GAIL-JOON AHN, Ph.D.
Associate Professor
Computer Science and Engineering Department
Ira. A. Fulton School of Engineering
Arizona State University
BYENG 486
Office: 480-965-9007
Fax: 480-965-2751
Email: gahn at asu.edu (or)
            ahn at asu.edu
PGP Key

Prof. Ahn has authored more than 90 refereed research papers. His principal research and teaching interests are in information and systems security. His research foci include vulnerability and risk management, access control, and security architecture for distributed systems. His research has been supported by NSF, NSA, DoD, DoE, Bank of America, Hewlett Packard, Microsoft and Robert Wood Johnson Foundation. He is a recipient of Department of Energy CAREER Award and the Educator of the Year Award from the Federal Information Systems Security Educators' Association (FISSEA). Prior to ASU, he was an Associate Professor of College of Computing and Informatics and Founding Director of Center for Digital Identity and Cyber Defense Research and Laboratory of Information Integration, Security and Privacy at UNC Charlotte.


  • TEACHING and STUDENTS
  • RESEARCH ACTIVITIES
    • Recent Research Projects
      • Identity and Privacy Management
        1. Gail-J. Ahn, " User-centric Identity and Privacy Management, " Bank of America, 2005 - 2007.
      • Access Control: Models and Mechanisms
        1. Gail-J. Ahn, " Collaborative Research: Secure Information Sharing in Internet-based Collaborative Applications, " National Science Foundation, 2003 - 2009.
        2. Gail-J. Ahn, " Secure Information Sharing within a Collaboratory Environment, " Early Career Principal Investigator Award, Department of Energy, 2003 - 2009.
      • Network and Systems Assurance
        1. Gail-J. Ahn, "Collaborative Research: Securing Dynamic Online Social Networks ," National Science Foundation, 2008 - 2012.
        2. Gail-J. Ahn, "Collaborative Research: Detecting and Responding Network-centric Attack through Visual Analysis ," National Security Agency, 2007 - 2009.
        3. Tom Holt, Gail-J. Ahn and Bill Chu, "Examining The Creation, Distribution and Function of Malware On-Line," Dept of Justice/NIJ, 2007 - 2009.

    • Past Research and Educational Projects
      • Identity and Privacy Management
        1. Gail-J. Ahn, " Privacy Attribute Specification and Management, " Bank of America, 2004 - 2005.
        2. Gail-J. Ahn, " Privacy Attribute Management, " Bank of America, 2003 - 2004.
        3. Gail-J. Ahn, " Access and Identity Management, " Bank of America, 2002 - 2003.
        4. Gail-J. Ahn and Alex Liu, " Email Fraud Protection for Financial Services, " Bank of America, 2002.
        5. Gail-J Ahn, " Scalable Token-based Authentication: Architecture and Mechanisms, " National Science Foundation, 2001 - 2003.
        6. Gail-J. Ahn, " Authentication Architecture for Healthcare Information, " The Robert Wood Johnson Foundation, 2000 - 2001.
      • Access Control: Models and Mechanisms
        1. Gail-J Ahn, " Engineering a Role-based Infrastructure Management System, " ETRI, 2002 - 2003
        2. Gail-J Ahn, " Role-based Access Control on PMI, " ETRI, 2001- 2002.
        3. Gail-J. Ahn, " Compositional Modeling and Analysis of Role-Based Access Control in Distributed Systems, " Faculty Research Grant, UNC Charlotte, 2002 - 2003.
        4. Gail-J. Ahn, " Access Control on Wireless Application Environment: Models, Architectures and Tools, " Faculty Research Grant, UNC Charlotte, 2001 - 2002.
      • Network and Systems Assurance
        1. Teresa Dahlberg, Gail-J. Ahn, Essam El-Kwae, and Asis Nasipuri, " Experimental Testbed for Mobile Network Protocols, " National Science Foundation, 2001 - 2005.
        2. Bill Chu, Gail-J. Ahn, Yongge Wang, Brent Kang, and Tom Halt, " Analyzing and Defeating Network-centric Attacks Using Honeypots, " e-Business Technology Institute, 2005 - 2007.
