By: Diane Stirling
The U.S. Patent Office recently published the patent documents of Associate Professor Joon S. Park. Registered as patent US 8,387,115, entitled, “Active Access Control System and Method,” the patent relates to a method that dynamically provides the fine-grained access control mechanisms, considering the user’s current contexts and computing environments.
Strong access control mechanisms become most critical when we need security services in large-scale computing environments of sensitive organizations. Furthermore, if users join or leave such computing environment frequently, requiring different access control decisions based on their current job responsibilities and contexts, the need for advanced access control is pressing.
Park’s invention introduces an advanced access control mechanism, Active Access Control (AAC), which accounts for the ability to make dynamic access control decisions based not only on pre-defined privileges, but also on the current situation of the user. The the proposed AAC approach provides fine-grained access control, by considering a variety of attributes about the user and the current computing environment, especially, when the users contexts are frequently changed. The outputs of the AAC approach can be integrated with other existing access control mechanisms and improve the overall fine-granularity. The patent document is here.
Park also was recently featured in the NRC (National Research Council) Newsletter in an article citing the international influences of his research activities in cybersecurity.
The article describes Park’s research seminars and speeches for IA researchers, security administrators, and IT developers at South Korea’s world-class universities and multi-national flagship IT companies that explore how to apply information security concepts and approaches to real-life systems and services. He has emphasized on the evolution of security challenges, potential solutions, and related issues in popular IT services, including cloud computing, social networking, biometrics, and mission-critical systems.
Park has been involved with theoretical/practical research and education in information and systems security, publishing more than 80 peer-refereed research papers in the area. He is Syracuse University’s Point of Contact, both for Education and Research, at the Center of Academic Excellence in Information Assurance, which is designated by the National Security Agency and the Department of Homeland Security at the University. He also is the principal investigator for the Department of Defense Information Assurance Scholarship Program at Syracuse University. Park has been the lead faculty member in developing the security curriculum for the iSchool, including the Certificate of Advanced Study in Information Security Management. He has served as the founding director of the CAS ISM program for the last decade (2003-2013). During his extended research leave (Fall 2011 – Summer 2013), his research has been sponsored by the U.S. National Research Council (NRC), National Academies, as an NRC Fellow.
The article can be accessed on pages 21 and 22, the NRC News Letter (Autumn 2013) at: http://sites.nationalacademies.org/PGA/RAP/PGA_047804.