Office: ECS 3.223

Tel: 972-883-4738

Fax: 972-883-2349

Email:

Curriculum Vitae

Bhavani Thuraisingham,

March 2010

Biography

Major Awards

Research Statement

Resume Summary

Industry/Government Experience

Teaching Experience (Academic and Professional)

Academic Research Supervision

Research Funding

Publications List (Authored works, e.g., Journals, Conferences, Books)

Edited Works (e.g., Books, Proceedings, Journals)

Technical Reports

Presentations (e.g., Keynotes addresses, Panels)

Discussion of Publications

Systems/Prototypes/Products/Open Source Software

Intellectual Property and Patents

Professional Activities

Media Reports

Sample Papers

Research Centers and Affiliated Labs

Motivational Articles

Back

Section 1: BIOGRAPHY

Dr. Bhavani Thuraisingham is the Louis A. Beecherl, Jr. I Distinguished Professor in the Erik Jonsson School of Engineering and Computer Science at the University of Texas at Dallas (UTD) effective September 2010. She joined UTD in October 2004 as a Professor of Computer Science and Director of the Cyber Security Research Center which conducts research in data security and privacy, secure networks, secure languages, secure social media, data mining and semantic web. She is an elected Fellow of three prestigious organizations: the IEEE (Institute for Electrical and Electronics Engineers), the AAAS (American Association for the Advancement of Science) and the BCS (British Computer Society). She is the recipient of numerous awards including the IEEE Computer Society’s 1997 Technical Achievement Award for “outstanding and innovative contributions to secure data management” and the 2010 Research Leadership Award for Outstanding and Sustained Leadership Contributions to the field of Intelligence and Security Informatics” presented jointly by the IEEE Intelligent and Transportation Systems Society Technical Committee on Intelligence and Security Informatics in Transportation Systems and the IEEE Systems, Man and Cybernetics Society Technical Committee on Homeland Security. She served as served as an IEEE Distinguished Lecturer between 2002 and 2005. She was also quoted by Silicon India magazine as one of the seven leading technology innovators of South Asian origin in the USA in 2002.

Prior to joining UTD, Dr. Thuraisingham was an IPA (Intergovernmental Personnel Act) at the National Science Foundation (NSF) in Arlington, VA, from the MITRE Corporation for three years. At NSF she established the Data and Applications Security Program and co-founded the Cyber Trust theme and was involved in interagency activities in data mining for counter-terrorism. She worked at MITRE in Bedford, MA between January 1989 and September 2001, first in the Information Security Center and later as a department head in Data and Information Management as well as Chief Scientist in Data Management in the Intelligence and Air Force centers. At MITRE she led team research and development efforts on secure data management and real-time data management for NSA, AFRL, SPAWAR, CECOM and CIA. She also served as a technical consultant in information security and data management to the Department of Defense, the Department of Treasury and the Intelligence Community for over 10 years and served as an expert consultant to the Department of Justice in 2001. Thuraisingham’s industry experience includes six years of research and product development as well as technology transfer at Control Data Corp. and Honeywell Inc. in Minneapolis, MN. While in industry and at MITRE, she was an adjunct professor of computer science and member of the graduate faculty first at the University of Minnesota and later at Boston University between 1984 and 2001. She also worked as visiting professor soon after her PhD, first at the New Mexico Institute of Technology and later at the University of Minnesota between 1980 and 1983.

Dr. Thuraisingham’s research interests are in data security and data mining for counter-terrorism. Her work in information security and information management has resulted in over 100 journal articles, over 200 refereed conference papers and workshops, three US patents and several IP disclosures. She is the author of ten books in data management, data mining and data security including one on data mining for counter-terrorism and another on Database and Applications Security and is completing her eleventh book on Data Mining Tools for Malware Detection, and is the editor of twelve books She has given over 70 keynote presentations at various technical conferences and has also given invited talks at the White House Office of Science and Technology Policy and at the United Nations on Data Mining for counter-terrorism. She serves (or has served) on editorial boards of leading research and industry journals including several IEEE and ACM Transactions, the VLDB Journal, and also served as the Editor in Chief of Computer Standards and Interfaces Journal. She has contributed to multiple standards activities including Navy’s Next Generation Interface efforts, Object Management Group’s Real-time computing and C4I efforts, and more recently the Open Geospatial Consortium’s semantic web efforts. In addition, she has been an instructor at AFCEA’s (Armed Forces Communications and Electronics Association) Professional Development Center since 1998 and has served on panels for the Air Force Scientific Advisory Board and the National Academy of Sciences including one on protecting children from inappropriate content on the Internet chaired by Hon. Dick Thornburgh in 2000. She is continuing with these efforts and recently participated in EastWest Institute’s 1st Worldwide Security Summit panel on protecting our children in cyberspace. She is a member of several professional organizations including the Association for Computing Machinery, IFIP 11.3 Working Group in Data and Applications Security and AFCEA. She has chaired over ten conferences and has served in over 100 conferences program committees.

During her six years at UTD, Dr. Thuraisingham has established and leads a strong research program in Intelligence and Security Informatics which now includes 5 core professors and the team has generated over $12 million in research funding from agencies such as NSF, AFOSR, IARPA, NGA, NASA, ONR, ARO and NIH as well as corporations such as Raytheon Inc. The research projects include an NSF Career Grant, an AFOSR Young Investigator Program Award and a DoD MURI Award on Assured Information Sharing. Her current focus includes three activities: (i) studying how terrorists and hackers function so that effective and improved solutions can be provided (ii) initiating interdisciplinary programs integrating social sciences and information sciences and (iii) transferring the technologies developed at the university to commercial development efforts. She is also instrumental in establishing UTD’s MS Track in Information Assurance and is a Co-PI of the $1.7 million NSF Scholarship for Service Award in Cyber Security. She teaches courses in data and applications security, trustworthy semantic services and digital forensics and collaborates with the DFW corporations as well as North Texas Regional Computer Forensics Laboratory for student projects. She also writes motivational articles including one on CS Careers in the Global Economy.

Dr. Thuraisingham received her BS degree in Mathematics and Physics with first class at the University of Ceylon, her M.Sc degree in Mathematical Logic at the University of Bristol, UK and her PhD degree in Theory of Computation at the University of Wales, UK. She strongly believes in continuing education and has also received a number of professional qualifications to enhance her 30 year career since 1980 including an MS in Computer Science focusing in computer systems and networks at the University of Minnesota, Java Development Certification from Learning Tree International, the Certificate in Terrorism Studies at St. Andrews University, Scotland and CISSP (Certified Information Systems Security Professional) certification with ISC2.

Dr. Thuraisingham is the founding president of “Bhavani Security Consulting, LLC” a company providing services in consulting and training in Cyber Security and Information Technology. She is also the founder and a member of the board of directors of “Infosec Analytics, LLC”, a spin-off company from UTD developing tools in malware detection and information sharing.

She promotes Math and Science to high school students as well as to women and underrepresented minorities, and is a member of the Society of Women Engineers (SWE). She has given featured addresses at conferences sponsored by WITI (Women in Technology International) and SWE and received the 2001 Woman of Color Research Leadership Award from Career Communications Inc. Articles on her efforts, her vision as well as her team’s research have appeared in multiple magazines including the Dallas Morning News, the Boston Globe, ABC News, D Magazine, MITRE Matters the DFW Metroplex Technology magazine. She has also appeared in DFW Television giving her opinions on cyber security.

Section 2: MAJOR AWARDS

EXTERNAL

o Best paper award, IEEE Conference on Systems Sciences, 1988 on Secure Query Processing Strategies (Invited paper published in IEEE Computer, March 1989)

o Recipient of IEEE Computer Society’s 1997 Technical Achievement Award for contributions to secure distributed database management. As cited by IEEE, “this award is given to individuals who have made outstanding and innovative contributions in the field of computer and information science and engineering within the past 15 years.”

o Recipient of Career Communication Inc.’s National 2001 Woman of Color Technology Research Leadership Award

o Featured by SiliconIndia’s May 2002 issue as one of the top seven technology innovators (the only woman) in USA of South Asian origin (others are from Stanford, Berkeley, MIT, NASA, PARC and HP Labs). The innovation was for data and web security.

o Recipient of IEEE’s 2003 Fellow Award for Contributions to Secure Systems involving databases, distributed systems and the web. As stated by IEEE, “each year, following a rigorous evaluation procedure, the IEEE Fellow Committee recommends a select group of recipients for one of the Institute's most prestigious honors, election to IEEE Fellow”.

o Recipient of AAAS (American Association for the Advancement of Science) 2003 Fellow Award for “Outstanding and Innovative Contributions to Secure Database Systems and Secure Web Information Systems”

o Recipient of British Computer Society (BCS) 2005 Fellow Award for contributions to information technology

o IEEE Distinguished Lecturer, 2002-2005

INTERNAL

· MITRE Program Achievement Awards 1997 (AWACS), 2002 and 2005 (IRS Research Credit)

· MITRE Director’s Awards 1997 (Data Mining), 1997 (Distributed Objects)

· MITRE Author of the Month award (1997, 1999)

· Honeywell Computer Sciences Center Employee of the Month Award (April 1987)

· Control Data Corporation, Arden Hill Programming Division, CDCNET Award (September 1985)

· NSF Program Awards (ITR 2003, Cyber Trust 2005)

Section 3: RESEARCH STATEMENT

My research combines theory and practice. I have utilized my PhD research in theory of computation and complexity theory with my systems expertise in industry to develop prototypes based on fundamental principles. My research in secure systems utilized the non interference principles to design the Lock Data Views System in the mid 1980s. This is one of the first two secure relational database systems designed. Our techniques for secure query processing, update processing, and metadata management were incorporated into the early commercial products such as Trust Oracle, Secure Sybase, Secure Ingres and Secure Informix in the early 1990s. I then developed secure distributed database systems and secure object oriented systems utilizing the Bell and La Padula security principles as well as the non interference principles. The work that I received several awards was for the inference problem. I first proved that the inference problem was unsolvable and then designed and developed prototype inference controllers for specific classes of the problem. I also designed and developed secure database systems based on logic that I designed called NTML (Nonmonotonic Typed Multilevel Logic). I was among the first to develop secure dependable systems that integrated real-time processing with security techniques in the late 1990s.

After spending three years at the National Science Foundation and establishing programs in data and application security, I joined UTD in October 2004. At UTD I have developed two areas (i) Cyber Security, in particular Data and Applications Security and (ii) Information Management. In the area of Data and Applications Security, I have focused on four areas. (a) Assured information sharing: My team in the CS department collaborates with the School of Management and Economics and Policy Sciences to develop an interdisciplinary approach for incentive based information sharing. (b) In addition, we have also explored research issues in secure and private social networks. (c) We also developed novel privacy preserving data mining and data integration techniques. (d) Policy management based on semantic web technologies. (e) Data mining tools for security applications. Notable among these tools are those based on novel class detection for stream mining. In the area of Information Management our focus has been on developing technologies for national security in two major areas. (a) We have designed ontology alignment algorithms critical for homeland security applications and (b) developed geospatial data management and mining techniques. In addition to data security and information management, my team has also focuses on secure cloud computing and in-line reference monitors. In addition to collaborating with two of my colleagues and contributing to assured information sharing as well as to the data mining tools, my main research has been on policy management based on semantic web technologies. Our goal is to build inference controllers based on RDF data engines and RDF reasoning engines. Essentially this research extends my earlier work on the inference problem utilizing semantic web technologies. I have also developed prototypes for policy management in a coalition environment.

We are developing a multi-pronged approach to research. Our major goal is to publish papers in the most prestigious journals and conferences. Since 2005, I have papers published in IEEE Transactions on Knowledge and Data Engineering, IEEE Transactions on Dependable and Secure Computing, ACM Transactions on Information and Systems Security, IEEE Transactions on Systems, Man and Cybernetics, and Very Large Database Journal. Prestigious conferences include IEEE Conference on Data Mining (ICDM) and ACM Conference of Access Control and Models (SACMAT). My team has published several more papers in IEEE as well as ACM Transactions. Our second goal is to build systems. We have developed several prototypes and tools and have published open source software. These tools are being utilized by our colleagues around the world. Our third goal is to disclose inventions, develop intellectual property and start spin-off companies. This is something we started in 2009. Our fourth goal is to contribute to standards and we participate in W3C and OGC standards.

Since October 2005, my team has generated over $10m in research funding including a DoD MURI, NSF Career and AFOSR YIP. Our sponsors include AFOSR, NSF, IARPA, NGA, NASA, ONR and NIH. Our major corporate sponsor is Raytheon. In 2010 I am working toward expending the corporate sponsor based and we are having discussions with Lockheed, Rockwell and IBM among others.

Section 4: RESUME SUMMARY

Name: Dr. Bhavani Thuraisingham

Work Address: Department of Computer Science, University of Texas at Dallas, Richardson, Texas

Phone: 972-883-4738 ; Fax: 972-883-2349

Email: Bhavani.thuraisingham@utdallas.edu

URL I: http://www.utdallas.edu/~bxt043000/ URL II: www.dr-bhavani.org

I. EDUCATION

Ph.D. in Theory of Computation and Computability Theory; University of Wales, Swansea, United Kingdom, July 1979 (at age 24). Thesis: Decision Problems for System Functions

Advisors: Dr. Roger Hindley (Swansea), Dr. John Cleave (Bristol) – received most of the supervision at University of Bristol and submitted thesis at University of Wales, Swansea due to residency requirements

M.S. in Computer Science, University of Minnesota, March 1984 (G.P.A. 4.0/4.0); Specialized in: Databases, Networks, Operating Systems. Dissertation: Transport Layer for a Token Ring Network, Advisor: Dr. William Munroe

M.Sc. in Mathematical Logic and Foundations of Computer Science; University of Bristol, United Kingdom, January 1977; Thesis: Construction of a Universal Partial Recursive Functional; Advisors: Dr. John Cleave and Prof. John Shepherdson

B.Sc. in Pure Mathematics, Applied Mathematics, and Physics; University of Ceylon, August 1975 (First Class and First in order of merit)

Higher Doctorate: D.Sc. Preparing published work to be submitted to the degree of D.Sc (Doctor of Science) at the University of Bristol in England, 2010. D.Sc. is beyond Ph.D. (usually known as Higher Doctorate) and awarded by British universities to alumni who have made outstanding research contributions in their field. University of Bristol is consistently rated among the top five universities in the U.K.

CERTIFICATION PROGRAMS (with exams)

1. JAVA Certification, Learning Tree International, 1998-2000 (5 courses)

2. Certificate in Terrorism Studies, St. Andrews University, Scotland, January – May 2010.

3. CISSP, May 2010

PROFESSIONAL EDUCATION

1. Management Development Program, 1996-1997, The MITRE Institute

2. US Intelligence Community, AFCEA 1994

3. Cybil Programming Language, Control Data Institute, 1984

II HONORS AND AWARDS

External: Recipient of IEEE’s 2003 Fellow Award for Contributions to Secure Systems involving databases, distributed systems and the web; Recipient of AAAS (American Association for the Advancement of Science) 2003 Fellow Award; Recipient of British Computer Society (BCS) 2005 Fellow Award; Recipient of IEEE Computer Society’s 1997 Technical Achievement Award for outstanding and innovative contributions to Secure distributed database management; Featured by SiliconIndia magazine (May 2002) issue as one of seven prominent technology innovators (the only woman) in the USA of South Asian origin; Recipient of Career Communication Inc.’s National 2001 Woman of Color Technology Research Leadership Award Best paper award, IEEE Conference on Systems Sciences, 1988.

Internal: MITRE Corporation’s program achievement award (distributed real-time systems) 1997; IRS Program Award 2002 and 2005; Director awards for data mining and distributed objects 1998.

III: SIGNIFICANCE OF RESEARCH

My early research was on theory of computation and in particular recursion theory. This research was carried out as visiting professor at the New Mexico Institute of Technology and at the University of Minnesota for three years. It resulted in several journal publications including in the Journal of Computer and Systems Sciences. Since 1985 my research has focused on data security. This research was carried out initially at Honeywell Inc., as well as the University of Minnesota as adjunct faculty of computer science for over four years. I continued with this research at the MITRE Corporation starting in 1989. Significant contributions include design and development of Lock Data Views Relational Database System, design and development of secure distributed database system, design and development of techniques to handle the Inference problem, design of NTML: a Non monotonic Logic for Secure Data and Knowledge Based Systems, design and development of secure multimedia and object systems, and the design and development of an object-based real-time data manager and middleware for next generation real-time command and control systems. I also used my background in theory and proved that the inference problem was unsolvable. This work has been quoted by Dr. John Campbell of NSA as the significant[r1] development in database security in 1990. My main research now is focusing in four major areas: Assured Information Sharing; Securing the Semantic Web, Secure Geospatial Data Management; Knowledge Discovery/Data Mining for security applications and their privacy implications. I focus on developing sound theories and then build highly assured systems that are founded on theories that result in prototypes, some of which are transferred to operational systems and products.

IV. WORK EXPERIENCE

(i) The University of Texas at Dallas (October 2004 – Present): In October 2004, I joined the University of Texas at Dallas as Tenured Full Professor of Computer Science (with tenure)[r2] and Director of the Cyber Security Research Center at the Erik Jonsson School of Engineering and Computer Science. This is my first tenure track faculty appointment. Over the past 3 years, I have hired and mentored several junior faculty in Cyber Security in general and Data Security, in particular. Together we have secured competitive research funding of over $5 million from several federal agencies including Air Force Office of Scientific Research, National Science Foundation, National Geospatial Intelligence Agency, National Aeronautical and Space Administration, and Intelligence Advanced Research Projects Agency. This funding also includes a prestigious DoD MURI award. In addition, we have established a close research collaboration and partnership with Raytheon Corporation in DFW. Together we have about 25 Ph.D. students; I graduated my first student in 2007. Due to our efforts we have been in the first group batch of universities to receive the NSA/DHS Center for Excellence in Research Award in 2008. My team has significantly enhanced UTD’s education program in Information Assurance by introducing several courses, including Data and Applications Security, Digital Forensics, Trustworthy Semantic eb, Biometrics, Privacy, Knowledge Discovery, Cryptography and Secure Programming Languages. UT Dallas is one of the top universities in the world in data security[r3] .

(ii) National Science Foundation, Arlington, Virginia (Oct. 1, 2001 – September 30, 2004)

IPA, Position: I was the Director of Cyber Trust, Data and Applications Security, Information and Data Management

As an IPA from the MITRE Corporation at NSF for three years, I managed programs in Information Management, Sensor Networks, Data and Applications Security and Cyber Trust. In addition, I initiated the program in data and applications security and made it a focus area.

(iii) The MITRE Corporation, Bedford, MA (Dates?): My 15 plus years experience at MITRE has given me the opportunity to work on research, development and technology transfer projects. I secured research funding from a number of sponsors including the Air Force, Navy, Army, NSA, and CIA as well as consulted for the IRS. I led team research efforts and designed and developed algorithms and prototypes for secure distributed database systems, secure object systems and secure deductive systems. I proved that the inference problem was unsolvable and developed solutions to limited aspects of this problem. We also developed distributed object-based real-time systems and transferred the technology to the AWACS program. Additionally, I built MITRE’s programs and gave it[r4] international visibility in data mining and data security. For 4 years, I managed a department of about 28 staff. I am currently a consultant to IRS through MITRE on the software research credit program.

(iv) Honeywell Inc. Golden Valley, MN (Jan. ‘86 - Jan. ‘89) Position: Principal Research Scientist / Engineer, Corporate Systems Development Division. I conducted research, development, and technology transfer activities in database security, data management, distributed processing, information systems, process control systems, payoff modeling, and AI[r5] applications. In addition to reports and proprietary documents, papers were also published in refereed journals and conferences. Work was carried out for Honeywell internal divisions as well as for the Air Force and NASA.

