16

© 2005 Ravi Sandhu www.list.gmu.edu Administrative Scope (continued) (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology George Mason University www.list.gmu.edu [email protected]

© 2005 Ravi Sandhu Administrative Scope (continued) (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology

Download PPT Report

Upload
evelyn-webb
View
218
Download
1

Tags:

Embed Size (px)

Citation preview

Page 1: © 2005 Ravi Sandhu Administrative Scope (continued) (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology

© 2005 Ravi Sandhuwww.list.gmu.edu

Administrative Scope (continued)(best viewed in slide show mode)

Ravi SandhuLaboratory for Information Security Technology

George Mason [email protected]

Page 2: © 2005 Ravi Sandhu Administrative Scope (continued) (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology

2

© 2005 Ravi Sandhuwww.list.gmu.edu

RHA Conditions for Four Operations

• These conditions always apply• RHA1

• Additional conditions may be imposed• RHA2, RHA3, RHA4

These are allowed to be

Page 3: © 2005 Ravi Sandhu Administrative Scope (continued) (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology

3

© 2005 Ravi Sandhuwww.list.gmu.edu

RHA: Add role Y with no children (scope PL1)

Y

Page 4: © 2005 Ravi Sandhu Administrative Scope (continued) (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology

4

© 2005 Ravi Sandhuwww.list.gmu.edu

RHA: Insert edge ENG1, Y (scope PL1)

Y

Page 5: © 2005 Ravi Sandhu Administrative Scope (continued) (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology

5

© 2005 Ravi Sandhuwww.list.gmu.edu

RHA: Delete edge ENG1, Y (scope PL1)

Y

• outside scope of PL1• so cannot get back to childless Y

Page 6: © 2005 Ravi Sandhu Administrative Scope (continued) (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology

6

© 2005 Ravi Sandhuwww.list.gmu.edu

RHA: Add role Y with no parents (scope PL1)

scope of PL1

scope of DIR

Page 7: © 2005 Ravi Sandhu Administrative Scope (continued) (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology

7

© 2005 Ravi Sandhuwww.list.gmu.edu

RHA: Add role Y with no parents (scope PL1)

Y

scope of PL1

scope of DIR

Page 8: © 2005 Ravi Sandhu Administrative Scope (continued) (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology

8

© 2005 Ravi Sandhuwww.list.gmu.edu

RHA Conditions for Four Operations

• These conditions always apply• RHA1

• Additional conditions may be imposed• RHA2, RHA3, RHA4

These are allowed to be

May not be a good idea, especially for parents

Page 9: © 2005 Ravi Sandhu Administrative Scope (continued) (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology

9

© 2005 Ravi Sandhuwww.list.gmu.edu

RHA3

Page 10: © 2005 Ravi Sandhu Administrative Scope (continued) (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology

10

© 2005 Ravi Sandhuwww.list.gmu.edu

RHA3

Page 11: © 2005 Ravi Sandhu Administrative Scope (continued) (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology

11

© 2005 Ravi Sandhuwww.list.gmu.edu

RHA3: Administrative Scope

Page 12: © 2005 Ravi Sandhu Administrative Scope (continued) (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology

12

© 2005 Ravi Sandhuwww.list.gmu.edu

RHA3

S+(PSO1)

S+(DSO)

Page 13: © 2005 Ravi Sandhu Administrative Scope (continued) (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology

13

© 2005 Ravi Sandhuwww.list.gmu.edu

RHA3: PSO1 creates Y

S+(PSO1)

S+(DSO)

Y

Page 14: © 2005 Ravi Sandhu Administrative Scope (continued) (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology

14

© 2005 Ravi Sandhuwww.list.gmu.edu

RHA3: Consistency Constraints

Page 15: © 2005 Ravi Sandhu Administrative Scope (continued) (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology

15

© 2005 Ravi Sandhuwww.list.gmu.edu

RHA4: admin-authority operations

Page 16: © 2005 Ravi Sandhu Administrative Scope (continued) (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology

16

© 2005 Ravi Sandhuwww.list.gmu.edu

RHA4: creation of parentless roles not allowed

Forces PSO1 as administrator of X

Should be DSO?

Eliminated from admin-hierarchy

1 The Future of Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Chair ravi.sandhu@utsa.edu © Ravi Sandhu

1 The Future of Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Chair [email protected] © Ravi Sandhu

Documents

Access Control and Semantic Web Technologies Ravi Sandhu Executive Director and Endowed Chair

Access Control and Semantic Web Technologies Ravi Sandhu Executive Director and Endowed Chair

Documents

SSL Prof. Ravi Sandhu. 2 © Ravi Sandhu 2002 SECURE SOCKETS LAYER (SSL) layered on top of TCP SSL versions 1.0, 2.0, 3.0, 3.1 Netscape protocol later refitted

SSL Prof. Ravi Sandhu. 2 © Ravi Sandhu 2002 SECURE SOCKETS LAYER (SSL) layered on top of TCP SSL versions 1.0, 2.0, 3.0, 3.1 Netscape protocol later refitted

Documents

1 Cloud Computing Prof. Ravi Sandhu Executive Director and Endowed Chair April 12, 2013 ravi.sandhu@utsa.edu © Ravi Sandhu World-Leading

1 Cloud Computing Prof. Ravi Sandhu Executive Director and Endowed Chair April 12, 2013 [email protected] © Ravi Sandhu World-Leading

Documents

© 2005 Ravi Sandhu Access Control Hierarchies (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology

© 2005 Ravi Sandhu Access Control Hierarchies (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology

Documents

Role Activation Hierarchies Ravi Sandhu George Mason University

Role Activation Hierarchies Ravi Sandhu George Mason University

Documents

© 2004 Ravi Sandhu Role-Based Access Control Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University

