Institute for Cyber Security (ICS)
Prof. Ravi Sandhu
Executive Director and
Lutcher Brown Endowed Chair
ravi.sandhu@utsa.edu
210 458 6081
Ravi Sandhu










BTech, MTech: Electrical Engineering, IIT Bombay, Delhi
MS, PhD: Computer Science, Rutgers
Asst Prof: Computer Science, Ohio State U (6 yrs)
Assoc/Full Prof: Information Security, George Mason U (18 yrs)
Full Prof: Computer Science, UTSA (started June 2007)
ACM Fellow, IEEE Fellow
Founding EIC ACM TISSEC: world’s leading security journal
Past-Chairman ACM SIGSAC: world’s leading security society
Founder ACM CCS: world’s leading security conference
Co-Founder & Chief Scientist, TriCipher: Silicon Valley startup
I am here because of past accomplishments but what matters and
what excites me is the future opportunity at the bleeding edge
ICS Background




2000: UTSA and San Antonio Community identify strategic goal
of excellence in Cyber Security
2001: Center for Infrastructure Assurance and Security (CIAS)
established, garners success in service to DoD and DHS
2006: UTSA wins $3.5M State of Texas Emerging Technology
Fund grant to create a new Institute for Cyber Security
2007: Prof. Ravi Sandhu recruited to found and lead ICS with
additional $1M Endowed Chair and $1M UT STARS funding
CIAS becomes a component of ICS
ICS is an unique opportunity but true excellence
requires hard work, patience and sustained support
ICS Scope

Research
–
–

Education
–

–
The big challenge for UTSA and all research universities
Opportunity to be a national leader and role model
Service
–
–

Degree and non-degree programs
Commercialization
–

Tenure-track faculty and their graduate students
Research faculty and staff
Public sector: build on CIAS success and beyond
Private sector: another big challenge
Partnerships
–
Academia, Industry, Government, International
A comprehensive “big-tent” Institute but the core will
always remain research driven by tenure-track faculty
ICS Mission
To pursue world-class high-impact cybersecurity research, education,
commercialization and service in synergy
with relevant components of UTSA, and
with world-class partners.
Very ambitious but in our grasp
Change Drivers
Stand-alone mainframes
and mini-computers
Internet
Vandals
Criminals
Enterprise security
Mutually suspicious
security
Few and standard
services
Many and new
innovative services
Entering an era of applicationdriven security
Research Opportunities

What does it mean to be secure?
–
–
–

What are the appropriate tradeoffs in an application
business context?
Who decides?
Who pays?
How do we make it secure?
–
–
What do we need to invent to get there?
How do we use existing inventions to get there?
Collaboration with application experts,
especially where the applications
themselves are cutting edge
ICS Plans

Big investments
–
–

Tenure track faculty: seed money for new lines
Laboratory: renovate, refurbish, equipment, staff
Smaller investments
–
–
Seed money: work that will lead to funding down
the line
Bridge money: continue work between grants
Come talk to me
and conversely
Personal Research Agenda

Develop a framework for dealing with security
–


RBAC, UCON, PEI
Demonstrate utility of this framework in diverse
contexts, evolve the framework as needed
Engage with industry to understand their priorities
and place doctoral students in internships and jobs
Lots of scope for
collaboration
RBAC96
UCON 2004
Continuity of
Decisions
Rights
(R)
pre-decision
ongoing-decision
before-usage
ongoing-Usage
pre-update
ongoing-update
Mutability of
Attributes
Subjects
(S)
Objects
(O)
Usage
Decisions
Subject Attributes (SA)
Object Attributes (OA)
Authoriz
ations
(A)
Obliga
tions
(B)
Condi
tions
(C)
after-usage
post-update
PEI Models: Policy, Enforcement,
Implementation
Security and system goals
(requirements/objectives)
Policy models
Horizontal
view
Enforcement models
Looks at
Individual
layer
Implementation models
Vertical
View
Looks
Across
Layers
Target platform, e.g., Trusted
Computing technology