(vi) Control Data Corporation, Arden Hills, MN (Dec '83 - Jan ‘86) Position: Senior Programmer/ Analyst, Arden Hills programming Division; I was involved in the design and development of the CDCNET (Control Data Communications Network) product. Company proprietary documents were also written. Specifically I was responsible for the design and development of transport, network, session layers as well as several other components of the network. Details are given under the Industry Experience section.

V. RESEARCH ACCOMPLISHMENTS

Publications Statistics: Over 90 journal papers including articles in several IEEE Transactions, Very Large Database Journal, ACM Transactions, Journal of Computer and Systems Sciences and Notre Dame Journal of Formal Logic. Over 200 Conference/Workshop Papers (IEEE, ACM and IFIP conferences), over 70 keynote/featured presentations, 9 books authored (data security, data management and data mining), 12 books edited; 3 US patents (data security).

Research Contracts/Grants

UT Dallas: Over $10 million in grants and contracts by my team in assured information sharing, geospatial information management, semantic web, data mining for security applications, and secure grids. Sponsors include AFOSR, IARPA, NSF, NASA, NGA, ONR, NIH and Raytheon.

MITRE: I initiated and led several research projects for various sponsors including Navy (secure distributed databases, secure objects, inference problem/NTML), Army (inference problem, security constraint processing), Air Force (secure distributed databases and real-time databases/middleware), and National Security Agency (secure federated databases, designing secure systems and applications). Each project that I led consisted of about three – five staff, a third with Ph.D.’s and half with MS degrees; also included students from Carnegie Mellon University, Cornell, University of Rhode Island and North Eastern University.

Prototypes and Products: UTDallas: My students are implementing several prototypes in secure data, information and knowledge management systems, data mining tools for security applications, geospatial semantic webs and social network tools. Some tools were transferred to the Raytheon program and we are having discussions on commercializing the data mining tools. Other: Developed parts of the CDCNET product at Control Data Corporation (extensive implementation in Cybil language). Oversaw the implementation of expert process control system XIMKON at Honeywell as well as Network operating system and students’ implementations at University of Minnesota (mostly C). Supervised very closely the implementation of several prototypes based on my designs at MITRE. These included secure distributed database system prototypes, database inference controller prototypes for query, update, and database design, multimedia system prototypes simulating security features, active real-time data management prototype, and real-time data management hosted on an infrastructure for real-time applications and data/text mining and knowledge management prototypes.

Educational Activities: I have promoted Math and Science among high school students (e.g., talks at UTD), women (SWE, WITI) and disadvantaged minorities (Career Communications). At NSF I was actively involved in the Math Science Education Partnerships between universities and high schools. I have been involved in tutorials at numerous conferences since 1987, AF/Army/Navy Bases since 1992, and AFCEA (Armed Forces Communications and Electronics Association) since 1998.

VI. PROFESSIONAL ACTIVITIES

Major Advisory Boards: Advisory Board, Department of Computer Science, Purdue University 2005-2006.

Advisory boards for journals. Conference and Journal Boards: IEEE Distinguished Lecturer 2002-2005; Chair IEEE Kanai Award 2002-2006; Editor in Chief, Computer Standards and Interface Journal, 2005 – present; Editorial board member IEEE Transactions on Knowledge and Data Engineering (1996 - 2000) the Journal of Computer Security (1990 – 2000), Computer Standards and Interface Journal (1993 – present), ACM Transactions on Information Systems Security (2004 - 2008), IEEE Transactions on Secure Dependable Computing (2004 - present); Conference Programs: Program Chair for over 15 conferences; Program committee member for over 100 conferences; Government Panels: National Science Foundation, National Academy of Sciences, Air Force Scientific Advisory Board, Department of Health and Human Services, and the White House Office of Science and Technology Policy.

My education and work has been influenced a great deal by my personal life. My personal statement “From Industry to Government to Academia can be found under the section “Motivational Articles” in my UTD web site

http://www.utdallas.edu/~xyt061000/curriculum_vitae.htm#Section%2017.MOTIVATIONAL%20ARTICLES

Section 5: INDUSTRY EXPERIENCE

I. The MITRE Corporation, Bedford, MA (January 1989 – June 2005) www.mitre.org

Technical Positions:

* Information Technology Consultant (October 2001 – June 2005)

* Chief Scientist/Engineer in Data Management, Information Technology Directorate

(May ‘99 – Sept. 2001)

* Senior Principal Scientist/Engineer, Advanced Information Systems Center (Sept. 1996 – May 1999)

* Principal Scientist/Engineer, Advanced Information Systems Center (March 1995 - Sept. 1996)

* Lead Scientist/Engineer, Network and Distributed Systems Center (August 1992 - March 1995), Information Security Center (January 1989 - August 1992)

Management Positions:

* Section Leader (June 1995 – Oct 1996) and Department Head (Oct. 1996 – May 1999) in Data Management and Object Technology, Advanced Information Systems Center and Information Technology Division. Staff grew from ten in June 1995 to approximately twenty-eight in May 1999.

Leadership/Coordination Positions:

* Head, MITRE’s Corporate Research and Development Initiative in Evolvable Interoperable Information Systems (March 1996 - September '97, budget approximately $4 million)

* Head, MITRE’s Corporate Research and Development Initiative in Data Management (Sept. 1994 - March 1996, budget approximately $1 million)

* Co-Director, MITRE Database Specialty Group (Oct 1993 - Dec 1995)

Technical: My sixteen years experience at MITRE gave me the opportunity to work on research, development and technology transfer projects. I have worked for a number of sponsors including the Air Force, Navy, Army, NSA, CIA and IRS. I have worked with not only researchers and defense contractors, but also with Fortune 500 corporations in Information Technology. A summary of my technical accomplishments is listed below.

Information Security: Between January 1989 and August 1992, my work focused entirely on Information Security. I initiated and lead various database and object security projects for the Army, Navy, Air Force, and the National Security Agency. The topics included secure distributed/federated database management, inference problem, secure multimedia/object-oriented data management, and secure client-server computing. I designed and supervised the implementation of a prototype secure distributed database system that connected database systems in Bedford, MA, McLean, VA, and Fort Monmouth, NJ, the first developed. I also designed centralized and distributed database inference controllers and supervised the implementation of these systems. In addition, I designed a secure object/multimedia database system and supervised its implementation. Other contributions include the proof of the unsolvability of the inference problem, use of conceptual structures to design secure database applications and the development of a logic for secure data and knowledge base management systems. Since August 1992 I have been working part-time on Information Security. My focus has been on the inference problem, object security, and privacy issues for data mining. I led a team project to investigate security for distributed object systems and this work impacted the security standards for the Object Management Group. I provided technical direction to DoD projects in database security between March 1991 and September 1996, was a consultant to NSA and mentored junior staff there. Between 1996 and 2001, I continued to work in Information Security by providing direction on the Inference problem to the Air Force and also examining security issues for XML and web information systems.

Data Management, Real-time Systems and Object Technology: My work in data management at MITRE began around August 1992. Since then I have initiated and led projects in real-time database management and distributed object management for evolvable real-time command and control systems, massive multimedia data management for Intelligence applications, and distributed object management for heterogeneous database integration. In addition, I have initiated and contributed to projects in data mining and warehousing. As part of my work, I have provided direction in data management to the Department of Defense and the Intelligence community. In particular, between October 1993 and March 1999, I was the lead in providing technology direction for the Intelligence Community initiative on Massive Digital Data Systems. Based on results of this effort, and together with the CIA sponsor, we began discussions with DARPA on data mining in December 1997 and these discussions eventually led to the EELD program at DARPA. Also between October 1993 and September 1999, I was part of a team providing direction for next generation real-time data management and object systems for the AWACS project. For this work I received the MITRE Program Achievement award in 1997. For the work in data mining and distributed objects, I received two MITRE Director awards in 1997.

Consulting in Information Technology (IRS): Between January 1999 and September 2001, I consulted for the Internal Revenue Service by interviewing various Fortune 500 corporations on their research and development tax credits.This work utilized my extensive experience in Computer Science and Information Technology. It also enabled me to obtain an excellent understanding of the internal details of databases, ERP, and e-commerce software. Initially my work focused on banking and financial industries, later I worked in other industries such as Telecommunications. Between May 2000 and July 2001, I worked with a major Fortune 100 corporation and the IRS jointly to determine the products that would qualify for research tax credit. For this effort, I reviewed numerous products that this company worked on during FY00 which made me intimately familiar with the commercial products of a major corporation in the US in Information Technology. This work was reported in the Wall Street Journal in December 2000 and also claimed by the IRS as a success story in a major IRS and Fortune 100 meeting in February 2001. As a result of this work, I received the MITRE Program Achievement awards in 2002 and 2005.

Consultant to Air Force: In May 1999 I was appointed chief scientist/engineer in data management in MITRE’s Information Technology Directorate and in this position provide data management direction for MITRE’s programs for the Air Force, In addition, I oversaw the information technology technical work in the directorate in the following areas: information management, e-business and web computing, real-time computing, and decision support. I also consulted on MITRE's corporate initiatives in knowledge management and e-business. Between January 2001 and September 2001, I was Vice Chair of the Database Migration Panel to the AF Scientific Advisory Board (SAB).

Other Consulting: In the 1990s, I consulted on several MITRE projects involving information and data management sponsored by the Intelligence Community, NASA (EOS project) and FAA.

Other Information: My work has resulted in IEEE Computer Society’s 1997 Technical Achievement Award, IEEE’s 2003 Fellow Award, AAAS 2003 Fellow Award, British Computer Society’s 2005 Fellow Award, over 300 publications including over 70 journal articles, 3 software patents and 9 books (7 published and 2 in preparation)[r6] . I give tutorials to sponsors at conferences, and at the MITRE Institute in relational database management, distributed database management, heterogeneous database integration, real-time data management, secure data management, object-oriented database management, and data mining. I have also participated in standards efforts including Department of the Navy’s Database Interface Standard and Object Management Group’s real-time and C4I standards. I have given over 150 professional presentations including 30 keynote/featured addresses at major conferences. In addition, I participated in panels at the National Academy of Sciences and the Air Force Scientific Advisory Board.

Leadership, Coordination: Between March 1996 and September 1997, as head of the Evolvable Interoperable Information Systems (EIIS) Initiative at MITRE reporting to the Vice President of Research and Technology, I was responsible for research in data management, real-time systems, software reverse engineering, economic analysis for information system evolution and interoperation, and object technology and architectures. I worked with the leaders in each of these areas. Prior to this responsibility, I led the corporate initiative in data management from September 1994 to March 1996 (which is part of EIIS). As a co-director between October 1993 and December 1995, I organized meetings in data management to discuss projects as well as conferences at MITRE. Between October 1995 and May 1999, I was actively involved in promoting object technology within MITRE. In this role, I was part of a MITRE team working in distributed object management and object-oriented frameworks, designing patterns, attending Object Management Group meetings and participating in the real-time SIG at OMG. I introduced real-time issues for the common object request broker architecture at Object World West 1995, founded the C4I SIG at OMG in 1996, and organized object technology conferences at MITRE. I have also provided technology advice to MITRE's e-business initiatives.

Management: Between June 1995 and May 1999, as a department manager reporting to the Director of the Division, I developed the skills in my department of about thirty people in relational data management, object-oriented data management, distributed object management, distributed database management, heterogeneous database integration, multimedia data management, data warehousing, migrating legacy databases, data mining, web technology, data security, and knowledge management. I formed four groups in my department each focusing on a subset of the above technologies with security cutting across all areas. I initiated and continued projects each year at MITRE totaling 3 - 4 staff years[r7] . I was actively involved in mentoring staff and helping them in leadership and coordination positions such as providing direction for MITRE's research as well as organizing internal conferences in data management and object technology. Between May 1999 and September 2001, as chief engineer, I had oversight of the technical work in MITRE's Information Technology Directorate for about 200 staff.

II National Science Foundation, Arlington, Virginia (Oct. 1, 2001 – September 30, 2004)

IPA Position from the MITRE Corporation: Director of Information Cyber Trust, Data and Applications Security, Information and Data Management

I completed a three year IPA from the MITRE Corporation at the National Science Foundation. At NSF, during 2002, I was program director for information and data management. This is approximately a $10 million program a year and funds research in various aspects of information and data management including data mining, information retrieval and information systems. I also participated in inter-directorate (CISE, BIO GEO) activities on providing direction in Bioinformatics and Geoinformatics. In addition, I was involved in the Math Science Partnership program with the Education Directorate. During 2003 I initiated a new program in Data and Applications Security ($2 million/year) and also managed the Information Management component of ITR (approximately $50million) and Information Management for the Sensor Initiative (approximately $2 millionM). During 2004 I was one of four founding directorates of NSF’s Cyber Trust Theme (approximately $30 millionM) and continued to manage the Information Management component of ITR.

During 2002 and 2003, I supported the Department of Health and Human Services on planning for information technologies to combat bioterrorism as part of the States Bioterrorism Initiative. In 2004 I participated in an Interagency study on Hard Problems in Cyber Security and completed a draft in September (a version was later published by the government in 2006). The study report was used by agencies to fund future research in Information Security. Beginning in October 2001, I have been very active in counter-terrorism related research especially on the use of data mining. I gave talks not only at conferences, but also at the White House Office of Science and Technology Policy and the United Nations and participated in National Academy of Science activities in this area. I was a member of interagency planning on data mining for counter-terrorism. As an IPA, I also conducted research at MITRE, focusing on privacy, secure semantic web and secure sensor information management.

III. Honeywell Inc., Golden Valley, MN (January 1986 - January. 1989)

http://www51.honeywell.com/honeywell/

Position: Principal Research Scientist / Engineer, Corporate Systems Development Division

I conducted research, development, and technology transfer activities in database security, data management, distributed processing, information systems, process control systems, payoff modeling, and AI applications. In addition to reports and proprietary documents, papers were also published in refereed journals and conferences. Work was carried out for Honeywell internal divisions as well as for the Air Force and NASA. Specific projects included the following: Design of a Multilevel Secure Database Management System (Rome Laboratory); Development of Engineering Information Systems (Wright Laboratory);Design of a Distributed Data Dictionary System (Honeywell’s Residential Control Division); AI Applications in Process Control Systems (Honeywell Industrial Automation Systems Division); Design of a Network Operating System for a Multicompatible Network Interface Unit (NASA); Development of a Payoff Model of Alternative Communication Strategies (Honeywell Corporate); Design of Innovative Software Architectures for Industrial and Buildings Control Systems (Honeywell Building Controls Systems); and Design of Knowledge Transformation Strategies (Honeywell Industrial Automation Systems Division).

IV. Control Data Corporation, Arden Hills, MN (December 1983 - January 1986)

http://en.wikipedia.org/wiki/Control_Data_Corporation

Position: Senior Programmer/Analyst, Arden Hills Programming Division

I was involved in the design and development of the CDCNET (Control Data Communications Network) product. Company proprietary documents were also written. Specifically, I was responsible for the following: design, development and testing of CDCNET Transport layer (Generic and Xerox transport protocols);. design, development and testing of the first version of the CDCNET session layer, which enabled the ASYNC Terminal Interface Program to communicate with the Cyber 170 Gateway; design, development and testing of X25 support for CDCNET, which would enable CDCNET to communicate with an X25 Network; development and testing of CDCNET Network Layer; implementation of the Intranetwork layer, which supported HDLC, Ethernet and MCI Networks; design, and development and testing of a set of command processors (transport Status command processor), which gathered information about the Transport connections, and also a set of command processors to configure an MCI network; development and testing of CDCNET memory management unit, which was responsible for releasing the buffers depending on the congestion; acting as the Task Lead for testing CDCNET with other Cyber products. (Official start date of January 1984; consulted in December 1983)

V. Bhavani Security Consulting (June 2005 – Present) www.dr-bhavani.org

I am the founding president of Bhavani Security Consulting, a consulting and training company. I consult for the Department of Treasury through a contract from the MITRE Corporation on corporate research credit as well as being an expert witness in software. I also handle patent litigation cases as an expert witness. I teach AFCEA (Armed Forces Communications and Electronics Association) courses in data management, data mining for counter-terrorism and data security. Through AFCEA, I teach classes at Air Force bases including at Offutt, Eglin, Lackland, Edwards and Kirkland. I consult for corporations in technology futures and write books on data management and data security.

VI. Knowledge Discovery and Security Informatics [start-up for Small Business Innovation Research (SBIR) , 2009]

A spin-off company based on UT Dallas research, focusing on data security, geospatial data management, data mining and social networking. Partners: Dr. Latifur Khan and Dr. Murat Kantarcioglu

VII. Personal Tutors, England (1979-1980)

Taught high school students Mathematics and prepared them for GCE OL and GCE AL exams. http://www.personal-tutors.co.uk/home.html

Section 6: TEACHING EXPERIENCE

I. Academic Teaching Experience (1980 – Present)

Current (2004 – Present)

The University of Texas at Dallas

Position: Professor of Computer Science and Director of Cyber Security Research Center

Courses in data and applications security Spring 2005, Spring 2006, Spring 2007, Spring 2008, Spring 2009 (based on my book Database and Applications Security: Integrating Data Management and Information Security, CRC Press/Auerbach, June 2005) Graduate level
Biometrics, Fall 2005, Graduate level
Building Trustworthy Semantic Webs, Fall 2006, Fall 2008, Spring 2010 (based on my book Building Trustworthy Semantic Webs, CRC Press, 2007) Ph.D. level
Data and Applications Security, Spring 2007, Spring 2008 (Information Assurance, Minor Core course) Undergraduate level
Digital Forensics, Fall 2007, Fall 2008, Fall 2009 (Information Assurance Minor, Core course) Undergraduate level
Information Assurance, Minor: Data and Applications Security, as well as Digital Forensics, are two of the three mandatory security courses for a minor in Information Assurance at the Undergraduate level. Students work with ENCASE tool and conduct forensics analysis.
Proposing an education track on Semantic Web

Previous (1980 – 2001)

(i) New Mexico Institute of Technology, Socorro, New Mexico

Position: Visiting Professor 1980-1981

Dept. Head: Prof. Tom Nartker (now at UNLV)

Department of Computer Science

Theory of Computation

Ph.D. level course on theory of computation covering topics such as automata theory, complexity theory and recursion theory, using the text book Theory of Computation by Barinard and Landweber

Date: Fall Semester 1980 (August – December 1980

Mathematical Logic for Computer Scientists

Senior undergraduate/ 1^st yr MS level course covering logic, theorem proving. Developed my own lecture notes. References used: Theorem Proving by Chang and Lee, Mathematical Logic by E. Mendelssohn

Date: Spring Semester 1981 (January – May 1981

Department of Mathematics

Calculus

Undergraduate level course in calculus

Date: Spring Semester, 1981 (January – May 1981)

(ii ) University of Minnesota

Position: Visiting Professor, 1981-1982

Adjunct Professor and Member of the Graduate Faculty, September 1984 – December 1988

Schedule Coordinator: Prof. Sartaj Sahni (now at University of Florida)

Department of Computer Science

Fortran Programming

Undergraduate course in FORTRAN programming

Date: Fall Quarter 1984, Winter 1985, Spring 1985, Fall 1985, Winter 1986, Spring 1986, Fall 1986, Winter 1987, Spring 1987, Summer I and II 1987, Fall 1987, Winter 1988, Spring 1988, Summer I and II 1988

Basic and Advanced Assembly Language Programming

Junior and senior undergraduate as well as 1^st year MS level course in M68000 programming

Date: Fall 1985, Winter 1986, Spring 1986, Fall 1986

Algorithms and Data Structures

Junior undergraduate course in algorithms

Date: Winter 1987, Winter 1988

Programming Languages using Scheme

Junior undergraduate course in Scheme programming and principles

Date: Spring 1987, Spring 1988

Discrete Structure of Computer Science

Junior undergraduate course in Combinatorial mathematics for computer scientists

Date: Summer I, 1986

Principles of Programming Languages

Senior undergraduate/1^st year MS level course on principles of programming languages including principles of FORTRAN, Pascal, Algal, Lisp, Prolog, and Smalltalk

Database Security, Ph.D. level seminar; Date: Fall 1987

Department of Mathematics

Calculus and Algebra

Undergraduate level courses on calculus and algebra

Date: Fall 1981, Winter 1982, Spring 1982, Spring 1985, Fall 1985, Winter 1986

Boston University

Position: Adjunct Professor of Computer Science, 1999 - 2001

Point of Contact: Linda Goldberg

Department of Computer Science

Advanced Data Management

Graduate level course which covered relational databases, object databases, distributed databases heterogeneous databases, migrating legacy databases, data mining, data warehousing, web databases.