© 2004 Ravi Sandhu Role-Based Access Control Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University

Documents

© Ravi Sandhu The Secure Information Sharing Problem and Solution Approaches Ravi Sandhu Professor of Information Security and Assurance

© Ravi Sandhu The Secure Information Sharing Problem and Solution Approaches Ravi Sandhu Professor of Information Security and Assurance

Documents

How to do Discretionary Access Control Using Roles Ravi Sandhu Qamar Munawer

How to do Discretionary Access Control Using Roles Ravi Sandhu Qamar Munawer

Documents

© 2004 Ravi Sandhu Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology

© 2004 Ravi Sandhu Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology

Documents

© 2004 Ravi Sandhu The Schematic Protection Model (SPM) Ravi Sandhu Laboratory for Information Security Technology George Mason University

© 2004 Ravi Sandhu The Schematic Protection Model (SPM) Ravi Sandhu Laboratory for Information Security Technology George Mason University

Documents

© 2006 Ravi Sandhu Secure Information Sharing Enabled by Trusted Computing and PEI * Models Ravi Sandhu (George Mason University and TriCipher)

© 2006 Ravi Sandhu Secure Information Sharing Enabled by Trusted Computing and PEI * Models Ravi Sandhu (George Mason University and TriCipher)

Documents

© 2005 Ravi Sandhu Role Usage and Activation Hierarchies (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security

© 2005 Ravi Sandhu Role Usage and Activation Hierarchies (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security

Documents

ISA 662 Internet Security Protocols Kerberos Prof. Ravi Sandhu

ISA 662 Internet Security Protocols Kerberos Prof. Ravi Sandhu

Documents

ISA 662 SSL Prof. Ravi Sandhu. 2 © Ravi Sandhu SECURE SOCKETS LAYER (SSL) layered on top of TCP SSL versions 1.0, 2.0, 3.0, 3.1 Netscape protocol later

ISA 662 SSL Prof. Ravi Sandhu. 2 © Ravi Sandhu SECURE SOCKETS LAYER (SSL) layered on top of TCP SSL versions 1.0, 2.0, 3.0, 3.1 Netscape protocol later

Documents

A Role Based Administration Model For Attribute Xin Jin , Ram Krishnan, Ravi Sandhu

A Role Based Administration Model For Attribute Xin Jin , Ram Krishnan, Ravi Sandhu

Documents

The ASCAA * Principles Applied to Usage Control Prof. Ravi Sandhu

The ASCAA * Principles Applied to Usage Control Prof. Ravi Sandhu

Documents

Authentication: the problem that will not go away Prof. Ravi Sandhu Chief Scientist sandhu@tricipher.com 703 283 3484 Protecting Online Identity

Authentication: the problem that will not go away Prof. Ravi Sandhu Chief Scientist [email protected] 703 283 3484 Protecting Online Identity

Documents

© 2004 Ravi Sandhu The Safety Problem in Access Control HRU Model Ravi Sandhu Laboratory for Information Security Technology George Mason

© 2004 Ravi Sandhu The Safety Problem in Access Control HRU Model Ravi Sandhu Laboratory for Information Security Technology George Mason

Documents

INFS 767 Fall 2003 Administrative RBAC ARBAC97 Prof. Ravi Sandhu

INFS 767 Fall 2003 Administrative RBAC ARBAC97 Prof. Ravi Sandhu

Documents

© 2005 Ravi Sandhu Administrative Scope (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology George

© 2005 Ravi Sandhu Administrative Scope (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology George

Documents

Relational Database Access Controls Using SQL - Prof. Ravi Sandhu

Relational Database Access Controls Using SQL - Prof. Ravi Sandhu

Documents

Trusted Computing Models Prof. Ravi Sandhu Executive Director and Endowed Chair

Trusted Computing Models Prof. Ravi Sandhu Executive Director and Endowed Chair

Documents

Rethinking Password Strategies Ravi Sandhu Chief Scientist sandhu@nsdsecurity 703 283 3484

Rethinking Password Strategies Ravi Sandhu Chief Scientist sandhu@nsdsecurity 703 283 3484

Documents

Information Assurance: A Personal Perspective Ravi Sandhu

Information Assurance: A Personal Perspective Ravi Sandhu

Documents

© 2004 Ravi Sandhu The Typed Access Matrix Model (TAM) and Augmented TAM (ATAM) Ravi Sandhu Laboratory for Information Security Technology

© 2004 Ravi Sandhu The Typed Access Matrix Model (TAM) and Augmented TAM (ATAM) Ravi Sandhu Laboratory for Information Security Technology

Documents

© 2005 Ravi Sandhu Permissions and Inheritance (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology

© 2005 Ravi Sandhu Permissions and Inheritance (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology

Documents

Security Cloud: Cloud Trust Brokers · Security and the Cloud: Cloud Trust Brokers Ravi Sandhu Ravi Ganesan* Founder, SafeMashups +1.415.680.5746 ravi@safemashups com ravi@findravi

Security Cloud: Cloud Trust Brokers · Security and the Cloud: Cloud Trust Brokers Ravi Sandhu Ravi Ganesan* Founder, SafeMashups +1.415.680.5746 ravi@safemashups com ravi@findravi

Documents

© Ravi Sandhu HRU and TAM Ravi Sandhu Laboratory for Information Security Technology George Mason University sandhu@gmu.edu

© Ravi Sandhu HRU and TAM Ravi Sandhu Laboratory for Information Security Technology George Mason University [email protected]

Documents

© Ravi Sandhu The Secure Information Sharing Problem and Solution Approaches Ravi Sandhu Executive Director and Endowed Chair Institute

© Ravi Sandhu The Secure Information Sharing Problem and Solution Approaches Ravi Sandhu Executive Director and Endowed Chair Institute

Documents