Dr. Gligor 's research interests are in the general area of computer, distributed system, and network security. His current research activities are focused on cryptographic protocol analysis, in particular, message integrity and authentication protocols in large computer networks. Message integrity research includes both the cryptographic protection of message content and the authentication of the message origin. Because message integrity is a desirable property for a large variety of seemingly different protocols and applications, an abstract formal model of message integrity is being developed for protocol analysis. The preliminary application of this model to protocol analysis has helped the discovery of integrity flaws in well-known protocols used in practice. Another significant component of this research is authentication in networks and distributed systems, organized as a set of interconnected administrative realms or domains. Cross-realm authentication policies may differ from application to application, and the design and implementation of sound policies constitute a key aspect of secure user authentication in very large distributed systems and networks. His research also includes scalable access control systems, and penetration analysis techniques. Current access control systems, which are generally based on per-object, access-control lists, do not scale up to configurations of hundreds of thousands of users and millions of objects, as one might find in a global enterprise. Here, scalability refers to the ability to distribute, review, and revoke access permissions for different users of the enterprise correctly and efficiently. Role-based access control is being investigated as the basis for scalable access management. Another related activity is the penetration analysis of computer systems and networks. Until recently, most aspects of penetration analysis involved ad hoc means of unauthorized retrieval, corruption, or denying access to data and services. His research in this area focuses on the penetration analysis models, which would allow early detection of design and implementation errors that lead to successful penetration.
CSHCN > People > Faculty > Gligor
|Copyright © 2004 Center for Satellite and Hybrid Communication Networks, Institute for Systems Research, University of Maryland. All rights reserved.|