Based on my two books Data Management System Evolution and Interoperation, CRC Press, May 1997, and Data Mining, Technologies, Techniques, Tools and Trends, CRC Press December 1998

Date: Spring Semester 2000, Spring Semester 2001.

II. Professional Teaching Experience (1990 – Present)

(i) The MITRE Institute (1990 – 2000)

Position: Instructor

Schedule Coordinator: Phil Trudeau

Courses taught:

Database Security (Four two hour lectures, 1990)

Introduction to Databases (3 hour, 10 week course, 1992, 1993)

Heterogeneous Database Integration (1 day course taught several times in 1993 - 1994)

Object Databases (1 day course taught several times in 1993 -1994)

Real-time Databases (1 day course taught several times in 1994)

Data Management Systems Evolution and Interoperation (2 day course taught several times in 1997 -1999), based on my book

Data Mining (1 day course taught several times in 1998 - 2000), based on my book

Through the MITRE Corporation, I taught courses to several government agencies

(1992 - 2000)

Topics: secure databases, data management and data mining, (based on my books)

US Government (DoD and Intelligence)

Agencies: Air Force (ESC, AIA, SPACECOM), Navy (SPAWAR, NRaD), Army (CECOM),

Other: DISA, DISA/JPO, NSA, EUCOM

(ii) AFCEA Professional Development Center (1998 – Present)

Position: Instructor

Schedule Coordinator: Ann Beckham

Courses Taught (all courses based on my books – see publications)

Data Management (3 day course in September 1998, June 1999)

Data Management, Data Mining and E-Commerce (3 day course in October 2000)

Data Management, Information Management and Knowledge Management (3 day course in October 2001, October 2002, October 2003, September 2004, October 2005)

Data Mining (3 day course in June 2003, December 2003, December 2004, March 2006, December 2006, November 2007, May 2008, November 2008)

Knowledge Management through Semantic Web and Social Network (April 2008, October 2009)

Data Management, Information Management and Knowledge Management: to the Air Force through AFCEA (3 day course)

Offutt AFB, October 2004

Eglin AFB, March 2005

Lackland AFB, August 2006

Edwards AFB, June 2006

Kirkland AFB, September 2006

(iii) University of California, San Diego (2008)

Security for Service Oriented Architecture portion of the Certificate Course on Systems Engineering, offered at UCSD under the directorship of Prof. Hal Sorenson. This course was also taught as part of the Architecture course at AFCEA under the directorship of Prof. Alex Levis.

Education Proposals

In January 2010 I worked with my colleagues and submitted a proposal to the NSF SFS Program. If funded UTD could very well become a leading institution in cyber security research as well as in education. I visited several universities (e.g., NYU Poly, Mississippi State and University of Tulsa) to learn from their successful experiences to put together this proposal.

Section 7: Academic Research Supervision

For details of the projects, please see the project web site at http://utdallas.edu/~ppd081000/

Current: (October 2004 – Present)

The University of Texas at Dallas

Ph.D. Students Graduated:

Li Liu, (2004 - 2008) Privacy Preserving Data Mining; May 2008 (Senior Security Strategist at EBay)

Ryan Layfield (2004 - 2008) – Social Network and Game Theory Applications, December 2008 (Senior Research Scientist at CISCO)

MS Students with Thesis Graduated (supported as RAs):

Gal Lavee (Graduated December 2005)) – Suspicious Event Detection, Ph.D. at Technion-Israel

Vibha Sethi (Graduated August 2006) – Secure Sensor Networks, Motorola

Abinanthan (Graduated May 2007) – Fingerprinting Biometrics and RFID, Oracle

Srinivasan (Graduated May 2007) – Trust Management for Assured Information Sharing, Hewlett Packard

Pavan Chittamala (Graduated May 2007) – Geospatial Data Management - Microsoft

Jungin Kim (Graduated August 2007) Dependable Information Management, Samsung Korea

Ganesh Subbiah (Graduated December 2007) Trust Negotiation for Semantic Web, ESRI

Yashashwini Harshakumar (2007), Assured Information Sharing, Amazon

Sonia Chib (2009) Geospatial Proximity for Blackbook, Will be joining ESRI

Pranav Parikh (2009) Secure Amazon.com Web Services, Will be joijning Yahoo in July 2010

Pankil Doshi, (2010), Sparql over Hadoop, Working for a multimedia company in Florida.

Ph.D. Students (supported as RAs):

Wei-She (2006) Secure ERP Systems and SOA (completion, 2010)

Zhong Wang (2007) Complexity Results in Security (completion 2010)

M. Farhan (2006) – Secure Geospatial Data Management (completion 2011)

Jeff Partyka (2007) Geospatial Data Management (completion 2011)

Tyrone Cadenhead(2008) Semantic Web (completion 2012)

Vaibhav Khaldikar (2008) Managing Large RDF Graphs (completion 2012)

Neda Alipana (2007) Geospatial Semantic Web (completion 2011)

Jyothsna Rachapalli (2009) Ontology Alignment and Development for NVD

Amy Tan (2007) – Data Mining

Alam Ashraful (2005) Geospatial Data Management (part-time working at AT&T)

Parveen Pallabi (2010) – Exploring research topics

Other Ph.D. students I have sponsored and/or mentored:

Mehedy Masud, Defended Thesis, October 2009

Sunitha Sriram, proposal Defense, November 2009

Jeff McGolthlin, 2007 - Present

Non Thesis MS Students (supported as Students Workers/RAs):

Parveen Pallabi (2005 -2006) Face Recognition, RFID, Graduated, Texas Instruments

Alam Ashraful (2006) Secure Geospatial Data Management, Graduated, AT&T

Sai Chatanya (2006) Privacy Preserving Surveillance

Dilshad Cavus (2006) Data Mining for Assured Information Sharing

Ramaya Krishnan (2007) Secure Motion Management

Jyothsna Rachpalli (2008-2009) Semantic Web

Greg Hellings (2009) Geospatial Data Management

Other non-Thesis MS Students on IARPA Projects:

Geospatial Proximity Team

Aniruddh Bajirao (2008 - 2009), Siddharth Manu (2008 - 2009), Laveesh Bansal (2008 - 2009)

Lucene & Hadoop Model Team

Phillip White (2008 - 2009), Abhishek Shanbhag (2008 - 2009), John George (2008 - 2009), Julie Rauer (2008 - 2009)

SPARQL over Hadoop Team

Asif Mohammed (2008 - 2009)

Variable Ontology Team

Mohit Pawar (2008 - 2009), Vijay Bahirji (2008 - 2009), Gaurav Kumar (2008 - 2009), Nilesh Singhania (2008 - 2009) Abhilash Kannan (2008 - 2009), Sandip Gaikwad (2008 - 2009)

Semantic Support and Software Professionalization Team

Pralabh Kumar (2008 - 2010), Sharath Jagannath (2008 - 2010)

CVE/NVD on Blackbook (Collaboration with NIST on the NVD Project)

Aniruddh Bajirao (2008 - 2009)

Post-doctorate:

Dr. Mamoun Awad: (February 2006 – August 2006) Assured Information Sharing, Ph.D. UT Dallas

Dr. Chuan Li, (September 2006 – December 2006) Geospatial Data Mining, Ph.D. UT Dallas

Dr. Ebru Celikel, (June 2006 – June 2007) Risk-based Access Control, Ph.D. Turkey

Dr. Greg Lee (August 2007 – July 2009) – Surgical/Secure Robots, Ph.D. University of Washington, Seattle

Dr. Mehedy Masud (2010 - ), Malware Detection

Research Scientist 2010 -, Interviewing Candidates

Thesis Committees: Serving/served on numerous internal and external MS and Ph.D. Committees since joining UT Dallas. External committees include University of Milan (2005 - 2009), University of Ottowa (2006), University of Maryland, Baltimore County (2005 - 2007)

Research is proceeding in the following areas: Data and Applications Security and Privacy (Assured Information Sharing, Secure Geospatial Data Management, Data Mining for Security Applications, Secure Grid, Storage and Web Services, Secure Social Networks) and Information Management (Semantic Web, Information Integrating). Topics include the following:

I. Data Security and Privacy

Area 1: Assured Information Sharing

Trustworthy partners experimentation, Semi trustworthy partners and game theory , Untrustworthy partners and worm detection , Agent-based trust management , Peer-to-peer trust management , Data integrity and provenance, Risk-based access control and data sharing

Area 2: Secure Geospatial Data Management

Secure geospatial semantic web and web services, Geospatial data management for emergency preparedness , Privacy for geospatial data

Area 3: Secure Semantic Web and Social Networks

Policy management, Inference control, Security and privacy for social networks

Area 4: Data Mining for Security Applications

Intrusion, buffer overflow and worm detection, Automatic face recognition and RFID technologies, Data mining for surveillance applications, Secure robots for disaster recovery, Data mining for fault detection, Privacy preserving data mining

Area 5: Secure Grid, Clouds, and Web Services

Accountability for grids, Delegation based model for secure web services

Other: Complexity Theory

In addition, examining complexity results for sensor networks and security problems. This is more of a hobby continuing with my PhD research and co-supervising students.

II. Information Management

Ontology Alignment for Semantic Web, Geospatial Data Mining, Knowledge Management, Managing Large RDF graphs, Query Processing in Clouds, Geospatial Data Mining

Research Supervision: Previous: (1980 – 2004)

New Mexico Institute of Technology

While I taught courses in theory of computation and Mathematics Logic, I conducted research in Complexity theory and published several journal papers including ones in the Journal of Computer and Systems Sciences and the Notre Dame Journal of Formal Logic. I developed a concept called System Function Language in 1981 which was published later in 1993 in the Journal of Mathematical Logic.

University of Minnesota

As member of the graduate faculty, together with Prof. Wei-Tek Tsai (now at Arizona State University), I co-supervised the following students from 1984 to 1988.

Tom Keefe, Ph.D.

Secure query processing and SODA system (several journal and conference papers, see publications – IEEE Computer Computers and Security)

K. Hwang, Ph.D.

Distributed system and networks; Conference paper in IEEE Local Area Networks 1987

S. Chen, Ph.D.

Fault Tolerant Distributed Systems

Paper in IEEE Transactions on Software Engineering

D. Thomsen, M.S.

Prototyping secure database systems

Journal paper and conference papers (e.g. Computers and Security)

Other Research: While I worked in the Mathematics Department in the early 1980s, I conducted research with Prof. Marian Pour-El on Algorithmic Information Theory and gave seminars at the University.

The MITRE Corporation

Collaborated with universities and supervised many students for senior undergraduate research projects and graduate MS level students. In particular, collaborated with the following universities:

Carnegie Mellon University

Amiel Kamon: Secure Distributed Query Processing, research funded by Navy-SPAWAR, senior undergraduate, Summer 1989

Jonathan O’Keefe: Constraint Processing in Secure Databases systems, research funded by Navy-SPAWAR (papers and patents) Summer 1990, Winter 1991, senior undergraduate

Cornell University

David Foti: Secure Distributed Databases, research funded by Army – CECOM, Summer 1992, undergraduate

Northeastern University

Gary Gengo: MS

Active Real-time Data Management, research funded by Air Force (ESC) 1994

University of Rhode Island

Jointly with Professor Victor Wolfe supervised the following students

Michael Squadrito: MS (1994-1996) Research on Rreal-time Transaction Processing, research funded by Air Force (ESC)

Roman Ginis: senior undergraduate (1996) Research on Real-time Data Management, research funded by Air Force (ESC)

Massachusetts Institute of Technology

Co-supervised MS students with Prof. Amar Gupta in secure e-commerce, 2000-2001

(Journal paper in Knowledge management journal and conference papers)

University of Milan, Italy

With Prof. Elisa Bertino, I supervised two students, Barbara Carminati and Anna Squicciarini, in XML Security (2000-2004)

(Journal paper in TKDE and conference papers, e.g., EDBT)

Thesis Committees

In addition to serving on the committees of many of the students I supervised, I also served on the committee for Ph.D. thesis at University of Minnesota, Latrobe University, Australia and University of Milan, Italy (1999 – 2004).

Section 8: RESEARCH FUNDING

I have obtained research funding at the University of Texas at Dallas, The MITRE Corporation, and Honeywell Inc. My team at UT Dallas has brought in over $10m in grants and contracts since October 2005.

The University of Texas at Dallas (October 2004 - Present)

o 1. Air Force Office of Scientific Research 2005 – 2008 (PI)

Topic: Information Operations Across Infospheres: Assured Information Sharing

Response to BAA: Air Force Office of Scientific Research BAA 2005-I

Subcontract to UTSA

Amount: $00K

o 2. CH2MHILL 2005-2007 (co-PI)

Topic: Geospatial Data Management Equipment Grant

PI: D. Harris

Amount: $50K

o 3. Raytheon Corporation 2006-2009 (PI)

Topic: Geospatial Semantic Web research, Data Mining and Security

Raytheon University Research Program

Amount: $400K

o 4. Raytheon Corporation 2007-2008 (co-PI)

Topic: Geospatial Semantic Web Development for Security Applications

PI: L. Khan

Amount: $100K

o 5. Air Force Office of Scientific Research 2006-2009 (Co-PI)

Topic: System Integrity Control

Response to BAA: Air Force Office of Scientific Research BAA 2006-I

Subcontract from Purdue University

PI: M. Kantarcioglu

Amount: $150K

· 6. The National Science Foundation 2007-2009 (PI)

Topic: A Semantic Framework for Policy Specification and Enforcement

Response to Program Solicitation: 07-500

Collaboration with UMBC and UTSA

Amount: $590K

· 7. The National Science Foundation 2007-2008 (PI)

Topic: Data and Applications Security Workshop

Amount: $50K

· 8. National Geospatial Intelligence Agency 2007-2010 (co-PI)

Topic: Geospatial Data Mining for Crime Analysis

Response to Program Solicitation NURI-007

Subcontract from U. of MN

PI:[r8] L. Khan

Amount: $150K

· 10. National Aeronautic Space Administration 2008-2010 (co-PI)

Topic: Data Mining of Fault Reports

Response to NASA BAA

Subcontract from University of Illinois, Urbana Champaign

PI: L. Khan

Amount: $360K

o 11. Department of Defense 2008-2013 (PI)

Topic: Assured Information Sharing 2008-2013

Multi-university research initiative funded by the DoD/AFOSR

Response to MURI 2007 BAA; Subcontract from UMBC

Amount: $1. million

o 12. Department of Defense 2008-2011 (PI)

Topic: Secure Grid Information Management

Multi-university research initiative funded by the DoD

Subcontract to the University of Texas at Arlington and Purdue University

Amount: $2.2 million

· 13. Intelligence Community Advanced Research Projects Agency 2008-2011 (PI)

Topic: Novel Semantic Framework for Knowledge Discovery and Dissemination

Response to KDD BAA

Amount: $550K

· 14. Department of Defense 2009-2013 (PI)

Topic: Secure Social Networks

Subcontracts to UTA, Purdue, Collin County-TX

Amount: $1.5 million

· 15. National Science Foundation, 2009 (PI)

Topic: Intelligence and Security Informatics (Students Scholarships)

Amount: $10K

· 16. Air Force Office of Scientific Research, 2009-2012

Topic: Malware Detection (Senior Personnel)

PI: Kevin Hamlen, Co-PI: Latifur Khan

Amount: $450K

· 18. National Science Foundation, 2009 (Co-PI)

Topic: Secure Peer to Peer Data Management (PI: Kevin Hamlen)

Amount: $80K

· 19. Texas Enterprise Research Funds for research in Data and Applications Security 2004-2008; part of technology funds awarded to UTDallas by Texas Instruments and Texas state government

Awards received by my Team (October 2007 - Present)

Kevin Hamlen: Air Force Young Investigator Award, 2007

Murat Kantarcioglu: NSF CAREER Award, 2009

Murat Kantarcioglu: Botnet, ONR (subcontract from Purdue) 2009 - 2010

Murat Kantarcioglu, Privacy in Genomic Databases, NIH (subcontract from Vanderbilt) 2009 - 2012

Murat Kantarcioglu, Provenance for Sensor Data, NSF NeTS Medium, 2010 - 2013

The MITRE Corporation (January 1989 – 2004)

MITRE is a Not-for-Profit federally funded research and development center and therefore the research projects that are externally funded are internally completed. One staff year is approximately $200K

I. Principal Investigator for the following research projects at MITRE:

1. Secure Distributed Data Management

US Navy, SPAWAR, FY89 (1 staff year)

Team members: Bhavani Thuraisingham, Amiel Kamon

USAF Rome Air Development Center FY90, FY91, FY92 (1 staff year / yr)

2. Inference Problem/Constraint Processing

US Navy, SPAWAR FY90 (1.5 staff years)

Team Members: Bhavani Thuraisingham, William Ford, Marie Collins, Jonathan O’Keeffe

US Army CECOM FY91, FY92, FY93, FY94, FY95 (1.5 staff years / yr approx)

Continued to work on project FY96 and FY97

Team Members: Bhavani Thuraisingham, William Ford, Harvey Rubinovitz, Marie Collins, David Foti

US AirForce, FY99 (1 staff yr)

Team Members: Bhavani Thuraisingham, Harvey Rubinovitz

3. Secure Multimedia/Object Database Management

US Navy SPAWAR, FY91, FY92, FY93 (2 staff years/yr approx)

Continued to work on project FY94, FY95

Team Members: Bhavani Thuraisingham, William Herndon, Arnon Rosenthal, Richard Graubart, Jim Williams

4. Secure Client Server Computing

US Army CECOM, FY94 (1 staff year)

Investigated security issues for client-server computing and identified security for object request brokers.

Team Members: Bhavani Thuraisingham, Brian Kahn

5. Research Directions in Database Security, Special topics in database security (secure federated data management, foundations of inference problem, data mining and privacy)

NSA FY91 (0.5 staff year), FY92 (1.5 staff years), FY93, FY94, FY95 (0.5 staff year/yr), FY96 (1 staff year) Project continued under Dr. Chris Clifton, FY97

Team Members: Bhavani Thuraisingham, Mark Nadel, Leonard Monk, Chris Clifton

NSA Team Members: Leonard Binns, Don Marks, Peter Sell

6. Research Directions in Massive Digital Data Systems (MDDS), Data Mining for Text Databases

CIA MDDS FY93 – FY99 (1.5 staff year/yr); Text mining (initiated project for 2 staff years/yr in FY96 – subcontractor: Stanford University, project managed by Dr. Chris Clifton and continued until FY99)

Team Members: Bhavani Thuraisingham, Maria Zemankova, Beth Lavender, Henry Bayard, Marcia Kerchner, Manette Lazar, Chip Paradise, Chris Clifton, Arnon Rosenthal

7. Research in Real-time Data Management and Real-time Middleware

USAF Rome Lab, FY93 – FY99 (Principal investigator for real-time data management part of project: 2 staff year/yr – part of larger project approx. 5 – 7 staff year/yr managed by John Maurer)

Team members: Bhavani Thuraisingham, Alice Shafer, Gary Gengo, Mike Squadrito, Roman Ginis, Victor Fay-Wolfe, Steve Wohlever, Eric Hughes

8. Research Directions in Data Management

MITRE Research FY95, FY96, FY97 (1 staff year/yr)

Team Members: Bhavani Thuraisingham, Barbara Blaustein, Arnon Rosenthal, Len Seligman, Penny Chase, Tom Mowbray

9. NSF: XML Security as part of Independent research from NSF IPA (20% of my time, FY02-FY04)

II. Other research analysis/technology transfer projects:

1. Treasury research credit (evaluated research conducted by Fortune 100 corporations – FY99 - FY01), work report in Wall Street Journal, December 2000; I was part of a team instrumental in bringing this project to MITRE FY99 – FY01.

