Ravi Sandhu

Title: Professor
EMail: sandhu@gmu.edu
Department: Information and Software Engineering
Office: Science and Technology 2, Room 457
Phone: 703-993-1659
Website: http://www.list.gmu.edu

Dr. Ravi Sandhu earned his B.Tech. and M.Tech. degrees from IIT Bombay and Delhi respectively, and his M.S. and Ph.D. degrees from Rutgers University. He is a Fellow of ACM and IEEE, and received the IEEE Computer Society Technical Achievement Award in 2004. His research has focused on cyber-identity, authority and trust systems. His doctoral work on safety and expressive power of access control was further developed culminating in the Typed Access Matrix in 1992. At GMU, in collaboration with Prof. Jajodia, he analyzed and reconciled confidentiality and integrity in multilevel secure databases. In 1993 he showed that Chinese Wall separation of duty policies were instances of information flow. In 1996, along with industry colleagues, he published the seminal paper on role-based access control which evolved into the 2004 NIST/ANSI standard RBAC model. In 2002, with Jaehong Park, he introduced the Usage Control model for next-generation access control by
integrating obligations and conditions with authorizations while incorporating continuity of enforcement and mutability of attributes. Other recent activities include Information Sharing models and implementations using Trusted Computing, and the layered models method for synthesizing secure systems.

Ravi was the founding editor-in-chief the ACM Transactions on Information and Systems Security (TISSEC), from 1997 to 2004. He was Chairman of ACM SIGSAC from 1995 to 2003, and founded and led the ACM Conference on Computer and Communications Security and the ACM Symposium on Access Control Models and Technologies to high reputation and prestige. He served as the security editor for IEEE Internet Computing from 1998-2004. In 2000 Ravi Sandhu co-founded the company now known as TriCipher and continues to serve as its Chief Scientist. He is the principal security architect of the TriCipher Armored Credential System and is an inventor on two patents for this technology and has over a dozen patents pending.