Seminars & Colloquia
Computer Science, Purdue University
"Security Analysis in Access Control"
Monday September 13, 2004 03:00 PM
Location: 136, EGRC NCSU Centennial Campus
(Visitor parking instructions)
This talk is part of the N/A
Today, RBAC is the dominant access control model in enterprise security management. We show that in contrast to the undecidability of classical Harrison-Ruzzo-Ullman safety properties, the security analysis problems we considered are decidable. In particular, most properties we study are decidable in polynomial time. The computational complexity of containment analysis in a trust management language forms a complexity hierarchy based on the delegation features of the trust management language. We also show that security analysis in two special cases in RBAC can be reduced to the security analysis problem in trust management.
Prof. Li's research interests include access control, trust management, automated trust negotiation, applied cryptography, online privacy protection, reputations systems, and so on. His research is current supported by NSF ITR, Purdue Research Foundation, and CERIAS (Center for Education and Research in Information Assurance and Security).
Host: Ting Yu, Computer Science Department, NCSU