October 12, 2006: Seminar: Ravi Sandhu: "The Secure Information Sharing Problem and Solution Approaches" - Slides Available

Seminar Announcement

The Secure Information Sharing Problem and Solution Approaches

Ravi Sandhu
George Mason University
Thursday, October 12, 2006
11:00 a.m., Room 1000 SEO

Click here for powerpoint slides


The secure information sharing problem is one of the oldest and most fundamental and elusive problems in information security. Mission objectives dictate that Information must be shared and made available to authorized recipients, and yet information must be protected from leakage and subversion by malicious insiders and malicious software. The doctrine of "share but protect" indicates the inherent conflict in achieving effective secure information sharing. In this talk we demonstrate the complexity and richness of the secure information sharing problem space. We then identify some "sweet spots" that appear promising in their practical benefit and feasibility of solutions. We describe the PEI models approach to decompose security problems into the three layers of policy models (topmost), enforcement models (middle), and implementation models (bottom). We discuss how this approach can be applied to the secure information sharing problem. Finally we indicate how modern trusted computing technology can be used to solve important variations of this problem.

Brief Bio:

Dr. Ravi Sandhu earned B.Tech. and M.Tech. degrees from IIT Bombay and Delhi respectively, and M.S. and Ph.D. degrees from Rutgers University. He is a Fellow of ACM and IEEE, and recipient of the IEEE Computer Society Technical Achievement Award. His research has focused on information security, privacy and trust, with special emphasis on models, protocols and mechanisms. His doctoral work on safety and expressive power of access control was further developed by him culminating in the Typed Access Matrix in 1992. In collaboration with Prof. Jajodia, he analyzed and reconciled confidentiality and integrity in multilevel secure databases. In 1993 he showed that Chinese Wall separation of duty policies were instances of information flow. In 1996, along with industry colleagues, he published the seminal paper on role-based access control which evolved into the 2004 NIST/ANSI standard RBAC model. In 2002, with Jaehong Park, he introduced the Usage Control model for next-generation access. Other recent activities include Information Sharing models and implementations using Trusted Computing, and the PEI (policy, enforcement and implementation) layered models method for synthesizing secure systems. Ravi has published over 160 technical papers on information security, has received over 30 research grants and has graduated 12 PhD's in his career.

Ravi is the founding editor of the Synergy Lecture Series on Information Security, Privacy and Trust.

Host: Professor Jon Solworth

Copyright 2016 The Board of Trustees
of the University of Illinois.webmaster@cs.uic.edu
Helping Women Faculty Advance
Funded by NSF