Faculty Research ProjectsAreas Representative research projectsareas are provided for the following

1
Faculty Research Projects/AreasRepresentative
research projects/areas are provided for the
following faculty in this set of slides

• Jeffrey M. Stanton (IST)
• Scott Bernard (IST)
• Diana B. Gant (IST)
• Abby Goodrum (IST)
• Junseok Hwang (IST)
• Elizabeth Liddy (IST)
• Lee McKnight (IST)
• Joon S. Park (IST)

• Stuart Thorson (Maxwell)
• Jongwoo Han (Maxwell)
• Rubino-Hallman (Maxwell)
• Finger (Maxwell)
• Shiu-Kai Chin (ECS)
• Susan Older (ECS)
• Steve Chapin (ECS)
• Pramod Varshney (ECS)
• Wenliang (Kevin) Du (ECS)
• Joan Deppa (Newhouse)

2
Chart 1 -- Faculty Research Profiles Faculty
Member Jeffrey M. Stanton
Representative Project Behavioral Security --
The Politics, Motivation, and Ethics of
Information Security in Work Organizations

• Narrative Research focuses on the impacts of
  human behavior on information security
  cognitive-affective models of motivation,
  evaluation, and behavior and societal impacts of
  engineering, science, and technology
• Research Objective To improve information
  systems security by analyzing, understanding, and
  predicting how the behavior of workers, managers,
  system administrators, and others affects the
  dynamics of security

3
Chart 2 -- Faculty Research ProfilesFaculty
Member Jeffrey M. Stanton

• Representative Project
• Behavioral Security -- The Politics, Motivation,
  and Ethics of Information Security in Work
  Organizations
• Sponsors
• SIOP Foundation, small grants for
  scientist-practitioner research collaborations,
  11/1/02-10/31/03, 1185, Behavioral information
  security A Seed project to demonstrate its
  potential for I-O psychology.
• National Science Foundation, Research Experiences
  for Undergraduates (REU) supplemental award,
  6/1/02-5/31/03, 13,850.
• National Science Foundation CAREER Award
  (SES9984111), 6/1/00-5/30/05, 220,000,
  Organizations, Technology, and Data about Workers
• Procter and Gamble, 9/1/99-11/15/99, 17,500,
  Investigation of Thinking Style Diversity
• National Society of Black Engineers (co-principal
  investigator), 4/17/00-11/30/0, 42,500, NSBE
  Recruiting and Retention Survey
• National Society of Black Engineers (co-principal
  investigator), 3/24/99-9/30/99, 22,750, NSBE 50
  Survey
• National Science Foundation (SBR-9810137),
  9/1/98-2/29/00, 48,731, Impacts of Personnel
  Data Technologies

4
Chart 3 -- Faculty Research ProfilesFaculty
Member Jeffrey M. Stanton

• Representative Project
• Behavioral Security -- The Politics, Motivation,
  and Ethics of Information Security in Work
  Organizations
• Selected Publications
• Stanton, J., Mastrangelo, P., Stam, K. R.
  (2003, April). Behavioral Information Security
  Defining the Criterion Space. (accepted for
  presentation at the annual meeting of Society for
  Industrial and Organizational Psychology,
  Orlando, FL)
• Stanton, J. M. (2000). Reactions to employee
  performance monitoring Framework, review, and
  research directions. Human Performance, 13,
  85-113.
• Stanton, J. M. (2000). Traditional and
  electronic monitoring from an organizational
  justice perspective. Journal of Business and
  Psychology, 15, 129-147.
• Stanton, J. M. (2002). Information technology
  and privacy A boundary management perspective.
  In S. Clarke, E. Coakes, G. Hunter, A. Wenn,
  Socio-Technical and Human Cognition Elements of
  Information Systems (pp. 79-103). London Idea
  Group.
• Stanton, J. M. (2002). Company profile of the
  frequent Internet user Web addict or happy
  employee? Communications of the Association for
  Computing Machinery, 45 (1), 55-59.

5
Chart 1 -- Faculty Research Profiles Faculty
Member Scott A. Bernard
Representative Project The Role of CIOs in
Public and Private Sector Organizations

• Narrative Research in this area focuses on
  documenting the emergence and role of the Chief
  Information Officer (CIO) position in public and
  private sector organizations and the development
  of related information management policy and
  processes.
• Research Objectives
• Roles for the Chief Information Officer in the
  public and private sector.
• Emergence of the profession of Enterprise
  Architecture.
• Integrating Information Resources Management
  policy and process.