        3. Yuliang Zheng and Gail-J. Ahn, " Security in Pervasive Computing, " Hewlett-Packard Research, 2002 - 2003.
        4. Seok-Won Lee, Gail-J. Ahn, and Bill Chu, " Critical Infrastructure Protection Center Initiatives: DITSCAP Automation, " Space and Naval Warfare Systems Center , 2004 - 2006.
      • Information Assurance Education
        1. Bill Chu, Gail-J. Ahn, Y. Zheng, W.J. Tolone, and Teresa Dahlberg, " Carolinas Cyber-Defender Scholarship Program, " National Science Foundation, 2002 - 2009.
        2. Gail-J. Ahn, Bill Chu, Y. Zheng, W.J. Tolone, " DoD Carolinas Cyber-Defender Scholarship Program, " DoD IASP, 2001 - 2007.
        3. Gail-J Ahn, " Microsoft University Research Program, " Microsoft Corporation, 2001

  • PUBLICATIONS
    • Books/Book Chapters
      1. Steve Barker and Gail-Joon Ahn (Eds.), "Data and Applications Security XXI; 21st Annual IFIP WG 11.3 Working Conference on Data and Applications Security," ISBN 978-3-540-73533-5, Lecture Notes in Computer Science, Vol. 4602, Springer, July 2007.
      2. Gail-Joon Ahn, "Discretionary Access Control," Book Chapter of Encyclopedia of Database Systems, Springer, 2007 (To appear).
      3. S. Hong, M. Kim, Gail-J. Ahn and J. Yoon,"e-Business Security," Powerbook Publishing Co., Seoul, ISBN 89-8160-041-4 (393 pages), 2000.
      4. Gail-J. Ahn, " The RCL 2000 Language for Specifying Role-Based Authorization Constraints," Ph.D. Dissertation, George Mason University, 2000.
    • Selected Refereed Journal Publications
      1. Karsten Sohr, Michael Drouineaud, Gail-Joon Ahn, and Martin Gogolla, " Analyzing and Managing Role-Based Access Control Policies,," IEEE Transactions on Knowledge and Data Engineering, 2008.
      2. Seng-Phil Hong, Gail-Joon Ahn and Wenjuan Xu, " Access Control Management for SCADA Systems," IEICE Transactions on Information and Systems, 2008.
      3. Gail-J. Ahn, Badrinath Mohan and S. Hong, " Secure Information Sharing Using Role-based Delegation," Journal of Network and Computer Applications, Elsevier, January 2007.
      4. Seok-Won Lee, Divya Muthurajan, Robin Gandhi, Deepak Yavagal and Gail-J. Ahn, " Building Decision Support Problem Domain Ontology from Security Requirements to Engineer Software-intensive Systems ," International Journal of Software Engineering and Knowledge Engineering, World Scientific, 2006.
      5. Seok-Won Lee, Robin Gandhi and Gail-J. Ahn, " Certification Process Artifacts Defined as Measurable Units for Software-intensive Systems Lifecycle, " Software Process: Improvement and Practice, John Wiley & Sons, 2006
      6. Dongwan Shin and Gail-J. Ahn, " Role-based Privilege and Trust Management," Computer Systems Science & Engineering Journal, Vol. 20, No. 6, CRL Publishing, November 2005.
      7. B. Tolone, Gail-J. Ahn, T. Pai and S. Hong, "Access Control in Collaborative Systems," ACM Computing Surveys, Vol. 37, No. 1, ACM, March 2005.
      8. Dongwan Shin and Gail-J. Ahn, " A Role-based Infrastructure Management System: Design and Implementation," Concurrency and Computation: Practice and Experience, Vol.16, No. 11, John Wiley & Sons, August 2004.
      9. Longhua Zhang, Gail-J. Ahn and Bill Chu, " A Rule-Based Framework for Role-Based Delegation and Revocation, " ACM Transactions on Information and System Security, Vol.6, No.3, August 2003.
