Cyber-Identity and Authorization in an Uncertain World

Cyber-Identity and Authorizationin an Uncertain World

Ravi SandhuLaboratory for Information Security Technology

www.list.gmu.edu

Department of Information and Software Engineering

School of Information Technology and Engineering

George Mason University

sandhu@gmu.edu

703-993-1659

Laboratory for Information Security Technology

What is Cyber-Security?

• Fighting fires– Keeping the bad guys out– Firewalls, Intrusion Detection, Virus scans,

Spam filters, Content filters

• Increasing productivity– Letting the good guys in– Cyber-Identity and Authorization

What is Cyber-Security?

EASY SECURE

PRACTICAL

An Uncertain World• Uncertain threat

– We are always fighting the last war

• Technological change– Pervasive (ubiquitous) computing– Peer-to-peer, grid and utility computing– Intel’s LaGrande and Microsoft’s Longhorn– The next Intel, Microsoft, Cisco, ….

• Business change– Outsourcing and globalization

Cyber-Identity Megatrends

• Federated identity– Identity relying party is NOT the identity provider– Who will be the DMV in cyberspace?

• Grades of identity– Identity vetting, authentication strength, purpose,

privacy– A single infrastructure to drive all grades

Cyber-Identity Mega-Challenges• Pervasive (ubiquitous) computing

– How can a user get effective control of identity in a pervasive environment

• Ad-hoc peer-to-peer computing– First responders in an emergency

• Trustworthy computing– Will Intel’s LaGrande technology or Microsoft’s

Longhorn help us save the day

RBAC96 Model

USER-ROLEASSIGNMENT

PERMISSIONS-ROLEASSIGNMENT

USERS PERMISSIONS

... SESSIONS

ROLE HIERARCHIES

CONSTRAINTS

Usage Control (UCON) Coverage

• Protection Objectives– Sensitive information

protection– IPR protection– Privacy protection

• Protection Architectures– Server-side reference

monitor– Client-side reference

monitor– SRM & CRMServer-side

Reference Monitor(SRM)

Client-sideReference Monitor

TraditionalAccessControl

TrustManagement

Usage ControlSensitive

InformationProtection

IntellectualProperty Rights

Protection

PrivacyProtection

SRM & CRM

UCON_ABC Models

Rights(R)

UsageDecision

Authoriza-tions (A)

Subjects(S)

Objects(O)

Subject Attributes(ATT(S))

Object Attributes(ATT(O))

Obligations(B)

Conditions(C)

Continuity Decision can be made during usage for continuous enforcement

MutabilityAttributes can be updated as side-effects of subjects’ actions

Continuity ofDecisions

Before After

ongoing N/A

pre ongoing postMutability of

Attributes

Conclusion

• Managing cyber-identity and authorization in an uncertain world is one of our nation’s foremost cyber-security problems

• RBAC and UCON will be essential underpinnings of the solutions

• GMU is a world leader in this sector

Cyber-Identity and Authorization in an Uncertain World

Documents

Transcript of Cyber-Identity and Authorization in an Uncertain World

Uncertain Arrivals

Science Advice and Foresight under the Complex and ... · Science Advice and Foresight . under the Complex and Uncertain World ... industry, SME, government, academia, through Cyber

Uncertain Centroid based Partitional Clustering of ...vldb.org/pvldb/vol5/p610_francescogullo_vldb2012.pdf · Uncertain Centroid based Partitional Clustering of Uncertain Data Francesco

Cyber-Identity, Authority and Trust in an Uncertain World

Title: Cybersecurity and SETR Cyber S… · Security Controls. 4. Assess Security Controls. 6. Continuous Monitoring. 1. Categorize System. Determine Authorization. Boundary. 2. Select

Package ‘pinnacle.API’ - R · Examples AcceptTermsAndConditions(accepted=TRUE) authorization 3 authorization Authorization for the Pinnacle API Description Authorization for the

emontree€¦ · Lemon Tree Hotel, Sonamarg 40 Uncertain 10 Lemon Tree Hotel, Ranthambore 60 Uncertain 10 Lemon Tree Premier, Dindy 50 Uncertain 10 Lemon Tree Hotel, Durgapur 80 Uncertain

Prior Authorization - uhc€¦ · How do I know if my medication requires prior authorization? Prior Authorization What is a prior authorization? Prior authorization requires your

CIS Top 20 Critical Security Controls for Effective Cyber ...compliance, or authorization scheme •The controls map to most major compliance frameworks –NIST Cybersecurity Framework

Uncertain Departures

UPKI Inter-University Authentication and Authorization Platform for Japanese Cyber-Science Infrastructure Yasuo OKABE Academic Center for Computing and.

uncertain commons

Uncertain infrastructure

SCC 2012 Positively Uncertain; Uncertain Forecast (Peter Gibbs)

Usable Multi-Factor Authentication and Risk-Based ... · Usable Multi-Factor Authentication and Risk-Based Authorization . Cyber Security Division 2012 Principal Investigators’

Robust Time-Varying Kalman State Estimators with Uncertain ...article.mathcomputer.org/pdf/10.11648.j.mcs.20180306.11.pdfKeywords: Uncertain System, Uncertain Noise Variance, Robust

© 2004 Ravi Sandhu Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology.

Cyber Operations: Improving the Military Cybersecurity Posture in … · 2016-10-21 · (1) CYBER OPERATIONS: IMPROVING THE MILITARY CYBERSECURITY POSTURE IN AN UNCERTAIN THREAT ENVIRONMENT

Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University .

AN UNCERTAIN WORLD - Corporate Research Forum factors that shape our VUCA (Volatile, Uncertain, ... an uncertain world, ... benefits, and employee engagement