Dr. Ruby B. Lee is the Forrest G. Hamrick Professor in Engineering and Professor of Electrical Engineering with an affiliated appointment in Computer Science at Princeton University. She is the Director of the Princeton Architecture Lab for Multimedia and Security (PALMS). Her current research interests are in secure cloud computing, security-aware computer architecture, trustworthy hardware that does not leak information through side channels, secure manycore architecture, secure sensor nets, mobile security and security verification of hardware-software security architectures. Prior to Princeton, Lee served as chief architect at Hewlett-Packard for processor architecture, multimedia architecture and security architecture. She was a founding architect of HP's PA-RISC architecture and instrumental in the initial design of several generations of PA-RISC processors for HP's business and technical computer product lines. She pioneered adding data-parallelism support for multimedia in microprocessors and enabling ubiquitous real-time multimedia in commodity computers. She was co-leader of an Intel-HP architecture team for 64-bit Intel processor systems. She led the security architecture team for enterprise and e-commerce security for HP before coming to Princeton. Lee is an ACM Fellow and an IEEE Fellow. She holds over 120 U.S. and international patents and has published numerous papers, with best paper awards in different fields. Lee is often asked to serve on national committees for improving cyber security research; she was a co-leader of the National Cyber Leap Year Summit (2009) and co-author of the earlier National Academies' study mandated by Congress to improve cyber security research in the U.S. Her undergraduate degree is from Cornell and her M.S. (CS) and Ph.D. (EE) degrees are from Stanford.
Title: Hardware-enhanced Access Control in Cloud Computing
Future trustworthy computer systems should provide built-in support for at least the cornerstone security properties of confidentiality, integrity and availability. Access control can help significantly towards achieving this. However, in today's computing landscape, traditional access control implemented only in software may be either insufficient or non-optimal. We discuss some of these situations. Furthermore, fine-grained access control and usage control mechanisms implemented in software are themselves subject to attack, and may impose heavy performance overheads. Can new hardware architecture improve the security achievable by software mechanisms for access control and usage control? If so, what types of hardware support are most useful while retaining the flexibility of software protection mechanisms? What can software do, to help hardware achieve the best results?
With the trend towards Cloud Computing, we discuss how new hardware architectural features for cloud servers can help protect the confidentiality and integrity of a cloud customer's code and data in his leased Virtual Machines -- even when the powerful underlying hypervisor may be compromised [1,2]. This uses a new, non-bypassable form of hardware access control. Without requiring new hardware, we can also leverage the hardware trend towards manycore chips, and the already available hardware virtualization features, to enhance Cloud Security - but with a few restrictions and some new software support [3,4].
In general, we would like to motivate collaborations between the software security and the hardware architecture communities to explore software-hardware co-design for security . What comes beyond access control in cloud computing and mobile computing ecosystems? The goal is to design future trustworthy systems that provide security protections, at the levels needed, when needed, even with malware in the system.
- Jakub Szefer and Ruby B. Lee, "Architectural Support for Hypervisor-Secure Virtualization," in Proceedings of the International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), March 2012.
- Jakub Szefer and Ruby B. Lee, "A Case for Hardware Protection of Guest VMs from Compromised Hypervisors in Cloud Computing," in Proceedings of the Second International Workshop on Security and Privacy in Cloud Computing (SPCC), June 2011.
- Jakub Szefer, Eric Keller, Ruby B. Lee and Jennifer Rexford, "Eliminating the Hypervisor Attack Surface for a More Secure Cloud," in Proceedings of the Conference on Computer and Communications Security (CCS), October 2011.
- Eric Keller, Jakub Szefer, Jennifer Rexford, and Ruby B. Lee, "NoHype: Virtualized cloud infrastructure without the virtualization," in Proceedings of the International Symposium on Computer Architecture (ISCA), pages 350-357, June 2010.
- David Champagne and Ruby B. Lee, "Scalable Architectural Support for Trusted Software", IEEE International Symposium on High-Performance Computer Architecture (HPCA), Jan. 2010.
Dr. Ravi Sandhu is Executive Director of the Institute for Cyber Security
at the University of Texas at San Antonio, where he holds the Lutcher
Brown Endowed Chair in Cyber Security. Previously he was on the
faculty at George Mason University (1989-2007) and Ohio State
University (1982-1989). He holds BTech and MTech degrees from IIT
Bombay and Delhi, and MS and PhD degrees from Rutgers University. He
is a Fellow of IEEE, ACM and AAAS, and has received awards from IEEE,
ACM, NSA and NIST. A prolific and highly cited author, his research
has been funded by NSF, NSA, NIST, DARPA, AFOSR, ONR, AFRL and private
industry. His seminal papers on role-based access control established
it as the dominant form of access control in practical systems. His
numerous other models and mechanisms have also had considerable
real-world impact. He is Editor-in-Chief of the IEEE Transactions on
Dependable and Secure Computing, and founding General Chair of the ACM
Conference on Data and Application Security and Privacy. He
previously served as founding Editor-in-Chief of ACM Transactions on
Information and System Security and on the editorial board for IEEE
Internet Computing. He was Chairman of ACM SIGSAC, and founded the
ACM Conference on Computer and Communications Security and the ACM
Symposium on Access Control Models and Technologies and chaired their
Steering Committees for many years. He has served as General Chair,
Program Chair and Committee Member for numerous security conferences.
He has consulted for leading industry and government organizations,
and has lectured all over the world. He is an inventor on 23 security
technology patents. At the Institute for Cyber Security he leads
multiple teams conducting research on many aspects of cyber security
including secure information sharing, social computing security, cloud
computing security, secure data provenance and botnet analysis and
detection, in collaboration with researchers all across the world.
His web site is at www.profsandhu.com.
Title: The Authorization Leap from Rights to Attributes: Maturation or Chaos
The ongoing authorization leap from rights to attributes offers numerous compelling benefits. Decisions about user, subject, object and context attributes can be made relatively independently and with suitable decentralization appropriate for each attribute. Policies can be formulated by security architects to translate from attributes to rights. Dynamic elements can be built into these policies so the outcomes of access control decisions automatically adapt to changing local and global circumstances. On the benefits side this leap is a maturation of authorization matching the needs of emerging cyber technologies and systems. On the risks side devolving attribute management may lead to attributes of questionable provenance and value, with attendant possibility of new channels for social engineering and malware attacks. We argue that the potential benefits will lead to pervasive deployment of attribute-based access control (ABAC), and more generally attribute-based security. The cyber security research community has a responsibility to develop models, theories and systems which enable safe and chaos-free deployment of ABAC. This is the current grand challenge for access control researchers.
For more about this keynote talk, click here.