|
CAREER: A
Trust-based Access Control Management Framework for Secure Information
Sharing and Multimedia Workflows in Heterogeneous Environments
Grant
NSF-CAREER Award IIS-0545912
Project Duration
Jan 1, 2006 - Dec 31,
2010
Project Total Amount
$416,419
Principal Investigator
James B. D Joshi
Assistant Professor
School of Information Sciences, University of Pittsburgh
Project Abstract
The goal of this research is to address the complex
security, privacy and digital rights management issues related to the
emerging multidomain application (EMA) environments, which are
characterized by the convergence of emerging grid, P2P and mobile
environments with multimedia and workflow technologies. Such EMA
environments show huge potential for efficiently automating workflow
processes across heterogeneous administrative domains, and for
facilitating unprecedented levels of system interactions and information
and resource sharing. In particular, the project takes a holistic
approach to synthesizing a solution that combines (i) a comprehensive
trust-based, adaptive, content and context based access control and
secure interoperation framework to facilitate the interaction of
constituent domains in an EMA environment, and (ii) a comprehensive
framework for addressing the privacy and digital rights management
issues related to sharing of multimedia data and workflows. The research
will produce required theory, efficient algorithms, specification
languages, negotiation protocols, and analysis and administration tools
founded on sound design principles and usability considerations which
will be validated in a prototype EMA environment. The results are
expected to have direct and long-term impact on developing secure data
and resource intensive heterogeneous application environments, and will
contribute significantly to current efforts related to the protection of
complex systems and infrastructures such as the national and global
information grid. The research results will be incorporated into the
security curriculum of the University of Pittsburgh, which has been
designated a national center of academic excellence in information
assurance education, and disseminated through publication venues and the
project website (http://www.sis.pitt.edu/~jjoshi/nsfcareer/).
Go to
Joshi's Homepage
|
|
People Involved
|
PhD Students
|
|
My Advisees |
Program |
Publications |
Area |
|
Yue Zhang |
PhD, IS/CS |
3 Book Chapters + 5 Journals + 5
Conference |
Multidomain Security |
|
Amirreza Masoumzadeh |
PhD, IS |
1 Journal + 1 Conference |
Security/Privacy |
|
Saubhagya Ram Joshi |
PhD, IS |
3 Chapters |
Workflow Security |
|
|
|
Others (did/doing research with me) |
|
|
|
Siginq Du |
PhD, IS |
1 Conference + 1 Chapter |
Multidomain Security |
|
Korporn Panyim |
PhD, TEL |
1 Paper |
Trust Management |
|
Carlos E. C. Bastidas |
PhD, TEL |
1
Journal Article/ I Paper |
Access Control/Trust in IPv6/mobile IPv6 Security |
|
Masters Students |
|
(Current) |
|
|
|
|
Craig Schenkler |
MS-IS |
In Preparation |
Prototype Implementation for Lot-RBAC |
|
Summit Tuladhar |
MS-TEL |
(Thesis) |
Interdomain Authentication/Access
in Mobile Env |
|
(Past) |
|
|
|
|
Raymond Murthi |
MS, IS |
Working on them ! |
GTRBAC Extension (Implementation) |
|
Suronapee Phoomvuthisarn |
MS, IS |
1 Conference |
Trust Management (Implementation) |
|
Summt R. Tuladhar |
MS, TEL |
Working on them ! |
Access Control/Trust in IPv6/mobile IPv6 Security |
Publications
|
Book Chapters |
2006
-
James B. D. Joshi,
Siqing Du, Saubhagya R. Joshi, “A Trust Based Access Control
Management Framework for a Secure Grid Environment” in Book titled
"Security in Distributed, Grid, and Pervasive Computing", Edited by
Prof. Yang Xiao, to be published by Auerbach Publications, CRC Press
2006.
-
James B. D. Joshi, S. R. Joshi, and S.
M. Chandran, "Information Security Issues and Challenges," in
Encyclopedia of Digital Government, (Editors Ari-Veikko
Anttiroiko, Matti Malkia), 2006.
-
James B. D. Joshi, S. R. Joshi, and S.
M. Chandran, "Identity Management and Privacy Issues," in
Encyclopedia of Digital Government, (Editors Ari-Veikko
Anttiroiko, Matti Malkia), 2006.
-
James B. D. Joshi, S. M. Chandran, A.