2. Technology Transfer to Services: (i) Air Force: AWACS project; Secure Distributed Query processing – IMOM Application (ii) Navy: Inference problem analysis for operational systems; and (iii) Army: Technology transfer of secure distributed database research

III. Research Management

1. MITRE: As Department Head of MITRE, managed budget of approx: $5 million/yr for 4+ years

2. MITRE: As head of MITRE’s research in IT, managed a budget of approx $4million/yr for 3 years

3. CIA: As manager of fifteen research projects for CIA, managed a budget of approx $3 million/yr for 6 years

Honeywell Inc. (1986-1989)

1. Air Force: Secure Distributed Data Views As project contributor, worked on proposals for various research projects and contributed to projects, e.g. secure distributed data views (SDDS), RADC. Became the principal investigator during the 2^nd year of the three year SDDS project. (January 1986 – December 1988); managed 3 staff years/yr (Team Members: Pat Dwyer, Emanual Oneugbe, Paul Stachour, Tom Haigh, Earl Boebert, Blair Dillaway)

Response to BAA

2. Air Force: Engineering Information Systems As project contributor, led the data modeling part of the project for Engineering Information Systems; project funded by Wright Patterson AFB (October 1987 - December 1988); managed 2 staff years /yr (Team member: Venkat Venkatraman)

Response to BAA

3. NASA: Distributed Systems Project contributor on the distributed systems project for NASA; principal investigator of the Network Operating Systems portion of the project (November 1986- October 1987); managed 2 staff year /yr

Response to BAA

4. Honeywell: Internally funded research projects:

o Distributed Data Dictionary Systems, Honeywell’s Residential Controls Division, 1986 -1987 (Team members: Krishna Mikkileneni, Hongjun Lu)

o Expert Systems for Control Systems, Honeywell Industrial Automation Systems Division 1987 - 1988 (Team members: Ferit Konar, Paul Felix)

o Expert Systems for Network Management: Honeywell Building Controls Division, 1987 - 1988

o Object Technology for Building Control Systems, Honeywell’s Building Controls Division, 1987 - 1988

o Cost Modeling of Software Strategies, Honeywell Corporate (1987 - 1988) (Team members: Ron Crowe)

o Heterogeneous Knowledge Integration, Honeywell Industrial Automation Systems Division, 1988 - 1989

Infrastructure Development Funding

I have supported my colleagues in the NSF Capacity building efforts 2007 (Murat Kantarcioglu), 2008 (Kevin Hamlen) and 2010 (Latifur Khan). In 2009 I was a co-PI on an NSF MRI proposal (under stimulus funds) on secure cloud computing. Our propose was rated Highly Competitive, However due to the fact that our budget was over $2m and due to the severe restrictions in stimulus funding placed on MRI, our proposal was not funded. The MRI funding under stimulus funding is expected to be less than 5%. We will be submitting a version of this proposal for DURIP in September 2010. In addition to research funding my goal is to also obtain funding for education and infrastructure development.

Research Proposals Submitted/Planned

For 2010 we are planning to submit several proposals including the following.

IARPA – KDD We have teamed with IBM, MIT, UMBC and Intervise and submitted a $16m to IARPA for the KDD program. UTD portion is $2m for 4 years. (February 2010)
IARPA-ALADDIN We is discussing teaming arrangement with Honeywell, UIUC and UCI. The BAA is not out yet for this program
ONR- We are preparing a white paper with Rockwell to submit to ONR’s Network Defense BAA, March 2010
Planning to submit a proposal to AFOSR on building trusted application in untrusted platforms, May 2010
Submitted a white paper on Adversarial Learning to ARO, November 2009, received feedback and addressing comments.
Discussions with UTEP to submit proposals to DHS via their DHS Center
Discussions with DHS to submit a white paper on Incidence Response
Planning for a Center scale Trust Computing proposal with Purdue
White paper submitted to NSF with U of VT and GWU for US-India Collaboration, February 2010
Focusing on funding opportunities with Raytheon, Rockwell, Lockheed, Ball Aerospace and Wallmart

Section 9. PUBLICATIONS

Authored Works (Journals, Conferences, Books, etc.)

I. JOURNAL PAPERS

Data and Applications Security

Multilevel Security in Database Management Systems, June 1987, Computers and Security Journal (North Holland), Vol. 6, No. 3, pp. 252-260, (coauthors: P. Dwyer, G. Jelatis).

Security Checking in Relational Database Management Systems Augmented with Inference Engines, December 1987, Computers and Security Journal (North Holland), Vol. 6, No. 6, pp. 479-492.

Multilevel Security in Distributed Database Management Systems, August 1988, Computers and Security Journal (North Holland), Vol. 7, No. 4, (coauthor: J. McHugh).

Secure Query Processing Strategies, IEEE Computer, March 1989, Vol. 22, No. 3, (invited paper - coauthors: T. F. Keefe and W. T. Tsai).

SODA - A Secure Object-Oriented Database System, October 1989, Computers and Security Journal, Vol. 8, (coauthors: W. T. Tsai and T. F. Keefe).

A Prototyping Approach to Experimentally Evaluating MLS/DBMS, May 1989, Computers and Security Journal (Elsevier formerly North Holland), Vol. 8, (coauthors: W. T.Tsai and D. Thomsen).

A Functional View to Multilevel Databases, December 1989, Computers and Security Journal (Elsevier), Vol. 8, No. 8.

Towards the Design of a Secure Data/Knowledge Base Management System, March 1990, Data and Knowledge Engineering Journal (North Holland), Vol. 5, No. 1.

Security in Object-Oriented Database Systems, March/April 1990, Journal of Object‑Oriented Programming, Vol. 2, No. 6. (also reprinted in book on object-oriented database management systems by SIG publishers).

Design of LDV - A Multilevel Secure Database Management System, June 1990, IEEE Transactions on Knowledge and Data Engineering, Vol. 2, No. 2, June 1990, (coauthor: P. Stachour).

SQL Extensions for Security Assertions, 1990, Computer Standards and Interfaces Journal (North Holland), Vol. 11, #1, 5-14 (coauthor: P. Stachour).

Artificial Intelligence Applications in Database Security, 1990, Computer Security Journal, (Miller Freeman Publishers), Vol. 6, No. 1, (coauthors: W. Tsai, T. Keefe, and D. Thomsen)

Multilevel Secure Object-Oriented Data Model - Issues on Noncomposite Objects, Composite Objects, and Versioning, Journal of Object-Oriented Programming, Volume 4, November/December 1991. (Version of the article reprinted by the MITRE Journal, 1992.) (Also reprinted in book on object-oriented database management systems by SIG publishers.)

Multilevel Security Issues in Distributed Database Management Systems – II, Computers and Security Journal (Elsevier), Volume 10, #8, December 1991.

Multilevel Security Issues for Distributed Database Management - III, Computers and Security (Elsevier), Vol. 11, November 1992 (co-author: H. Rubinovitz).

Design and Implementation of a Distributed Query Processor for a Trusted Distributed Database Management Systems, April 1993, Journal of Systems and Software (North Holland), Vol. 21, #1 (co-author: Harvey Rubinovitz).

Design and Implementation of a Database Inference Controller, December 1993, Data and Knowledge Engineering Journal (North Holland), Vol. 11, #3 (co-authors: W. Ford, M. Collins, J. O'Keeffe); (Article reprinted by the MITRE Journal, 1994).

Intelligent Database Systems and Multilevel Database Security: Applying One Technology To The Other, Computer Security Journal 1993 (Miller Freeman Publishers).

Simulation of Secure Distributed Join Query Processing Algorithms; Information and Software Technology Journal (Chapman and Hall), Vol. 35, #5, 1993 co-author: Harvey Rubinovitz; (version of conference paper published in Simulation Conference, 1991).

Towards Developing a Standard Multilevel Relational Data Model for Representing a Multilevel Universe, Computer Standards and Interfaces Journal (North Holland), Vol. 15, #1, 1993 (also published by Computer Standards Interface Journal special issue in 1999 as one of the seminal papers to appear in the journal).

Multilevel Security in Information Retrieval Systems, Information and Management Journal (North Holland) Vol. 24, 1993.

Security for Collaborative Computer Systems, Multimedia Review: The Journal of Multimedia Computing (Penton Media publishers), Summer 1993 (co-authors: S. Demurjian and T.C. Ting).

Security Issues for Federated Database Systems, 1994, Computers and Security (North Holland), December 1994.

Multilevel Security in Information Retrieval Systems - II, Information and Management Journal (North Holland) 1995.

Security Constraint Processing in a Multilevel Secure Distributed Database Management System, IEEE Transactions on Knowledge and Data Engineering, April 1995 (coauthor: W. Ford).

Towards the Design of a Multilevel Secure Object-Oriented Database Management System, Journal of Object-Oriented Programming, June 1995.

MOMT: A Multilevel Object Modeling Technique for designing Secure Database Applications, Journal of Object-Oriented Programming, 1996 (co-authors: D. Marks and P. Sell)
Information Survivability for Real-time Command and Control Systems, IEEE Transactions on Knowledge and Data Engineering, January 1999 (coauthor: J. Maurer)

Secure Distributed Database Systems, Information Security Journal (Elsevier Science) special issue in database security, 2001

Secure Third Party Publication of XML Documents, IEEE Transactions on Knowledge and Data Engineering, 2004 (coauthor: E. Bertino et al; version also published as MIT Working Paper, 2002)
Secure Sensor Information Management, IEEE Signal Processing, May 2004.

Security and Privacy for Sensor Databases, Sensor Letters, Inaugural Issue (American Scientific), Volume 2, #1, March 2004.

Security for Multimedia Information System, Accepted in Multimedia Tools (Kluwer) 2003 (keynote at IEEE Multimedia Software Engineering and Distributed Multimedia); published January 2007.

Privacy Sensitive Data Mining: Developments and Directions, Journal of Database Management, March 2005 (special issue in Database technologies for National Security).

Privacy Constraint Processing in a Privacy-Enhanced Database Management System, Data and Knowledge Engineering Journal (North Holland), 2005.

Standards for Secure Semantic Web, Computer Standards and Interface Journal (North Holland), March 2005 (version of COMPSAC Conference workshop paper, 2003).

Security Policies and Access Control in Data Management Systems, Invited Paper published in Annales des Telecommunications (coauthor: E. Ferrari et al), January 2006.

Secure Semantic E-Business, Invited Paper, Communications of ACM, December 2005.

A New Intrusion Detection System using Support Vector Machines and Hierarchical Clustering, Accepted in VLDB Journal, 2005 (coauthor: M. Awad et al; 2007).

Suspicious Event Detection, Accepted in Multimedia Tools, Accepted 2005 (coauthor: G. Lavee et al).

Standards for Secure Data Sharing, Computer Standards and Interface Journal, September 2006 (co-author: D. Harris et al).

Secure Knowledge Management, IEEE Transactions on Systems, Man and Cybernetics, May 2006 (coauthors: E. Bertino et al, based on keynote I presented at SKM2004).

PP-trust-X: A System for Privacy Preserving Trust Nnegotiation, Accepted in ACM Transactions on Information and Systems Security, July 2007 co-author: (E. Bertino et al).

Administering the Semantic Web, Journal of Information Security Management 2007 (coauthor: N. Tsybulnik, A. Ashraful).

Secure Grid Computing, Journal of Computer Science and Network Security, August 2006 (co-author: J. Zhu)

Security for ERP Systems, Information Systems Security Journal, May 2007 (co-author: W. She)

Secure Data Warehousing, Data Warehousing Journal, IDEA Press, 2007 (co-author: Srinivasan, M. Kantarcioglu)

A Scalable Multi-level Feature Extraction Ttchnique to Detect Malicious Executables, Information Systems Frontiers 10(1): 33-45 (2008) (co-authors: M. Masud, L. Khan).

Secure Scalable P2P Data Grid, Accepted in IEEE Transactions on Dependable and Secure Computing, Accepted January 2008 (co-authors: I. Yen, M. Tu et al)

Policy Management in Assured Information Sharing, Journal of Information Security and Privacy, 2008. (Y. Harshakumar et al)

Geospatial RDF and Security, Computer Standards and Interfaces Journal, 2008 (special issue from ICDE conference workshop)

52. A Scalable Multi-level Feature Extraction Technique to Detect Malicious Executables, Mohammad Masud, Latifur Khan, and Bhavani Thuraisingham; Information Systems Frontiers, Springer Netherlands, Vol. 10, No. 1, Page 33-45

53. The Applicability of the Perturbation Based Privacy Preserving Data Mining for Real-World Data,, " Data and Knowledge Engineering (DKE), 65(1): 5-21 (2008) Leading Journal (Li Liu, Murat Kantarcioglu).

54. Managing Risks in Distributed Environments, Risk and Decision Analysis Journal, 2008 (Ebru Celikel, Murat Kantarcioglu, Elisa Bertino).

55. Exploiting an antivirus interface,. Computer Standards & Interfaces 31(6): 1182-1189 (2009) (Kevin W. Hamlen, Vishwath Mohan, Mohammad M. Masud, Latifur Khan).

56. Privacy Preservation in Wireless Sensor Networks: A State-of-the-art Survey, Ad-Hoc Networks Journal, (coauthors: L. Na et al).

57. Design of a Secure Social Network, Computer Systems Science and Engineering, Accepted 2009.

58. Delegation Model for Web Services, Accepted in the Journal of Web Services Research 2009 (W. She, I. Yen).

59. Relationalization of Provenance Data in Complex RDF Reification Nodes," Special Issue of Electronic Commerce Research Journal on Trust and Privacy Aspects of Electronic Commerce, 2009 (S. Sriram et al).

Classification and Novel Class Detection in Concept-Drifting Data Streams under Time Constraints, Accepted IEEE Transactions on Knowledge and Data Engineering, 2010 (co-authors: M. Masud, L. Khan, J. Han).

Policy and Model for Social Networks, Accepted for Publication in Computers and Security, 2010 (special issue for SACMST conference), co-authors: B. Carminati et al.

Semantic Web, Data Mining and Security, To appear in IEEE Intelligent Systems Special Issue, 2010 (coauthors: M. Kantarcioglu and L. Khan)

Distributed Systems/Data Management/ /AI Applications/Real-time Systems

62. Artificial Intelligence Applications in Distributed System Design Issues, 1988, IEEE Network, Vol. 2, No. 6, (coauthor: J. Larson).

63. Recovery Point Placement Algorithms for the Reverse Binary Tree Task Model, August 1989, IEEE Transactions on Software Engineering, Vol. 15, No.8, (coauthors: W. T. Tsai and S. K Chen).

64. From Rules to Frames and Frames to Rules, October 1989, AI Expert (Miller Freeman Publishers) Volume 2, No. 10. (Reviewed by Editorial Board).

65. A View of Information Modeling Relative to Data Modeling, Information Systems Management Journal (Auerbach), Vol. 9, #2, Spring 1992 (coauthor: V. Venkataraman; also reprinted in Handbook of Data Management 1993, ed: von Halle and Kull).

66. Developing Multimedia Database Management Systems utilizing the Object-Oriented Approach, Multimedia Review: Journal of Multimedia Computing, Vol. 3, #2, 1992.

67. Interoperability of Heterogeneous Database Systems: Developments and Challenges, SIGNAL Magazine: AFCEA Journal, December 1995.

68. Web Information Management and Electronic Commerce, AI Tools Journal (World Scientific), July 1999.

69. Real-time Transaction Processing, Computer Systems: Science and Practice (Chapman and Hall), 1999 (with L. DiPippo, V. Wolfe et al).

70. Data Mining, IEEE ITPro, January 2000.

71. Real-time CORBA, IEEE Transactions on Parallel and Distributed Systems (coauthor: V. Wolfe et al), October 2000.

72. Real-time Priority Ceiling Algorithm, Real-time Systems Journal (Kluwer), 2001 (co-author: V. Wolfe, L. DiPippo et al).

73. Standards for Data Mining, Computer Standards and Interface Journal (North Holland) (coauthor: C. Clifton) 2001.

74. Foundations of Data Mining: Position Paper, Communications of Institute for Information and Computing Machinery (Taiwan Journal), May 2002. (PAKDD 2002 workshop paper published as special issue in journal).

75. Collaborative Commerce and Knowledge Management, Knowledge Management Journal (Wiley Interscience), 2002.

76. Managing and Mining Multimedia Databases, AI Tools Journal (World Scientific), 2006 (keynote at ICTAI99).

77. Predicting WWW Surfing Using Multiple Evidence Combination, Accepted in VLDB Journal, Accepted 2008 (M. Awad et al).

78. A Framework for Automated Image Annotation, Accepted in Computer Systems Science and Engineering, Accepted 2007, (co-author: L Wang et al).

79. A Scalable Clustering Method Based on Density, WSEAS Transactions on Computing Research (co-authors: L. Khan and S. Bereg) 2008.

80. Emergency Response Applications: Dynamic Plume Modeling and Real-Time Routing, IEEE Internet Computing, Vol. 12, No. 1, Page 38-44, January - February 2008,( Pavan Kumar Chitumalla, Douglas Harris, and Latifur Khan).

81. R2D: A Bridge Between the Semantic Web and Relational Visualization, Semantic Computing Journal, Accepted, 2009. (S. Sriram et al).

82. Necessary and Sufficient Conditions for Transaction-consistent Global Cceckpoints in a Distributed Database System. Inf. Sci. 179(20): 3659-3672 (2009), (Jiang Wu, D. Manivannan, Bhavani M. Thuraisingham).

Computability/Complexity Theory

Representation of One-One Degrees by Decision Problems, 1982, Journal of Computer and Systems Sciences (Academic Press), Vol. 24, pp. 373-377.

Some Elementary Closure Properties of N-Cylinders, 1983, Notre Dame Journal of Formal Logic, Vol. 24, No. 2, pp. 242-253.

The Concept of N-Cylinder and its Relationship to Simple Sets, 1983, Notre Dame Journal of Formal Logic, Vol. 24, No. 3, pp. 328-336.

Cylindrical Decision Problems, 1983, Notre Dame Journal of Formal Logic, Vol. 24, No. 2, pp. 188-198.

System Functions and their Decision Problems, 1984, Zeitschrift fur Mathematische Logik und Grundlagen der Mathematik, Vol. 30, pp. 119-128. (now Journal of Mathematical Logic)

The Concept of N-Cylinder and its Application , 1986, Zeitschrift fur Mathematische Logik und Grundlagen der Mathematik, Vol. 32, pp. 211-219.

89. Reducibility Relationship Between Decision Problems, 1987, Zeitschrift fur Mathematische Logik und Grundlagen der Mathematik, Vol. 33, pp. 305-312.

90. Representing One-One Degrees by N-Cylindrical Decision Problems, December 1988, Zeitschrift fur Mathematische Logik und Grundlagen der Mathematik, Vol. 34, No. 6.

91. System Function Languages, Mathematical Logic Journal, Vol. 39, 1993.

A Construction of Cartesian Authentication Codes from Orthogonal Spaces over a Finite Field of Odd Characteristic, Discrete Mathematics, Algorithms and Applications 2009 (co-authors: Z. Li et al)

A Better Approximation for Minimum Average Routing Path Clustering Problem in 2-D Underwater Sensor Networks, Discrete Mathematics, Algorithms and Applications 2009 (co-authors: D. Kim et al)

II. CONFERENCES PAPERS

Data and Applications Security

1. Secure Query Processing Using AI Techniques, January 1988, Proceedings of the IEEE Hawaii International Conference on Systems Sciences, pp. 561-570, (coauthors: W. T. Tsai and T. F. Keefe) - Best Paper Award for Software Tracks (enhanced version in IEEE Computer 1989).

2. A Multilevel Security Policy for Object-Oriented Systems, October 1988, Proceedings of the 11th National Computer Security Conference, Baltimore, MD, (coauthors: W. T. Tsai and T. F. Keefe).