6
Chart 2 -- Faculty Research Profiles Faculty
Member Scott A. Bernard
Representative Project The Role of CIOs in
Public and Private Sector Organizations

• Sponsors
• Federal CIO Council, Architecture Working Group
  (academic representative)
• Federal Enterprise Architecture Institute (2002
  10,000)
• Council for Excellence in Government, Federal and
  State CIO Committee (academic representative)
• U.S. Department of Transportation (2002
  240,000)
• Defense Finance and Accounting Service (2002
  15,000)
• National Security Agency (2002 75,000)

7
Chart 3 -- Faculty Research ProfilesFaculty
Member Scott A. Bernard
Representative Project The Role of CIOs in
Public and Private Sector Organizations Selected
Publications

• A Practical Guide to Enterprise Architecture
  Planning
• Bernard, S., Thomas, R., Diamond, L., et al.,
  2001, Federal CIO Council, Government Printing
  Office, Washington, D.C.
• Federal Motor Carrier Safety Administration,
  Information Technology Strategic Plan 2001-2003
• Bernard, S., 2001, U.S. Department of
  Transportation
• Chief Information Officer Policy Analysis
• Bernard, S., 2000, Defense Finance Accounting
  Service
• Information Technology Capital Planning Manual
• Bernard, S., 2001, U.S. Department of
  Transportation, Office of the Chief Information
  Officer

8
Chart 1 -- Faculty Research Profiles Faculty
Member Diana Burley Gant
Representative Project Blurring the Boundaries
Cell Phones, Mobility, and the Line between Work
and Personal Life

• Narrative This focuses on the extent to
  which new information and communication
  technologies (ICTs) influence changes in
  individual behavior and organizational action.
• Research Objective Assessing how IT can
  help to address the unique problems public sector
  organizations face with respect to information
  sharing, knowledge networks, electronic
  government, and non-routine events.
• Sponsors
• National Science Foundation
• PriceWaterhouseCoopers Foundation
• Bell Atlantic Mobile Systems
• The Natural Hazards Research Center

9
Chart 2 -- Faculty Research ProfilesFaculty
Member Diana Burley Gant
Representative Project Blurring the Boundaries
Cell Phones, Mobility, and the Line between Work
and Personal Life

• Selected Publications
• Blurring the Boundaries Cell Phones, Mobility,
  and the Line between Work and Personal Life.
  Burley, Diana and Sara Kiesler, 2002, Wireless
  World Social and Interactional Aspects of the
  Mobile Age
• Taking the Technology Out Using a Strategic
  E-Commerce Focus in the CIS Classroom. Gant,
  Diana, 2002, Communications of the AIS
• Web Portals The key to Enhancing State
  Government E-Service. Gant, Diana and Jon Gant,
  2002, PricewaterhouseCoopers Endowment for the
  Business of Government

10
Chart 1 -- Faculty Research ProfilesFaculty
Member Abby A. Goodrum
Representative Project An Open Source Agenda for
Research Linking Text and Image Content Features

• Narrative Research in this area focuses
  on how people find and use digital images in a
  variety of settings including news agencies and
  medicine. This research also analyzes the social,
  political, and economic impact of new media
  technology.
• Research Objectives Exploring and analyzing
  artifacts of users' interactions with multimedia
  information systems and objects such as queries,
  transaction logs, and perceptual judgments.

11
Chart 2 -- Faculty Research ProfilesFaculty
Member Abby A. Goodrum
Representative Project An Open Source Agenda for
Research Linking Text and Image Content Features

• Sponsor Drexel/MCPHU Synergy Grant
  (2000) "Medical Image Access Exploiting
  Image Content Features for MESH Term Assignment
  in an Online Basic Science Curriculum in
  Medicine, " with R. Maulitz.

• Selected Publications
• "An Open Source Agenda for Research Linking
  Text and Image Content Features" Goodrum, A.,
  Rorvig, M., Jeong, K., Suresh, C., 2001, Journal
  of the American Society for Information Science,
  52(11), 948.
• "Image Searching on the World Wide Web
  Analysis of Visual Information Retrieval Queries"
  Goodrum, A., and Spink, A., 2001, Information
  Processing and Management, 37(2), 295-311.
• "Multidimensional Scaling of Video
  Surrogates" Goodrum, A., 2001, Journal of the
  American Society for Information Science, 52(2),
  174-183.

12
Chart 1 -- Faculty Research ProfilesFaculty
Member Junseok S. Hwang
Representative Project Market Based Quality of
Service Interconnection Economy in the Next
Generation Internet

• Narrative This research focuses generally on
  two areas the region where telecommunication
  technology and public policy meet and where the
  telecommunication market driver and structures
  are enabled with technologies.
• Research Objective Understanding the effects
  of the technical choices on the economic and
  strategic activities of users, designers and
  implementers including regulation and policy
  implications.

