Secure Information Sharing within a Collaborative Environment
Gail-Joon Ahn - University of North Carolina at Charlotte
Sep 15, 2004Size: 212.2MB
Download: MP4 Video
Watch in your Browser Watch on YouTube
AbstractThe Internet is uniquely and strategically positioned to address the needs of a growing segment of population in a very
cost-effective way. It provides tremendous connectivity and immense information sharing capability which the organizations
can use for their competitive advantage. Several organizations have transited from their old and disparate business models
based on ink and paper to a new, consolidated ones based on digital information on the Internet. However, information sharing
on the Internet usually occurs in broad, highly dynamic network-based environments, and formally accessing the resources in a
secure manner poses a difficult challenge. Balancing the competing goals of collaboration and security is difficult because
interaction in collaborative systems is targeted towards making people, information, and resources available to all who need
it, whereas information security seeks to ensure the integrity of these elements while providing it only to those with proper
authorization. As organizations implement information strategies that call for sharing access to resources in the networked
environment, mechanisms must be provided to protect the resources from adversaries.
This talk addresses the issue of how to advocate selective information sharing in collaborative systems through access
control schemes while minimizing the risks of unauthorized access proposing a delegation framework. It also introduces a
systematic approach to specify delegation and revocation policies using a set of rules. The feasibility of the proposed
framework is also discussed through policy specification, enforcement, and a proof-of-concept implementation.
About the SpeakerGail-Joon Ahn is an assistant professor of Software and Information Systems Department at University of North Carolina at
Charlotte and a coordinator of Laboratory of Information Integration, Security and Privacy which has been designated as a
Center of Academic Excellence in Information Assurance Education by National Security Agency. His principal research and
teaching interests are in information and systems security. Ahn received PhD and MS degrees from George Mason University,
Fairfax, Virginia, and BS degree in Computer Science from SoongSil University, Seoul, Korea. His research foci include access
control, security architecture for distributed objects, and secure e-commerce systems and his research has been supported by
NSF, NSA, DoD, Bank of America, Hewlett Packard, Microsoft and Robert Wood Johnson Foundation. Ahn is currently an
information director of ACM Special Interest Group on Security, Audit and Control (SIGSAC).
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.