My research interests are in Computer Security, Operating Systems, Distributed Systems, and Networks. Current projects include
- Ethos, an operating systems designed for security.
- SayI/SayAnything A distributed authentication infrastructure based on public key cryptography.
- Authorization: what a system allows to happen (theory, operating systems, and high-level specifications);
- Secure networking including Distributed Denial of Service mitigation and ensuring integrity and confidentiality of communication.
- TC:Medium: The impact of operating systems on application robustness, from the National Science Foundation
- CRI: The SecLab at UIC from the National Science Foundation
- Homeland Security STEM Fellowships, from the Department of Homeland Security
- CT: High-Level Authorizations into Kernel-Level Configurations from the National Science Foundation
- Fall'11: CS 587: Computer Systems Security.
- Spring'11: CS 491: Secure Operating System Design and Implementation
- We're running an informal seminar series on Advanced Programming Seminar on Wed. at 12:00 in 1000 SEO. I'll be giving the first talk on Sep. 21.
- We'll be having a research paper reading group on Fridays at 2:00 in 4224 SEL. First paper on Sep. 22 in "Security in Plan9".
BloggingI started blogging (Insecurity Blog). I just couldn't help myself.
Recent program committees
- Program Committee, Workshop on Digital Identity Management (2011).
- Program Committee, 8th Symposium on Identity and Trust on the Internet (IDtrust 2009, 2010,2011).
- Program Committee, International Conference on Availability, Reliability and Security (ARES), 2008, 2009, 2010, 2011
- Program Committee, ACM Computer and Communications Security (CCS 2009).
- Program Committee, ACM Symposium on Information, Computer and Communications Security (AsiaCCS), 2007.
- Program Committee Co-Chair and Organizer (2007) and Program Committee Member and Organizer (2008) 1st Computer Security Architecture Workshop (CSAW), co-located at ACM/CCS
- Program Committee, New Security Paradigms Workshop (NSPW), 2008.
Center for Research and Instruction in Technologies for Electronic Security (RITES)
In December, 2005 the Center for Research and Instruction in Technologies for Electronic Security (RITES) was established at UIC to coordinate research and education in the areas of computer security and privacy. In 2007, RITES was designated by NSA/DHS as a National Ceneter for Academic Excellence in Information Assurance Education.
EducationPh.D. Computer Science,New York University, 1987
M.S. Computer Science, New York University, 1981
B.A. Computer Science, New York University, 1978
I consult from time to time in the area of computer security, and have taught industrial courses on computer security.
The Oakland PapersIn 2004, Bob Sloan and I had a paper a IEEE Symposium on Security and Privacy (called in the community the Oakland Conference) on the decidability of a model which could represent each of the Discretionary Access Control (DAC) systems in the Osborn-Sandhu-Munawer DAC taxonomy. Our model was the first which was known to be sufficiently expressive to represent these DAC systems and which could be analyzed with respect to the safety problem.
In 2005, Prof. Li and Mahesh V. Tripunitara published a paper in Security and Privacy which among other things claimed that our model was incorrect (and furthermore, mischaracterized our model with respect to decidability). Here is a link to our statement on their paper.