13
Chart 2 -- Faculty Research ProfilesFaculty
Member Junseok S. Hwang
Representative Project Market Based Quality of
Service Interconnection Economy in the Next
Generation Internet

• Sponsors
• NSF MWIR 2001, MWIR(CISE/ANIR) A Secure and
  Scalable Bandwidth Management Platform for Open
  Market-based Dynamic and Distributed Provisioning
  DiffServ Interconnection, with the Co-PI, Prof.
  Steve Chapin (Funded 434,570)
• 2001 Magness Institute Research Grant Awards,
  Economics of New Numbering Systems Over Cable
  Broadband Access Networks ENUM Service and
  Infrastructure Development with the Co-PI, Prof.
  Milton L. Mueller (Funded 16,045)
• Hewlett Packard Laboratories Research Software
  Support Internet Usage Manager / Dynamic Network
  Analyzer (Supported Value 375,000.)

14
Chart 3 -- Faculty Research ProfilesFaculty
Member Junseok S. Hwang
Representative Project Market Based Quality of
Service Interconnection Economy in the Next
Generation Internet

• Selected Publications
• "Market-based QoS Interconnection Economy in the
  Next Generation Internet" Hwang, J., and Weiss,
  M., 2002, Information Economics and Policy,
  (forthcoming).
• "Circuit Switched Telephony or Itel Which is
  Cheaper?" Weiss, M. and Hwang, J., 1998,
  Competition, Regulation, and Convergence Current
  Trends in Telecommunications Policy (pp.
  235-253). Mahwah, NJ Lawrence Erlbaum Associates
  Publishers.
• "Interprovider Differentiated Service
  Interconnection Management Models in the Internet
  Bandwidth Commodity Markets" Hwang, J., Kim, H.,
  and Weiss, M., 2001, Telematics and Informatics,
  (in press as of 1-8-02)

15
Chart 1 -- Faculty Research ProfilesFaculty
Member Elizabeth D. Liddy
Representative Project Improved Information
Access and Analytics

• Narrative This research focuses on
  developing advanced system capabilities for
  information retrieval, information extraction, Q
  A, summarization, cross-language retrieval, and
  automatic metadata generation.
• Research Objective To advance the
  development of human-like language understanding
  software capabilities for government, commercial,
  and consumer applications.

16
Chart 2 -- Faculty Research ProfilesFaculty
Member Elizabeth D. Liddy
Representative Project Improved Information
Access and Analytics

• Sponsors
• 2002-2004 P.I. MetaTest. NSF. National Science
  Digital Library Project. 498,506
• 2002-2003 P.I. Intelligent Information Retrieval
  and Extraction using Natural Language Processing.
• Syracuse Research Corp. 148,863.
• 2001-2003 Co-P.I. Modeling Public Health
  Interventions for Improved Access to the Grey
  Literature.
• Robert Wood Johnson Foundation. 390,000.
• 2001-2004 P.I. Advanced Capabilities for Evidence
  Extraction. DARPA. 800,000.
• 2001-2003 Co-P.I. StandardConnection Mapping
  Educational Objects to Content Standards.
  NSF-NSDL. 475,000.
• 2001-2003 P.I. Army Extension of the AIDE
  Project. U.S. Army. 104,000.
• 2001-2003 Co-P.I. Revolutionary Learning
  Environment. NASA. 3,000,000.
• 2001-2003 Co-P.I. Adaptive Interactive Discovery
  Environment. ATT. 500,000.
• 2000-2002 P.I. Breaking the Metadata Generation
  Bottleneck. NSF-NSDL. 366,000
• 2001 P.I. Generic Event Recognition and
  Extraction. US Air Force. 107,000.
• 2000-2001 P.I. Scouting Study of Natural Language
  Processing. Unilever Corp. 150,000
• 2000 P.I. Information Retrieval Information
  Extraction. BabbleArt. 95,290
• 1999-2000 P.I. eQuery. In-Q-Tel. 390,000

17
Chart 3 -- Faculty Research ProfilesFaculty
Member Elizabeth D. Liddy
Representative Project Improved Information
Access and Analytics

• Selected Publications
• Liddy, E.D. (2001). Information Security and
  Sharing. Online Magazine. May/June, 2001.
  http//www. onlineinc.com/onlinemag/OL2001/liddy5_
  01.html
• Liddy, E.D. (2002). Why are People Asking These
  Questions? A Call for Bringing Situation into
  Question-Answering Evaluation. LREC Workshop
  Proceedings on Question Answering Strategy and
  Resources. Grand Canary Island, Spain. May 28,
  2002.
• Liddy, E.D. (2000). Searching Search Engines
  When is Current Research Going to Lead to Major
  Progress? Proceedings of the 2000 International
  Chemical Information Conference Exhibition.
  Annecy, France.

