Data and Applications Security

  1. Secure Query Processing Using AI Techniques, January 1988, Proceedings of the IEEE Hawaii International Conference on Systems Sciences, p. 561-570, (co-authors: W. T. Tsai and T. F. Keefe) - Best Paper Award for Software Tracks (enhanced version in IEEE Computer 1989).
  2. Foundations of Multilevel Databases, May 1988, Proceedings 1st RADC Database Security Invitational Workshop, Menlo Park, CA, (Proceedings published by Springer Verlag, 1992, Ed: T. Lunt - Book Chapter).
  3. Design of an Update Processor for MLS/DBMS, October 1988, Invited paper, Proceedings of the 11th National Computer Security Conference, Baltimore, MD; addendum to Proceedings (co-authors: P. Stachour and P. Dwyer).
  4. Query Processing in LDV: A Secure Database System, December 1988, Proceedings of the 4th IEEE Aerospace Computer Security Conference, Orlando, (co-authors: P. Dwyer, E. Onuegbe and P. Stachour).
  5. A Multilevel Security Model for Object-Oriented Systems, October 1988, Proceedings of the 11th National Computer Security Conference, Baltimore, MD, (co-authors: W. T. Tsai and T. F. Keefe).
  6. Prototyping as a Research Tool for MLS/DBMS, October 1988, Proceedings of the IFIP WG 11.3 Conference on Database Security, Kingston, Ontario, Canada, (also published as book chapter by North Holland, 1989: Database Security II: Status and Prospects) (co-authors: W. Tsai and D. Thomsen).
  7. Security Checking with Prolog-Extensions, May 1989, Proceedings of the 2nd RADC Database Security Invitational Workshop, Franconia, NH.
  8. Mandatory Security in Object-Oriented Database Systems, October 1989, Proceedings of the ACM Conference on Object-Oriented Programming, Systems, Languages and Applications (ACM OOPSLA) Conference, New Orleans, LA.
  9. A Multilevel Secure Object-Oriented Data Model, October 1989, Proceedings of the 12th National Computer Security Conference, Baltimore, MD.
  10. Secure Query Processing in Intelligent Database Management Systems, December 1989, Proceedings of the 5th IEEE Computer Security Applications Conference Tucson, AZ.
  11. Novel Approaches to Handle the Inference Problem, June 1990, Proceedings of the 3rd RADC Database Security Workshop, New York.
  12. The Inference Problem in Multilevel Secure Database Management Systems, June 1990, Proceedings of the 3rd RADC Database Security Workshop, New York (co-authors: W. Ford, M. Collins, J. O'Keeffe).
  13. Trusted Distributed Database Management Systems, June 1990, Proceedings of the 3rd RADC Database Security Workshop, New York, (co-author: H. Rubinovitz).
  14. Recursion Theoretic Properties of the Inference Problem in Database Security, June 1990, Presented at the 3rd IEEE Workshop on Foundations of Computer Security, Franconia, NH (public release was not obtained in time for proceedings; printed as MITRE Paper M291 June 1990).
  15. Multilevel Security for Multimedia Database Systems, September 1990, Proceedings of the 4th IFIP WG 11.3 Conference on Database Security, Halifax, England, (also published as book chapter by North Holland, 1991, p. 99 - 116).
  16. Secure Query Processing in Distributed Database Management Systems - Design and Performance Study, December 1990, Proceedings of the 6th IEEE Computer Security Applications Conference, Tucson, AZ, (co-author: A. Kamon).
  17. A Note on Security Constraint Processing in a MultiLevel Secure Database Management System, April 1991, Proceedings of the 4th RADC Database Security Workshop, Little Compton, RI (co-author: W. Ford, M. Collins).
  18. Trusted Distributed Database Management Systems R & D - A Progress Report, April 1991, Proceedings of the 4th RADC Database Security Workshop, Little Compton, RI, (co-authors: H. Rubinovitz).
