INSTITUTE FOR CYBER SECURITY Research Opportunities at the Institute for Cyber Security (ICS) Ravi Sandhu Executive Director and Endowed Professor www.ics.utsa.edu www.profsandhu.com 1 About ICS INSTITUTE FOR CYBER SECURITY We are a startup Founded June 2007 by multi-million startup funding from State of Texas, conditional on recruiting Prof. Ravi Sandhu to lead ICS ICS We are different World-class research with commercialization ICS Labs ICS Incubator ICS CIAS World-class sponsored research on all aspects of cyber security in collaboration with leading academic, industry and government partners Develops innovative security products and companies by bringing in novel and commercially viable ideas and prototypes, incubating and developing these and spinning out companies Conducts dark screen exercises and training at the city and county level to improve our nation’s capability to withstand coordinated cyber attacks ICS Labs is off to a great start $1.7M (UTSA portion) in new funding won in 2008 in partnership with Purdue, UIUC, UMBC, UNCC, Michigan, UTD, Penn St., ASU, Georgia Tech 2 INSTITUTE FOR CYBER SECURITY About Ravi Sandhu BTech, MTech: Electrical Engineering, IIT Bombay, IIT Delhi MS, PhD: Computer Science, Rutgers Univ., New Jersey Assistant Prof of Computer Science, Ohio State U (6 yrs) Associate/Full Prof of Information Security, George Mason U (18 yrs) Full Prof & Endowed Chair of Cyber Security, UTSA (2007 onwards) Founding EIC ACM TISSEC: world’s leading security journal Founder ACM CCS: world’s leading security conference Founder ACM SACMAT: another leading security conference Major author of NIST/ANSI Standard on Role-Based Access Control Creator & architect of MS and PhD programs in Cyber Security at GMU Co-Founder & Chief Scientist, TriCipher: Silicon Valley startup One of the world’s most cited authors in cyber security research 10,000+ Google Scholar hits, with two superhits (3200+ and 1900+ hits) 175 papers with 50+ co-authors, 14 PhD graduates ACM Fellow, IEEE Fellow, 12 Security Technology patents Awards from ACM, IEEE, NIST, NSA 3 INSTITUTE FOR CYBER SECURITY ICS Forte Implementation e.g., Virtualization, Peer-to-peer The Computer Science Research Triangle Models e.g., 7-layer OSI nw stack, OO Programming A good PhD dissertation should involve all 3 elements but contributions will typically emphasize one of these Theory e.g., P =? NP, Automata 4 INSTITUTE FOR CYBER SECURITY Cyber Security Goals USAGE purpose INTEGRITY modification USAGE AVAILABILITY access CONFIDENTIALITY disclosure 5 5 INSTITUTE FOR CYBER SECURITY Models RBAC: Role-Based Access Control,1992UCON: Usage Control, 2002PEI: Policy-EnforcementImplementation, 2000… ICS Forte: Security Models and Analysis IT Technologies Applications Enterprise security Identity management Information sharing Stream-processing Social networking … Web 2.0 Virtualization Software as a Service (SaaS) Web services Trusted computing Semantic web … Attack Technologies Botnets Phishing Buffer overflow Cross scripting Sniffers … 6 RBAC96 Model (1992-) INSTITUTE FOR CYBER SECURITY ROLE HIERARCHIES USER-ROLE ASSIGNMENT USERS The most successful authorization model so far PERMISSIONS-ROLE ASSIGNMENT ROLES ... PERMISSIONS SESSIONS CONSTRAINTS 7 INSTITUTE FOR CYBER SECURITY Usage Control UCON Model (2002-) New kid on the block Receiving good traction unified model integrating • authorization • obligation • conditions • and incorporating • continuity of decisions • mutability of attributes • Continuity of Decisions pre-decision Rights (R) Subjects (S) Objects (O) Usage Decisions Subject Attributes (SA) Object Attributes (OA) ongoing-decision before-usage ongoing-Usage pre-update ongoing-update after-usage Authoriz ations (A) Obliga tions (B) Condi tions (C) post-update Mutability of Attributes 8 INSTITUTE FOR CYBER SECURITY PEI Models (2004-) No competing framework so far 9 INSTITUTE FOR CYBER SECURITY Managing the Assured Information Sharing Life Cycle (AISL) Sponsor: Air Force Office of Scientific Research, MURI, 2008-2013 Partners: UMBC, Michigan, UIUC, Purdue, UTD Content, often including private sensitive data, is flowing into social networks at a very high rate. How do we enable privacy and security without impacting the velocity of data transfer and convenience? A Framework for Combating Stealthy Botnets Sponsor: Air Force Office of Scientific Research, MURI, 2008-2013 Partners: Georgia Tech. 9/11 caused us to move from a "need to know" mindset to a "need to share" posture. What does this really mean? What are the implications? How can we share safely? How do we “share but protect”? Securing Dynamic Online Social Networks Sponsor: National Science Foundation, 2008-2012 Partners: Penn. State Univ., ASU, UNC-Charlotte Current Funded Projects Botnets are the most dangerous, widespread and insidious attack vehicles on the Internet. Future botnets are anticipated to use stealth techniques such as encryption and aggregation to avoid exposure, easily defeating current detection techniques. What do we do to contain this threat? Secure Knowledge Management: Models and Mechanisms Sponsor: National Science Foundation, 2007-2009 How do we combine cryptographic techniques and access control techniques to effectively protect information and knowledge? 10 INSTITUTE FOR CYBER SECURITY Current Un-Funded Projects Write your own ticket 11 INSTITUTE FOR CYBER SECURITY Group-Based Information Sharing Information Sharing Metaphors: Secure virtual room in cyberspace Subscription service Idealized policy: Formalized using temporal logic Pragmatic policy: Approximation to ideal, formalized using temporal logic Detailed protocols Working system 12 INSTITUTE FOR CYBER SECURITY The need for cyber security will only grow Attackers are often more innovative and more incented than defenders Every cyber technology innovation creates a new attack-defend cycle No final solution UTSA has a world class research operation in cyber security Unless humans suddenly transform into angels Unless cyber innovations stop delivering productivity gains The best we can offer is to stay ahead of the attackers Conclusion Take security courses Join our team Come talk to me: drop me an email and I will make time We have multiple openings Come join us on Nov 18th to celebrate our Founders Day 4:00-5:30pm: Distinguished lecture by Prof. Eugene Spafford of Purdue 5:30-7:00pm: Wine and cheese reception See www.ics.utsa.edu 13