3. Prototyping as a Research Tool for MLS/DBMS, October 1988, Proceedings of the IFIP WG 11.3 Conference on Database Security, Kingston, Ontario, Canada, (also published as book chapter by North Holland, 1989) (coauthors: W. Tsai and D. Thomsen).

4. Novel Approaches to the Inference Problem, June 1990, Proceedings of the 3rd RADC Database Security Workshop, New York.

5. The Inference Problem in Multilevel Secure Database Management Systems, June 1990, Proceedings of the 3rd RADC Database Security Workshop, New York (coauthors: W. Ford, M. Collins, J. O'Keeffe).

6. Trusted Distributed Database Management Systems June 1990, Proceedings of the 3rd RADC Database Security Workshop, New York, (coauthor: H. Rubinovitz).

7. An Approach to Security Constraint Processing, April 1991, Proceedings of the 4th RADC Database Security Workshop, Little Compton, RI (coauthor: W. Ford, M. Collins).

8. Trusted Distributed Database Management Systems - A Progress Report, April 1991, Proceedings of the 4th RADC Database Security Workshop, Little Compton, RI, (coauthors: H. Rubinovitz).

9. Handling Association-based Constraints in Multilevel Databases, April 1991, Proceedings of the 4th RADC Database Security Workshop, Little Compton, RI.

10. Foundations of Multilevel Databases, May 1988, Proceedings 1st RADC Database Security Invitational Workshop, Menlo Park, CA, (Proceedings published by Springer Verlag, 1992, Ed: T. Lunt – Book Chapter).

11. Design of an Update Processor for MLS/DBMS, October 1988, Invited paper, Proceedings of the 11th National Computer Security Conference, Baltimore, MD; addendum to Proceedings (coauthors: P. Stachour and P. Dwyer).

12. Design of a Query Processor for MLS/DBMS, December 1988, Proceedings of the 4th IEEE Aerospace Computer Security Conference, Orlando, (coauthors: P. Dwyer, E. Onuegbe and P. Stachour).

13. Security Checking with Prolog-Extensions, May 1989, Proceedings of the 2nd RADC Database Security Invitational Workshop, Franconia, NH.

14. Mandatory Security in Object-Oriented Database Systems, October 1989, Proceedings of the ACM Conference on Object-Oriented Programming, Systems, Languages and Applications (ACM OOPSLA) Conference, New Orleans, LA.

15. Multilevel Security in Object-Oriented Database Systems, October 1989, Proceedings of the 12th National Computer Security Conference, Baltimore, MD.

16. Secure Query Processing in Intelligent Database Management Systems, December 1989, Proceedings of the 5th IEEE Computer Security Applications Conference Tucson, AZ.

17. Recursion Theoretic Complexity of the Inference Problem in Database Security, June 1990, Presented at the 3rd IEEE Workshop on Foundations of Computer Security, Franconia, NH (public release was not obtained in time for proceedings; printed as MITRE Paper M291 June 1990).

18. Multilevel Security for Multimedia Systems, September 1990, Proceedings of the 4th IFIP WG 11.3 Conference on Database Security, Halifax, England, (also published as book chapter by North Holland, 1991).

19. Secure Query Processing in Distributed Database Management Systems - Design and Performance Study, December 1990, Proceedings of the 6th IEEE Computer Security Applications Conference, Tucson, AZ, (coauthor: A. Kamon).

20. Implementation and Simulation of Secure Distributed Query Processing Algorithms, Proceedings of the 1991 Computer Simulation Conference, Baltimore, MD, (coauthor: H. Rubinovitz).

21. A Nonmonotonic Typed Multilevel Logic for Multilevel Database Management Systems, June 1991, Proceedings of the 4th IEEE Computer Security Foundations Workshop, Franconia, NH.

22. Issues on the Design and Implementation of an Intelligent Database Inference Controller, Proceedings of the 1991 IEEE International Conference on Systems, Man, and Cybernetics, Charlottsville, VA, (co-author: W. Ford).

23. The Use of Conceptual Structures to Handle the Inference Problem, November 1991, Proceedings of the 5th IFIP WG 11.3 Conference on Database Security, Shepherdstown, VA. (Also published by North Holland, 1992.)

24. Design and Implementation of a Database Update Processor, Proceedings of the 7th IEEE Computer Security Applications Conference, San Antonio, TX, December 1991 (coauthor: M. Collins, W. Ford).

25. Design and Simulation of Secure Distributed Concurrency Control Algorithms, Proceedings of the 1992 Computer Simulation Conference, Nevada, July 1992. (co-author: H. Rubinovitz)

26. A Nonmonotonic Typed Multilevel Logic for Multilevel Database Management Systems - II, June 1992, Proceedings of the 5th IEEE Computer Security Foundations Workshop, Franconia, NH.

27. On Knowledge-Based Inference Control, Proceedings of the 15th National Computer Security Conference, Baltimore, MD, October 1992.

28. A Note on the Security Impact on Real-time Database Management Systems, Proceedings of the 5th RADC Database Security Workshop, New York, October 1992.

29. Secure Computing with the ACTORS Paradigm, Presented at the ACM/SIGSAC New Computer Security Paradigms Workshop, Little Compton, RI, September 1992. (Proceedings published by ACM Press, 1993)

30. An Object-Oriented Approach to Modeling Multilevel Database Applications, Proceedings of the ACM Conference Workshop on Object-Oriented Programming Language, Systems, and Applications, Vancouver, B.C., October 1992. (co-author: P. Sell)

31. Towards the Design and Implementation of a Multilevel Secure Deductive Database Management System, Proceedings of the 26th Hawaii International Conference on Systems Sciences, January 1993.

32. Parallel Processing and Trusted Database Management Systems - Applying One Technology to the Other, Proceedings of the 1993 ACM Conference in Computer Science, Indianapolis, Indiana.

33. Security and Integrity Constraint Processing in a Multilevel Secure Distributed Environment, MILCOM 93, October 1993 (coauthors: A. Abreu, H. Rubinovitz, M. Collins) (classified session)

34. Towards a Multilevel Secure Database Management System for Realtime Applications, Proceedings of the First IEEE Workshop in Realtime Computing, May 1993. (coauthor: S. Son)

35. Design and Implementation of a Distributed Database Inference Controller, Proceedings of the 17th IEEE COMPSAC Conference, November 1993. (coauthor: H. Rubinovitz, D. Foti, A. Abreu)

36. Security and Integrity in Distributed Database System, Database Colloquium 93, San Diego, CA, August 1993. (co-authors: D. Small, D. Goldsmith - proceedings available in electronic media.)

37. Applying OMT for Multilevel Database Application Design, Proceedings of the 7th IFIP Conference in Database Security, Huntsville, Alabama, September 1993. (coauthor: P. Sell; also published as book chapter by North Holland, 1994.)

38. Object-oriented Approach to Interconnecting Trusted Database Management Systems, September 1993, ACM OOPSLA-93 Conference Workshop on Object Persistence in Heterogeneous Database Environments, Washington D.C. (coauthor: H. Rubinovitz)

39. Security Constraint Processing in a Distributed Database Environment, Proceedings of the 1993 ACM Computer Science Conference, Phoenix, AZ, March 1994. (coauthor: H. Rubinovitz)

40. Database Inference Control, Proceedings of the DoD Database Security Workshop, Maine, June 1994 (co-authors: M. Collins and H. Rubinovitz).

41. MLS Database Application Design, Proceedings of the DoD Database Security Workshop, Maine, June 1994 (co-authors: S. Lewis, D. Marks, P. Sell, S. Wiseman).

42. Hypersemantic Data Modeling for Inference Analysis, Proceedings of the 8th IFIP Working Conference in Database Security, Hildesheim, Germany, August 1994. (co-authors: D. Marks, L. Binns, also as book chapter by North Holland 1995).

43. A Fine-grained Access Control Model for Object-oriented DBMS, Proceedings of the 8th IFIP Working Conference in Database Security, Hildesheim, Germany, August 1994. (co-authors: A. Rosenthal et al, also as book chapter by North Holland, 1995).

44. An Adaptive Policy for Improved Timeliness in Secure Database Systems, Proceedings of the 9th IFIP Working Conference in Database Security, New York, August 1995. (coauthors: S. Son and R. David, also as book chapter by North Holland 1996).

45. Design and Implementation of a Database Inference Controller Utilizing a Deductive Object-Oriented Data Model, Proceedings of the 13th DOD Database Colloquium, San Diego, CA, August 1996. (coauthors: M. Collins, D. Marks, B. Neuman).

47. Survivability Issues for Real-time for Evolvable Command and Control Systems, Proceedings of the Information Survivability Workshop, February 1997 (coauthor: J. Maurer et al).

48. Survivability Issues for Adaptable Command and Control Systems, Proceedings of the Information Survivability Workshop (coauthor: J. Maurer et al), October 1998.

46. Data Mining, Data Warehousing and Security, Proceedings of the IFIP Conference Book, Chapman and Hall, 1997 (version of keynote address at conference, 1996; editor: P. Samarati and R. Sandhu); also presented at CODATA Conference, Paris, June 1999.

49. Information Survivability for Adaptable and Evolvable Command and Control Systems, proceedings IEEE FTDCS Conference, Cape Town, December 1999 (coauthor: J. Maurer).

50. Web Security, Proceedings WETICE June 2001 (coauthor: E. Bertino et al).

51. Data and Applications Security: Developments and Directions Proceedings IEEE COMPSAC, 2002.

52. Building Secure and Dependable Semantic Webs, Proceedings IEEE ICTAI 2002.

53. Security Issues for the Semantic Web, Proceedings IEEE COMPSAC 2003.

54. Data and Applications Security: Past, Present and Future, Proceedings of IFIP Conference Book, Kluwer Publishers, to appear, 2004 (version of keynote address at conference, 2003; Editor: I. Ray).

55. Security and Privacy for Web Databases and Web Services, Proceedings of the EDBT Conference, March 2003, Crete. (coauthor: E. Ferrari) (based on keynote address at EDBT).

56. RDF Security, Proceedings of the DEXA Workshop on Web Semantics, Spain, August 2004 (coauthor: B. Carminati et al).

57. Complexity of the Privacy Problem, Proceedings Foundations of Data Mining, Workshop, England, 2004 (Proceedings by lecture notes Springer).

58. Secure Model Management, Proceedings IEEE E-Commerce Workshop, Hong Kong, May 2005 (co-author: K. Zhang et al).

59. Model Management in Data Interoperability, Proceedings IFIP Database Security Conference, August 2005 (K. Zhang et al)

60. Multilevel Teleconferencing, IFIP Database Security Conference, 2005 (co-author: C. Farkas et al).

61. Real-time Dependable Data Mining, Proceedings ISORC 2005 (co-author: C. Clifton et al).

62. A Framework for a Video Analysis Tool for Suspicious Event Detection, ACM SIGKDD Multimedia Data Mining Workshop, Chicago, IL 2005 (co-author: G. Lavee et al).

63. Message Correlation in Automated Communication Surveillance through Singular Value Decomposition, Proceedings ACM MM Workshop, Chicago, IL, 2005 (co-author: R. Layfield, et al).

64. Privacy Preserving Data Mining, Proceedings IEEE IDCM Workshop on Privacy preserving Data Mining, Houston, TX, 2005.

65. Secure and Dependable TMO, Proceedings ISORC, 2006 (co-author: J. Kim).

66. Security for Web Services, Proceedings IEEE Workshop in Secure Web Services, May 2006 9co-autjor: C. Farkas et al).

67. Detection and Resolution of Anomalies in Firewall Policy Rules, Proceedings IFIP Data and Applications Security Conference, 2006 (coauthor: L. Khan et al).

68. Data Mining for Malicious Code Detection, Proceedings Second SKM Workshop, NY, September 2006 (coauthor: L. Khan et al; enhanced version appeared in Information Systems Frontiers).

69. Access Control for Geospatial Web Services, Proceedings ACM CCS Conference Workshop, and November 2006. (coauthor: A. Ashraful et al).

70. Geospatial RDF, ISWC Conference on Geospatial Semantic Web, 2006 (coauthor: A. Ashraful).

71. Data Mining for Automatic Face Recognition, IEEE ICTAI Conference Proceedings, November 2006 Washington DC, November 2006.

72. Adaptive Privacy Preserving Data Mining, Proceedings IEEE ICDM Conference Workshop on Privacy Preserving Data Mining, Hong Kong, December 2006. (enhanced version to appear in DKE).

73. Simulation of Distributed Trust Management for Coalition Data Sharing, Proceedings FTDCS, 2007.

74. Algorithm for Fingerprint Matching, Proceedings ARES, April 2007.

75. Data Warehousing Security, Proceedings ARES, April 2007 (enhanced version to appear in data warehousing journal).

76. Secure and Dependable TMO – II, Proceedings ISORC, May 2007.

77. Risk Management and Security, Proceedings Risk management conference, Dallas, TX May 2007.

78. Geospatial Data Mining for National Security, Proceedings ISI, May 2007.

79. Data Mining for Worm Detection, Proceedings ICC 2007.

80. Game Theory Applications for Secure Coalition Data Sharing, Proceedings IFIP Data and Applications Security, Redondo Beach, CA, July 2007.

81. Anonimization Techniques for Outsourcing Security Data, Proceedings SECURICOM, Nice France, September 2007 (coauthors: William Yurcik, et al).

82. Centralized Security Labels in Decentralized P2P Networks, Computer Security Applications Conference, December 2007 (ACSAC) (co-authors: N. Tsybulnik and K. Hamlen)

83. Delegation-Based Security Model for Web Services,. HASE 2007: 82-91 (coauthors: Wei She, I. yen).

84. Building Secure Applications for Peer to Peer Systems, Proceedings TRUST workshop, NY, November 2007.

85. Hybrid Signature Free Approach for Detecting Malicious Executables, Proceedings IFIP Digital Forensics Conference, Kyoto, January 2008.

86. GRDF and Secure GRDF, Proceedings ICDE Conference Workshop in Secure semantic web, Co-author: A. Ashraful et al), April 2008.

87. Toward Trusted Sharing of Network Packet Traces Using Economization: Single-Field Privacy/Analysis Tradeoffs, CoRR abs/0710.3979: (2007) (coauthors: William Yurcik, Clay Woolam, Greg Hellings, Latifur Khan).

88. Measuring Anonymization Privacy/analysis Tradeoffs Inherent to Sharing Nnetwork Data, NOMS 2008: 991-994 (coauthors: W. Yurick et al).

89. The SCRUB Security Data Sharing Infrastructure, NOMS 2008: 630-644 (coauthors: Y. Yurick et al, also software available as Opensource).

90. Making Quantitative Measurements of Privacy/Analysis Tradeoffs Inherent to Packet Trace Anonymization, Financial Cryptography 2008: 323-324 (coauthors: W. Yurick et al).

91. Privacy/Analysis Tradeoffs in Sharing Anonymized Packet Traces: Single-Field Case,. ARES 2008: 237-244 (coauthors: W. Yurick et al).

92. ROWLBAC - Representing Role Based Access Control in OWL, Proceedings ACM SACMAT June 2008 (coauthors: T. Finin, L Kagal et al).

93. Accountability for Grid, DOE Conference on Cyber Security, Knoxville, TN, (coauthor: E. Bertino)

94. "Role Based Access Control and OWL", Proceedings of the fourth OWL: Experiences and Directions Workshop, April 2008, (coauthor: T. Finin et ).

95. Incentive and Trust Issues in Assured Information Sharing Invited Paper, CollaborateCom, 2008 (coauthors: R. Layfield, M. Kantarcioglu).

96. Data Mining for Cyber Security Applications, Proceedings TRUST 2008, Shanghai (coauthor: L/ Khan, K. Hamlen et al).

97. Trustworthy Semantic Web Technologies for Secure Knowledge Management, TPS 2008, Shanghai (coauthor: P. Parikh).

98. Secure, Highly Available, and High Performance Peer-to-Peer Storage Systems, HASE 2008 (coauthor: I. Yen et al).

99. Enhancing Security Modeling for Web Services Using Delegation and Pass-On,
ICWS 2008 (coauthor: She, Wei; Yen, I-Ling).

100. Flow-based Identification of Botnet Traffic by Mining Multiple Log Files. Proceedings of the International Conference on Distributed Frameworks & Applications (DFMA), Penang, Malaysia, Oct 21-22, 2008. (coauthors: M. Masud et al).

101. Novel Privacy Preserving Data Mining Algorithm, HICCS 2009 (coauthor: Li Liu et al) – Nominated for best paper award..

102. Enhancing Security Modeling for Web Services Using Delegation and Pass-On, ICWS 2008, (Wei She, I-Ling Yen)

103. , HASE 2008: 383-391, (Yunqi Ye, I-Ling Yen, Liangliang Xiao).

104. W. Flow-based Identification of Botnet Traffic by Mining Multiple Log Files, In proceedings of the International Conference on Distributed Frameworks & Applications (DFMA), Penang, Malaysia, Oct. 2008, (Masud, M. M., Al-khateeb, T., Khan, L., Hamlen, K.).

105. Incentive and Trust Issues in Assured Information Sharing ,CollaborateCom, Orlando, FL, November 2008 (invited paper, Ryan Layfield and Murat Kantadcioglu).

106. Trustworthy Semantic Web and Knowledge Management, IEEE Symposium on Trust, Security and Privacy for Pervasive Applications, (TSP) December 2008.

107. Privacy Preserving Decision Tree Mining from Perturbed Data. HICSS 2009: 1-10, Nominated for best paper award (Li Liu and Murat Kantarcioglu).

108. Enhancing Security Modeling for Web Services Using Delegation and Pass-On – II:
ICWS 2009 (coauthor: She, Wei; Yen, I-Ling, E. Bertino).

109. Secure Social Network Analysis, IEEE ISI Conference Workshop on Social Computing, 2009 (coauthor: R. Layfield).

110. Assured Information Sharing, IE.EE ISI Conference workshop on Social Computing, 2009 (coauthor: T. Finin et al).

111. A Semantic Web Based Framework for Social Network Access Control,. SACMAT 2009: 177-186, (Barbara Carminati, Elena Ferrari, Raymond Heatherly, Murat Kantarcioglu).

Real-time Processing: Objects, Data Management and Networks

112. Implementing Distributed Application in Local Area Network, October 1987, Presented at the 12th IEEE Local Computer Network Conference, Minneapolis, MN, Proceedings, pp. 142 (coauthors: W. T. Tsai, K. W. Hwang, abstract in proceedings, paper distributed at conference).

113. MCNIU- A High Performance Local Area Network for Space Station Application, October 1987, Proceedings of the Fiber Optic Communication Local Area Network Conference, Anaheim, CA, pp. 69-73, (co-authors: P. Gonia, D. Myers and T. Chan).

114. RT-OMT: A Realtime Object Modeling Technique for Designing Realtime Database Applications: A Position Paper, Proceedings of the 2nd IEEE Realtime Systems Applications Workshop, July 1994, MD, (coauthor: A. Schafer).

115. On Realtime Extensions to the Common Object Request Broker Architecture, Proceedings of the OOPSLA 94 Conference Workshop on CORBA, Portland, OR. October 1994, (co-authors: P. Krupp, A. Schafer, V. Wolfe)

116. An Integrated Architecture for Constraint Processing in Real-time Database Management Systems, Proceedings of the 1994 High Performance Computing Symposium, Phoenix, AZ, April 1995.

117. Evolvable Systems Initiative for Real-time C3 Systems, Proceedings of the 1st IEEE Complex Systems Conference, November 1995, Florida,(coauthors: E. Bensley et al).

118. Real-time Extensions to Remote Procedure Call, Proceedings of the IEEE High Performance Computing Conference, December 1995, (coauthors: V. Wolfe et al).

119. Object-oriented Approach to Developing Real-time Infrastructure and Data Manager, Proceedings of the IEEE Workshop on Object-Oriented Real-time Systems, Laguna Beach, CA, February 1996, (coauthor: E. Bensley et al).