      10. S. Hong, Gail-J. Ahn and Myungchul Kim, " Secure Consolidated Authorization Mechanism for Supply Chain Management " International Journal of Computer and Information Science, Vol. 4, No. 1, 2003.
      11. Gail-J. Ahn, S. Hong and M. Shin, "Reconstructing a Formal Security Model," Information and Software Technology, Vol. 44, No. 11, Elsevier Science, August 2002 .
      12. Gail-J. Ahn and Kwangjo Kim, " CONUGA: Constrained User Group Assignment," Journal of Network and Computer Applications, Vol. 24, No. 2, Academic Press, April 2001, Also appeared in Reader's Guide to Journal Papers in Cipher.
      13. Gail-J. Ahn and Ravi Sandhu, "Decentralized User Group Assignment in Windows NT," Journal of Systems and Software,Elsevier Science, Vol. 56, No. 1, February 2001, Also appeared in Reader's Guide to Journal Papers in Cipher.
      14. Joon Park, Gail-J. Ahn and Ravi Sandhu, "Secure Attribute Services on the Web," ACM Transactions on Information and System Security, Vol. 4, No. 1, February 2001
      15. Gail-J. Ahn, "Role-based access control in DCOM," Journal of Systems Architecture, Vol. 46, No. 13, Elsevier Science, November 2000
      16. Gail-J. Ahn and Ravi Sandhu, "Role-based Authorization Constraints Specification,"ACM Transactions on Information and System Security, pages 207-226, Vol. 3, No. 4, ACM, November 2000
      17. Gail-J. Ahn and Ravi Sandhu, "Towards Role-Based Administration in Network Information Services,"Journal of Network and Computer Applications, Vol. 22, No. 3, pages 199-213, Academic Press, 1999.
      18. Gail-J. Ahn, "Adopting Roles in Network Information Services," International Journal of Computers and Applications, Vol. 21, No. 3, ACTA Press, 1999.
    • Selected Refereed Conference Publications
      1. "Enforcing Role-Based Access Control Policies in Web Services with UML and OCL, " (with Karsten Sohr, Tanveer Mustafa, Xinyu Bao and Yan Guo), In Proceedings of the 24th Annual Computer Security Applications Conference (ACSAC), Anaheim, California, USA, December 8-12, 2008. (To appear).
      2. "Risk Evaluation for Personal Identity Management Based on Privacy Attribute Ontology, " (with Mizuho Iwaihara, Kohei Murakami, Masatoshi Yoshikawa), In Proceedings of the 27th International Conference on Conceptual Modeling (ER 2008), Barcelona, Catalonia, Spain, October 20-23, 2008 (To appear).
      3. "Beyond User-to-User Access Control for Online Social Networks, " (with Mohamed Shehab and Anna Squicciarini), In Proceedings of the10th International Conference on Information and Communications Security (ICICS 2008), Birmingham, UK, October 20-22, 2008 (To appear).
      4. "Towards Role-based Authorization for OSGi Service Environments, " (with Hongxin Hu and Jing Jin), In Proceedings of the 12th IEEE International Workshop on Future Trends of Distributed Computing Systems (FTDCS 2008), Kunming, China, October 21-23, 2008 (To appear).
      5. "Portable User-Centric Identity Management," (with Moonam Ko and Mohamed Shehab), In Proceedings of 23rd IFIP International Information Security Conference (SEC 2008), Milan, Italy - September 8-10, 2008 (To appear).
      6. "Enabling verification and conformance testing for access control model," (with Hongxin Hu), In Proceedings of 13th ACM Symposium on Access Control Models And Technologies (SACMAT), Estes Park, Colorado, USA, June 11-12, 2008.
      7. "Visualization Based Policy Analysis: Case Study in SELinux," (with Wenjuan Xu and Mohamed Shehab), In Proceedings of 13th ACM Symposium on Access Control Models And Technologies (SACMAT), Estes Park, Colorado, USA, June 11-12, 2008.
