Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2006 Ravi Sandhu www.list.gmu.edu Cyber-Identity, Authority and Trust Systems Prof. Ravi Sandhu Professor of Information Security and Assurance Director,

Published byBrianna McKnight Modified over 11 years ago

Similar presentations

Presentation on theme: "© 2006 Ravi Sandhu www.list.gmu.edu Cyber-Identity, Authority and Trust Systems Prof. Ravi Sandhu Professor of Information Security and Assurance Director,"— Presentation transcript:

1 © 2006 Ravi Sandhu www.list.gmu.edu Cyber-Identity, Authority and Trust Systems Prof. Ravi Sandhu Professor of Information Security and Assurance Director, Laboratory for Information Security Technology George Mason University www.list.gmu.edu sandhu@gmu.edu

2 © 2006 Ravi Sandhu www.list.gmu.edu 2 Three Megatrends Fundamental changes in Cyber-security goals Cyber-security threats Cyber-security technology

3 © 2006 Ravi Sandhu www.list.gmu.edu 3 Cyber-security goals have changedCyber-security goals electronic commerce information sharing etcetera multi-party security objectives fuzzy objectives INTEGRITY modification AVAILABILITY access CONFIDENTIALITY disclosure USAGE purpose USAGE

4 © 2006 Ravi Sandhu www.list.gmu.edu 4 Cyber-security attacks have changed The professionals have moved in Hacking for fun and fame Hacking for cash, espionage and sabotage

5 © 2006 Ravi Sandhu www.list.gmu.edu 5 Basic premise Software alone cannot provide an adequate foundation for trust Old style Trusted Computing (1970 – 1990s) Multics system Capability-based computers –Intel 432 Trust with security kernel based on military-style security labels –Orange Book, eliminate trust from applications Modern trusted computing (2000s) Hardware and cryptography-based root of trust –Ubiquitous availability Trust within a platform Trust across platforms Trust in applications –No Trojan Horses, ergo no covert channels Combination of cryptography and access control Cyber-security technology has changed Massive paradigm shift

6 © 2006 Ravi Sandhu www.list.gmu.edu 6 Cyber-Identity, Authority and Trust Systems Prof. Ravi Sandhu, ACM Fellow, IEEE Fellow Identity AuthorityTrust Secure Easy Affordable Overall Goal (Functional View) Technical Means (Structural View) Layered Models RBAC (Role-Based Access Control) Info Sharing UCON (Usage Control) PKI (Public-Key Infrastructure) TM (Trust Management) TC (Trusted Computing) TONs (Trusted Overlay Networks) DPM (Distributed Policy Management) ETC (……………) DRM (Digital Rights Management) SA (Situational Awareness) Business Means (Process View) Business Models Legal Social Regulations Reputational Risk Liability Privacy Cost Recourse etc ETC (……………) PeopleMachines Organizations

7 © 2006 Ravi Sandhu www.list.gmu.edu 7 RBAC96 Model for Role-Based Access Control: evolved into the 2004 NIST/ANSI/ISO standard ROLES USER-ROLE ASSIGNMENT PERMISSIONS-ROLE ASSIGNMENT USERSPERMISSIONS... SESSIONS ROLE HIERARCHIES CONSTRAINTS

8 © 2006 Ravi Sandhu www.list.gmu.edu 8 Usage Control: The UCON Model for Next-Generation Access Control, 2002 onwards unified model integrating authorization obligation conditions and incorporating continuity of decisions mutability of attributes

9 © 2006 Ravi Sandhu www.list.gmu.edu 9 Security and system goals (objectives/policy) Trusted Computing Technology (mechanisms/implementation) How do we bridge this gap? Enforcement-oriented models Policy-oriented models Implementation-oriented models P-E-I Models

Download ppt "© 2006 Ravi Sandhu www.list.gmu.edu Cyber-Identity, Authority and Trust Systems Prof. Ravi Sandhu Professor of Information Security and Assurance Director,"

Similar presentations

INSTITUTE FOR CYBER SECURITY 1 Trusted Computing Models Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University.

INSTITUTE FOR CYBER SECURITY 1 Trusted Computing Models Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University.
INSTITUTE FOR CYBER SECURITY 1 The ASCAA * Principles Applied to Usage Control Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.