120. Design and Implementation of an Active Real-time Database Management System, Proceedings of the Intelligent Information Systems Management Conference, June 1996, (coauthors: G. Gengo).

121. Integrating Priority Ceiling with Semantic Locking Concurrency Control, Proceedings of the 1st Real-time Database Workshop, March 1996, (coauthor: V. Wolfe et al).

122. Evolvable Systems Initiative for Real-time C3 Systems - II, Proceedings of the 2nd IEEE Complex Systems Conference, October 1996, Montreal, (coauthors: E. Bensley et al).

123. Active Real-time Data Management for Command and Control Applications, Proceedings DARTWorkshop, CIKM Conference, MD, November 1996, (coauthor: E. Hughes et al).

124. Integration of Real-time Infrastructure, Data Manager, and Tracker, Proceedings of the IEEE Workshop on Object-Oriented Real-time Systems (WORDS), Newport Beach, CA, February 1997.

125. Real-time Object Data Management for Command and Control Applications, Proceedings VLDB 1997 (Athens, Greece; coauthor: R. Ginis, et al).

126. Adaptable Real-time Object Management, Proceedings RTDB Workshop 1997, (coauthor: R. Ginis, E. Hughes, et al).

127. Realtime CORBA at MITRE, URI, Nrad, TriPacific, Proceedings RT Middleware workshop, 1997, (coauthor: V. Wolfe et al).

128. Concurrency Control for Real-time Object Database Systems, Proceedings IEEE ISORC, Kyoto, April 1998, (coauthor: V. Wolfe, et al).

129. Component Technology for Adaptable Evolvable Command and Control Systems, Web Proceedings of the DARPA/OMG Workshop on Compos ability, January 1998, (coauthor: P. Rupp et al).

130. Adaptable Real-time Command and Control Systems, Proceedings of the IEEE ISADS Conference, March 1999, (coauthor: J. Maurer et al, Tokyo, Japan).

131. On the Design and Implementation of CORBA-based Real-time Trader Service for Command and Control Systems, Proceedings of the IEEE ISORC Conference, May 1999, (coauthor: J. Maurer et al, St Malo, France).

132. Dependable Objects for Databases, Middleware, and Methodologies, (coauthor: Dr. Marion Cerotic), Proceedings IEEE WORDS 99F, Monterey, CA.

133. Real-time Agents, Proceedings IEEE WORDS 99F, (coauthor: L. Dippier), Monterey, CA.

134. Benchmarking Distributed Real-time Objects, Proceedings IEEE ISORC 2000, (coauthor: John Maier et al), Newport Beach, CA.

135. Real-time Multimedia Object Mining, Proceedings IEEE ISORC, ISORC, 2001, (coauthor: M. Cerotic et al), Magdeburg, Germany.

136. Dependable Semantic Webs, Proceedings IEEE WORDS 2002 (keynote address published as paper, also version appeared in IEEE ICTAI 2002) San Diego, CA.

137. Dependable Sensor Information Management, Proceedings IEEE WORDS 2003F, Capri Island.

138. . ISORC 2008: 69-75 , (co-authors: Vana Kalogeraki, Dimitrios Gunopulos, Ravi S. Sandhu).

139. , EuroHaptics 2008: 295-300, (co-authors: Gregory S. Lee).

140. RT-KDD for Rapid Response, Proceedings HICCS 2009 (coauthor: J. Han et al) Nominated for best paper award.

141. RT-SOA, Proceedings COMPSAC Conference Workshop, July 2009 (co-author: I. Yen).

142. Secure Semantic Grid for Cyber Physical Systems and Applications, Proceedings DHS/CPS Workshop on Cyber Physical Systems Security, Newark, NJ, July 2009.

143. Classification and Novel Class Detection in Data Streams with Active Mining, To appear in the 14th Pacific-Asia Conference on Knowledge Discovery and Data Mining, 2010 Hyderabad, India. (coauthors: Mohammad M. Masud, Jing Gao, Latifur Khan, Jiawei Han).

Data Management and Mining/Geospatial information systems/Semantic Web

144. Design of a Distributed Data Dictionary System, June 1987, Proceedings of the National Computer Conference, Chicago, IL, pp. 583-590, (coauthors: H. Lu and K. Mikkilineni).

145. Knowledge-Based User Interface Design Issues for Heterogeneous Networks, September 1988, Proceedings of the Australian Computer Conference, Sydney, Australia.

146. Knowledge-Based Application Development Toolkit, February 1989, Proceedings of the 5th IEEE International Conference on Data Engineering, Los Angeles, CA, (coauthors: R. Bell and H. Atchan).

147. XIMKON: An Expert Simulation and Control Program, AAAI Conference Workshop on AI in Process Engineering (coauthors: F. Konar, 1988).

148. XIMKON- An Expert Simulation and Control Program, June 1989, Proceedings of the American Control Conference, Pittsburgh, PA, (coauthors: F. Konar and P. Felix; enhanced version of AAAI Workshop 1988 paper).

149. Expert Network Simulation and Control, March 1989, Proceedings of the 7th Applications of Artificial Intelligence Conference, Orlando, FL.

150. Applying OMT for Designing Medical Database Applications, September 1993, Proceedings of the OOPSLA Conference Workshop on Information Modeling, Washington D.C.

151. Extending an Object-Oriented Data Model for Representing Multimedia Database Applications, Proceedings of the OOPSLA 94 Conference Workshop on Information Modeling, Portland, OR. October 1994, (coauthor: K. Nwosu).

152. Object-Oriented Approach for the Interoperability of Persistent Database Systems, Proceedings of the OOPSLA 94 Conference Workshop on Persistence in Heterogeneous Database Systems, Portland, OR. October 1994, (coauthor: R. Nemec) .

153. Consistent Data Access in a Distributed Database Management System for Command and Control Applications, Proceedings of the High Performing Computing Symposium, April 1994. San Diego, CA ,(coauthors: D. Small, D. Goldsmith).

154. Distributed Database Technology for Mobile Computing and Communications Systems, Proceedings of the IEEE Technology Dual Use and Applications Conference, Utica, NY, May 1994.

155. Applying OMT for designing Multimedia Information Systems Applications, Proceedings of the IEEE Technology Dual Use and Applications Conference, Utica, NY, May 1994. (coauthor: K. Nwosu)

156. Distributed Multimedia Database Systems, Proceedings of the AIPASG Symposium, March 1994, (Abstract in Proceedings; coauthor: B. Lavender).

157. Object-Oriented Approach to Federated Data Management, Proceedings of the ISMM International Conference on Intelligent Information Management Systems, Washington D.C., June 1994, (coauthor: N. Idris).

158. On Dynamic Reallocation of Parallel Retrievable Objects, Proceedings of the Distributed Multimedia Systems Applications Conference, Honolulu, HI, August 1994, (coauthor: P. Bobbie).

159. Maintaining Integrity in a Distributed Heterogeneous Database System, Proceedings of the DOD Database Colloquium 94, San Diego, CA, August 1994, (coauthor: D. Goldsmith).

160. The Role of Standards in the Interoperability of Heterogeneous Database Systems, Proceedings of the DOE Office Information Technology Conference, August 1994 (coauthor: M. Zemankova) (abstract and presentation published in Proceedings).

161. Distributed Database Management for C3I Systems, Proceedings of the MILCOM 94 Conference, Ft. Monmouth, NJ, October 1994, (coauthors: A. Grasso, M. Collins; classified session).

162. Application of Object-Oriented Technology for Integrating Heterogeneous Database Systems, Proceedings of the ACM Computer Science Conference, Nashville TN, March 1995.

163. Storage Management in Multimedia Database Systems, Proceedings of the IEEE Phoenix Conference on Computers and Communications, Phoenix, AZ March 1995, (coauthor: K. Nwosu).

164. Massive Digital Data Systems Initiative, Proceedings of the AIPASG Symposium, March 1995, (coauthors: R. Kluttz, et al); an update published in AIPASG Symposium, March 1996, (coauthor: H. Curran et al).

165. Massive Data and Information Systems Initiative at MITRE, Proceedings of the AIPASG Symposium March 1995 (also versions given at MITRE conferences).

166. Applying OMT to design Medical Information Systems Applications, Proceedings of the Intelligent Information Systems Management Conference, Washington D.C. June 1995.

167. Distributed Object Management for Integrating Heterogeneous Databases, Proceedings of the 1995 DOD Database Colloquium, San Diego, CA (coauthors: M. Ceruti et al).

168. Data Mining and Visualization, A Position Paper, Databases in Visualization Workshop, Atlanta, GA, Oct. 19’96, (coauthor: G. Grinstein) Proceedings published by Springer Verlag, 1996.

169. Interactive Data Mining and its Impact on the World Wide Web, Proceedings Compugraphics and Visualization Techniques, Paris, December 1996.

170. Text Mining, AIPASG, 1997, (co-author: C. Clifton et al).

171. Text Mining and Visualization, Proceedings of the KDD Workshop on Data Mining and Visualization, Newport Beach, CA, August 1997 (also in IEEE Visualization workshop, October 1997).

172. Understanding and Applying Data Mining for C3I Applications, Proceedings IEEE COMPSAC 2000 (coauthor: M. Ceruti).

173. Data Management for Global Command and Control Systems, AFCEA Database Colloquium, 2000, (coauthor: J. Putman).

174. Data Mining for E-commerce, Proceedings SPIE, 2000, Orlando, FL, (coauthor: A. Grasso et al).

175. Neural Networks and Data Mining, AFCEA 2001, San Diego, CA, (coauthor: C. Clifton).

176. Data Management for the 21^st Century, Proceedings SMC, July 2002, (coauthor: M. Ceruti).

177. Data Quality, Kluwer 2002 (based on keynote address at IFIP Integrity, November 2001, (co-author: E. Hughes).

178. Geospatial Data Qualities as Web Services Performance Metrics, Proceedings ACM GIS, November 2007, (co-author: G. Subbiah et al).

179. DAGIS: A Geospatial Semantic Web Services Discovery and Selection Framework, GeoS 2007, Mexico City, November 2007, (coauthor: G. Subbiah et al).

180. Ontology Alignment Using Multiple Contexts. International Semantic Web Conference (Posters & Demos) 2008, (coauthors: J. Partyka et al).

181. An Effective Theory Based K-Nearest Classification Algorithm, Proceedings WEB Intelligence 2008, Sydney, (coauthor: L. Khan et al).

182. Content-based Ontology Matching for GIS Datasets, ACM GIS 2008, (coauthors: J. Partyka et al).

183. A Practical Approach to Classify Evolving Data Streams with Limited Amount of Labeled Data, ICDM 2008 ,(coauthors: M. Masud et al).

184. A Multi-Partition Multi-Chunk Ensemble Technique to Classify Concept-Drifting Data Streams, PAKDD 2009, (coauthor: M. Masud et al).

185. Simulating Bioterrorism Thru Epidemiology Approximation, IEEE International Conference on Intelligence and Security Informatics 2008, (co-authors: Ryan Layfield, Murat Kantarcioglu).

186. An Effective Evidence Theory Based K-Nearest Neighbor (KNN) Classification,. Web Intelligence 2008:797-801, (co-authors: (Lei Wang, Latifur Khan).

187. Inferring Private Information Using Social Network Data, ). WWW 2009: 1145-1146, (co-authors: (Lei Wang, Latifur Khan).

188. A Relational Wrapper for RDF Reification, Third IFIP WG 11.11 International Conference on Trust Management (IFIPTM), West Lafayette, USA, June 15-19, 2009, (co-authors: Sunitha Ramanujam, Anubha Gupta, Latifur Khan, and Steven Seida).

189. “Relationalizing RDF Stores for Tools Reusability” ACM 18th International World Wide Web Conference (WWW 2009—Poster Session), Madrid, Spain, April 2009 (co-authors: Sunitha Ramanujam, Anubha Gupta, Latifur Khan, and Steven Seida).

190. On the Mitigation of Bioterrorism through Game Theory Infection Model, ISI 2009., (co-authors: Ryan Layfield and Murat Kantarcioglu).

191. Social Network Classification Incorporating Link Type, ISI 2009 (co-authors: Raymond Heatherly and Murat Kantarcioglu). ).,

192. Temporal Geosocial Semantic Web for Military Stabilization and Reconstruction Operations, Proceedings SIGKDD Conference Workshop on Intelligence and Security Informatics, 2009.

193. A Multi-partition Multi-chunk Ensemble Technique to Classify Concept-Drifting Data Streams. PAKDD 2009: 363-375, (co-authors: Mohammad M. Masud, Jing Gao, Latifur Khan, and Jiawei Han).:

194. R2D: Extracting Relational Structure from RDF Stores, Web Intelligence, September 2009, (co-authors: Sunitha Ramanujam, Anubha Gupta, Latifur Khan, and Steven Seida).

195. Integrating Novel Class Detection with Classification for Concept-Drifting Data Streams, PKDD, September 2009 (co-authors: L. Khan, M. Masud, J. Han et al).

196. 'Semantic Schema Matching Without Shared Instances', Proceedings IEEE Semantic Computing Conference, 2009 (short paper – coauthor: L. Khan et al)).

197. 'R2D: A Bridge between the Semantic Web and Relational Visualization Tools' Proceedings IEEE Semantic Computing Conference, 2009 (long – regular – paper, coauthor: L. Khan et al).

198. 'Semantic Web for Content Based Video Retrieval' Proceedings IEEE Semantic Computing Conference, 2009 (short paper – coauthor: B. Prabhakaran et al).

199. Geographically-typed Semantic Schema Matching. GIS 2009: 456-459 (coauthors: Jeffrey Partyka, Latifur Khan).

200. Storage and Retrieval of Large RDF Graph Using Hadoop and MapReduce. CloudCom 2009: 680-686, (co-authors: Mohammad Farhan Husain, Pankil Doshi, and Latifur Khan).

III. BOOKS AUTHORED

Series 1: Data Management, Data Mining, Data Security for Technical Managers

1. Data Management Systems Evolution and Interoperation, CRC Press, May 1997.

2. Data Mining, Technologies, Techniques Tools and Trends, CRC Press December 1998

3. Web Data Management and Electronic Commerce, CRC Press,June 2000

4. Managing and Mining Multimedia Databases, CRC Press, June 2001

5. XML, Databases and Semantic Web, CRC Press, March 2002

6. Web Data Mining and Counter-terrorism, CRC Press, June 2003

7. Database and Applications Security: Integrating Data Management and Information Security, CRC Press/Auerbach, June 2005.

8. Building Trustworthy Semantic Webs, CRC Press/Auerbach, 2007

9. Secure Service Oriented Architectures, CRC Press (contract signed) expected publication 2010 June

Series 2: Research from PhD/MS Thesis of Students

10. Design and Implementation of Tools for Data Mining Applications, CRC Press, June 2009

(co-authors: L. Khan, M. Awad, L. Wang).

11. Data Mining Tools for Malware Detection, CRC Press, June 2011 (contract to be signed) (co-authors: L. Khan, M. Masud).

IV. BOOK CHAPTERS (not including reprints from conference proceedings)

1. Expert System to Design Control Systems, May 1990, Artificial Intelligence in Process Engineering, Academic Press, ed: M. Mavronopoulos (co-authors: F. Konar and P. Felix).

2. Distributed Database Management Systems: Developments and Challenges, Local Area Network Handbook 1993 (Auerbach Publishers, invited paper, ed: J. Sloane and A. Drinan).

3. Object-Oriented Approach to the Interoperability of Heterogeneous Database Management Systems, Local Area Network Handbook, 1994 (Aurebach Publishers, invited paper, ed: J. Sloane).

4. Distributed Object Management System Approach to Integrating Heterogeneous Database Systems, Local Area Network Handbook, 1995 (Auerbach Publishers, invited paper, ed: R. Maybry).

5. Internet Database Management, Database Management, 1996 (Auerbach Publishers, ed: R. Mabry).

6. Secure database management, Handbook of Database Management, McGraw Hill 1996 (Ed: P. Fortier, coauthor: S. Son et al).

7. Multimedia database management, Handbook of Database Management, McGraw Hill, 1996 (Ed: P. Fortier, co-author: S. Dao).

8. Secure Database Systems, Advances on Data Management, 2000 (Editor: O. Diaz and M. Piattini; co-author: E. Ferrari - Artech House).

9. KM for Heterogeneous information exchange, Kluwer Book (co-author: A Gupta et al), 2002.

10. Managing Cyber Threats: Issues and Challenges, Kluwer (editor: V. Kumar et al), 2004.

11. Data Mining for Counter-terrorism, AAAI Press (editor: H. Kargupta et al), 2004 (MGDM Conference, 2002).

13. Secure Semantic Grids, Web and Information Systems Security, co-author: L. Khan (editors: E. Ferrari et al) Idea Group.

14. Assured Information Sharing Across Organization Boundaries, Data Mining for Counter-terrorism, Springer, 2006 (editor: H. Chen).

15. Secure Semantic Web Services, Springer, (editor: M. Gertz), 2008

16. Assured Information Sharing: Technologies, Challenges and Directions, Intelligence and Security Informatics 2008: 1-15.

17. Security for Web Services, Advanced in database Security (Editor: S. Jajodia and M Gertz)

18. Policy Management for the Semantic Web, Cyber Security, Elsevier (Editor: Shambhu Upadhyaya)

19. Security and Privacy for Social Networks, Springer, co-authors: B. Carminati et al (Editor: E. Ferrari)

V. TECHNICAL ARTICLES (not including panel presentation papers in proceedings)

1. Decision Problems for System Functions, March 1980, Recursive Function Theory Letters.

2. Recent Developments in Database Security, September 1989, Tutorial Proceedings of the IEEE COMPSAC Conference, Orlando, FL.

3. An Object-Oriented Approach for Designing Secure Systems, Fall 1989, IEEE CIPHER (co-author: F.Chase).

4. Computing Transitive Closures of Multilevel Relations, September 1990, ACM SIGMOD Record, Vol. 19, No. 3.

5. Inference Problem in Database Security, IEEE CIPHER, Winter 1991.

6. Recursion Theoretic Properties of the Inference Problem, IEEE CIPHER, Winter 1991.

7. A Note on the Recursive Enumerability of the Inference Problem in Multilevel Secure Database Management Systems, Recursive Function Theory Letters, 1992

8. Developments in Trusted Database Management Systems, ACM SIGMOD Record, Vol. 21, #3, September 1992.

9. A Survey of Concurrency Control in Trusted Database Management Systems, ACM SIGMOD Record, December 1993 (coauthor: H. Ko).

10. Engineering Real-time Complex Systems, IEEE Complex Systems, 1994/1995, (coauthors: P. Krupp, A. Kanevsky).

11. Data Management Research at the MITRE Corporation, ACM SIGMOD Record, September 1995 (coauthors: Rosenthal, et al).

12. Real-time systems and security, ACM SIGMOD Record. 1996 (coauthor: S. Son et al).

13. Data Mining, National Security, Privacy and Civil Liberties, ACM SIGKDD, December 2002.

14. Semantic Web, Essays in the Encyclopedia of Human Interaction, Berkshire Publishers, Editor: W. Bainbridge, 2004.

15. Security, Essays in the Encyclopedia of Human Interaction, Berkshire Publishers, Editor: W. Bainbridge, 2004.

16. Link Analysis for National Security, Essays in the Encyclopedia of Data Mining, Editor: J. Wang, 2004.

17. Security and Privacy for Geospatial Data Management, Encyclopedia of Geospatial Data Management, Springer, 2007 (co-authors: L. Khan et al).

18. Multimedia Data Management, Mining and Animation, Proceedings Wiley Encyclopedia, 2007 (co-authors: B. Prabhakaran, L. Khan).

19. Multilevel Secure Data Management, Encyclopedia on Database Security, Editor: E. Ferrari, 2007.

20. Mandatory Security, Encyclopedia of Information Security, Editor: E. Ferrari.

20. Privacy and Security Challenges in GIS, Encyclopedia of GIS 2008: 898-902 (co-authors Latifur Khan, Ganesh Subbiah, Ashraful Alam, Murat Kantarcioglu).