      8. "Systematic Policy Analysis for High-assurance Services in SELinux," (with Wenjuan Xu and Xinwen Zhang), In Proceedings of IEEE Workshop on Policies for Distributed Systems and Networks (POLICY'08), Palisades, NY, June 2-4, 2008.
      9. " Understanding IRC Bot Behaviors in Network-centric Attack Detection and Prevention Framework," (with Napoleon Paxton and Kevin Pearson), In Proceedings of 3rd International Conference on Information Warfare and Security, Peter Kiewit Institute, University of Nebraska Omaha, USA, 24-25 April 2008.
      10. "User-centric Privacy Management for Federated Identity Management," (with Moonam Ko), In Proceedings of the 3rd International Conference on Collaborative Computing, IEEE, New York, November 12-15, 2007.
      11. "Towards Trust-aware Access Management for Ad-hoc Collaborations," (with Jing Jin, Mohamed Shehab, and Hongxin Hu), In Proceedings of the 3rd International Conference on Collaborative Computing, IEEE, New York, November 12-15, 2007.
      12. "Towards Practical Framework for Collecting and Analyzing Network-Centric Attacks," (with Napoleon Paxton and Bill Chu), In Proceedings of IEEE International Conference on Information Reuse and Integration, Las Vegas, NV, Aug 13-15, 2007.
      13. "Collegiate Cyber Game Design Criteria and Participation," (with Bill Chu, Steven Blanchard, James Deese, Richard Kelly ,Huiming Yu and Ashika Young), In Proceedings of the 6th IEEE/ACIS International Conference on Computer and Information Science (ICIS 2007), Melbourne, Australia, July 11-13, 2007.
      14. "Enabling Role-Based Delegation and Revocation on Security-Enhanced Linux," (with Dhruv Gami), In Proceedings of 12th IEEE Symposium on Computers and Communications (ISCC'07), Aveiro, Portugal, July 1-4, 2007.
      15. "Towards Realizing a Formal RBAC Model in Real Systems," (with Hongxin Hu), In Proceedings of 12th ACM Symposium on Access Control Models And Technologies (SACMAT), Sophia Antipolis, France, June 20-22, 2007.
      16. "Towards Effective Security Policy Management for Heterogeneous Network Environments," (with Lawrence Teo), In Proceedings of IEEE Workshop on Policies for Distributed Systems and Networks (POLICY'07), Bologna, Italy, June 13-15, 2007.
      17. "Collecting and Analyzing Bots in a Systematic Honeynet-based Testbed Environment," (with Napoleon Paxton, Richard Kelly, Kevin Pearson and Bill Chu), In Proceedings of the 11th Colloquium for Information Systems Security Education, Boston University, Boston, MA, June 4-7, 2007.
      18. "Managing Heterogeneous Network Environments Using an Extensible Policy Framework," (with Lawrence Teo), In Proceedings of ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS'07) Singapore, March 20-22, 2007.
      19. "Towards Secure Information Sharing and Management in Grid Environments," (with Jing Jin), In Proceedings of 2nd IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, Atlanta, GA, USA, November 17-20, 2006.
      20. "Role-based Access Management for Ad-hoc Collaboration," (with Jing Jin), In Proceedings of 11th ACM Symposium on Access Control Models And Technologies (SACMAT), Lake Tahoe, CA, USA, June 7-9, 2006.
      21. "Building Problem Domain Ontology from Security Requirements in Regulatory Documents," (with Seok-Won Lee, Robin Gandhi, Divya Muthurajan and Deepak Yavagal), In Proceedings of ACM ICSE Workshop on Software Engineering for Secure Systems (SESS05), Shanghai, China, 20-28 May 2006.
      22. "Policy-Driven Access Management for Ad-hoc Collaborative Sharing," (with Jing Jin), In Proceedings of 2nd International Workshop on Pervasive Information Management (PIM 2006), Lecture Notes in Computer Science (LNCS-4254), Munich, Germany, March 30, 2006.
      23. "Managing Privacy Preferences in Federated Identity Management," (with John Lam), In Proceedings of ACM Workshop on Digital Identity Management (In conjuction with 12th ACM Conference on Computer and Communications Security), Fairfax, VA, November 11, 2005.
