Cyber-Identity and Authorization in an Uncertain World - PowerPoint PPT Presentation

cyber identity and authorization in an uncertain world n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Cyber-Identity and Authorization in an Uncertain World PowerPoint Presentation
Download Presentation
Cyber-Identity and Authorization in an Uncertain World

play fullscreen
1 / 10
Cyber-Identity and Authorization in an Uncertain World
111 Views
Download Presentation
jersey
Download Presentation

Cyber-Identity and Authorization in an Uncertain World

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Cyber-Identity and Authorizationin an Uncertain World Ravi Sandhu Laboratory for Information Security Technologywww.list.gmu.edu Department of Information and Software Engineering School of Information Technology and Engineering George Mason University sandhu@gmu.edu 703-993-1659

  2. What is Cyber-Security? • Fighting fires • Keeping the bad guys out • Firewalls, Intrusion Detection, Virus scans, Spam filters, Content filters • Increasing productivity • Letting the good guys in • Cyber-Identity and Authorization STOP GO Laboratory for Information Security Technology

  3. What is Cyber-Security? EASY SECURE PRACTICAL Laboratory for Information Security Technology

  4. An Uncertain World • Uncertain threat • We are always fighting the last war • Technological change • Pervasive (ubiquitous) computing • Peer-to-peer, grid and utility computing • Intel’s LaGrande and Microsoft’s Longhorn • The next Intel, Microsoft, Cisco, …. • Business change • Outsourcing and globalization Laboratory for Information Security Technology

  5. Cyber-Identity Megatrends • Federated identity • Identity relying party is NOT the identity provider • Who will be the DMV in cyberspace? • Grades of identity • Identity vetting, authentication strength, purpose, privacy • A single infrastructure to drive all grades Laboratory for Information Security Technology

  6. Cyber-Identity Mega-Challenges • Pervasive (ubiquitous) computing • How can a user get effective control of identity in a pervasive environment • Ad-hoc peer-to-peer computing • First responders in an emergency • Trustworthy computing • Will Intel’s LaGrande technology or Microsoft’s Longhorn help us save the day Laboratory for Information Security Technology

  7. ROLE HIERARCHIES USER-ROLE ASSIGNMENT PERMISSIONS-ROLE ASSIGNMENT USERS ROLES PERMISSIONS ... SESSIONS CONSTRAINTS RBAC96 Model Laboratory for Information Security Technology

  8. Usage Control (UCON) Coverage • Protection Objectives • Sensitive information protection • IPR protection • Privacy protection • Protection Architectures • Server-side reference monitor • Client-side reference monitor • SRM & CRM Laboratory for Information Security Technology

  9. UCON_ABC Models • Continuity • Decision can be made during usage for continuous enforcement • Mutability • Attributes can be updated as side-effects of subjects’ actions Laboratory for Information Security Technology

  10. Conclusion • Managing cyber-identity and authorization in an uncertain world is one of our nation’s foremost cyber-security problems • RBAC and UCON will be essential underpinnings of the solutions • GMU is a world leader in this sector Laboratory for Information Security Technology