COLLOQUIUM
Department of Computer Science and Engineering
University of South Carolina

 
Recent Advances in Flexible Authorization Models

Duminda Wijesekera

Department of Information and Software Engineering 
George Mason University

Date: October 4, 2002 (Friday)
Time: 3:30-4:30PM
Place: Swearingen 1C01 (Amoco Hall)


Abstract

Advances in application areas such as Internet-based transactions,
cooperating coalitions, and workflow systems have brought new
challenges to access control.  In order to support the diverse needs
of emerging applications, it has become necessary to support multiple
access control policies in one security domain. This talk describes
the flexible authorization framework (FAF), an authorization framework
that is capable of doing so.  FAF is a logic-based framework where
authorizations are specified in terms of a locally stratified rule
base. FAF allows for permissions and prohibitions to be specified in
its specification. FAF specifications can be changed by deleting old
rules and inserting new rules. We describe the latest additions to
FAF, such as revoking granted permissions, provisional authorizations,
obligations, and authorizations that have to satisfy application
definable constraints.


Duminda Wijesekera is an assistant professor in the Department of
Information and Software Engineering at George Mason University,
Fairfax, Virginia. Prior to joining GMU, he was a senior systems
engineer at Honeywell Space Systems in Clearwater, Florida. He has
been a visiting post-doctoral fellow at the Army High Performance
Research Center at the University of Minnesota, and an assistant
professor of Mathematics at the University of Wisconsin.
Dr. Wijesekera received a PhD in Computer Science from the University
of Minnesota and a PhD in Mathematical Logic from Cornell
University. In the past, he has worked in quality of service,
multimedia systems and program verification. His current interests are
in information security and formal methods.