James Joshi - Pittsburgh University
Nov 10, 2004
Download: MP4 Video
Watch in your Browser
Watch on YouTube
"GTRBAC: A Generalized Temporal Role Based Access Control Model"
A key issue in computer system security is to protect information against unauthorized access. Emerging workflow-based applications in healthcare, manufacturing, the financial sector, and e-commerce inherently have complex, time-based access control requirements. To address the diverse security needs of these applications, a Role Based Access Control (RBAC) approach can be used as a viable alternative to traditional discretionary and mandatory access control approaches. The key features of RBAC include policy neutrality, support for least privilege, and efficient access control management. However, existing RBAC approaches do not address the growing need for supporting time-based access control requirements for these applications. In this talk, I will present a Generalized Temporal Role Based Access Control (GTRBAC) model that combines the key features of the RBAC model with a powerful temporal framework. The proposed GTRBAC model allows specification of a comprehensive set of time-based access control policies, including temporal constraints on role enabling, user-role and role-permission assignments, and role activations. The model provides an event-based mechanism for providing context based access control, as well as expressing dynamic access control policies, which are crucial for developing secure workflow-based enterprise applications. I will discuss various design guidelines for managing complexity of policy specification as well as an XML-based GTRBAC policy specification language.
About the Speaker
James Joshi is an assistant professor in the department of Information Science and Telecommunications at the University of Pittsburgh. He is a founder and coordinator of the Laboratory of Education and Research on Security Assured Information Systems (LERSAIS), which has recently been designated as a National Center of Academic Excellence in Information Assurance Education jointly by the NSA and DHS. He received his PhD degree from Purdue University in 2003. He is currently supported by the NSF for establishing security tracks in the University of Pittsburgh. His areas of interest include Access Control Models, Security and Privacy of Distributed Multimedia Systems, and Systems Survivability. He serves as a program committee member in several conferences including ACM Symposium on Access Control Models and Technologies, International Symposium on Multimedia Software Engineering, ACM Workshop on Multimedia Databases, and Annual International Conference on Mobile and Ubiquitous Systems. He was a Program Co-Chair for IEEE Workshop in Information Assurance.
Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M.
STEW G52 (Suite 050B), West Lafayette Campus. More information...