21. Geospatial Semantic Web, Definition. Encyclopedia of GIS 2008: 398 (co-authors: Latifur Khan, Ganesh Subbiah, Ashraful Alam, Murat Kantarcioglu).

22. Data Mining for Security Applications and Its Privacy Implications, Lecture Notes in Computer Science, Springer Verlag, (Based on keynote address at SIGKDD workshop 2008).

VI. MITRE JOURNALS

1. Multilevel Secure Object-Oriented Data Model - Issues on Noncomposite Objects, Composite Objects, The MITRE Journal, 1992 (Version of Journal of Object-Oriented Programming paper, 1991).

2. Object-Oriented Approach to PACS Applications, MITRE Information Systems Engineering Journal, Fall 1993.

3. Design and Implementation of a Database Inference Controller, the MITRE Journal, 1994, (coauthors: W. Ford, M. Collins, J. O'Keeffe; version of Data and Knowledge Engineering Paper, 1993).

Section 10: EDITED WORKS

I. JOURNAL SPECIAL ISSUES EDITED

1.Special issue in Security and Standards, Computer Standards and Interface Journal, 1995 (co-editor: J. Williams, editorial Introduction).

2.Special issue in Secure Database Systems Technology, IEEE Transactions on Knowledge and Data Engineering, February 1996 (co-editor: T. Ting, editorial introduction).

3. Special issue in Multimedia Database Management, Multimedia Tools and Applications Journal, 1997, (co-editors: K. Nwosu, B. Berra – also version published as book by Kluwer).

4. Special issue in Multimedia databases, IEEE Multimedia (co-editors: Nwosu, Berra, editorial introduction).

5. Special Issue in Data and Applications Security, Data and Knowledge Engineering Journal, November 2002 (co-editor: R. van der Riet).

6. Special Issue in Data and Applications Security, Journal of Computer Security, 2003 (co-editor R. van der Riet).

7. Special Issue in Data and Applications Security, Journal of Intelligent Information Systems, 2004 .

8. Privacy preserving Data Management, VLDB Journal, September 2006 (co-editor: E. Ferrari).

9. Data and Applications Security, International Journal of Information Security (co-editor: E. Ferrari).

10. Editorial for Computer Standards and Interface Journal as Editor in Chief, November 2006.

11. Foreword for book on Security Standards for Web Services (Editors: Eduardo Fernandez-Medina).

II. BOOKS EDITED

1. Database Security VI: Status and Prospects, 1993, Book by North Holland (Co-Editor: C. Landwehr). (Enhanced version of Proceedings of 6th IFIP 11.3 Working Conference in Database Security, 1992).

2. Security for Object-Oriented Systems, Book by Springer Verlag, 1994 (Co-Editor: R. Sandhu, T.C. Ting, Enhanced version of ACM OOPSLA Workshop Proceedings on Secure Object Systems).

3. Multimedia Database Management Systems, Kluwer Publications, 1996 (co-editors: B. Berra, K. Nwosu).

4. Data Management Handbook Supplement, Auerbach Publications, 1996 (Guest Editor).

5. Directions in Multimedia Database Management, Kluwer, 1997 (co-editors: B. Berra, K. Nwosu).

6. Data Management Handbook, 1998 (Consulting editor).

7. Knowledge Management, MIT Press, coeditor, 2001 (M. Maybury et al).

8. Data and Applications Security, Kluwer 2001 (co-editors: R. van der Riet et al; enhanced version of Proceedings of IFIP Database Security Conference, 2000).

9. Heterogeneous Information Exchange, Kluwer 2002 (H. Bestegoff et al Coeditor, Editorial Introduction), 2002.

10. Web Information Management Security, coeditor: E. Ferrari, Artech House, 2005.

11. System Integrity and Control, co-editor S. Wang et al, Springer, 2006.

III CONFERENCE AND WORKSHOP PROCEEDINGS EDITED

1. Proceedings of the 3rd RADC Database Security Workshop, Published as MITRE Technical Report, MTP 385, May 1991.

2. Proceedings of the 6th IFIP 11.3 Working Conference in Database Security, August 1992.

3. Proceedings of the OOPSLA-93 Conference Workshop on Integrating Object-oriented technology and Security Technology, September 1993 (co-editors: R. Sandhu and T.C. Ting).

4. Proceedings of the Massive Digital Data Systems Workshop, March 1994, (co-authors: B. Lavender et al; published by the Community Management Staff, Intelligence Community).

5. Proceedings of the OOPSLA 94, 95, and 96 Conference Workshop on Object-Oriented Technology for Medical Information Systems, October 1994, 95, 96 (co-editor: M. Ibrahim et al).

6. Proceedings of the ACM Multimedia Conference Workshop on Multimedia Database Management Systems, October 1994, Nov. 95 (co-editors: B. Berra, K. Nwosu).

7. Proceedings WORDS 1999 by IEEE CS Press, August 1999 (also edited preliminary conference proceedings in January 1999).

8. Proceedings of the 14th IFIP 11.3 Working Conference in Database Security, August 2000. (co-editor: R. van der Riet et al).

9. Proceedings ISI Conference, Springer, 2006 (co-editor: H. Chen et al).

10. SACMAT 2007, 12th ACM Symposium on Access Control Models and Technologies, Sophia Antipolis, France, June 20-22, 2007, Proceedings ACM 2007 (coeditor: V. Lotz)

11. NSF Data and Applications Security Workshop, February 2009

12. Proceedings ISI Conference, IEEE, 2009 (co-editor: H. Chen et al)

IV WORKSHOP AND SPECIAL SESSION REPORTS

1. Workshop Summary, 7th IFIP 11.3 Database Security Conference, IFIP Transactions in Database Security VII, North Holland, 1994 (Ed: Keefe and Landwehr).

2. Workshop Summary, OOPSLA-93 Conference Workshop on Security for Object-Oriented Systems, Addendum to the Proceedings of the ACM OOPSLA 93 Conference, OOPS Messenger, Vol. 5, #2, April 1994.

3. Panel Summary, ACM OOPSLA-93 Conference Panel on Integrating Object-Oriented and Security Technologies, Addendum to the Proceedings of the OOPSLA 93 Conference, OOPS Messenger, Vol. 5, #2, April 1994.

4. Workshop Summary, ACM OOPSLA-94 Conference Workshop on Object Technology in Healthcare Information Systems, Addendum to the Proceedings of the ACM OOPSLA 94 Conference, ACM OOPS Messenger, 1995 (co-authors: M. Ibrahim, S. Arora, T. C. Ting).

5. Workshop Summary, ACM Multimedia '94 Conference Workshop on Multimedia Database Management Systems, ACM SIGMOD Record, 1995.

6. Interactive Data Mining, Workgroup Session Report, Databases in visualization workshop 1995, Published by Springer Verlag, 1996.

7. Data Mining and Security, Special session at the 1995 IFIP Database Security Conference, Joint article in conference proceedings book chapter published by Chapman and Hall, 1996. (T.Y. Lin, T. Hinke, D. Marks).

8. Interactive Data Mining, Workshop discussion, IEEE Database and Visualization workshop, Atlanta, GA (proceedings published by Springer), 1996.

9. Data and Applications Security, Workshop summary, IFIP 11.3 Book by Kluwer, August 2001.

10. Secure Semantic Web, ICDE Conference Workshop Summary, 2008 (to be published[r9] , co-chair: B. Carminati)

V. MITRE Publications Edited

1. Special Issue Editorial, Edge Data Mining Issue, MITRE, 2000

2. Conferences Co-Chaired: First Applied Database Technology Day, 1994; First Database Vendor Day 1995, Second Applied Database Technology Day, 1995, First Object technology Day, 1996

Section 11: TECHNICAL REPORTS

I. TECHNICAL REPORTS at the University of Texas at Dallas

UTDCS-5-05		Data Mining Techniques for Biometrics Systems		Latifur Khan Bhavani Thuraisingham		2/05
UTDCS-39-05		Uncertainty: An Extra Layer of Security For Unauthorized Traffic Based Web Services		Parag Agarwal B. Prabhakaran Bhavani Thuraisingham		12/05
UTDCS-02-06		Dependable and Secure TMO Scheme		Jung-In Kim Bhavani Thuraisingham		1/06
UTDCS-03-06		Geography Resource Description Framework (GRDF) and Secure GRDF (S-GRDF)		Ashraful Alam Bhavani Thuraisingham		1/06
UTDCS-04-06		An Adaptable Perturbation Model of Privacy Preserving Data Mining		Li Liu Bhavani Thuraisingham Murat Kantarcioglu Latifur Khan		1/06
UTDCS-05-06		Face Recognition Using Various Classifiers: Artificial Neural Network, Linear Discriminant and Principal Component Analysis		Pallabi Parveen Bhavani Thuraisingham		1/06
UTDCS-06-06		Administering The Semantic Web: CPT: Confidentiality, Privacy and Trust Management		Nathalie Tsybulnik Bhavani Thuraisingham		2/06
UTDCS-13-06		On the Complexity of the Privacy Problem in Databases		Bhavani Thuraisingham		3/06
UTDCS-14-06		Inference Control for Document Release and Dissemination		Bhavani Thuraisingham		3/06
UTDCS-15-06		Individually Adaptable Perturbation Model for Privacy Preserving Data Mining		Li Liu Murat Kantarcioglu Bhavani Thuraisingham		3/06
UTDCS-22-06		Design and Implementation of a Secure Social Network System		Ryan Layfield Bhavani Thuraisingham		4/06
UTDCS-27-06		Detecting New Malicious Executables Using Data Mining		Mohammad M. Masud Latifur Khan Bhavani Thuraisingham Mamoun A. Awad		7/06
UTDCS-32-06		Fingerprint Matching Algorithm Based On Tree Comparison Using Ratios of Relational Distances		Abinandhan Chandrasekaran Bhavani Thuraisingham		7/06
UTDCS-39-06		A Scalable Clustering Method Based on Density		Kathryn Bean Sergey Bereg Latifur Khan Bhavani Thuraisingham		9/06
UTDCS-40-06		Detecting Malicious Executables Using Assembly Feature Retrieval		Mohammad M. Masud Latifur Khan Bhavani Thuraisingham		9/06
UTDCS-44-06		Design and Implementation of Policy Enforcement, Data Sharing and Mining Components for Trustworthy Coalitions		Mamoun Awad Dilsad Cavus Latifur Khan Manjunath Reddy Bhavani Thuraisingham		10/06
UTDCS-45-06		Design and Simulation of Agent-based Trust Management Techniques for a Coalition Environment		Srinivasan Iyer Bhavani Thuraisingham		10/06
UTDCS-46-06		Research and Simulation of Game Theoretical Techniques for Data Sharing Among Semi-Trustworthy Partners		Ryan Layfield Murat Kantarcioglu Bhavani Thuraisingham		10/06
UTDCS-47-06		Defensive Information Operations: DETECTING MALICIOUS EXECUTABLES USING ASSEMBLY FEATURE RETRIEVAL in an Untrustworthy Environment		M. Mehedy Masud Latifur Khan Bhavani Thuraisingham		10/06
UTDCS-48-06		Information Operations Across Infospheres: Volume 1		Bhavani Thuraisingham Latifur Khan Murat Kantarcioglu Mamoun Awad Dilsad Cavus Ryan Layfield Mehedy Masud Srinivasan Iyer		10/06
UTDCS-51-06		A Novel Privacy Preserving Decision Tree Algorithm		Li Liu Murat Kantarcioglu Bhavani Thuraisingham		10/06
UTDCS-58-06		Face Segmentation for Privacy Preserving Video Surveillance		Sai Chaitanya Bhavani Thuraisingham		11/06
UTDCS-60-06		A Comparative Study of a Key Agreement Protocol Based on ECC and RSA		Vibha Sethi Bhavani Thuraisingham		11/06
UTDCS-61-06		RFID Technologies and Their Applications		Abinandhan Chandrasekaran Bhavani Thuraisingham		11/06
UTDCS-01-07		An Integrated Platform for Secure Geospatial Information Exchange Through the Semantic Web		Bhavani Thuraisingham Alam Ashraful Ganesh Subbiah Latifur Khan		1/07
UTDCS-02-07		Oracle 10 G XE Tutorial (Product of Oracle Corporation)		Srinivasan Iyer Bhavani Thuraisingham		2/07
UTDCS-03-07		Geospatial Data Mining for National Security: Land Cover Classification And Grouping for Semantic Assessment		Chuanjun Li Latifur Khan M. Husain Bhavani Thuraisingham Shaofei Chen Fang Qiu		3/07
UTDCS-33-07		Security for Enterprise Resource Planning Systems		Wei-She Bhavani Thuraisingham		8/07
UTDCS-34-07		Secure Semantic Web Services		Bhavani Thuraisingham		8/07
UTDCS-35-07		Extended RBAC-Based Design and Implementation for A Secure Data Warehouse		Bhavani Thuraisingham Murat Kantarcioglu Srinivasan Iyer		9/07
UTDCS-39-07		Architecture for a Trusted Computing Base For need-to-share in case of emergencies		Yashaswini Harsha Kumar Bhavani Thuraisingham Latifur Khan		11/07
UTDCS-40-07		Enforcing Honesty in Assured InformationSharing within a Distributed System		Ryan Layfield Murat Kantarcioglu Bhavani Thuraisingham		11/07
UTDCS-41-07		Data Mining for Defensive Operations		Mohammad Masud Latifur Khan Bhavani Thuraisingham		11/07
UTDCS-45-07		Information Operations Across Infospheres: Volume 2		Latifur Khan Bhavani Thuraisingham Murat Kantarcioglu Yashaswini Harsha Kumar Mehedy Masud Ryan Layfield		12/07
UTDCS-01-08		Trusted Computing Base for Assured Information Sharing		Yashaswini Harsha Kumar Bhavani Thuraisingham Latifur Khan		1/08
UTDCS-02-08		Delegation-based Security Model For Web Services		Wei She Bhavani Thuraisingham I-Ling Yen		1/08
UTDCS-05-08		Mining Concept-Drifting Data Stream To Detect Peer to Peer Botnet Traffic		Mohammad M. Masud Jing Gao Latifur Khan Jiawei Han Bhavani Thuraisingham		3/08
UTDCS-13-08		Content-based Ontology Matching for GIS Datasets		Jeffrey L. Partyka Latifur Khan Bhavani Thuraisingham Neda Alipanah Shashi Shekhar		5/08
UTDCS-18-08		Surgical Haptics and Robotics: Influence of Mismatched Haptic and Visual Display Scales		Gregory S. Lee Bhavani Thuraisingham		7/08
UTDCS-20-08		Synthesize Virtual World Motions From 2D Video Recognition		Yohan Jin Myunghoon Suk B. Prabhakaran Bhavani Thuraisingham		7/08
UTDCS-22-08		Content-based Ontology Matching For GIS Datasets		Jeffrey Partyka Neda Alipanah Latifur Khan Bhavani Thuraisingham Shashi Shekhar		7/08
UTDCS-23-08		Secure Haptics and Surgical Robotics: Adaptation to Fitts’ Law Performance Measure for Multi-Target Task Comparisons		Gregory S. Lee Bhavani Thuraisingham		8/08
UTDCS-32-08		A Practical Approach to Classify Evolving Data Streams: Training with Limited Amount of Labeled Data		Mohammad M. Masud Bhavani Thuraisingham Jing Gao Latifur Khan Jiawei Han		10/08
UTDCS-01-09		A Fine Grained Model for Information Flow Control in Web Service Composition		Wei She I-Ling Yen Bhavani Thuraisingham		1/09
UTDCS-03-09		Preventing Private Information Inference Attacks on Social Networks		Raymond Heatherly Murat Kantarcioglu Bhavani Thuraisingham		2/09
UTDCS-40-08		A Framework for the Relational Transformation of RDF Data		Sunitha Ramanujam Anubha Gupta Latifur Khan Steven Seida Bhavani Thuraisingham		12/08
UTDCS-04-01		Building a Temporal Geosocial Semantic Web for Military Stabilization and Reconstruction Operations		Bhavani Thuraisingham Latifur Khan Murat Kantarcioglu		4/09
UTDCS-13-09		Integrating Novel Class Detection with Classification for Concept-Drifting Data Streams		Mohammad M. Masud Jing Gao Latifur Khan Jiawei Han Bhavani Thuraisingham		6/09
UTDCS-25-09		DESIGN and Implementation of Restful Web Services for Blackbook		Pranav Parikh Murat Kantarcioglu Latifur Khan Bhavani Thuraisingham		8/09
UTDCS-36-09		Enhanced Information Flow Control for Service Composition and Its Implementation		Wei She I-Ling Yen Bhavani Thuraisingham Elisa Bertino		09/09
UTDCS-36-09		Enhanced Information Flow Control for Service Composition and Its Implementation		Wei She I-Ling Yen Bhavani Thuraisingham Elisa Bertino		09/09
UTDCS-40-09		Cost-based Query Processing for Large RDF Graph Using Hadoop and MapReduce		Mohammad Husain Pankil Doshi Latifur Khan Syeda A. Rizvi Murat Kantarcioglu Bhavani Thuraisingham		11/09
UTDCS-41-09		Efficient Query Processing for Large RDF Graphs Using Hadoop and MapReduce		Mohammad Husain Pankil Doshi James McGlothlin Latifur Khan Bhavani Thuraisingham Murat Kantarcioglu		11/09
UTDCS-02-10	Security Issues for Cloud Computing		Kevin Hamlen Latifur Khan Murat Kantarcioglu Bhavani Thuraisingham		01/10
UTDCS-04-10		Ranking Entities from Multiple Ontologies to Facilitate Federated Queries		Neda Alipana, Julie Rauer Latifur Khan, Steven B. Seida Bhavani Thuraisingham		02/10
UTDCS-02-10		Semantic Web Implementation Scheme for National Vulnerability Common Platform Enumeration Data)		Vaiphav Khadlikar Jyothsna Rachapalli Bhavani Thuraisingham		01/10

UTDCS-03-10

Securing the Execution Environment

Elisa Bertino, Gabriel Ghinita , Kevin Hamlen, Murat Kantarcioglu, Hsien-Hsin S. Lee, Ninghui Li

Calton Pu, Ravi Sandhu, Waleed Smari, Bhavani Thuraisingham

Gene Tsudik, Dongyan Xu

Shouhuai Xu

03/10

II. Technical Reports at MITRE

1. Security Issues in Distributed Database Management Systems, September 1989, Technical Report,M89-52, Vol. 1.

2. Research Directions in Distributed Database Management Systems, September 1989, Technical Report, M89-52, Vol. 2).

3. The Inference Problem in Database Security, September 1989, Technical Report, M89-52, Vol. 3.

4. Directions for Future Research and Development in Trusted Distributed Database Management Systems, September 1989, Technical Report, M89-52, Vol. 4,

5. Recursion Theoretic Properties of the Inference Problem in Database Security, May 1990, Technical Report, MTP-291, (From Report No. 190).

6. Secure Query Processing in Trusted Database Management Systems - Design and Performance Studies, May 1990, Technical Report, MTP-292, (From Report No. 189).

7. Mathematical Formalisms for Multilevel Object-Oriented Systems, June 1990, Technical Report, MTP-291.

8. Multilevel Security Issues in Distributed Database Management Systems, July 1990, Technical Report, MTP-297, (From Reports No. 188, No. 189).

9. Handling Association Constraints in Multilevel Databases, July 1990, Technical Report, WP-28904.

10. A Nonmonotonic Typed Multilevel Logic for Formalizing Multilevel Database Systems, June 1990, Technical Report, MTR-10935.

11. Secure Distributed Query Processing Strategies, June 1990, Technical Report, WP 28891, (co-authors: H. Rubinovitz and M. Collins)

12. The Use of Conceptual Structures in Handling the Inference Problem in Database Security, August 1990, Technical Report, M90-55. Database Inference Controller - An Overview, Technical Report, August 1990, MTR‑10963, (co-authors: W. Ford, J. O'Keeffe).

