- This event has passed.
Ph.D. Defense: Eugene Sanzi
July 31, 2020 @ 2:00 pm - 4:00 pm EDT
Title: Adaptive Trust Negotiation for Time-Critical Access to Sensitive Data
Ph.D. Candidate: Eugene Sanzi
Major Advisor: Dr. Steven A. Demurjian
Associate Advisors: Dr. Thomas Agresta, Dr. Bing Wang
Date/Time: Friday July 31, 2020 2:00 pm – 4:00 pm
Join by phone: +1-415-655-0002 US Toll
Meeting number (access code): 120 939 0638
The security of an application’s data is an important consideration when creating modern applications. Users requiring secure data access undergo an explicit pre-registration process where an electronic identity (username, X.509 certificate, etc.) and a method of laying claim to the identity (password, public/private key pair, etc.) are created. The user’s authorization data is associated with the electronic identity. However, there are emergent situations where a user needs to access data where previous pre-registration is not possible because the future need for such data is unpredictable, such as an emergency room physician accessing the electronic health records (EHRs) of admitted patients. A process is needed where users (requestors such as medical personnel) make requests to the resource providers (controllers such as EHRs) in such a way that trust can be established automatically, allowing the requestor to obtain the necessary data quickly, securely, and safely.
The high-level focus of this dissertation is to present a trust negotiation framework that allows trust to be established with automated techniques by extending and combining trust negotiation and a new trust profile. Trust negotiation establishes trust by allowing a requestor and controller to alternate releasing secure credentials. The trust profile introduced in this dissertation is a complete history of the user’s access to sensitive data. The user chooses a subset of the trust profile and presents the it to the controller during trust negotiation as proof that the user has been trusted to access sensitive data in the past. If the controller grants access to the user, the controller generates new credentials that the user receives and adds to the trust profile. The feasibility of this approach is demonstrated through a scenario in the healthcare industry, where healthcare professionals (doctors, nurses, insurance agents, public health officials, etc.) obtain authorization to healthcare data possessed by healthcare organizations, with whom there is no pre-existing relationship. We leverage health information exchange concepts, the Fast Healthcare Interoperability Resources (FHIR) standard, and the Connecticut Concussion Tracker app as the infrastructure within which trust profiles and trust negotiation are realized.