He is a Fellow of ACM (2001), IEEE (2002), and AAAS (2008), recipient of the IEEE Computer Society Technical Achievement Award (2004), the ACM SIGSAC Outstanding Contribution Award (2008), and two Best Paper awards from NIST/NSA (1992, 1998). His research has focused on cyber security with special emphasis on authorization models, protocols and mechanisms. A prolific and highly cited author, he has published over 180 technical papers on cyber security with over 50 collaborators. His papers have accumulated over 10,000 citations at Google Scholar including the top 2 cited papers in access control with 3200+ and 2000+ citations. His h-index at Google Scholar is 48 (48 papers with 48 or more citations). He is widely known for his seminal papers on role-based access control (RBAC) which led to widespread adoption of RBAC in commercial products and to the 2004 NIST/ANSI standard model.
His early work focused on safety and expressive power of access control remains state-of-the-art even today. He has published numerous influential papers on multilevel secure databases, Chinese Wall separation policies, lattice-based information flow, access control hierarchies, and transaction and task controls. In 2002 he introduced the influential Usage Control model for next-generation access control. Other recent research activities include Group-Centric Information Sharing models and implementations using Trusted Computing, the PEI (policy, enforcement and implementation) layered models method for synthesizing secure systems, semantic web security, next generation role-based access control, social networking security and privacy, stealthy botnet detection and mitigation, and Web 2.0 security.
Ravi was founding editor-in-chief of the ACM Transactions on Information and Systems Security (1997-2004). He was Chairman of ACM SIGSAC (1995-2003), and founded and led the ACM Conference on Computer and Communications Security and the ACM Symposium on Access Control Models and Technologies to high reputation. He has provided leadership at the Program Chair and General Chair level for numerous other security research conferences. He served as the security editor for IEEE Internet Computing (1998-2004). He is the incoming Editor-in-Chief of the IEEE Transactions on Dependable and Secure Computing (Jan 1, 2010). He has provided high-level consulting services to numerous industry and government organizations, and has lectured all over the world on cyber security. He is co-founder and Chief Scientist of TriCipher, and the principal security architect and protocol designer of the FIPS certified TriCipher Armored Credential System. He is an inventor on 12 security technology patents. His web site is at www.profsandhu.com.