  19. Handling Security Constraints During Multilevel Database Design, April 1991, Proceedings of the 4th RADC Database Security Workshop, Little Compton, RI.
  20. Implementation and Simulation of Secure Distributed Query Processing Algorithms, Proceedings of the 1991 Computer Simulation Conference, Baltimore, MD, (co-author: H. Rubinovitz).
  21. A Nonmonotonic Typed Multilevel Logic for Multilevel Secure Data/Knowledge Base Management System - II, June 1991, Proceedings of the 4th IEEE Computer Security Foundations Workshop, Franconia, NH.
  22. Issues on the Design and Implementation of an Intelligent Database Inference Controller, Proceedings of the 1991 IEEE International Conference on Systems, Man, and Cybernetics, Charlottsville, VA, (co-author: W. Ford).
  23. The Use of Conceptual Structures to Handle the Inference Problem, Proceedings of the 5th IFIP WG 11.3 Conference on Database Security, Shepherdstown, VA., November 1991 (Also published by North Holland, 1992)
  24. Security Constraint Processing During the Update Operation in a Multilevel Secure Database System, Proceedings of the 7th IEEE Computer Security Applications Conference, San Antonio, TX, December 1991 (co-authors: M. Collins, W. Ford).
  25. Design and Simulation of Secure Distributed Concurrency Control Algorithms, Proceedings of the 1992 Computer Simulation Conference, Nevada, July 1992. (co-author: H. Rubinovitz).
  26. A Nonmonotonic Typed Multilevel Logic for Multilevel Database Management Systems - II, June 1992, Proceedings of the 5th IEEE Computer Security Foundations Workshop, Franconia, NH.
  27. Knowledge-based Inference Control in a Multilevel Secure Database Management System, Proceedings of the 15th National Computer Security Conference, Baltimore, MD, October 1992.
  28. A Note on the Security Impact on Real-time Database Management Systems, Proceedings of the 5th RADC Database Security Workshop, New York, October 1992.
  29. Secure Computing with the ACTOR Paradigm, Presented at the ACM/SIGSAC New Computer Security Paradigms Workshop, Little Compton, RI, September 1992. (Proceedings published by ACM Press, 1993)
  30. An Object-Oriented Approach to Modeling Multilevel Database Applications, Proceedings of the ACM Conference Workshop on Object-Oriented Programming Language, Systems, and Applications, Vancouver, B.C., October 1992 (co-author: P. Sell).
  31. Towards the Design and Implementation of a Multilevel Secure Deductive Database Management System, Proceedings of the 26th Hawaii International Conference on Systems Sciences, January 1993.
  32. Parallel Processing and Trusted Database Management Systems - Applying One Technology to the Other, Proceedings of the 1993 ACM Conference in Computer Science, Indianapolis, Indiana (co-author: W. Ford).
  33. Security and Integrity Constraint Processing in a Multilevel Secure Distributed Environment, MILCOM 93, October 1993 (classified session) (co-authors: A. Abreu, H. Rubinovitz, M. Collins).
  34. Towards a Multilevel Secure Database Management System for Realtime Applications, Proceedings of the First IEEE Workshop in Realtime Computing, May 1993 (co-author: S. Son).
  35. Design and Implementation of a Distributed Database Inference Controller, Proceedings of the 17th IEEE COMPSAC Conference, November 1993. (co-authors: H. Rubinovitz, D. Foti, A. Abreu).
  36. Security and Integrity in Distributed Database System, Database Colloquium 93, San Diego, CA, August 1993 (co-authors: D. Small, D. Goldsmith) (proceedings available in electronic media).
  37. Applying OMT for Multilevel Database Applications, Proceedings of the 7th IFIP Working Conference on Database Security, Huntsville, Alabama, September 1993. (co-author: P. Sell) (also published as book chapter by North Holland, 1994).