Ghafoor, and W. G. Aref, "Survivability Issues and Challenges,"
in Encyclopedia of Digital Government, (Editors Ari-Veikko
Anttiroiko, Matti Malkia), 2006.
2007
-
James B D Joshi, Yue Zhang “Access
Control and Trust Management for Emerging Multidomain
Environments,” in Annals of Emerging Research in Information
Assurance, Security and Privacy Services, Editors: S. Upadhyaya,
R. O. Rao (in progress; invited)
-
James B D Joshi, Yue Zhang, “Temporal
Access Control,” Encyclopedia of Database Systems,
Editors-in-Chief: Ling Liu, M. Tamer Özsu, Springer – in
progress, (Invited).
-
James B D Joshi, Yue Zhang, “Role
based Access Control”, Encyclopedia of Database Systems,
Editors-in-Chief: Ling Liu, M. Tamer Özsu Springer – in
progress, (Invited).
|
Journals
-
James
B. D. Joshi, Elisa
Bertino, Arif
Ghafoor, "Formal Foundations for Hybrid Role Hierarchy",
ACM Transaction in Information and Systems Security. (In
Print).
Submitted/Being
Submitted
-
James. B.D.
Joshi, Elisa Bertino, and Yue Zhang, “Constraints in the
Generalized Temporal RBAC Model”, (IEEE TDSC)
-
Yue Zhang,
Amirreza Masoumzadeh and James B.D.Joshi, “LoT-RBAC: A Temporal
Location Role Based Access Control Model”, (Journal of Location
Based Services)
-
Yue Zhang and
James B.D.Joshi, “SARBAC07: A scoped administration model for
RBAC with hybrid hierarchy”, (Journal of Information Assurance
and Security).
-
Yue Zhang and
James B.D. Joshi, “A Time-based Secure Interoperation and
Authorization Model in Loosely-Coupled Multi-domain environment
employing GTRBAC”, being submitted (venue TBD)
|
|
Conference/Workshops |
|
2006
-
Michael Chuang; Suronapee
Phoomvuthisarn;
James
B. D. Joshi, "An Integrated Framework
for Trust-Based Access Control in Open Environments," The Second
International Conference on Collaborative Computing: Networking,
Applications and Worksharing (CollaborateCom-2006), Nov 16-19,
2006.
-
Siqing Du, James B. D. Joshi,
“Supporting Authorization Query and Inter-domain Role Mapping in
Presence of Hybrid Role Hierarchy,” The 11th ACM Symposium on Access
Control Models and Technologies, USA, June 2006.
-
James B. D. Joshi,
Elisa Bertino, “Fine-grained Role-based Delegation in Presence of
Hybrid Role Hierarchy,” The 11th ACM Symposium on Access Control
Models and Technologies, USA, June 2006.
-
Suroop M
Chandran, Korporn Panyim, James
B. D. Joshi,
“A Requirements-Driven
Trust Framework for Secure Interoperation in Open Environments",
The Fourth International Conference on Trust Management,
(iTrust-06), May 16-19, Italy, 2006.
2007
-
Yue Zhang and
James, B.D. Joshi, “A Request-Driven Secure Interoperation
Framework in Loosely-Coupled Multi-domain Environment Employing
RBAC Policies”, TrustCol’ 2007, White Plains, New York
-
Yue Zhang and
James, B.D. Joshi, “SARBAC07: A Scoped Administration Model for
RBAC with Hybrid Hierarchy”, IAS’ 2007, Manchester, UK
-
Yue Zhang and
James, B.D. Joshi, “ARBAC07: A Role-Based Administration Model
for RBAC with Hybrid Hierarchy”, IRI’ 2007, Las Vegas, NV
(Submitted)
-
Yue Zhang and
James B.D. Joshi, “Centralized vs. Decentralized: A Formal
Analysis of the Secure Interoperation Approaches in Multi-domain
Environments”, Submitted to S&P’08.
-
Yue Zhang and
James B.D. Joshi, “A User Authorization Query Model for
Web-Based RBAC Systems”, Submitted to WWW’08.
(In
Progress - to be submitted to SACMAT08)
-
Paper on
Time-based Hybrid Hierarchy Management
-
Paper on SoDs in
Multidomain Integration
-
Paper on
Privacy-Aware Extension to GTRBAC
|
Implementation
Activities (Software + Testbed)
-
Testbed for Grid + Mobile
environment is being finalized.
-
Prototype implementation of LoT-RBAC and its XML
specification language is being finalized.
|