Elisa Bertino Named ACM 2019-2020 Athena Lecturer for Contributions to Data Management, Security and Privacy

2019-04-02

ACM named Elisa Bertino of Purdue University the 2019-2020 ACM Athena Lecturer for pioneering and impactful contributions to data management, security, and privacy, along with outstanding contributions to broadening participation in computing via professional leadership and mentoring. Bertino is recognized as one of the top data management and data security experts in the world, and has made contributions to data security and privacy in many different contexts, including context-based access control; digital identity management; data integrity; Internet of Things and sensor network security; secure and privacy-preserving provenance; privacy-preserving analytics; protection from insider threats; and cloud security. Through these efforts, she provided formal foundations and implementations of mechanisms that have become commonplace in industrial products. Bertino is also an outstanding educator and mentor who has been especially active in encouraging young women to pursue careers in computing.

Initiated in 2006, the ACM Athena Lecturer Award celebrates women researchers who have made fundamental contributions to computer science. The award carries a cash prize of $25,000, with financial support provided by Two Sigma. The Athena Lecturer is invited to present a lecture at an ACM event. Bertino chose to give her Athena Lecture at the ACM Conference on Data Application, Security and Privacy (CODASPY 2019) in Dallas, Texas.

“There are few issues more important to the computing field, and the broader society, than cybersecurity,” said ACM President Cherri M. Pancake. “However, modern cybersecurity approaches need to take into account the way we live now. Elisa Bertino has made fundamental contributions that allow people access to systems based on their roles, the time of day, as well as their locations. These contributions are especially significant because of the mobile revolution and Internet of Things—as well as the fact that systems can be attacked from anywhere in the world. Beyond her extensive research contributions, Bertino has had a lasting impact on the field through her mentorship of younger colleagues.”

Security Access Control Based on Time and Location

In the computer security field, role-based access control (RBAC) allows only authorized users to access a system. Bertino was a trailblazer in extending RBAC controls to take contextual information into account, including time and space considerations. Her 2001 paper T-RBAC: A temporal role-based access control model, co-authored with Piero Andrea Bonatti and Elena Ferrari, outlined how access to a system could be made available at certain times and unavailable at others. The paper has been cited more than 1,000 times and transformed the design of security systems developed by industry.

In 2007 Bertino and co-authors made another significant contribution to role-based access control in the paper GEO-RBAC: A Spatially Aware RBAC, in which the access depends on user location. Bertino’s GEO-RBAC model was introduced before mobile computing became ubiquitous, and has become an essential component of most security systems.

Bertino has made several other contributions to access control models and enforcement mechanisms, including original contributions to privacy-aware access control, attribute-based access control, encryption-based access control for data on the cloud and tools for policy analysis.

Security of Cellular Networks

Bertino’s pioneering work on the security of cellular networks is exemplified in her recent paper, LTEInspector: A Systematic Approach for Adversarial Testing of 4G, which introduced a model-based testing approach to investigate the security and privacy of the 4G LTE protocol. Bertino and colleagues uncovered 10 new, as well as nine prior, attacks. Security experts see the LTEInpsector approach as an important tool in securing 4G as well as 5G networks. For this recent work, Bertino was named to the GSMA Mobile Security Research Hall of Fame.

Professional Leadership and Mentoring

In the spirit of the Athena Award, Bertino has been a strong advocate and mentor for women. For example, 16 of the 35 PhD students she has mentored are women, and five of the PhD students currently working in her lab are women. To address the ongoing gender imbalance in the cybersecurity field, Bertino recently co-founded (with Danfeng Yao) the Workshop for Women in Cybersecurity (CyberW).

Bertino will formally receive the Athena Lecturer Award at ACM’s annual awards banquet on June 15, 2019 in San Francisco.

News Release  | Printable PDF

About the ACM Athena Lecturer Award

The Athena Lecturer award celebrates women researchers who have made fundamental contributions to computer science. It includes a $25,000 honorarium provided by Two Sigma. The Athena Lecturer is invited to present a lecture at an ACM event. Each year, the Athena Lecturer honors a preeminent woman computer scientist. Athena is the Greek goddess of wisdom; with her knowledge and sense of purpose, she epitomizes the strength, determination, and intelligence of the “Athena Lecturers.”