  38. Object-oriented Approach to Interconnecting Trusted Database Management Systems, September 1993, ACM OOPSLA-93 Conference Workshop on Object Persistence in Heterogeneous Database Environments, Washington D.C. (co-author: H. Rubinovitz).
  39. Security Constraint Processing in a Distributed Database Environment, Proceedings of the 1994 ACM Computer Science Conference, Phoenix, AZ, March 1994. (co-author: H. Rubinovitz).
  40. Database Inference Control, Proceedings of the DoD Database Security Workshop, Maine, June 1994 (co-authors: M. Collins and H. Rubinovitz).
  41. MLS Database Application Design, Proceedings of the DoD Database Security Workshop, Maine, June 1994 (co-authors: S. Lewis, D. Marks, P. Sell, S. Wiseman).
  42. Hypersemantic Data Modeling for Inference Analysis, Proceedings of the 8th IFIP Working Conference in Database Security, Hildesheim, Germany, August 1994. (co-authors: D. Marks, L. Binns) (also published as book chapter by North Holland 1995).
  43. A Fine-grained Access Control Model for Object-oriented DBMS, Proceedings of the 8th IFIP Working Conference in Database Security, Hildesheim, Germany, August 1994 (co-authors: A. Rosenthal et al) (also as book chapter by North Holland, 1995).
  44. An Adaptive Policy for Improved Timeliness in Secure Database Systems, Proceedings of the 9th IFIP Working Conference in Database Security, New York, August 1995. (co-authors: S. Son and R. David, also as book chapter by North Holland 1996).
  45. Design and Implementation of a Database Inference Controller Utilizing a Deductive Object-Oriented Data Model, Proceedings of the 13th DOD Database Colloquium, San Diego, CA, August 1996. (co-authors: M. Collins, D. Marks, B. Newman).
  46. Survivability Issues for Evolvable Real-time Command and Control Systems, Proceedings of the Information Survivability Workshop, February 1997 (co-authors: P. Krupp, J. Maurer).
  47. Adaptable Object Request Brokers for Information Survivability of Command and Control Systems, Proceedings of the Information Survivability Workshop, October 1998 (co-author: J. Maurer et al).
  48. Data Mining, Data Warehousing and Security, Proceedings of the IFIP Conference Book, Chapman and Hall, 1997 (version of keynote address at conference, 1996; editor: P. Samarati and R. Sandhu) (also presented at CODATA Conference, Paris, June 1999).
  49. Adaptable Object Request Brokers for Information Survivability of Evolvable Real Time Command and Control Systems, Proceedings IEEE FTDCS Conference, Cape Town, December 1999 (co-author: J. Maurer).
  50. Directions for Web and E-Commerce Security, Proceedings WET ICE June 2001 (co-authors: C. Clifton, E. Bertino et al).
  51. Data and Applications Security: Developments and Directions, Proceedings IEEE COMPSAC, 2002.
  52. Building Secure Survivable Semantic Webs, Proceedings IEEE ICTAI 2002.
  53. Security Issues for the Semantic Web, Proceedings IEEE COMPSAC 2003.
  54. Dependable Computing for National Security: A Position Paper, Proceedings of the 6th International Symposium on Autonomous Decentralized Systems, April 2003, Pisa, Italy (ISADS).
  55. Data and Applications Security: Past, Present and Future, Proceedings of IFIP Conference Book (Kluwer), 2004 (version of keynote address at conference, 2003; editor: I. Ray).
  56. Security and Privacy for Web Databases and Services, Proceedings of the EDBT Conference, March 2003, Crete. (co-author: E. Ferrari) (based on keynote address at EDBT).
  57. Using RDF for Policy Specification and Enforcement, Proceedings of the DEXA Workshop on Web Semantics, Spain, August 2004 (co-author: B. Carminati et al).
  58. On the Complexity of the Privacy Problem in Databases, Proceedings Foundations of Data Mining, Workshop, England, 2004 (Proceedings by lecture notes, Springer).
