1 / 5

Data and Applications Security Developments and Directions

Data and Applications Security Developments and Directions. Dr. Bhavani Thuraisingham The University of Texas at Dallas Assignment #1 on Access Control and Policies September 14, 2011 Due Date: September 28, 2011. References. Lecture Notes Text Book for Class Additional Papers

Download Presentation

Data and Applications Security Developments and Directions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Assignment #1 on Access Control and Policies September 14, 2011 Due Date: September 28, 2011

  2. References • Lecture Notes • Text Book for Class • Additional Papers • RBAC: Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein, Charles E. Youman: Role-Based Access Control Models. IEEE Computer 29(2): 38-47 (1996) • UCON: Jaehong Park, Ravi S. Sandhu: The UCONABC usage control model. ACM Trans. Inf. Syst. Secur. 7(1): 128-174 (2004) • http://delivery.acm.org/10.1145/510000/507722/p57-park.pdf?key1=507722&key2=2341065321&coll=ACM&dl=ACM&CFID=23616711&CFTOKEN=10325487 • DCON: Roshan K. Thomas, Ravi S. Sandhu: Towards a Multi-dimensional Characterization of Dissemination Control. POLICY 2004: 197-200 (IEEE)

  3. Problem #1 • Consider an example application (e.g., from healthcare, defense, financial) • Specify some meaningful policies for this application that address confidentiality, privacy and trust

  4. Problem #2 • Consider an example application where there is a need for organizations to share data • Example: Defense: Army, Navy, Air Force • Healthcare: Doctor, Hospital, Insurance company • Give meaningful security policies illustrating the need for organizations share data and yet having to enforce the policies • Policies may include confidentiality, privacy and trust

  5. Problem #3 • Read the papers on RBAC, UCON and DCON listed in this unit • For an example application (or applications) specify policies for RBAC, UCON and DCON

More Related