INSTITUTE FOR CYBER SECURITY 1 The ASCAA * Principles Applied to Usage Control Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
Cyber-Identity, Authority and Trust in an Uncertain World

Cyber-Identity, Authority and Trust in an Uncertain World
INSTITUTE FOR CYBER SECURITY 11 Research Opportunities at the Institute for Cyber Security (ICS) Ravi Sandhu Executive Director and Endowed Professor www.ics.utsa.edu.

INSTITUTE FOR CYBER SECURITY 11 Research Opportunities at the Institute for Cyber Security (ICS) Ravi Sandhu Executive Director and Endowed Professor
1 Trust Evidence in Heterogeneous Environments: Towards a Research Agenda Ravi Sandhu Executive Director and Endowed Professor May 2010

1 Trust Evidence in Heterogeneous Environments: Towards a Research Agenda Ravi Sandhu Executive Director and Endowed Professor May 2010
Cyber-Identity, Authority and Trust in an Uncertain World

Cyber-Identity, Authority and Trust in an Uncertain World
INSTITUTE FOR CYBER SECURITY 1 Application-Centric Security: How to Get There Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.

INSTITUTE FOR CYBER SECURITY 1 Application-Centric Security: How to Get There Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
INSTITUTE FOR CYBER SECURITY April 20081 Access Control and Semantic Web Technologies Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.

INSTITUTE FOR CYBER SECURITY April Access Control and Semantic Web Technologies Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
1 Trust Evidence in Heterogeneous Environments: Towards a Research Agenda Ravi Sandhu Executive Director and Endowed Professor May 2010

1 Trust Evidence in Heterogeneous Environments: Towards a Research Agenda Ravi Sandhu Executive Director and Endowed Professor May 2010
Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University www.list.gmu.edu.

Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University
INSTITUTE FOR CYBER SECURITY 1 The PEI + UCON Framework for Application Security Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.

INSTITUTE FOR CYBER SECURITY 1 The PEI + UCON Framework for Application Security Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
Cyber-Identity and Authorization in an Uncertain World Ravi Sandhu Laboratory for Information Security Technology www.list.gmu.edu Department of Information.

Cyber-Identity and Authorization in an Uncertain World Ravi Sandhu Laboratory for Information Security Technology Department of Information.
© 2004-5 Ravi Sandhu www.list.gmu.edu Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology.

© Ravi Sandhu Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology.
© 2004 Ravi Sandhu www.list.gmu.edu A Perspective on Graphs and Access Control Models Ravi Sandhu Laboratory for Information Security Technology George.

© 2004 Ravi Sandhu A Perspective on Graphs and Access Control Models Ravi Sandhu Laboratory for Information Security Technology George.
Managing Cyber-Identity, Authorization and Trust (and their inter-relationships) Prof. Ravi Sandhu Laboratory for Information Security Technology George.

Managing Cyber-Identity, Authorization and Trust (and their inter-relationships) Prof. Ravi Sandhu Laboratory for Information Security Technology George.
Information Assurance: A Personal Perspective

Information Assurance: A Personal Perspective
Institute for Cyber Security ASCAA Principles for Next- Generation Role-Based Access Control Ravi Sandhu Executive Director & Endowed Professor Institute.

Institute for Cyber Security ASCAA Principles for Next- Generation Role-Based Access Control Ravi Sandhu Executive Director & Endowed Professor Institute.
INSTITUTE FOR CYBER SECURITY 1 The PEI Framework for Application-Centric Security Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for.

INSTITUTE FOR CYBER SECURITY 1 The PEI Framework for Application-Centric Security Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for.
INFS 767 Fall 2003 The RBAC96 Model Prof. Ravi Sandhu George Mason University.

INFS 767 Fall 2003 The RBAC96 Model Prof. Ravi Sandhu George Mason University.
1 Safety Analysis of Usage Control (UCON) Authorization Model Xinwen Zhang, Ravi Sandhu, and Francesco Parisi-Presicce George Mason University AsiaCCS.

1 Safety Analysis of Usage Control (UCON) Authorization Model Xinwen Zhang, Ravi Sandhu, and Francesco Parisi-Presicce George Mason University AsiaCCS.

Similar presentations

Ads by Google