Ravi Sandhu is Executive Director of the Institute for Cyber Security at the University of Texas at San Antonio, where he holds the Lutcher Brown Endowed Chair in Cyber Security. Previously he was on the faculty at George Mason University (1989–2007) and Ohio State University (1982–1989). He holds BTech and MTech degrees from IIT Bombay and Delhi, and MS and PhD degrees from Rutgers University. He is a Fellow of IEEE, ACM, and AAAS, and has received awards from IEEE, ACM, NS, and NIST. A prolific and highly cited author, his research has been funded by NSF, NSA, NIST, DARPA, AFOSR, ONR, AFRL and private industry. His seminal papers on role-based access control established it as the dominant form of access control in practical systems. His numerous other models and mechanisms have also had considerable real-world impact.
He is editor-in-chief of the IEEE Transactions on Dependable and Secure Computing, and founding General Chair of the ACM Conference on Data and Application Security and Privacy. He previously served as founding editor-in-chief of ACM Transactions on Information and System Security and on the editorial board for IEEE Internet Computing. He was Chairman of ACM SIGSAC, and founded the ACM Conference on Computer and Communications Security and the ACM Symposium on Access Control Models and Technologies and chaired their Steering Committees for many years. He has served as General Chair, Program Chair and Committee Member for numerous security conferences. He has consulted for leading industry and government organizations, and has lectured all over the world. He is an inventor on 23 security technology patents. At the Institute for Cyber Security he leads multiple teams conducting research on many aspects of cyber security including secure information sharing, social computing security, cloud computing security, secure data provenance and botnet analysis and detection, in collaboration with researchers all across the world.
2004 Technical Achievement Award
“For outstanding and pioneering contributions to information security including innovation of the role-based access control model and usage control.”
Learn more about the Technical Achievement Award