      24. "Specification and Validation of Authorisation Constraints Using UML and OCL, "(with Karsten Sohr and Lars Migge), In Proceedings of 10th European Symposium on Research in Computer Security (ESORICS), Lecture Notes in Computer Science (LNCS), Milan, Italy, September 12-14, 2005.
      25. "Security Requirements Driven Risk Assessment for Critical Infrastructure Information Systems," (with Seok-Won Lee and Robin A. Gandhi), In Proceedings of Symposium on Requirements Engineering for Information Security, (In conjunction with 13th IEEE International Requirements Engineering Conference), Paris, France, August 29, 2005.
      26. "Engineering Information Assurance for Critical Infrastructures: The DITSCAP Automation Study," (with Seok Won Lee, Robin A. Gandhi), In Proceedings of the 15th Annual International INCOSE Symposium, Rochester, New York, July 10-15, 2005.
      27. "Active Automation of the DITSCAP," (with Seok Won Lee, Robin A. Gandhi, Deepak Yavagal), In Proceedings of IEEE International Conference on Intelligence and Security Informatics, Lecture Notes in Computer Science (LNCS), Atlanta, GA, May 19-20, 2005.
      28. "Establishing Trustworthiness in Services of the Critical Infrastructure through Certification and Accreditation," (with Seok Won Lee, Robin A. Gandhi), In Proceedings of ACM ICSE Workshop on Software Engineering for Secure Systems (SESS05), St. Louis, Missouri, May 15-16, 2005 and also in ACM SIGSOFT Software Engineering Notes, Volume 30 , Issue 4, July 2005.
      29. "Articulating and Enforcing Authorisation Policies with UML and OCL," (with Karsten Sohr and Lars Migge), In Proceedings of ACM ICSE Workshop on Software Engineering for Secure Systems (SESS05), St. Louis, Missouri, May 15-16, 2005 and also in ACM SIGSOFT Software Engineering Notes, Volume 30 , Issue 4, July 2005.
      30. "Common Criteria Requirements Modeling and its Uses for Quality of Information Assurance (QoIA)," (with Deepak S. Yavagal, Seok Won Lee, Robin A. Gandhi), In Proceedings of 43rd ACM Southeast Conference, Atlanta, GA, March 18-20, 2005.
      31. "Supporting Access Control Policies Across Multiple Operating Systems," (with Lawrence Teo), In Proceedings of 43rd ACM Southeast Conference, Atlanta, GA, March 18-20, 2005.
      32. "Formal Specification of Role-based Security Policies for Clinical Information Systems (with Karsten Sohr), "In Proceedings of 20th Annual ACM Symposium on Applied Computing, Santa Fe, New Mexico, March 13 -17, 2005.
      33. "Interactive Exploration of Large Filesystems," (with K.R. Subramanian and J.A. Foster), In Proceedings of 17th SPIE Conference on Visualization and Data Analysis, January 16-20, 2005, San Jose, California, USA.
      34. "Information Assurance in Federated Identity Management: Experimentations and Issues, In Proceedings of 15th International Conference on Web Information Systems Engineering, Lecture Notes in Computer Science (LNCS3306), pp 79-90, November 22-24, 2004, Brisbane, Australia.
      35. "Role-based Trust Assignment in Trust Management Systems," (with Dongwan Shin), In Proceedings of 17th International Conference on Parallel and Distributed Computing Systems (PDCS 04), San Francisco, USA, September 15-17, 2004.
      36. " Role-based Privilege Management Using Attribute Certificates and Delegation ," In Proceedings of International Conference on Trust and Privacy in Digital Business, Lecture Notes in Computer Science (LNCS3184), August 30 - September 3, 2004.
      37. "Towards the Specification of Access Control Policies on Multiple Operating Systems," (with Lawrence Teo), In Proceedings of 5th Annual IEEE Information Assurance Workshop, United States Military Academy, West Point, New York, June 10-11, 2004.