18
Chart 1 -- Faculty Research ProfilesFaculty
Member Lee McKnight
Representative Project Critical Standards,
Economic, and Policy Issues for Open Network
Design

• Narrative Research in this area focuses on
  public and private strategies in the global
  information economy, the economics of
  interoperability, networked multimedia
  standardization, and national and international
  technology policy.
• Research Objective To advance the
  development of human-like language understanding
  software capabilities for government, commercial,
  and consumer applications.

19
Chart 2 -- Faculty Research ProfilesFaculty
Member Lee McKnight
Representative Project Critical Standards,
Economic, and Policy Issues for Open Network
Design

• Sponsor Two-year, 800,000 National Science
  Foundation grant to the TeleCom City University
  Consortium, headquartered outside of Boston. The
  grant will be used to study new markets in
  wireless communication and will also support the
  growth of the TeleCom City Consortium as a unique
  collaborative model.

• Selected Publications
• The Gordian Knot Political Gridlock on the
  Information Highway (1997).
• "Internet Telephony Costs, Pricing, and Policy,"
  Telecommunication Policy (1998)
• "Internet Economics When Constituencies Collide
  in Cyberspace," IEEE Internet Computing
  (November/December 1997)
• "Global Internet Economics," Brazilian Electronic
  Journal of Economics (December 1997).

20
Chart 3 -- Faculty Research ProfilesFaculty
Member Lee McKnight
Representative Project Critical Standards,
Economic, and Policy Issues for Open Network
Design

• Selected Publications
• The Gordian Knot Political Gridlock on the
  Information Highway (1997).
• "Internet Telephony Costs, Pricing, and Policy,"
  Telecommunication Policy (1998)
• "Internet Economics When Constituencies Collide
  in Cyberspace," IEEE Internet Computing
  (November/December 1997)
• "Global Internet Economics," Brazilian Electronic
  Journal of Economics (December 1997).

21
Chart 1 -- Faculty Research ProfilesFaculty
Member Joon S. Park
Representative Project Role-based Access
Control on the Web

• Narrative Research in this area focuses on
  information and systems security, including
  security policies, models, mechanisms,
  evaluation, survivability, and applications
• Research Objective To improve information
  systems security through information systems
  policy and administration, cryptography, wireless
  security, survivability, information assurance,
  and access control.

22
Chart 2 -- Faculty Research ProfilesFaculty
Member Joon S. Park
Representative Project Role-based Access
Control on the Web

• Sponsors
• National Institute of Standards and Technology
• National Science Foundation
• National Security Agency
• Naval Research Laboratory

23
Chart 3 -- Faculty Research ProfilesFaculty
Member Joon S. Park
Representative Project Role-based Access
Control on the Web

• Selected Publications
• "Tools for Information Security Assurance
  Arguments" Park, J. and Froscher, J., 2001, 2nd
  DARPA Information Survivability Conference and
  Exposition (DISCEX II), Anaheim, CA.
• "A Secure Workflow System for Dynamic
  Cooperation" Park, J., Kang, M., and Froscher,
  J., 2001, 16th International Conference on
  Information Security (IFIP/SEC 2001), Paris,
  France.
• "Role-based Access Control on the Web" Park,
  J., Sandhu, R., and Ahn, J., 2001, ACM
  Transactions on Information and System Security
  (TISSEC), 4(1), 37-71.
• "Secure Cookies on the Web" Park, J. and
  Sandhu, R., 2000, IEEE Internet Computing, 4(4),
  36-44.

24
Chart 1 Faculty Research ProfilesFaculty
Members Stuart Thorson, Jongwoo Han,
Rubino-Hallman, and Finger
Representative Project E-Governance (1)

• Research Objective Provide a summary
  assessment of national e-government efforts in
  Latin America and Europe
• Sponsor The Electronic Government Research
  Institute, Seoul, Republic of Korea
• Book The Worlds E-Government

25
Chart 1 Faculty Research ProfilesFaculty
Members Jongwoo Han and Finger
Representative Project E-Governance (2)

• Research Objective Comparative examination
  of the role of IT in the development of social
  capital in the Republic of Korea, the Peoples
  Republic of China, and Japan
• Sponsor The Asia Society (pending)

