1 / 10

Cyber-Identity and Authorization in an Uncertain World

Cyber-Identity and Authorization in an Uncertain World. Ravi Sandhu Laboratory for Information Security Technology www.list.gmu.edu Department of Information and Software Engineering School of Information Technology and Engineering George Mason University sandhu@gmu.edu 703-993-1659.

jersey
Download Presentation

Cyber-Identity and Authorization in an Uncertain World

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cyber-Identity and Authorizationin an Uncertain World Ravi Sandhu Laboratory for Information Security Technologywww.list.gmu.edu Department of Information and Software Engineering School of Information Technology and Engineering George Mason University sandhu@gmu.edu 703-993-1659

  2. What is Cyber-Security? • Fighting fires • Keeping the bad guys out • Firewalls, Intrusion Detection, Virus scans, Spam filters, Content filters • Increasing productivity • Letting the good guys in • Cyber-Identity and Authorization STOP GO Laboratory for Information Security Technology

  3. What is Cyber-Security? EASY SECURE PRACTICAL Laboratory for Information Security Technology

  4. An Uncertain World • Uncertain threat • We are always fighting the last war • Technological change • Pervasive (ubiquitous) computing • Peer-to-peer, grid and utility computing • Intel’s LaGrande and Microsoft’s Longhorn • The next Intel, Microsoft, Cisco, …. • Business change • Outsourcing and globalization Laboratory for Information Security Technology

  5. Cyber-Identity Megatrends • Federated identity • Identity relying party is NOT the identity provider • Who will be the DMV in cyberspace? • Grades of identity • Identity vetting, authentication strength, purpose, privacy • A single infrastructure to drive all grades Laboratory for Information Security Technology

  6. Cyber-Identity Mega-Challenges • Pervasive (ubiquitous) computing • How can a user get effective control of identity in a pervasive environment • Ad-hoc peer-to-peer computing • First responders in an emergency • Trustworthy computing • Will Intel’s LaGrande technology or Microsoft’s Longhorn help us save the day Laboratory for Information Security Technology

  7. ROLE HIERARCHIES USER-ROLE ASSIGNMENT PERMISSIONS-ROLE ASSIGNMENT USERS ROLES PERMISSIONS ... SESSIONS CONSTRAINTS RBAC96 Model Laboratory for Information Security Technology

  8. Usage Control (UCON) Coverage • Protection Objectives • Sensitive information protection • IPR protection • Privacy protection • Protection Architectures • Server-side reference monitor • Client-side reference monitor • SRM & CRM Laboratory for Information Security Technology

  9. UCON_ABC Models • Continuity • Decision can be made during usage for continuous enforcement • Mutability • Attributes can be updated as side-effects of subjects’ actions Laboratory for Information Security Technology

  10. Conclusion • Managing cyber-identity and authorization in an uncertain world is one of our nation’s foremost cyber-security problems • RBAC and UCON will be essential underpinnings of the solutions • GMU is a world leader in this sector Laboratory for Information Security Technology

More Related