  59. Towards Access Control for Visual Web Model Management, Proceedings IEEE E-Commerce Workshop, Hong Kong, May 2005 (co-author: G. Song et al).
  60. Trust Management in a Distributed Environment, Proceedings of the 29th Annual International Computer Software and Applications Conference (COMPSAC) , Edinburgh, Scotland, July 2005.
  61. Secure Model Management Operations for the Web, Proceedings IFIP Data and Applications Security Conference, August 2005 (co-authors: G. Song et al).
  62. Multilevel Secure Teleconferencing over Public Switched Telephone Network, IFIP Data and Applications Security Conference, 2005 (co-author: I. Youn et al).
  63. Dependable Real-time Data Mining, Proceedings ISORC 2005 (co-author: L. Khan et al).
  64. A Framework for a Video Analysis Tool for Suspicious Event Detection, ACM SIGKDD Multimedia Data Mining Workshop, Chicago, IL 2005 (co-author: G. Lavee et al).
  65. Message Correlation in Automated Communication Surveillance through Singular Value Decomposition, Proceedings ACM MM Workshop, Chicago, IL, 2005 (co-author: R. Layfield, et al).
  66. Privacy Preserving Data Mining, Proceedings IEEE ICDM Workshop on Privacy preserving Data Mining, Houston, TX, 2005.
  67. Dependable and Secure TMO Scheme, Proceedings of the 9th IEEE ISORC, Gyeongju, Korea, April 2006 (co-author: J. Kim).
  68. Design of a Secure CAMIN Application Systems based on Secure and Dependable TMO, Proceedings ISORC, May 2007 (co-author: J. Kim).
  69. Security for Web Services, Proceedings ACM Workshop in Secure Web Services, May 2006 (co-author: C. Farkas et al).
  70. Detection and Resolution of Anomalies in Firewall Policy Rules, Proceedings IFIP Data and Applications Security Conference, Sophia Antipolis, France, 2006 (co-author: M. Abedin et al).
  71. A Knowledge Based Approach to Detect New Malicious Executables, Proceedings Second SKM Workshop, Brooklyn, NY, September 2006 (co-author: L. Khan et al; enhanced version appeared in Information Systems Frontiers).
  72. Access Control for Geospatial Web Services, Proceedings ACM CCS Conference Workshop, and November 2006. (co-author: A. Ashraful et al).
  73. Geospatial RDF, ISWC Conference on Geospatial Semantic Web, Athens, GA, Nov. 2006 (co-author: A. Ashraful).
  74. Face Recognition Using Multiple Classifiers, IEEE ICTAI Conference Proceedings, November 2006 Washington DC, (co-author: P. Parveen).
  75. The Applicability of the Perturbation Model-based Privacy-preserving Data Mining, Proceedings IEEE ICDM Conference Workshop on Privacy Preserving Data Mining, Hong Kong, December 2006. (enhanced version appeared in DKE 2008) (co-author: L. Liu).
  76. Design and Simulation of Trust Management Techniques for a Coalition Data Sharing Environment, Proceedings FTDCS, 2007 (co-author: S. Iyer).
  77. Fingerprint Matching Algorithm, Proceedings ARES, April 2007.
  78. Extended RBAC - Based Design and Implementation for a Secure Data Warehouse, Proceedings ARES , April 2007 (enhanced version appeared in data warehousing journal) (co-author: S. Iyer).
  79. Risk Management and Security, Proceedings Decision and Risk Analysis Conference, Richardson, TX, May 2007.
  80. Geospatial Data Mining for National Security, Proceedings ISI, New Brunswick, NY, May 2007 (co-author: Chuanjun et al).
  81. Confidentiality, Privacy and Trust Policy Enforcement for the Semantic Web, Proceedings of the 8th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY), Bologna, Italy, June 2007.
