Abstract:

One of the critical requirements towards success of any business organization is efficient management of its human capital. In a typically resource constrained organizational environment, maximizing the utilization of its available workforce is imperative. However, tasks cannot simply be assigned to arbitrary employees since they need to have the necessary capabilities for executing the same. Furthermore, security constraints forbid any ad hoc assignments and also enforce major dependencies on other employees who have access to the same tasks. Owing to the increasing size and scale of organizations, both in terms of the number of employees as well as resources to be managed, it is imperative that efficient computational solutions be developed to automate the process of employee to task assignment.

Since role-based access control (RBAC) is still the most commonly used access control model for commercial information systems, we consider organizational policies and constraints to be modeled with RBAC. In the first part of the talk, we will look into the problem of determining a minimal set of users and their role assignments in an RBAC system with a set of Separation of Duty and Cardinality constraints. We model it as a hypergraph coloring problem and provide efficient heuristics for its solution. We next consider a related though different situation in which the goal is to achieve optimal user deployment for a given set of users, roles and constraints. Here optimality is in the sense of maximizing the number of assignments of users to roles. Our experimental results show the efficiency of the proposed approaches while generating close to optimal solutions.

Biography:

Shamik Sural is a full professor in the Department of Computer Science and Engineering, Indian Institute of Technology (IIT) Kharagpur and is currently heading its Computer and Informatics Center. He received the Ph.D. degree from Jadavpur University, Kolkata, India in the year 2000. Before joining IIT in 2002, Shamik spent more than a decade in the Information Technology industry working in India as well as in Michigan, USA.

Shamik is a recipient of the Alexander von Humboldt Fellowship for Experienced Researchers, which enabled him to carry out collaborative research at TU Munich, Germany in 2009-10. He is spending the Fall 2019 semester at Rutgers University as a Fulbright scholar engaged in both teaching and research. Shamik is a senior member of IEEE and has previously served as the Chairman of the IEEE Kharagpur section. He is currently serving on the editorial boards of IEEE Transactions on Dependable & Secure Computing and IEEE Transactions on Services Computing. He has published more than two hundred research papers in reputed international journals and conferences. His research interests include computer security, data mining and multimedia systems.

Abstract:

DNA synthesis has become increasingly common, and many synthetic DNA molecules are licensed as intellectual property (IP). DNA samples are shared between academic labs, ordered from DNA synthesis companies and manipulated for a variety of different purposes, mostly to study their properties and improve upon them. However, it is not uncommon for a sample to change hands many times with very little accompanying information and no proof of origin. This poses significant challenges to the original inventor of a DNA molecule, trying to protect her IP rights. More importantly, following the anthrax attacks of 2001, there is an increased urgency to employ microbial forensic technologies to trace and track agent inventories. However, attribution of physical samples is next to impossible with existing technologies. We try to bring in advances in the digital domain to solve this problem. In this talk, we discuss our efforts to physically embed digital signatures in DNA molecules synthesized in the laboratory. We encounter several challenges that we do not face in the digital world that makes this problem interesting. These challenges arise primarily from the fact that changes to a physical DNA molecule can affect its properties, random mutations can accumulate in DNA samples over time, DNA sequencers can sequence (read) DNA erroneously and DNA sequencing is still relatively expensive which means that laboratories would prefer not to read and re-read their DNA samples to get error-free sequences. Moreover, unlike in the digital world where an erroneously received message can be re-sent with little additional cost, it is expensive to re-send an erroneously received sample since the physical sample needs to be created once more. It makes more sense to determine if the erroneously received sequence can still be used.

Biography:

Dr. Indrajit Ray is a Professor of Computer Science at Colorado State University. He joined CSU in 2001 moving from the University of Michigan-Dearborn where he worked as an Assistant Professor from August 1997 – July 2001. Dr. Ray obtained his Ph.D. in Information Technology from George Mason University in August 1997. Indrajit’s primary research is in computer security and privacy. His major contributions have been in security risk modeling and security protocol design using applied cryptographic techniques. Other areas in which he has made valuable contributions are trust models for security and micro-data disclosure control. He has published more than 150 technical papers. His research has been well funded through various federal agencies. He has advised several Ph.D. students many of whom hold tenured positions in academia. He has also played leadership roles in the academic community by serving as program chairs in various conferences. In 2015 he served as General Chair of the 2015 ACM CCS conference which is the flagship conference of ACM SIGSAC, and in 2017 as the General Chair of the 2017 IEEE CNS conference. He was the founder of the IFIP TC 11, WG 11.9 on Digital Forensics and its first Chair. Recently, Indrajit has helped establish the CSU site of the NSF funded I/UCRC Center for Configuration Analytics and Automation, where he is Co-Director. This multi-university research center that includes fee-paying members from the industry and FFRDCs works with enterprises and government entities to improve service assurability, security and resiliency of enterprise IT systems, cloud/SDN data centers, and cyber-physical systems by applying innovative analytics and automation. Currently, he is serving as a Program Director at the National Science Foundation, where is responsible for the Secure and Trustworthy Cyberspace program.