26
Chart 1 Faculty Research ProfilesFaculty
Members Stuart Thorson, Chris Sedore, Shiu-Kai
Chin
Representative Project E-Governance (3)

• Research Objective Collaborative research
  and training with Kim Chaek University of
  Technology, Democratic Peoples Republic of Korea
• Sponsor Henry Luce Foundation

27
Chart 1 Faculty Research ProfilesFaculty
Members Stuart Thorson, Steve Chapin, Jun Hwang,
Jongwoo Han
Representative Project E-Governance (4)

• Research Objective Rethinking privacy and
  security regimes in a globally networked world
• Sponsor None

28
Chart 1 Faculty Research ProfilesFaculty
Member Rubino-Hallman
Representative Project E-Governance (5)

• Research Objective Identify El Salvadors
  executive branch information infrastructure and
  define a national e-government strategy,
  institutional re-design and recommendations for
  an implementation plan that highlights star
  services to be offered online
• Sponsor Committee for the Modernization of
  the Public Sector, Office of the President, El
  Salvador

29
Chart 1 Faculty Research ProfilesFaculty
Member Rubino-Hallman
Representative Project E-Governance (6)

• Research Objective Design and implement an
  interactive Web-based application to manage
  expert information about electronic procurement
  around the world
• Sponsor Inter-American Development Bank

30
Chart 1 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin and Susan Older
Representative Area Trust in Hardware Systems

• Summary
• Whats needed? Ways to mathematically,
  formally prove secure designs
• Behavior and structure defined in Higher-Order
  Logic Process Algebra
• Map definitions into netlists and parameterized
  cell generators
• Catch simple errors by simulation (and make
  necessary changes to definitions
• Use formal proofs to catch subtle errors
• Research Objective
• Determine if there is a linear systems theory
  for computer engineering? Processes,
  software, hardware
• To show that a viable design process is possible
  using existing tools and techniques

31
Chart 2 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin and Susan Older
Representative Area Trust in Hardware Systems
1
Instruction Set Architecture
Top Level Instruction Specification
formal def
3
formal verification
2
Block Diagram (see figure 2)
Instr Set Description of Components (mux,regctr,mp
c,stack)
formal def
9
formal verification
4
5
GDT Standard Cells
HOL Basic Gates
HOL recursive module definitions
formal def
formal def
L2XNF
8
verify by simulation
HOL2L compiler
FPGA
6
7
L parameterized cell generators
layout
AutoCells
32
Chart 3 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin and Susan Older
Representative Area Trust in Hardware Systems

• Topics to be Addressed
• Background
• - What is IspCal? Why IspCal?
• - Abstraction Level of Digital Machine Design
• - Finite State Machine Modeling Extension
• - Behavioral IspCal
• - Structural IspCal
• - CPU Example

33
Chart 4 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin and Susan Older
Representative Area Trust in Hardware Systems
Levels of Design Abstractions in Digital Systems
(Components)
34
Chart 5 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin and Susan Older
Representative Area Trust in Hardware Systems
Problem Definition
?Problem - Equating structure to behavior at
ISP level - Design with intellectual property
(IP) components ?Example Microcode architecture
vs target architecture
35
Chart 6 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin and Susan Older
Representative Area Trust in Hardware Systems
What is IspCal?

• Instruction-set Process Calculus (IspCal) is a
  calculus for describing processes at the
  algorithmic and instruction-set levels.
• The primary purpose of IspCal is to support
  reasoning about the equivalence between
  structures and behaviors of processes.
• The behaviors described by IspCal are an
  extension to the sequential Mealy machine model.

36
Chart 7 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin and Susan Older
Representative Area Trust in Hardware Systems
Microprogrammed Machine Example
Contents
? ISP description of a microprogrammed
controller ? ISP description of a datapath ?
Composition of the datapath and the controller to
implement a CPU ? Top-level ASM specification
of the CPU (simplified PDP-8) ? Bisimulation
equivalence of the top-level specification
and the composed microprogrammed implementation
37
Chart 8 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin and Susan Older

• Representative Area Trust in
  Hardware Systems
• Behavior of the Controller

38
Chart 9 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin and Susan Older
Representative Area Trust in Hardware Systems
39
Chart 10 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin and Susan Older
Representative Area Trust in Hardware Systems
Composition of Datapath and Microprogrammed
Controller
(Cell (Proc X micro_asm) ?1opcontrol Cell
datapath ?2 opcontrol) \ control
40
Chart 11 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin and Susan Older
Representative Area Trust in Hardware Systems
Bisimulation Equivalence of Machines
- ?? ?1. (iar ?1 0) /\ is_micropgm ?1 ?
Cell (Proc X0 top_asm) ? op
(Cell (Proc X micro_isp) ?1
opcontrol Cell datapath ?op
control) \ control
The composed microprogrammed machine is
equivalent to the top-level behavioral
specification.
41
Chart 1 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin, Susan Older
Representative Area Trust in Software Systems