  82. A Hybrid Model to Detect Malicious Executables, Proceedings ICC 2007 (co-authors: M. Masud, L. Khan).
  83. Enforcing Honesty in Assured Information Sharing within a Distributed System, Proceedings IFIP Data and Applications Security, Redondo Beach, CA, July 2007 (co-authors: R. Layfield et al).
  84. SCRUB-tcpdump: A Multilevel Packet Anonymizer Demonstrating Privacy and Analysis Tradeoffs, Proceedings SecureComm, Nice, France, September 2007 (co-authors: W. Yurcik, et al).
  85. Secure Peer-to-Peer Networks for Trusted Collaboration, Proceedings of sthe 2nd IEEE International Workshop on Trusted Collaboration (TrustCol), November 2007.
  86. Centralized Security Labels in Decentralized P2P Networks, Computer Security Applications Conference, December 2007 (ACSAC) (co-authors: N. Tsybulnik and K. Hamlen)
  87. Delegation-Based Security Model for Web Services, HASE 2007: 82-91 (co-authors: Wei She, I. Yen).
  88. Building Secure Applications for Peer to Peer Systems, Proceedings TRUST workshop, NY, November 2007.
  89. Detecting Remote Exploits Using Data Mining, Proceedings IFIP Digital Forensics Conference, Kyoto, January 2008 (co-author: M. Masud et al).
  90. GRDF and Secure GRDF, Proceedings ICDE Conference Workshop in Secure Semantic Web, April 2008 (co-author: A. Alam et al).
  91. Toward Trusted Sharing of Network Packet Traces Using Anonymization: Single-Field Privacy/Analysis Tradeoffs, CoRR abs/0710.3979: (2007) (co-authors: William Yurcik, Clay Woolam, Greg Hellings, Latifur Khan).
  92. Measuring Anonymization Privacy/Analysis Tradeoffs Inherent to Sharing Network Data, NOMS 2008, p. 991-994 (co-authors: W. Yurick et al).
  93. The SCRUB Security Data Sharing Infrastructure, NOMS 2008: 630-644 (co-authors: Y. Yurick et al) (also software available as Opensource).
  94. Making Quantitative Measurements of Privacy/Analysis Tradeoffs Inherent to Packet Trace Anonymization, Financial Cryptography and Data Security, 2008, p. 323-324 (co-authors: W. Yurick et al).
  95. Privacy/Analysis Tradeoffs in Sharing Anonymized Packet Traces: Single-Field Case, ARES 2008, p. 237-244 (co-authors: W. Yurick et al).
  96. ROWLBAC - Representing Role Based Access Control in OWL, Proceedings ACM SACMAT June 2008 (co-authors: T. Finin, L Kagal et al).
  97. Accountability for Grid, DOE Conference on Cyber Security, Knoxville, TN, (co-author: E. Bertino)
  98. Role Based Access Control and OWL, Proceedings of the fourth OWL: Experiences and Directions Workshop, April 2008, (co-author: T. Finin et al).
  99. Data Mining for Security Applications, Proceedings EUC 2008, Shanghai (co-authors: L. Khan, K. Hamlen et al).
  100. Trustworthy Semantic Web Technologies for Secure Knowledge Management, TPS 2008, Shanghai (co-author: P. Parikh).
  101. Secure, Highly Available, and High Performance Peer-to-Peer Storage Systems, HASE 2008 (co-author: Y. Ye et al).
  102. Enhancing Security Modeling for Web Services Using Delegation and Pass-On, ICWS 2008 (co-author: She, Wei; Yen, I-Ling).
  103. Flow-based Identification of Botnet Traffic by Mining Multiple Log Files, In proceedings of the International Conference on Distributed Frameworks & Applications (DFMA), Penang, Malaysia, Oct. 2008, (co-authors: M. Masud, T. Al-khateeb, L. Khan, K. Hamlen).
  104. Incentive and Trust Issues in Assured Information Sharing, Invited Paper, CollaborateCom, Orlando, FL, November 2008 (co-authors: R. Layfield and M. Kantarcioglu).
