Presentation is loading. Please wait.

Presentation is loading. Please wait.

INSTITUTE FOR CYBER SECURITY April 20081 Access Control and Semantic Web Technologies Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.

Published byTimothy Cowan Modified over 10 years ago

Similar presentations

Presentation on theme: "INSTITUTE FOR CYBER SECURITY April 20081 Access Control and Semantic Web Technologies Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber."— Presentation transcript:

1 INSTITUTE FOR CYBER SECURITY April 20081 Access Control and Semantic Web Technologies Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University of Texas at San Antonio April 2008

2 INSTITUTE FOR CYBER SECURITY April 20082 Theme Access control has always had to adjust as new Information Technologies came into play Operating systems Relational DBMSs Object oriented systems XML: XACML, XRML Therefore, semantic web technologies will also require a change in access control But in the meantime access control itself has evolved DAC and MAC RBAC Trust Management, Obligations, Attribute-based access control Policy languages Usage control So semantic web technologies may also need to change to accommodate some of these developments

3 INSTITUTE FOR CYBER SECURITY April 20083 Theme Security itself has fundamentally changed Enterprise security Multi-party security Black-and-white security Gray security Limited points of access Access anytime anywhere Engage with one service at a time Engage with multiple services concurrently

4 INSTITUTE FOR CYBER SECURITY April 20084 Models versus Policy Languages Access control models Built on abstractions Incomplete Testable for conformance Guidance for security architects DAC, MAC, RBAC, UCON Policy languages Specify what authorizations apply under various circumstances Industry standard: XACML Academic implementation oriented: Ponder Several theoretical languages Semantic web: Kaos, Rei, Rein, KAoS Need synergy between these two streams of research Models provide a framework but are necessarily incomplete Languages by themselves provide no guidance or framework

5 INSTITUTE FOR CYBER SECURITY April 20085 Partners in Crime Proceedings ACM Symposium on Access Control Models and Technologies (SACMAT), 2008, to appear

6 INSTITUTE FOR CYBER SECURITY April 20086 NIST RBAC Standard Model

7 INSTITUTE FOR CYBER SECURITY April 20087 NIST RBAC Standard Model

8 INSTITUTE FOR CYBER SECURITY April 20088 NIST RBAC Standard RBAC

9 INSTITUTE FOR CYBER SECURITY April 20089 US Persons Role Hierarchy

10 INSTITUTE FOR CYBER SECURITY April 200810 ROWLBAC: 2 Approaches

11 INSTITUTE FOR CYBER SECURITY April 200811 Common Elements

12 INSTITUTE FOR CYBER SECURITY April 200812 Roles as Classes: Role Hierarchies

13 INSTITUTE FOR CYBER SECURITY April 200813 Roles as Classes: SSD, DSD

14 INSTITUTE FOR CYBER SECURITY April 200814 Roles as Classes: Role- Permission

15 INSTITUTE FOR CYBER SECURITY April 200815 Roles as Classes: Enforcing DSD

16 INSTITUTE FOR CYBER SECURITY April 200816 Roles as Values

17 INSTITUTE FOR CYBER SECURITY April 200817 Roles as Values: Hierarchical Roles

18 INSTITUTE FOR CYBER SECURITY April 200818 Roles as Values: SSD, DSD

19 INSTITUTE FOR CYBER SECURITY April 200819 Roles as Values: Role Permissions

20 INSTITUTE FOR CYBER SECURITY April 200820 Roles as Values: Enforcing RBAC

21 INSTITUTE FOR CYBER SECURITY April 200821 ROWLBAC: 2 Approaches

22 INSTITUTE FOR CYBER SECURITY April 200822 The UCON Model unified model integrating authorization obligation conditions and incorporating continuity of decisions mutability of attributes

23 INSTITUTE FOR CYBER SECURITY April 200823 UCON Extensions UCON future obligations UCON system obligations

24 INSTITUTE FOR CYBER SECURITY April 200824 Unifying Policy Framework

25 INSTITUTE FOR CYBER SECURITY April 200825 Unifying Policy Framework

Download ppt "INSTITUTE FOR CYBER SECURITY April 20081 Access Control and Semantic Web Technologies Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber."

Similar presentations

FERRARA`S GROUP DISCUSSION 29-04-08 COMPARISON BETWEEN OLD NTUPLA vs THE NEW ONE.

