensitivity of performing the permission Fluctuation of risk serves as the basis for dynamic access control User’s risk value may increase or decrease as a result of her activities and behavior in the system. Similarly, risk value of a resource may change depending on the past interactions on the resource. Requester user and resource owner can specify a risk threshold associated with each permission Risk Aware Access Control for SC (cont.) World-Leading Research with Real-World Impact!

Modeling Provenance Data in SC Open Provenance Model (OPM) as the data model for provenance information Captures information associated with a transaction and expresses the relations between them in causality dependencies 3 Nodes  Artifact (ellipse)  Process (Rectangle)  Agent (Octagon) 5 Causality dependency edges (not dataflow)

OPM Scenario World-Leading Research with Real-World Impact!

Modeling Provenance Data in SC (cont.) Alice requests to join an event: request(Alice, join, accountOf(Alice), event) Associated transaction: (Alice, join, accountOf(Alice), event, eventWithAcountOfAliceAdded) The corresponding provenance information: (join, wasControlledBy, Alice) (join, used, event) (join, used, accountOf(Alice)) (eventWithAccountOfAliceAdded, wasGeneratedBy, join) World-Leading Research with Real-World Impact!

CONCLUSION Identify the necessity of incorporating Risk awareness and Provenance awareness in SC. Demonstrate through an example scenario. Present an approach for Provenance-based Risk Assessment. Present the initial effort towards a conceptual model for Risk-based Access Control. World-Leading Research with Real-World Impact!

Questions or comments? Thank You World-Leading Research with Real-World Impact!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.