Dr. Mario Frank
(University of California, Berkeley)
will give the following seminars
(if you wish to attend the seminars, please drop an email to
conti@math.unipd.it with subject "Mario Frank seminars")
Seminar 1
Title: Touchalytics
Day: May 20, 2013
Time: 9.30 am - 10.15 pm
Location: Math Department, Via Trieste 63, Padova - Room 1BC50
Abstract: Many users do not protect their smart phone with a PIN or a secret gesture, and those who do are bothered by this frequently requested act. I propose an alternative authentication mechanism that makes PINs obsolete or at least reduces the number of PIN requests to a tolerable degree. This mechanism continuously analyzes the way how the user interacts with the touch screen to reason about the authenticity of the user. I will describe an experimental analysis designed to investigate if such an authentication method is feasible and how it could be deployed.
More info can be found at http://www.mariofrank.net/touchalytics/index.html.
Seminar 2
Title: Role Mining
Day: May 20, 2013
Time: 10.30 am - 11.15 am
Location: Math Department, Via Trieste 63, Padova - Room 1BC50
Abstract: Controlling access in a system with thousands of users and thousands of resources is cumbersome and error-prone if this task is carried out at the level of individual assignments of users to access-permissions. The preferred model, that drastically simplifies administration, is role-based access control (RBAC). An RBAC configuration consists of a user-role assignment matrix and a role-permission matrix. Thereby, a user is assigned all permissions that are contained in his roles. The migration step from an existing system of direct user-permission assignments to an RBAC configuration has been identified as one of the costliest aspects of RBAC. I will explain the role mining problem, the problem of automatically migrating an existing access control configuration to RBAC. I propose a probabilistic model for clustering Boolean vectors such that each vector can be simultaneously assigned to multiple clusters. I will present experimental results on real-world access control data and demonstrate how to find roles that generalize well to hold-out system users.
More info can be found at http://www.mariofrank.net/rolemining.html.