• Narrative High Confidence Systems require
• Sufficiently strong crypto-algorithms
• Correct implementations
• Security model correct implementation of model
• Research Objective Define methods to solve
  fundamental engineering issues
• How do we know with confidence that our designs
  and implementations will behave securely?
• How do we get assurance as a normal outcome
  instead of as a result of heroic measures?
• How do we account for security properties at the
  lowest implementation levels?

42
Chart 2 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin, Susan Older
Representative Area Trust in Software Systems

• Methods We Use
• Description methods
• Higher-order logic, parameterization, algebraic
  specifications
• Composition
• Process algebras IspCal, categories
• Tools
• Verification Model checking, theorem provers
  (HOL)
• Synthesis Spec refinement code generation
  (Specware), linking higher-order logic to VLSI
  CAD tools(Mentor)

43
Chart 3 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin, Susan Older
Representative Area Trust in Software Systems
Secure Channel Protocol (sender)

• hash identifies message content private key
  identifies sender public key identifies
  receiver

44
Chart 4 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin, Susan Older
Representative Area Trust in Software Systems
Secure Channel Protocol (receiver)

• Check message integrity by comparing signature
  with hash
• Check identity by using public key of sender

45
Chart 5 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin, Susan Older
Representative Area Trust in Software Systems

• High Confidence Implementations
• Hardware
• Combining reasoning tools with VLSI CAD tools
• Verifying composed ISP and ASM descriptions
• Software
• Combining verification with code synthesis
• Reasoning about composed software components

46
Chart 6 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin, Susan Older
Representative Area Trust in Software Systems
An Example of Specification
47
Chart 7 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin, Susan Older
Representative Area Trust in Software Systems
Composing Specifications
48
Chart 8 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin, Susan Older
Representative Area Trust in Software Systems
Why is Composition Correct?

• Due to the property of specification morphism,
  the composed specification satisfies the axioms
  of both source specifications.
• The composed specification is a canonical
  construction of source specifications.

49
Chart 9 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin, Susan Older
Representative Area Trust in Software Systems
Specification Refinements
50
Chart 10 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin, Susan Older
Representative Area Trust in Software Systems
Composing Refinements
51
Chart 11 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin, Susan Older
Representative Area Trust in Software Systems
Why is Composition of Refinements Correct?
The behavior of the final refined composite
specification, represented as its theorems, can
be derived from the axioms of source
specifications through rigorous mathematical
theories.
52
Chart 12 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin, Susan Older
Representative Area Trust in Software Systems
Sample Code
Specware-generated C code for MIC-CLEAR
integrity checkingboolean is_intact (verify_1
v, hash_1 h, string msg, string mic, string
ekey) return v (ekey, h (msg),
mic)boolean mic_clear_is_intact (mic_clear_2
x) string _x_1 project(1,x) e _x_2
project(2,x) string _x_3 project(3,x)
return is_intact (verify_select
(get_mc_verify ( product(_x_1, _x_2, _x_3) )),
hash_select (get_mc_hash ( product(_x_1, _x_2,
_x_3) )), get_mc_message ( product (_x_1,
_x_2, _x_3) ), get_mc_mic ( product (_x_1,
_x_2, _x_3) ), get_mc_pkey ( product (_x_1,
_x_2, _x_3) ))
53
Chart 1 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin, Susan Older
Representative Area Trusted Access Control and
Delegation

• Fundamental Engineering Issues
• How do we know with confidence that our designs
  and implementations will behave securely?
• How do we get assurance as a normal outcome
  instead of as a result of heroic measures?
• How do we account for security properties at
  the lowest implementation levels?

54
Chart 2 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin, Susan Older
Representative Area Trusted Access Control and
Delegation
Access Control Example
Secure Channel
File Server

• Certificates
• Request
• Kjohn says (Read medical record)

File System
File Medical Record
ACL John Read Doctor Read, Write

• Is John allowed to read the file?
• File server needs to establish that Kjohn
  speaks for John

55
Chart 3 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin, Susan Older
Representative Area Trusted Access Control and
Delegation

• Requirements
• Security policy (Access Control List)
• Secure channel privacy, authentication,
  integrity
• Based on use of cryptographic keys protocols
• Trust model
• How do I know the cryptographic key being used
  really represents (speaks for) John?
• How do I know that John is authorized (has the
  privilege) for the service he requests?

