Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Security and Trust Convergence: Attributes, Relations and Provenance Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown.

Published byWillis Sullivan Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Security and Trust Convergence: Attributes, Relations and Provenance Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown."— Presentation transcript:

1 1 Security and Trust Convergence: Attributes, Relations and Provenance Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber Security University of Texas at San Antonio Colorado State University Fort Collins Sept. 15, 2014 ravi.sandhu@utsa.edu, www.profsandhu.com, www.ics.utsa.edu © Ravi Sandhu World-Leading Research with Real-World Impact! Institute for Cyber Security

2 2 © Ravi Sandhu World-Leading Research with Real-World Impact! State of Cyber Security

3 3 © Ravi Sandhu World-Leading Research with Real-World Impact! State of Cyber Security  About as good or as bad as it is going to get  Not too bad  Big crime is a real threat but criminals can only defraud so many  Big government/big business are real threats

4 4 © Ravi Sandhu World-Leading Research with Real-World Impact! State of Cyber Security  Cyber should be “controllable” Nuclear, chemical, biological have been “controlled”  New arena for researchers  Highly asymmetric, includes offense, clandestine  Dual conflicting goals: strong offense, strong defense  Need game-changing technologies A New Threat Grows Amid Shades of 9/11 The nation remains largely unaware of the potential for disaster from cyberattacks. By TOM KEAN and LEE HAMILTON WALL STREET JOURNAL, 9/11/2014

5 5 © Ravi Sandhu World-Leading Research with Real-World Impact! State of Cyber Security  Escalating reputational and even existential threat against mass theft of consumer information  Even the most iconic high tech companies are breachable  Cost of clean-up after a mass theft far exceeds aggregate actual loss of money  There are many scarier scenarios than mass data breach of consumer data  Some of this scarier stuff has happened

6 6 © Ravi Sandhu World-Leading Research with Real-World Impact! State of Cyber Security

7 7 © Ravi Sandhu World-Leading Research with Real-World Impact! Who has the Initiative?

8 8 © Ravi Sandhu World-Leading Research with Real-World Impact! Who has the Initiative? Federal R&D priorities 2011: Tailored Trustworthy Spaces Moving Target Designed-In Security Cyber Economic Incentives Science of Security

9 9 © Ravi Sandhu World-Leading Research with Real-World Impact! Who has the Initiative? Federal R&D priorities 2011: Tailored Trustworthy Spaces Moving Target Designed-In Security Cyber Economic Incentives Science of Security DoD R&D priorities 2011: Assuring Effective Missions Agile Operations Resilient Infrastructure Trust

10 10 © Ravi Sandhu World-Leading Research with Real-World Impact! Who has the Initiative? Federal R&D priorities 2011: Tailored Trustworthy Spaces Moving Target Designed-In Security Cyber Economic Incentives Science of Security DoD R&D priorities 2011: Assuring Effective Missions Agile Operations Resilient Infrastructure Trust

11 11 © Ravi Sandhu World-Leading Research with Real-World Impact! Security and Trust Security Access Control Trust Risk Agility Attributes Relationships Provenance

12 12 © Ravi Sandhu World-Leading Research with Real-World Impact! Security and Trust Security Access Control Trust Risk Agility Attributes Relationships Provenance Least Privilege Privilege Abstraction Separation of Duty Constrained Administration

13 13 © Ravi Sandhu World-Leading Research with Real-World Impact! Security and Trust Security Access Control Trust Risk Agility Attributes Relationships Provenance Least Privilege Privilege Abstraction Separation of Duty Constrained Administration Automation Adaptation

14 14 © Ravi Sandhu World-Leading Research with Real-World Impact! Security and Trust Security Access Control Trust Risk Agility Attributes Relationships Provenance Automation Adaptation

15 15 © Ravi Sandhu World-Leading Research with Real-World Impact! Attributes Discretionary Access Control (DAC), 1970 Mandatory Access Control (MAC), 1970 Role Based Access Control (RBAC), 1995 Attribute Based Access Control (ABAC), ????

16 16 © Ravi Sandhu World-Leading Research with Real-World Impact! Attributes

17 17 © Ravi Sandhu World-Leading Research with Real-World Impact! Relationships George Fred Carol Harry Ed Alice Dave Bob f f c f f f f f f f c c c

18 18 © Ravi Sandhu World-Leading Research with Real-World Impact! Provenance  Anyone can upload a homework.  A user can replace a homework if she uploaded it and the homework is not submitted yet.  A user can submit a homework if she uploaded it and the homework is not submitted already.  A user can review a homework if she is not the author of the homework, the user did not previously review the homework, and the homework is submitted already but not graded yet.  A user can grade a homework if the homework is reviewed but not graded yet.