FERRARA`S GROUP DISCUSSION COMPARISON BETWEEN OLD NTUPLA vs THE NEW ONE.
INSTITUTE FOR CYBER SECURITY 1 Trusted Computing Models Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University.

INSTITUTE FOR CYBER SECURITY 1 Trusted Computing Models Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University.
INSTITUTE FOR CYBER SECURITY 1 The ASCAA * Principles Applied to Usage Control Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.

INSTITUTE FOR CYBER SECURITY 1 The ASCAA * Principles Applied to Usage Control Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
CDISC based eSubmission Key Points of the CDISC SDTM/ADaM Pilot

CDISC based eSubmission Key Points of the CDISC SDTM/ADaM Pilot
1 Mesures détalement Mesures détalement par SiProt avec TimePix CEA Saclay Réunion RESIST 7 avril 2008 David ATTIÉ

1 Mesures détalement Mesures détalement par SiProt avec TimePix CEA Saclay Réunion RESIST 7 avril 2008 David ATTIÉ
SiTPC status in Saclay David Attié SiTPC Phone Meeting,

SiTPC status in Saclay David Attié SiTPC Phone Meeting,
Cyber-Identity, Authority and Trust in an Uncertain World

Cyber-Identity, Authority and Trust in an Uncertain World
INSTITUTE FOR CYBER SECURITY 1 Application-Centric Security: How to Get There Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.

INSTITUTE FOR CYBER SECURITY 1 Application-Centric Security: How to Get There Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
INSTITUTE FOR CYBER SECURITY 1 Industry-Academia Research Synergy: Fantasy or Reality? Ravi Sandhu Executive Director and Endowed Professor Institute for.

INSTITUTE FOR CYBER SECURITY 1 Industry-Academia Research Synergy: Fantasy or Reality? Ravi Sandhu Executive Director and Endowed Professor Institute for.
INSTITUTE FOR CYBER SECURITY 1 The PEI + UCON Framework for Application Security Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.

INSTITUTE FOR CYBER SECURITY 1 The PEI + UCON Framework for Application Security Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
Institute for Cyber Security ASCAA Principles for Next- Generation Role-Based Access Control Ravi Sandhu Executive Director & Endowed Professor Institute.

Institute for Cyber Security ASCAA Principles for Next- Generation Role-Based Access Control Ravi Sandhu Executive Director & Endowed Professor Institute.
INSTITUTE FOR CYBER SECURITY 1 The PEI Framework for Application-Centric Security Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for.

INSTITUTE FOR CYBER SECURITY 1 The PEI Framework for Application-Centric Security Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for.
Institute for Cyber Security

Institute for Cyber Security
Institute for Cyber Security ASCAA Principles for Next-Generation Role-Based Access Control Ravi Sandhu Executive Director and Endowed Chair Institute.

Institute for Cyber Security ASCAA Principles for Next-Generation Role-Based Access Control Ravi Sandhu Executive Director and Endowed Chair Institute.
© 2006 Ravi Sandhu www.list.gmu.edu Cyber-Identity, Authority and Trust Systems Prof. Ravi Sandhu Professor of Information Security and Assurance Director,

© 2006 Ravi Sandhu Cyber-Identity, Authority and Trust Systems Prof. Ravi Sandhu Professor of Information Security and Assurance Director,
Resource Description And Access: The Practical Impact of RDA Patricia Longo OLA Conference February 2, 2008.

Resource Description And Access: The Practical Impact of RDA Patricia Longo OLA Conference February 2, 2008.
PRAGMA 14 – Taichung 10-12 March 20081 High Performance and Grid Computing Group Faculty of Computer Science and Engineering Ho Chi Minh City University.

PRAGMA 14 – Taichung March High Performance and Grid Computing Group Faculty of Computer Science and Engineering Ho Chi Minh City University.
GL10 – December 8-9, 20081 Grey literature in French digital repositories: a survey J. Schöpfel (University of Lille 3) C. Stock (INIST-CNRS)

GL10 – December 8-9, Grey literature in French digital repositories: a survey J. Schöpfel (University of Lille 3) C. Stock (INIST-CNRS)
Financial and Grants Management Institute - March 18-20, 20081 Federal Grants Management for Fiscal Staff.

Financial and Grants Management Institute - March 18-20, Federal Grants Management for Fiscal Staff.
Financial and Grants Management Institute - March 18-20, 20081 Developing and Managing Your Budget.

Financial and Grants Management Institute - March 18-20, Developing and Managing Your Budget.

Similar presentations

Ads by Google