56
Chart 4 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin, Susan Older
Representative Area Trusted Access Control and
Delegation

• Trust Abstractions
• Secure integrity-checked channel
• Key says statement
• Key signs statement
• Associating keys and principals
• Key speaks for principal
• Certificates
• KCA says (Ka speaks for A)

57
Chart 5 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin, Susan Older
Representative Area Trusted Access Control and
Delegation

• Inference Rules Lampson, et al
• For all principals P1, P2 and statements s
• If (P1 speaks for P2) and (P1 says s) then (P2
  says s)
• If (P1 says (P2 speaks for P1)) then (P2 speaks
  for P1)
• Recall keys, processes, people, machines are
  principals

58
Chart 6 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin, Susan Older
Representative Area Trusted Access Control and
Delegation

• Servers Reasoning
• Trust assumptions
• KCA speaks for CA
• CA speaks for Anyone
• Certificate
• KCA says (Kjohn speaks for John)
• Using trust assumptions, certificate, and
  inference rules Kjohn speaks for John
• Establish John says Read medical record
• Consult ACL grant access request

59
Chart 1 Faculty Research ProfilesFaculty
Members Shiu-Kai Chin and Susan Older
Representative Area Concurrency and Fairness
Slides to be provided by Sue
60
Chart 1 Faculty Research ProfilesFaculty
Member Steve Chapin

• Representative Project
• Dynamic Honeypots and Honeynets
• Narrative This research seeks to build
  automated honeynets that respond to attack by
  changing the configuration of the system(s) on
  the network, thus presenting attackers with more
  difficult challenges enabling researchers to
  assess the skill, knowledge, and commitment of
  the attackers.

61
Chart 2 Faculty Research ProfilesFaculty
Member Steve Chapin
Representative Project Dynamic Honeypots and
Honeynets
62
Chart 1 Faculty Research ProfilesFaculty
Member Steve Chapin
Representative Project Trusted Time

• Research Objective The Trusted Time Stamping
  Project is a partnership project between SAI and
  WetStone Technologies or say commercial
  organizations in the trusted time business. The
  project defines an infrastructure in which
  digital information is digitally signed with a
  time stamp within the scope of a transaction.
  This electronic time stamp is secure,
  certifiable, and auditable. SAIs goal uses
  formal methods to explore the requirements in
  creating these timestamps and to better the
  design of trusted time stamping such that formal
  verification of time stamps is possible.
• Sponsors
• Selected Publications

63
Chart 2 Faculty Research ProfilesFaculty
Member Steve Chapin
Representative Project Trusted Time
64
Chart 1 Faculty Research ProfilesFaculty
Member Steve Chapin

• Representative Project Protocol Steganography
• Narrative This research investigates novel
  methods to embed information streams within
  application-level network flows, such as HTTP
  transfers or SSH connections. Early prototypes
  can successfully and undetectably insert traffic
  into SSH streams.
• Sponsors
• Air Force Research Lab, Rome Research Site
• Selected Publications
• Norka Lucena and Steve J. Chapin,
  Semantics-Preserving Application-Layer Protocol
  Steganography, submitted to the First IEEE
  International Information Assurance Workshop,
  2002.

65
Chart 1 -- Faculty Research Profiles Faculty
Members Wenliang (Kevin) Du, Steve Chapin
Representative Project SEINIX Security
Enhanced Instructional UNIX System

• Narrative The lack of effective laboratories
  in computer security education motivates us to
  develop the SEINIX operating system, which is a
  much simple Unix system comparing to the
  commercial Unix systems. This simplicity makes it
  possible for students to use SEINIX as a
  platform, so they can apply their newly learned
  knowledge and skills to design, implement, and
  test various security mechanisms, as well as to
  analyze security properties of a system.
• Research Objective (1) To develop the SEINIX
  operating system by using Minix operating system
  as the basis. (2) To design a series of
  laboratory projects based on SEINIX for computer
  security courses.

66
Chart 2 -- Faculty Research Profiles Faculty
Members Wenliang (Kevin) Du, Steve Chapin
SEINIX Security Enhanced Instructional UNIX
System
SEINIX
Basic OS Components
Security Components
Plug-in Security Modules
Fundamental Security Architecture Modules
Security Exploit, Analysis Testing
Security Design Implementation
Lab
Lab
Lab
Lab
Lab
Lab
67
Chart 2 -- Faculty Research ProfilesFaculty
Members Wenliang (Kevin) Du, Steve Chapin

• Representative Project
• SEINIX Security Enhanced Instructional UNIX
  System
• Sponsors
• National Science Foundation, 75,000, 01/03
  01/05.
• Selected Publications
• Wenliang Du, Developing An Instructional
  Operating System For Computer Security Education.
  Technical Report.