      38. "Application Penetration Testing: Concepts and Taxonomy," (with John Melton), In Proceedings of 2004 Department of Energy Cyber Security Training Conference, Overland Park, Kansas, May 24-27, 2004 (Best Student Paper presented by Department of Energy Office of the Chief Information Officer).
      39. " Ensuring Information Assurance in Federated Identity Management, " (with Dongwan Shin and Prasad Shenoy), In Proceedings of the 23rd IEEE International Performance Computing and Communications Conference (IPCCC), Phoenix, Arizona, April 14-17, 2004.
      40. "Group Hierarchies with Constrained User Assignment in Linux," (with Seng-Phil Hong), In Proceedings of The Second International Workshop on Security In Information Systems (WOSIS) held in conjunction with the 6th International Conference on Enterprise Information Systems (ICEIS), Porto, Portugal, April 13, 2004.
      41. "Defeating Internet Attacks Using Risk Awareness and Active Honeypots," (with Lawrence Teo and Yu-An Sun), In Proceedings of IEEE International Information Assurance Workshop (IWIA 2004), Charlotte, NC, April 8-9, 2004.
      42. " Secure Information Sharing Using Role-based Delegation, " (with Badrinath Mohan), In Proceedings of IEEE International Conference on Information Technology: Coding & Computing (ITCC), Las Vegas, NV, April 5-7, 2004.
      43. " Towards IA-Aware Web Services for Federated Identity Management, " (with Prasad Shenoy and Dongwan), In Proceedings of IASTED International Conference on Communication, Network, and Information Security (CNIS 2003), New York, December 10-12, 2003.
      44. "Authorization Management for Role-based Collaboration, " (with Longhua Zhang, Dongwan Shin and Bill Chu), In Proceedings of IEEE International Conference on System, Man and Cybernetic (SMC2003), October 5-8, 2003, Washington, D.C.
      45. " Locale-Based Access Control: placing collaborative authorization decisions in context," (with Bill Tolone and Robin Gandhi), In Proceedings of IEEE International Conference on System, Man and Cybernetic (SMC2003), October 5-8, 2003, Washington, D.C.
      46. "Context & Environmental Aware Wireless Sensor Networks for Reconfigurable Manufacturing Systems," (with Ivan Howitt, Teresa Dahlberg, Asis Nasupri and Yuliang Zheng), In Proceedings of the 2nd CIRP Conference on Agile, Reconfigurable Manufacturing, Ann Arbor, MA, August 20-21, 2003.
      47. "Specification and Classification of Role-based Authorization Policies," In Proceedings of 8th IEEE International Workshop on Enterprise Security (WETICE 2003), June 9-11, 2003, Linz, Austria.
      48. " Dynamic and Risk Aware Network Access Management, " (with Lawrence Teo and Yuliang Zheng), In Proceedings of 8th ACM Symposium on Access Control Models And Technologies (SACMAT), June 2-3, 2003, Como, Italy.
      49. " Role Control Center: Features and Case Studies, " (with David Ferriolo), In Proceedings of 8th ACM Symposium on Access Control Models And Technologies (SACMAT), June 2-3, 2003, Como, Italy.
      50. " On Modeling System-centric Information for Role Engineering, " (with Dongwan Shin), In Proceedings of 8th ACM Symposium on Access Control Models And Technologies (SACMAT), June 2-3, 2003, Como, Italy.
      51. " Constrained Role-based Delegation, " (with Longhua Zhang), In Proceedings of Eighteenth IFIP International Information Security Conference, May 26-28, 2003, Athens, Greece.
      52. " Intrusion Detection Force: An Infrastructure for Internet-Scale Intrusion Detection, " (with Lawrence Teo and Yuliang Zheng), In Proceedings of IEEE International Information Assurance Workshop (IWIA 2003), March 2003, Germany.
      53. " Role-Based Authorization in Decentralized Health Care Environments," (with Badrinath Mohan), In Proceedings of Eighteenth Annual ACM Symposium on Applied Computing, March 9-12, 2003, Melbourne, Florida.
