Ravi Sandhu Bio

Prof. Ravi Sandhu is Founding Executive Director of the Institute for Cyber Security at the University of Texas at San Antonio, where he holds the Lutcher Brown Endowed Chair in Cyber Security and courtesy appointments in Computer Science, Electrical and Computer Engineering and Information Systems. He previously served on the Information Security faculty at George Mason University (1989-2007) and the Computer Science faculty at Ohio State University (1982-1989). Ravi received B.Tech. and M.Tech. degrees in EE from IIT Bombay and Delhi respectively, and M.S. and Ph.D. degrees in CS from Rutgers University. He is a Fellow of ACM (2001), IEEE (2002), and AAAS (2008), recipient of the IEEE Computer Society Technical Achievement Award (2004), the ACM SIGSAC Outstanding Contribution Award (2008), and two Best Paper awards from NIST/NSA (1992, 1998). His research has focused on cyber security with special emphasis on authorization models, protocols and mechanisms. A prolific and highly cited author, he has published over 180 technical papers on cyber security with over 50 collaborators. His papers have accumulated over 10,000 citations at Google Scholar including the top 2 cited papers in access control with 3000+ and 1800+ citations. His h-index at Google Scholar is 46 (46 papers with 46 or more citations). He is widely known for his seminal papers on role-based access control (RBAC) which led to widespread adoption of RBAC in commercial products and to the 2004 NIST/ANSI standard model. His early work focused on safety and expressive power of access control remains state-of-the-art even today. He has published numerous influential papers on multilevel secure databases, Chinese Wall separation policies, lattice-based information flow, access control hierarchies, and transaction and task controls. In 2002 he introduced the influential Usage Control model for next-generation access control. Other recent research activities include Group-Centric Information Sharing models and implementations using Trusted Computing, the PEI (policy, enforcement and implementation) layered models method for synthesizing secure systems, semantic web security, next generation role-based access control, social networking security and privacy, stealthy botnet detection and mitigation, and Web 2.0 security. Ravi was founding editor-in-chief of the ACM Transactions on Information and Systems Security (1997-2004). He was Chairman of ACM SIGSAC (1995-2003), and founded and led the ACM Conference on Computer and Communications Security and the ACM Symposium on Access Control Models and Technologies to high reputation. He has provided leadership at the Program Chair and General Chair level for numerous other security research conferences. He served as the security editor for IEEE Internet Computing (1998-2004). He has provided high-level consulting services to numerous industry and government organizations, and has lectured all over the world on cyber security. He is co-founder and Chief Scientist of TriCipher, and the principal security architect and protocol designer of the FIPS certified TriCipher Armored Credential System. He is an inventor on 12 security technology patents. His web site is at www.profsandhu.com.

March 2009