68
Chart 1 -- Faculty Research Profiles Faculty
Members Wenliang (Kevin) Du, Pramod Varshney
Representative Project Securing Wireless Ad
Hoc and Sensor Networks (In collaboration with
Dr. Deng and Dr. Han)

• Narrative Because of resource (hardware
  capability and power) constraints, mobility, lack
  of central authority, and lack of underlying
  infrastructure, security mechanisms developed for
  wired networks usually cannot be applied to
  wireless networks directly. Research of this
  project focuses on how to secure wireless
  networks, with particular focus on ad hoc and
  sensor networks.
• Research Objective To develop techniques to
  improve the trust in wireless networks by using
  cryptography, fault tolerance, and detection
  approaches. We focus on three security-related
  problems
• Data Fusion Assurance.
• Detecting misbehaving nodes.
• Power-aware security protocols.

69
Chart 2 -- Faculty Research ProfilesFaculty
Members Wenliang (Kevin) Du, Pramod Varshney

• Representative Project
• Securing Wireless Ad Hoc and Sensor Networks
• Sponsors
• None (a proposal is submitted to NSF Trusted
  Computing on 12/12/2002).
• Selected Publications
• Wenliang Du, Jing Deng, Yunghsiang S. Han and
  Pramod K. Varshney. and Mikhail J. Atallah. Data
  Fusion Assurance In Wireless Sensor Networks.
  Technical Report.

70
Chart 1 -- Faculty Research Profiles Faculty
member Wenliang (Kevin) Du
Representative Project Privacy-Preserving
Distributed Computing

• Narrative Research focuses on how multiple
  parties can conduct a distributed computing using
  their joint data without disclosing each partys
  private data to other parties.
• Research Objective To develop secure and
  efficient data disguising techniques to enable
  various types of distributed computing, including
  data mining, knowledge discovery, statistical
  analysis, and scientific computation.

71
Chart 2 -- Faculty Research Profiles Faculty
Member Wenliang (Kevin) Du
Private Data
Private Data
Private Data
Privacy Preserving Distributed Computing
Data Mining Knowledge Discovery Statistical
Analysis Scientific Computation
72
Chart 2 -- Faculty Research ProfilesFaculty
Member Wenliang (Kevin) Du

• Representative Project
• Privacy-Preserving Distributed Computing
• Sponsors
• National Science Foundation 220,000, 09/01
  08/04.
• Selected Publications
• Wenliang Du and Mikhail J. Atallah.
  Privacy-Preserving Cooperative Scientific
  Computations. In 14th IEEE Computer Security
  Foundations Workshop, June 11-13 2001, Nova
  Scotia, Canada. Pages 273-282.
• Wenliang Du and Zhijun Zhan. Building Decision
  Tree Classifier on Private Data. In Workshop on
  Privacy, Security, and Data Mining at The 2002
  IEEE International Conference on Data Mining
  (ICDM'02) December 9, 2002, Maebashi City, Japan.
  
• Wenliang Du and Zhijun Zhan. A Practical Approach
  to Solve Secure Multi-party Computation Problems.
  In New Security Paradigms Workshop 2002.
  September 23 - 26, 2002, Virginia Beach,
  Virginia, USA.

73
Chart 1 -- Faculty Research Profiles Faculty
Member Wenliang (Kevin) Du

• Representative Project
• VINE Using VIrtual Network Environment for
• Network Security Courses

• Narrative Because of their security-related
  nature, many interesting laboratory projects for
  network security courses require students to have
  a super-user privilege on their computers and
  networks. This is infeasible to many departments
  because giving the super-user privilege to
  students empowers the students such that they can
  cause a lot of serious damage to the department's
  network infrastructures. This project plans to
  solve the above dilemma.
• Research Objective To develop an virtual
  network environment for students network
  security projects by using the Virtual Machine
  technology.

74
Chart 2 -- Faculty Research ProfilesFaculty
Member Wenliang (Kevin) Du

• Representative Project
• VINE Using VIrtual Network Environment for
• Network Security Courses
• Sponsors
• University Vision Fund, 5,000, 01/03 12/03.
• Selected Publications
• None.

75
Chart 1 Faculty Research ProfilesFaculty
Member Joan Deppa
Representative Project Crisis Communications

• Research Objective
• Sponsors