      54. "An Administration System for Role-based Authorization Infrastructures," (with Dongwan Shin and Sangrae Cho), In Proceedings of Eighteenth Annual ACM Symposium on Applied Computing, March 9-12, 2003, Melbourne, Florida.
      55. "Role-based EAM Using X.509 Attribute Certificate," (with Dongwan Shin and Sangrae Cho), In Proceedings of Sixteenth Annual IFIP WG 11.3 Working Conference on Data and Application Security, King's College, University of Cambridge, UK July 29-31, 2002.
      56. " A Neural Model for Network Intrusion Detection," (with Kayvan Najarian and Xiaolu Sun), In Proceedings of the 6th World Multi-Conference on Systemics, Cybernetics, and Informatics, Orlando, FL, U.S.A., July 2002.
      57. "An application of DSML for RBAC," (with Dongwan Shin and Joon S. Park), In Proceedings of 26th IEEE Annual International Computer Software and Application Conference, p934-939, Oxford, England, August 26-29, 2002.
      58. "Towards Scalable Authentication in Health Services," (with Dongwan Shin), In Proceedings of 7th IEEE International Workshop on Enterprise Security (WETICE 2002), CMU, PA, June 10-12, 2002.
      59. "A Role-Based Delegation Framework for Healthcare Information Systems " (with Longhua Zhang and Bill Chu), ACM Symposium on Access Control Models And Technologies (SACMAT) 2002.
      60. " Challenges to Multi-Enterprise Integration: the EECOMS Experience," (with William J. Tolone, Bei-tseng Chu, Robert G. Wilhelm, John E. Sims), In Proceedings of the IFIP TC5/WG5.12 International Conference on Enterprise Integration and Modeling Technique: Enterprise Inter- and Intra-Organizational Integration: Building International Consensus, Valencia, Spain, April 24-26, 2002.
      61. "A Secure Consolidated Authorization Mechanism for SCM, " (with Seung-Phil Hong, Myung-Chul Kim, Min-Hyung Kim and Jung Tae Yoon), In Proceedings of the 1st ACIS International Conference on Computer and Information Science (ICIS '01), Orlando, FL, October 3-5, 2001.
      62. "Scalable Authentication Architecture for Critical Information System, "In Proceedings of the 18th AFCEA (Armed Forces Communications and Electronics Association) Annual Federal Database Colloquium and Exposition, San Diego, California, August 28-30, 2001.
      63. "Browsing Structured Data with Role-based Security Realm, " (with Seung-Phil Hong), In Proceedings of the 2nd ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing, NIT, Japan, August 20-22, 2001.
      64. "RBAC on the Web Using LDAP," (with Joon S. Park and Ravi Sandhu),In Proceedings of 15th IFIP WG 11.3 Working Conference on Database and Application Security, Ontario, Canada, July 15-18, 2001.
      65. "Role-based Authorization Constraints Specification Using Object Constraint Language, " (with Eonsuk Shin), In Proceedings of 6th IEEE International Workshop on Enterprise Security (WETICE 2001), MIT, MA, June 20-22, 2001.
      66. " A Rule-Based Framework for Role-Based Delegation " (with Longhua Zhang), In Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT), Chantilly, VA, May 3-4, 2001.
      67. "Role Based Constraints Language (with Ravi Sandhu), Position Paper, Workshop on Policies for Distributed Systems and Networks (Policy2001), HP Labs Bristol, January 29-31 2001.
      68. "Injecting RBAC to Secure a Web-based Workflow System," (with Ravi Sandhu, Joon S. Park and Myong Kang), In Proceedings of 5th ACM Workshop on Role-Based Access Control, Germany, July 26-28, 2000.
      69. "UML-based Representation of Role-based Access Control," (with Eonsuk shin), In Proceedings of 5th IEEE International Workshop on Enterprise Security (WETICE 2000), NIST, MD, June 14-16, 2000.
      70. "The RSL99 Language for Role-Based Separation of Duty Constraints," (with Ravi Sandhu), In Proceedings of 4th ACM Workshop on Role-Based Access Control, p43-54, Fairfax, VA, October 28-29, 1999.
