Deepak Garg
(Carnegie Mellon University)"Controlling Access to Data: A Logic-Based Approach"
Sensitive data in many organizations such as intelligence, healthcare and finance corporations, is often protected by complex access policies that rely on a mix of signed credentials, clock time and system state. Enforcement of such policies through conventional mechanisms like access control lists is administratively infeasible. Motivated by this disparity, this talk presents the theoretical and practical aspects of a logic-based access control subsystem for representing, interpreting, and enforcing access policies. The theoretical underpinning of the subsystem is a new logic to represent access policies, and its proof theory to determine their consequences. By carefully separating policy interpretation, policy decision, and policy enforcement, the subsystem leverages (conventionally inefficient) logical tools to attain very high throughput. The subsystem is evaluated in its implementation in a local file system, and its expressiveness is validated through a case study of policies used in the U.S. intelligence community.
Bio: Deepak Garg is a post-doctoral researcher in the Cybersecurity Lab
(CyLab) at Carnegie Mellon University. He obtained a Ph.D. at
Carnegie Mellon's Computer Science Department and an undergraduate
degree in Computer Science and Engineering from the Indian Institute
of Technology, New Delhi. His research interests are in the areas of
computer security and privacy, formal logic and programming languages.
Zeit: | Montag, 04.04.2011, 10.30 Uhr |
---|---|
Ort: | Saarbrücken, Wartburg, 5. Etage |
Hinweis: | Der Vortrag wird live nach Kaiserslautern Gebäude 49, Raum 206 übertragen. |