19 19 © Ravi Sandhu World-Leading Research with Real-World Impact! Relationships, Attributes and Provenance George Fred Carol Harry Ed Alice Dave Bob f f c f f f f f f f c c c

20 20 © Ravi Sandhu World-Leading Research with Real-World Impact! Final Thoughts

Download ppt "1 Security and Trust Convergence: Attributes, Relations and Provenance Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown."

Similar presentations

1 PANEL Solving the Access Control Puzzle: Finding the Pieces and Putting Them Together Ravi Sandhu Executive Director Endowed Professor June 2010

1 PANEL Solving the Access Control Puzzle: Finding the Pieces and Putting Them Together Ravi Sandhu Executive Director Endowed Professor June 2010
Institute for Cyber Security ASCAA Principles for Next- Generation Role-Based Access Control Ravi Sandhu Executive Director & Endowed Professor Institute.

Institute for Cyber Security ASCAA Principles for Next- Generation Role-Based Access Control Ravi Sandhu Executive Director & Endowed Professor Institute.
Institute for Cyber Security ASCAA Principles for Next-Generation Role-Based Access Control Ravi Sandhu Executive Director and Endowed Chair Institute.

Institute for Cyber Security ASCAA Principles for Next-Generation Role-Based Access Control Ravi Sandhu Executive Director and Endowed Chair Institute.
A Provenance-based Access Control Model (PBAC) July 18, 2012 PST’12, Paris, France Jaehong Park, Dang Nguyen and Ravi Sandhu Institute for Cyber Security.

A Provenance-based Access Control Model (PBAC) July 18, 2012 PST’12, Paris, France Jaehong Park, Dang Nguyen and Ravi Sandhu Institute for Cyber Security.
1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.

1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.
Future of Access Control: Attributes, Automation, Adaptation

Future of Access Control: Attributes, Automation, Adaptation
1 A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC Prof. Ravi Sandhu Executive Director and Endowed Chair DBSEC July 11, 2012.

1 A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC Prof. Ravi Sandhu Executive Director and Endowed Chair DBSEC July 11, 2012.
Attribute-Based Access Control Models and Beyond

Attribute-Based Access Control Models and Beyond
1 What is the Game in Cyber Security? Ravi Sandhu Executive Director and Endowed Professor February 2011

1 What is the Game in Cyber Security? Ravi Sandhu Executive Director and Endowed Professor February 2011
1 Plenary Panel on Cloud Security and Privacy: What is new and What needs to be done? Ravi Sandhu Executive Director and Endowed Professor December 2010.

1 Plenary Panel on Cloud Security and Privacy: What is new and What needs to be done? Ravi Sandhu Executive Director and Endowed Professor December 2010.
1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.

1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.
1 Privacy and Access Control: How are These Two Concepts Related? Prof. Ravi Sandhu Executive Director and Endowed Chair SACMAT Panel June 3, 2015

1 Privacy and Access Control: How are These Two Concepts Related? Prof. Ravi Sandhu Executive Director and Endowed Chair SACMAT Panel June 3, 2015
1 Cyber Security Grand Challenges and Prognosis Prof. Ravi Sandhu Executive Director and Endowed Chair

1 Cyber Security Grand Challenges and Prognosis Prof. Ravi Sandhu Executive Director and Endowed Chair
INSTITUTE FOR CYBER SECURITY 1 Cyber Security: Past, Present and Future Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security.

INSTITUTE FOR CYBER SECURITY 1 Cyber Security: Past, Present and Future Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security.
1 Institute for Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Chair February 4, 2015

1 Institute for Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Chair February 4, 2015
1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.

1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.
1 Big Data Applications in Cloud and Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Professor UTSA COB Symposium on Big Data, Big Challenges.

1 Big Data Applications in Cloud and Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Professor UTSA COB Symposium on Big Data, Big Challenges.
1 Grand Challenges in Authorization Systems Prof. Ravi Sandhu Executive Director and Endowed Chair November 14, 2011

1 Grand Challenges in Authorization Systems Prof. Ravi Sandhu Executive Director and Endowed Chair November 14, 2011
1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.

1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.
1 The Quest for Single-Sign On Prof. Ravi Sandhu Executive Director and Endowed Chair February 8, 2013 © Ravi Sandhu.

1 The Quest for Single-Sign On Prof. Ravi Sandhu Executive Director and Endowed Chair February 8, © Ravi Sandhu.

Similar presentations

Ads by Google