      71. "Hierarchical Administration in Network Information Services," In Proceedings of 17th IAoM Annual International Conference on Computer Science, August 6-8, 1999.
      72. "Security Architecture of DCOM and Its Integration with RBAC," (with Ravi Sandhu), In Proceedings of International Computer Symposium (ICS '98), p71-78, December 17-19, 1998.
      73. "Decentralized Group Hierarchies in UNIX: An Experiment and Lessons Learned," (with Ravi Sandhu), In Proceedings of 21st NIST-NCSC National Information Systems Security Conference, p486-502, October 5-8, 1998.
      74. "Group Hierarchies with Decentralized User Assignment in Windows NT," (with Ravi Sandhu), In Proceedings of IASTED International Conference on Software Engineering, October 28-31, 1998. (Also at NSA University Research Program Symposium August 18-19, 1998.)

  • PROFESSIONAL ACTIVITIES
    • Awards and Recognition
      • National Center of Academic Excellence in Information Assurance Education, National Security Agency and Department of Homeland Security, 2000 & 2004.
      • CAREER Award, Department of Energy, September 2003
      • Research Excellence Award, College of Information Technology, UNC Charlotte, August 2003
      • Graduate Teaching Excellence Award, College of Information Technology, UNC Charlotte, April 2004
      • Educator of the Year Award, Federal Information Systems Security Educators' Association, March 23, 2005
      • Guest Editor, ACM Transactions on Information and System Security , Vol.10, No.1, February 2007
      • NSF Panelist, 2004, 2005, 2006, 2007, 2008
      • IEEE Senior, 2007
      • ACM Senior, 2007
    • Professional Committee
      • Information Director, ACM Special Interest Group on Security, Audit and Control (SIGSAC) , 2002 onwards.
      • Program Committee & Publicity Chair, ACM Conference on Computer and Communications Security (CCS), 2002, 2003, 2004, 2005, 2007.
      • Program Committee, ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS), 2007.
      • Program Committee & Proceedings Chair, ACM Symposium on Access Control Models And Technologies, 2002, 2003, 2004, 2005, 2006.
      • Program Chair, IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise -- Enterprise Security, 2001, 2002, 2003, 2004.
      • Program Committee, IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise --Security Technologies for Collaborative Architectures (STCA), 2005.
      • Program Committee, Annual IFIP WG 11.3 Working Conference on Data and Applications Security, 2003, 2004, 2005.
      • Program Committee, ACM CCS Workshop on Digital Identity Management, 2005.
      • Program Committee, International Conference on Information Warfare and Security, 2005, 2006 .
      • Program Committee, International Workshop on Information Assurance in Distributed Systems (IADS-2005), Nanjing, China, 2-5 November, 2005.
      • Program Committee, ACM Symposium on Applied Computing (SAC)--Computer Security Track, 2004, 2005, 2006
      • Program Committee, 7th Information Security Conference (ISC04), Palo Alto, USA, Sept 27-29, 2004
      • Program Committee, International Workshop on Broadband Wireless Services and Applications (BroadWISE) , October 25, 2004.
      • Editorial Board, Journal of Database Management , 2001 onwards.
      • Program Committee, The First International Workshop for Asian Public Key Infrastructure (IWAP2001), 20th International Conference on Conceptual Modeling (ER2001), International Conference on Information Security and Cryptology (ICISC2001), ACIS International Conference on Computer and Information Science (ICIS '01).
    • Reviewer
      • ACM Transactions on Information and System Security, Journal of Network and Computer Applications, IEEE Internet Computing, International Journal of Computer and Information Science, IEEE Transaction on Knowledge and Data Engineering, Information and Software Technology, Journal of Databased Management, ACM Computing Survey, ACM Transactions on Software Engineering and Methodology
    • Professional Certificates and Memberships
      • Information Systems Security Certificate (GMU), ACM, ACM-SIGSAC, IEEE Computer Society, Phi Beta Delta (Honor Society for International Scholars)