Difference between revisions of "June 2011"
(5 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | ==AF''Security'' Seminar: ''Access Control''== | + | ==AF''Security'' Seminar: ''Dynamic Access Control''== |
Date: Monday 6 June 2011. | Date: Monday 6 June 2011. | ||
− | Location: Meeting room Awk (3118), Ole-Johan Dahls hus (IfI | + | Location: Meeting room Awk (3118), Ole-Johan Dahls hus (IfI). |
'''Agenda''' | '''Agenda''' | ||
− | + | 12:00h Welcome at IfI | |
− | + | 12:15h Invited talk | |
− | '''TITLE:''' | + | '''TITLE:''' An Approach To Access Control In Dynamic Environments |
− | '''ABSTRACT:''' Traditional | + | '''ABSTRACT:''' Traditional access control models such as RBAC are based on the implicit assumption that an administrator can anticipate the legitimate access needs of users and pre-define an access policy that allocates privileges accordingly. However, as business, government and industry become increasingly information-intensive and interconnected, they exhibit a level of dynamism that seriously challenges the validity of this assumption. This talk will review the motivation for developing access control models that can respond to unanticipated changes in users' operational needs without requiring the invention of an administrator. It will review a number of recent proposals that seek to explicitly include a notion of risk to achieve more flexible access decision making. Finally it will present some of our own work that draws on insights from the field of economics and the insurance literature to deliver an access control model where users can acquire unassigned permissions while limiting their power to misuse this dynamic capability. |
+ | Presentation slides: [[Media:AFSec20110606-Dawson-QUT.pdf]] | ||
'''SPEAKER:''' Ed Dawson (QUT) | '''SPEAKER:''' Ed Dawson (QUT) | ||
− | + | '''BIO:''' Prof. Ed Dawson is an expert in security and cryptography, and works as senior advisor at ISI (Information Security Institute) of QUT (Queensland University of Technology) in Australia. He was director of ISI until 2008, and before that he was director of ISRC (Information Security Research Centre) at QUT. | |
− | + | ||
+ | 13:00h Discussion | ||
+ | |||
+ | 13:30h End |
Latest revision as of 07:20, 15 June 2011
AFSecurity Seminar: Dynamic Access Control
Date: Monday 6 June 2011.
Location: Meeting room Awk (3118), Ole-Johan Dahls hus (IfI).
Agenda
12:00h Welcome at IfI
12:15h Invited talk
TITLE: An Approach To Access Control In Dynamic Environments
ABSTRACT: Traditional access control models such as RBAC are based on the implicit assumption that an administrator can anticipate the legitimate access needs of users and pre-define an access policy that allocates privileges accordingly. However, as business, government and industry become increasingly information-intensive and interconnected, they exhibit a level of dynamism that seriously challenges the validity of this assumption. This talk will review the motivation for developing access control models that can respond to unanticipated changes in users' operational needs without requiring the invention of an administrator. It will review a number of recent proposals that seek to explicitly include a notion of risk to achieve more flexible access decision making. Finally it will present some of our own work that draws on insights from the field of economics and the insurance literature to deliver an access control model where users can acquire unassigned permissions while limiting their power to misuse this dynamic capability.
Presentation slides: Media:AFSec20110606-Dawson-QUT.pdf
SPEAKER: Ed Dawson (QUT)
BIO: Prof. Ed Dawson is an expert in security and cryptography, and works as senior advisor at ISI (Information Security Institute) of QUT (Queensland University of Technology) in Australia. He was director of ISI until 2008, and before that he was director of ISRC (Information Security Research Centre) at QUT.
13:00h Discussion
13:30h End