  105. Privacy Preserving Decision Tree Mining from Perturbed Data, HICSS 2009: 1-10, Nominated for best paper award (co-authors: Li Liu and Murat Kantarcioglu).
  106. Effective and Efficient Implementation of an Information Flow Control Protocol for Service Composition, Proceedings of the Service Oriented Computing And Applications Workshop, Taipei, Taiwan, Jan. 2009 (co-authors: W. She, I. Yen, E. Bertino).
  107. The SCIFC Model for Information Flow Control in Web Service Composition, ICWS 2009 (co-authors: W. She, I. Yen, E. Bertino).
  108. Design and Implementation of a Secure Social Network System, IEEE ISI Conference Workshop on Social Computing, 2009 (co-authors: R. Layfield et al).
  109. Assured Information Sharing Life Cycle, IEEE ISI Conference workshop on Social Computing, 2009 (co-author: T. Finin et al).
  110. A Semantic Web Based Framework for Social Network Access Control, SACMAT 2009: 177-186, (co-authors: E. Ferrari, B. Carminati, , R. Heatherly, M. Kantarcioglu).
  111. Inferring Private Information Using Social Network Data, WWW 2009: 1145-1146, (co-authors: J. Lindamood et al).
  112. Policy-Driven Service Composition with Information Flow Control, ICWS, 2010 (coauthors: W.She, I. Yen and E. Bertino).
  113. Scalable and Efficient Reasoning for Enforcing Role-based AccessControl, DBSec 2010, Rome, Italy (co-authors: T. Cadenhead and M. Kantarcioglu).
  114. A Token-Based Access Control System for RDF Data in the Clouds, Accepted in the main track of IEEE CloudCom 2010 (co-authors: M. Farhan, K. Hamlen et al).
  115. Secure Data Storage and Retrieval in the Cloud, CollaborateCom 2010, Chicago, IL (co-authors: V. Khadilkar et al).
  116. An Evaluation of Privacy, Risks and Utility with Provenance, Proceedings, Secure Knowledge Management Workshop (SKM), November 2010 (co-authors: T. Cadenhead et al).
  117. Identity Management for Cloud Computing: Developments and Directions, Proceedings Cyber Security and Intelligence Workshop, Oakridge, TN, October 2011.
  118. A Language for Provenance Access Control, Proceedings of CODASPY 2011, San Antonio, TX (co-authors: T. Cadenhead, V. Khadilkar, M. Kantarcioglu).
  119. Differentiating Code from Data in x86 Binaries, Proceedings of ECML/PKDD (3) 201, Athens, Greece (co-authors: R. Wartell, Y. Zhou, K. Hamlen, M. Kantarcioglu).
  120. Transforming Provenance Using Redaction, Proceedings of SACMAT 2011, Innsbruck, Austria (co-authors: T. Cadenhead, V. Khadilkar, M. Kantarcioglu).
  121. Secure Data Processing in a Hybrid Cloud, Computing Research Repository (CoRR) abs/1105.1982, 2011 (co-authors: V. Khadilkar, M. Kantarcioglu, S. Mehrotra).
  122. On Secure and Resilient Telesurgery over Unreliable Networks, The First International Workshop on Cyber-Physical Networking Systems, Shanghai, China, April 2011 (co-authors: . E. Tozal, Y. Wang, E. Al-Shaer, K. Sarac, B. Chu).
  123. A Cloud-based RDF Policy Engine for Assured Information Sharing, To appear in Proceedings of ACM SACMAT 2012, Newark, NJ (co-author: T. Cadenhead) (refereed demonstration paper).
  124. Unsupervised Incremental Sequence Learning for Insider Threat Detection, To appear in Proceedings of IEEE ISI 2012, Washington, DC (co-author: P. Pallabi).
  125. Towards Cyber Operations - The New Role of Academic Cyber Security Research and Education, To appear in Proceedings of IEEE ISI 2012, Washington DC (co-author: J. Kallberg).