Institute for Cyber Security (ICS)
Prof. Ravi SandhuExecutive Director andLutcher Brown Endowed [email protected] 458 6081
Ravi Sandhu
BTech, MTech: Electrical Engineering, IIT Bombay, Delhi MS, PhD: Computer Science, Rutgers Asst Prof: Computer Science, Ohio State U (6 yrs) Assoc/Full Prof: Information Security, George Mason U (18 yrs) Full Prof: Computer Science, UTSA (started June 2007) ACM Fellow, IEEE Fellow Founding EIC ACM TISSEC: world’s leading security journal Past-Chairman ACM SIGSAC: world’s leading security society Founder ACM CCS: world’s leading security conference Co-Founder & Chief Scientist, TriCipher: Silicon Valley startup
I am here because of past accomplishments but what matters and what excites me is the future opportunity at the bleeding edge
ICS Background
2000: UTSA and San Antonio Community identify strategic goal of excellence in Cyber Security
2001: Center for Infrastructure Assurance and Security (CIAS) established, garners success in service to DoD and DHS
2006: UTSA wins $3.5M State of Texas Emerging Technology Fund grant to create a new Institute for Cyber Security
2007: Prof. Ravi Sandhu recruited to found and lead ICS with additional $1M Endowed Chair and $1M UT STARS funding
CIAS becomes a component of ICS
ICS is an unique opportunity but true excellence requires hard work, patience and sustained support
ICS Scope
Research– Tenure-track faculty and their graduate students– Research faculty and staff
Education– Degree and non-degree programs
Commercialization– The big challenge for UTSA and all research universities– Opportunity to be a national leader and role model
Service– Public sector: build on CIAS success and beyond– Private sector: another big challenge
Partnerships– Academia, Industry, Government, International
A comprehensive “big-tent” Institute but the core will always remain research driven by tenure-track faculty
ICS Mission
To pursue world-class high-impact cyber-security research, education, commercialization and service in synergy with relevant components of UTSA, and with world-class partners.
Very ambitious but in our grasp
Change Drivers
Stand-alone mainframes and mini-computers
Internet
Enterprise securityMutually suspicious
security
Vandals Criminals
Entering an era of application-driven security
Few and standard services
Many and newinnovative services
Research Opportunities
What does it mean to be secure?– What are the appropriate tradeoffs in an application
business context?– Who decides?– Who pays?
How do we make it secure?– What do we need to invent to get there?– How do we use existing inventions to get there?
Collaboration with application experts, especially where the applications
themselves are cutting edge
ICS Plans
Big investments– Tenure track faculty: seed money for new lines– Laboratory: renovate, refurbish, equipment, staff
Smaller investments– Seed money: work that will lead to funding down
the line– Bridge money: continue work between grants
Come talk to me and conversely
Personal Research Agenda
Develop a framework for dealing with security– RBAC, UCON, PEI
Demonstrate utility of this framework in diverse contexts, evolve the framework as needed
Engage with industry to understand their priorities and place doctoral students in internships and jobs
Lots of scope for collaboration
RBAC96
UCON 2004
Rights(R)
Authorizations
(A)
Subjects(S)
Objects(O)
Subject Attributes (SA) Object Attributes (OA)
Obligations(B)
Conditions(C)
UsageDecisions
before-usage ongoing-Usage after-usage
Continuity ofDecisions
pre-decision ongoing-decision
pre-update ongoing-update post-update
Mutability ofAttributes
PEI Models: Policy, Enforcement, Implementation
Security and system goals(requirements/objectives)
Target platform, e.g., TrustedComputing technology
Enforcement models
Policy models
Implementation models
Horizontalview
Looks atIndividual
layer
VerticalViewLooksAcrossLayers