Abstract:
A key issue in information security is that of protecting information against unauthorized accesses. In particular, emerging grid, P2P and mobile application environments present several challenges with regards to flexible time-based access control requirements, efficient administration of privileges and secure interoperation. Towards the goal of addressing these challenges, we have developed a Generalized Temporal Role Based Access Control (GTRBAC) framework that facilitates the specification and enforcement of a comprehensive set of time-based access control policies, including temporal constraints on role enabling, user-role and role-permission assignments, and role activations. The model provides an event-based mechanism for supporting dynamic access control requirements. However, the model also raises crucial expressiveness versus policy design concerns because of its huge set of constraints. These issues will be even more complex for generic context-based access control models that are required by newly emerging applications. In this talk, I will overview the GTRBAC model and then present an approach to analyzing the expressiveness versus policy design issue as a usability concern and discuss a formal framework for deriving design guidelines to generate policies that are more manageable and less complex. I will also briefly discuss our ongoing research related to extending the GTRBAC framework for developing an integrated trust-based access control framework for secure interoperation in dynamic multidomain environments.

Biography:
James Joshi is an assistant professor in the School of Information Sciences at the University of Pittsburgh. He is a founder and the director of the Laboratory of Education and Research on Security Assured Information Systems (LERSAIS), which has been designated jointly by the NSA and DHS as a National Center of Academic Excellence in Information Assurance Education. He received his MS in Computer Science and PhD in Computer Engineering degrees from Purdue University in 1998 and 2003. His research interests include Access Control Models, Security and Privacy of Distributed Multimedia Systems, Trust Management and Information Survivability. He is a recipient of the NSF-CAREER award in 2006. He is a Program Co-Chair for the IEEE International Conference on Information Reuse and Integration, the International Workshop on Information Assurance, and the International Workshop on Trusted Collaboration. He has served as a program committee member in several international conferences including the ACM Symposium on Access Control Models and Technologies (SACMAT), International Workshop on Systems and Network Security (SNS), and European Conference on Information Warfare and Security (ECIW). He serves in the editorial review board of the International Journal of E-Business Research and the International Journal of Network Security. He is a co-editor of the book titled Y´Information Assurance: Dependability and Security of Networked SystemsĄ to be published in 2007.

At Pitt, he currently directs the Security program, which is one of only 13 in the nation with five CNSS certifications, and manages the DoD Information Assurance Scholarship Program and the NSF-Federal Cyber Service Scholarship for Service program. He also leads the recently formed Information Security Research Interest Group in the School.

Homepage: http://www.sis.pitt.edu/~jjoshi/