Elisa Bertino Named ACM Athena Lecturer for Contributions to Data Management, Security and Privacy
Trailblazing Researcher’s Achievements Include Significant Advances to Mobile Security
New York, NY, March 25, 2019 – ACM, the Association for Computing Machinery, today named Elisa Bertino of Purdue University the 2019-2020 ACM Athena Lecturer for pioneering and impactful contributions to data management, security, and privacy, along with outstanding contributions to broadening participation in computing via professional leadership and mentoring. Bertino is recognized as one of the top data management and data security experts in the world, and has made contributions to data security and privacy in many different contexts, including context-based access control; digital identity management; data integrity; Internet of Things and sensor network security; secure and privacy-preserving provenance; privacy-preserving analytics; protection from insider threats; and cloud security. Through these efforts, she provided formal foundations and implementations of mechanisms that have become commonplace in industrial products. Bertino is also an outstanding educator and mentor who has been especially active in encouraging young women to pursue careers in computing.
Initiated in 2006, the ACM Athena Lecturer Award celebrates women researchers who have made fundamental contributions to computer science. The award carries a cash prize of $25,000, with financial support provided by Two Sigma. The Athena Lecturer is invited to present a lecture at an ACM event. Bertino has chosen to give her Athena Lecture at the ACM Conference on Data Application, Security and Privacy (CODASPY) today in Dallas, Texas.
“There are few issues more important to the computing field, and the broader society, than cybersecurity,” said ACM President Cherri M. Pancake. “However, modern cybersecurity approaches need to take into account the way we live now. Elisa Bertino has made fundamental contributions that allow people access to systems based on their roles, the time of day, as well as their locations. These contributions are especially significant because of the mobile revolution and Internet of Things—as well as the fact that systems can be attacked from anywhere in the world. Beyond her extensive research contributions, Bertino has had a lasting impact on the field through her mentorship of younger colleagues.”
Security Access Control Based on Time and Location
In the computer security field, role-based access control (RBAC) allows only authorized users to access a system. Bertino was a trailblazer in extending RBAC controls to take contextual information into account, including time and space considerations. Her 2001 paper T-RBAC: A temporal role-based access control model, co-authored with Piero Andrea Bonatti and Elena Ferrari, outlined how access to a system could be made available at certain times and unavailable at others. The paper has been cited more than 1,000 times and transformed the design of security systems developed by industry.
In 2007 Bertino and co-authors made another significant contribution to role-based access control in the paper GEO-RBAC: A Spatially Aware RBAC, in which the access depends on user location. Bertino’s GEO-RBAC model was introduced before mobile computing became ubiquitous, and has become an essential component of most security systems.
Bertino has made several other contributions to access control models and enforcement mechanisms, including original contributions to privacy-aware access control, attribute-based access control, encryption-based access control for data on the cloud and tools for policy analysis.
Security of Cellular Networks
Bertino’s pioneering work on the security of cellular networks is exemplified in her recent paper, LTEInspector: A Systematic Approach for Adversarial Testing of 4G, which introduced a model-based testing approach to investigate the security and privacy of the 4G LTE protocol. Bertino and colleagues uncovered 10 new, as well as nine prior, attacks. Security experts see the LTEInpsector approach as an important tool in securing 4G as well as 5G networks. For this recent work, Bertino was named to the GSMA Mobile Security Research Hall of Fame.
Professional Leadership and Mentoring
In the spirit of the Athena Award, Bertino has been a strong advocate and mentor for women. For example, 16 of the 35 PhD students she has mentored are women, and five of the PhD students currently working in her lab are women. To address the ongoing gender imbalance in the cybersecurity field, Bertino recently co-founded (with Danfeng Yao) the Workshop for Women in Cybersecurity (CyberW).
Elisa Bertino is the Samuel Conte Professor of Computer Science at Purdue University, where she also heads the Cyber Space Security Lab. She held positions in industry, including the IBM Almaden Research Center, and academia, most notably at the University of Milan, before joining Purdue University in 2004. Bertino received her Dr degree in Computer Science from the University of Pisa.
Bertino is a Fellow of ACM, IEEE and AAAS, and has received several awards and honors, including the IEEE Computer Society Technical Achievement Award, the Tsutomu Kanai Award, and the ACM SIGSAC Outstanding Contributions Award.
The ACM Athena Lecturer Award is named after Athena, the Greek goddess of wisdom. With her knowledge and sense of purpose, Athena epitomizes the strength, determination, and intelligence of the “Athena Lecturers.” Bertino will formally receive the Athena Lecturer Award at ACM’s annual awards banquet on June 15, 2019 in San Francisco.
ACM, the Association for Computing Machinery, is the world's largest educational and scientific computing society, uniting educators, researchers, and professionals to inspire dialogue, share resources, and address the field's challenges. ACM strengthens the computing profession's collective voice through strong leadership, promotion of the highest standards, and recognition of technical excellence. ACM supports the professional growth of its members by providing opportunities for life-long learning, career development, and professional networking.