13. Secure Distributed Query Processor - An Overview, August 1990, Technical Report, MTR-10969, Volume 1 (coauthor: H. Rubinovitz) (also published as RADC Technical Report).

14. Issues on Developing a Multilevel Secure Object-Oriented Data Model, Technical Report, MTP 384, December 1990.

15. Security Issues for Federated Database Systems to Manage Distributed, Heterogeneous, and Autonomous Multilevel Databases, Technical Report, M91-78, November 1991.

16. Enhancements to the Secure Distributed Query Processor Prototype to function in a Limited Heterogeneous Environment, Technical Report, M91-86, December 1991.

17. Security Constraint Processing in a Multilevel Secure Distributed Environment, Technical Report, MTR 11239, April 1992 (co-author: W. Ford).

18. Simulation of Query Processing and Concurrency Control Algorithms for a Trusted Distributed Database Management System, June 1992, MTR92B0000077.

19. COMPUSEC Training Course: Database Security and Issues, Technical Report, M92B0000102, Vol. 8, September 1992. (Based on half a day course given to AFCSC - see publication #270).

20. Concurrency Control in Trusted Database Management Systems, Technical Report, M92B0000109, September 1992 (co-author: Hai-Ping Ko).

21. Design and Implementation of a Distributed Database Inference Controller - I, Technical Report, MTR92B0000168, December 1992 (co-authors: Harvey Rubinovitz, D. Foti).

22. Multilevel Security for Object-Oriented Database Management Systems, Technical Report WP92B0000375, February 1993 (co-authors: A. Rosenthal, W. Herndon, R. Graubart).

23. Selected Research Topics on the Inference Problem, M93B0000024, Technical Report, March 1993.

24. A Framework for Specifying MLSDB Requirements, MTR 93B0000089, Technical Report, June 1993 (co-authors: L. Monk and M. Nadel).

25. A Seminar on Object-Oriented Database Management Systems, Technical Report M93B0000175, December 1993.

26. A Seminar on Distributed and Heterogeneous Database Systems,Technical Report M93B0000176, December 1993.

27. Applying OMT for Designing Multilevel Database Applications, Technical Report, M93B0000180, December 1993, (co-authors: P. Sell and D. Marks).

28. Design and Implementation of a Distributed Database Inference Controller - II, Technical Report, MTR94B0000057, June 1994 (co-authors: Harvey Rubinovitz, M. Collins).

29. A Seminar on Real-time Database Management Systems, Technical Report, MP 94B 0000124 July 1994.

30. Evolvable Systems Initiative for Real-time C3: Infrastructure Requirements: MTR 94B0000116, (co-authors: E. Bensley et al), September 1994 (Unclassified, NOFORN).

31. Design and Implementation of an Active Real-time Database System, MP 94B 0000167, December 1994 (co-authors: G. Gengo and A. Schafer).

32. Massive Digital Data Systems Issues MP 94B0000169, September 1994, (co-authors: H. Bayard, B. Lavender, M. Zemankova).

33. Directions for Data Management Technology Research at MITRE, MP 95B0000112, March 1995, (co-authors: B. Blaustein, L. Seligman, and A. Rosenthal).

34. Final report on the Inference Problem ,Technical Report June 1995 (co-authors: M. Collins, H. Rubinovitz).

35. Program Plan for the Massive Digital Data Systems Initiative, Technical Report, May 1995.

36. Toward Developing a Testbed for MDDS, Technical Report, September 1995.

37. Plan for ORD Laboratory, Technical Report, September 1995 (co-author: C. Clifton et al.).

38. Secure Client Server Computing, Working Note, MITRE, June 1995 (co-author: B. Kahn).

39. Evolvable Systems Initiative for Real-time C3: Design and Implementation of the Infrastructure, Data Management, and Application, Technical Report (co-authors: E. Bensley et al), September 1995.

40. Evolvable Systems Initiative for Real-time C3: Integration of the Infrastructure, Data Manager, and Tracker Technical Report (co-authors: M. Gates et al), September 1996.

41. Evolvable Interoperable Information Systems Initiative at MITRE, Technical Report, September 1996 (co-authors: P. Chase et al).

42. Evolvable Interoperable Information Systems Initiative at MITRE: Final report, Technical Report, September 1997 (co-authors: P. Chase et al).

43. Adaptable real-time CORBA, Technical report, Volume 1 September 1997 (co-author: R. Ginis, et al).

44. Adaptable Real-time CORBA, Technical report, Volume 1I September 1998 (co-author: S. Wohlever et al).

45. MDDS, Volume 1, Program Overview, MITRE Report May 1998.

46. MDDS, Volume 2, Technology Overview, MITRE Report. June 1998.

47. MDDS, Volume 3, Data Mining, MITRE Report July 1998.

48. MDDS, Volume 4, Multimedia Databases, MITRE Report, August 1998.

49. MDDS, Volume 5, Web Technologies, MITRE Report September 1998.

50. MDDS: Interviews, Concept of Operation, Scenarios and Technologies, MITRE Report, 1999.

51. Adaptable Real-time Object Request Brokers, Volume 3, MITRE tech Report, September 1999 (co-author: S. Wohlever et al)

52. Inference Problem, MITRE technical Report, 1999. (coauthor: H. Rubinovitz)

IV. Other Significant Technical Reports

1. Multilevel Security for Database Management Systems, October 1986, Technical Report, Honeywell Computer Sciences Center, Minneapolis, MN, (co-authors: P. Dwyer, G. Jelatis).

2. Security Policy for LDV, 1989, Technical Report, Honeywell Secure Computing Technology Center, Minneapolis, MN, (co-authors: E. Boebert, B. Dillaway, P. Dwyer, T. Haigh) (also published as RADC Technical report).

3. Implementation Specifications for LDV, 1989, Technical Report, Honeywell Secure Computing Technology Center, Minneapolis, MN, (co-authors: P. Dwyer, T. Haigh, E. Onuegbe, P. Stachour) (also published as RADC Technical report).

4. Deficiencies Analysis for LDV, 1989, Technical Report, Honeywell Secure Computing Technology Center, Minneapolis, MN, (co-authors: R. O'Brien, T. Haigh, J. Payne, P. Stachour, D. Toups).

5. Optimal Placement of Recovery Points in Distributed Environments, 1986,Technical Report TR86-43, University of Minnesota, Minneapolis, MN, (co-authors: S. Chen, W. Tsai).

6. On the Optimal AT and RP Assignment, 1987, Technical Report TR86-47, University of Minnesota, Minneapolis, MN, (co-authors: W. Tsai, et al.).

7. Secure Query Processing Using AI Techniques, 1987, Technical Report TR87-37, Department of Computer Science, University of Minnesota, Minneapolis, MN, (co-authors: W. T. Tsai, T. Keefe).

8. Multilevel Security in Object-Oriented Systems, January 1988, Technical Report TR88-8, University of Minnesota, Minneapolis, MN, (co-authors: T. Keefe, W. T. Tsai).

9. Artificial Intelligence Applications in Database Security, 1988, Technical Report TR88-31, University of Minnesota, Minneapolis, MN, (co-authors: W. T. Tsai, T. Keefe, D. Thomsen).

10. SODA - A Secure Object-Oriented Database System, 1989, Technical Report, University of Minnesota, Minneapolis, MN, (co-authors: W. T. Tsai, T. Keefe).

11. Real-time Method Invocations in Distributed Environments, TR95-244, January 1996 (co-author: V. Fay. Wolfe et al).

12. Real-time CORBA Development at MITRE, NRad, TriPacific and URI, TR99-272, December 1997 (co-author: G. Cooper et al).

13. Scheduling and Priority Mapping for Static Real-Time Middleware, TR98-261, September 1998 (co-authors: L. DiPippo et al).

14. Concurrency Control in Real-time Object-Oriented Systems: The Affected Set Priority Ceiling Protocols, TR98-262 (co-author: M. Squadrito et al); April 1998.

15. Towards a Real-time Agent Architecture – A White Paper, TR99-273, November 1999 (co-author: L. DiPippo et al).

16. Real-time CORBA, University of Rhode Island, TR00-276 (V. Wolfe et al), October 2000.

17. C2 Database Migration, AF Summer Study Report, 2001 (Vice Chair of Panel; co-author: J. Hendler et al)) .

18. Knowledge Management, MIT Sloan School Working Paper, 2002. (co-author : A. Gupta et al)

19. XML Security, MIT Sloan School Working Paper, 2002, (co-author: A. Gupta et al)

Section 12: PRESENTATIONS

(Keynote addresses, panels, etc.)

I. KEYNOTE/FEATURED PRESENTATIONS

1. Interoperability of Heterogeneous Database Systems: Developments and Challenges, keynote address given at the Plenary session at the AFCEA Database Colloquium, San Diego, CA, August 29, 1994 (followed keynote presentation by General Edmonds, Director DISA - abstract published in proceedings).

2. Application of Object Technology in Data Management: keynote address given at the Plenary session at the AFCEA Database Colloquium, San Diego, CA, August 28, 1995 (following keynote presentation by Ms Diane McCoy, Deputy Director, DISA - abstract published in proceedings).

3. Application of Object Technology in Data Management, version also given at FEDOOTS, Washington D.C., October 1995. (abstract, charts in proceedings).

4. Data Warehousing, Data Mining, and Security, keynote address given at the 10th IFIP 11.3 Database Security Conference, Como, Italy, July 1996. (Paper in Chapman and Hall book 1997).

5. Data Warehousing, Data Mining, and Security, also keynote address at PAKDD Data Mining Conference, Australia, April 1998.

6. Data Warehousing, Data Mining, and Security, featured address at WITI (Women in Technology International), Carey, North Carolina, September 1999.

7. Implementing Real-time Object-Oriented Applications, featured presentation at Object World East, Hynes Convention Center, Boston, MA, May 1996.

8. Implementing Real-time Object-Oriented Applications, Object World West, San Jose, CA, August 1996 (briefing in proceedings).

9. Implementing Real-time Object-Oriented Applications, Object World East March 1997.

10. Implementing Real-time Object-Oriented Applications, Object World West July 1997 (charts in proceedings).

11. Data Mining and Data Warehousing: Developments and Challenge,; keynote address given at AFCEA DOD Database Colloquium, San Diego, CA, August 27, 1996 (abstract in proceedings);

12. Data Mining and Data Warehousing: Developments and Challenges featured address at IEEE Engineering Solutions: From Desktop to Internet Conference and Exposition, Hynes Convention Center, Boston, September 1996, (charts in proceedings).

13. Data Mining Developments and Challenges; keynote address at ACM SAC Conference, February 1997.

14. Data Mining Developments and Challenges, also keynote address at IEEE Artificial Neural Networks, 1999.

15. Data Mining Developments and Challenges, featured address at the Data Warehousing and Year 2000 Symposium, November 1999.

16. Data Mining Developments and Challenges, June 1997; (charts in proceedings).

17. Data Management Systems Evolution and Interoperation, featured address at 1997 DoD Database Colloquium, September 1997. (based on book by CRC Press, 1997).

18. Web Database Management, featured address at 1998 DoD Database Colloquium, September 1998 (abstract in proceedings).

19. Evolvable Interoperable Real-time Command and Control Systems, featured address at 1999, DoD Database Colloquium, September 1999 (following keynote address by Dr. Marv Langston), (abstract in proceedings).

20. Multimedia Data Management and Mining: SAS Institute Conference, keynote address, 1999 (preceded keynote by Dr. Jim Goodnight).

21. Multimedia Data Management and Mining also keynote at IEEE ICTAI, 1999; also IASTED AI Conference, February 2002 ) (presentation in proceedings).

22. Data Management for the 21^st Century, AFCEA Database Colloquium, 2000 (abstract in proceedings, enhanced paper presented at another conference).

23. Data Management for Biotechnology Applications, AFCEA Database Colloquium, August 2001 (abstract in proceedings).

24. Secure Semantic Web, keynote address at IEEE SRDS Conference Workshop on Data Warehouse and Security; New Orleans, October 2001 .

25. Secure Semantic Web, also version presented at NSF/EU workshop on semantic web.).

26. Data Quality: Developments and Directions, IFIP 11.5 Conference, Brussels, November 2001 (paper in Kluwer Book).

27. XML security (with E. Bertino et al) NSF PI Conference keynote, April 2001, Fort Worth.

28. Semantic Web and Dependable Computing, WORDS 2002, San Diego. (paper in proceedings).

29. Data Mining for National Security and Counter-terrorism, keynote address at the White House, Office of Science and Technology Policy, February 2002.

30. Data Mining for National Security and Counter terrorism, also luncheon address at IEEE COMPSAC Conference, Oxford University, August 2002;

31. Data Mining for National Security and Counter-terrorism, also featured address at United Nations, September 2002.

32. Web Data Mining and Applications in Counter-terrorism; kKeynote address at SIAM Data Mining Conference Workshop on Web Mining, April 2002.

33. Web Data Mining and Applications in Counter-terrorism, also kKeynote address at IEEE ICTAI 2002.

34. Sensor Web and Sensor Data Management, ISE2002 Keynote address, San Diego, July 2002. (Received SCSC award for this keynote, abstract in proceedings).

35. Federated Databases for Bioinformatics, 4^th Annual Bioinformatics Conference, September 2002.

36. Security for Multimedia Database Management, IEEE Multimedia Conference, December 2002 (a version given as keynote address at Distributed Multimedia Conference, Miami, Florida, September 2003).

37. Secure Semantic Web, XML Security and Privacy, keynote, address at Conference on Applied Informatics, February 2003. Innsbruck, Austria.

38. Secure Semantic Web, XML Security and Privacy, also featured address at Knowledge Management Conference, Washington DC, March 2003.

39. Secure Semantic Web, XML Security and Privacy keynote address at ICCS Las Vegas, April 2003.

40. Dependable Sensor Information Management, featured address IEEE WORDS, October 2003, Capri Island, Italy.

41. Data Mining and Cyber Security, keynote address at Quality Software Conference, Dallas Texas, November 2003. (abstract in proceedings).

42. Data Mining and Cyber Security, version also given as keynote at 3^rd Applied Technology Conference, University of Arkansas, Little Rock, February 2004.

43. Data Mining for Biometrics, featured address at Society for Women Engineers Conference, Baltimore, MD, March 2004.

44. Security and Privacy for Web Databases and Services, keynote address, EDBT Conference, Crete, March 2004 (complete paper in EDBT Proceedings Springer, coauthor: E. Ferrari).

45. Access Control in Databases: Developments and Directions, keynote address at ACM SACMAT, New York, June 2004.

46. Secure Knowledge Management, NSF Workshop on Secure Knowledge Management, SUNY Buffalo, September 2004.

47. Data Mining for Security Applications, keynote address, International Conference on Machine Learning, Louisville, Kentucky, December 2004.

48. Sensor Information Management, featured address, MITRE Community Workshop, Tyson’s Corner, October 2005.

49. Voice Over IP Security, IASTED Conference on Communications, Phoenix, AZ, November 2005.

50. Data Mining for Counter-terrorism Applications, featured address, SAS Data Mining Conference, Las Vegas, October 2005.

51. Data Mining for Malicious Code Detection, keynote address, ASTRNET Workshop, Kings College, London, April 2006.

52. Data Mining for National Security Applications, keynote address, Pacific Asia Data Mining Conference Workshop, Singapore, April 2006 (Proceedings abstract).

53. Data Mining for Surveillance Applications, featured address, Pacific Asia Data Mining Conference, Singapore, April 2006 (Proceedings abstract).

54. Identity Management and RFID Technologies, keynote address, Identity Solutions Conference, Jonesboro, Arkansas, February 2007.

55. Data Mining for Cyber Security Applications, ARES Conference, Vienna Austria, April 2007.

56. CPT for the Semantic Web, IEEE Policy 2007, Bologna, Italy, June 2007. (Proceedings Paper).

57. Multimedia Systems Security, ACM Multimedia Systems Security Workshop, Dallas, TX, September 2007. (Proceedings abstract).

58. Privacy Preserving Data Mining, ICDM Workshop, Nebraska, October 2007.

59. Information Security, Primacy and Governance for Assured Information Sharing, featured address, ISIG 1^st International Conference on Global Information Governance, Pisa Italy, March 2008.

60. Data Mining for Cyber Security Applications, Invited Plenary Talk, Cyber Security Symposium, Arizona State U, April 2008.

61. Data Analytics for Security Applications, Intelligence and Security Informatics, Taipei, 2008.

62. Confidentiality, Privacy and Trust for Data Mining, ACM KDD Workshop on Privacy and Data Mining, Proceedings published by Springer Verlag, August 2008, Las Vegas.

63. Data Mining for Malicious Code Detection and Security Applications, TRUST 2008, Shanghai, December 2008.

64. Building Trustworthy Semantic Webs, TSP 2008, Shanghai, December 2008.

65. Data Mining for Security Applications, Cyber Security Symposium, Arizona State University, April 2008.

66. Assured Information Sharing, ASIA-CCS, March 2009 (Leading Conference).

67. Assured Information Sharing for Trustworthy, Untrustworthy and Semi-trustworthy Partners, DoE Cyber Security Conference, Knoxville, April 2009.

68. Geosocial Semantic Web for Military Stabilization and Reconstruction, Pacific Asia Intelligence and Security Informatics, April 2009.

69. Secure Systems Engineering, IEEE Reliability Symposium, Shanghai, July 2009.

70. Data Mining for Security Applications, WI/IAT Conference., Milan, September 2009.

71. Trustworthy Semantic Webs, IEEE Conference on Information Reuse and Integration, August 2009.

72. Data Security and Integrity: Developments and Directions, SIGKDD workshop on Intelligence and Security Informatics, Paris France, June 2009.

73. Building a Geospatial Semantic Web, The 4th International Conference on Frontier of Computer Science and Technology, Shanghai, December 2009.

74. Data Analytics for Security Applications, Luncheon Keynote Address, Invited by MetCon, Septemebr 30, 2010, Arlington, TX.

II. PANEL PAPERS AND PRESENTATIONS

(some presentations published as proceeding papers)

1. Inference Problem in Database Security, Panel Presentation at the 1st RADC Database Security Workshop, 1988 (Chair: M. Morgenstern). Proceedings paper published by Springer Verlag, 1992. (Ed: T. Lunt).

2. Issues in Trusted Distributed Database Management Systems - A Position Paper, October 1990, Proceedings of the 13th National Computer Security Conference, Washington D.C. (Chair: J. Campbell).

3. Issues in Multilevel Secure Object-Oriented Database Management Systems - A Position Paper, October 1990, Proceedings of the 13th National Computer Security Conference, Washington, D.C. (Chair: R. Sandhu).

4. Database Security - Threats, Solutions, Designs and Products, February 1990, Panel presentation at the 6th International Data Engineering Conference, Los Angeles, CA. (Chair: I. Kameny).

5. Recent Developments in Some Trusted Database Management Systems, October 1991, Proceedings of the 14th National Computer Security Conference, Washington D.C. (Chair: J. Campbell).

6. Approaches to Handling the Inference Problem, October 1991, Proceedings of the 14th National Computer Security Conference, Washington D.C. (Chair: T. Lunt).

7. Security Issues for Federated Database Systems, Presented at the 5th IFIP WG 11.3 Conference on Database Security, November 1991. (Chair: M. Morgenstern, Proceedings by North Holland, 1992).

8. Security Issues for Heterogeneous Database Systems, Presented at the 11th Phoenix IEEE International Conference on Computers and Communications, April 1992. (Chair: O. Sheng).

9. Secure Distributed Database Management Systems, Presented at the 6th IFIP WG 11.3 Conference on Database Security, Vancouver, B.C., August 1992. (Chair: C. McCollum).

10. Approaches to Designing Trusted DBMSs, Presented at the 18th International Conference on Very Large Databases (VLDB), Vancouver, British Columbia, August 1992. (Chair: M. Morgenstern).

11. Object-oriented Approach to the Interoperability of Trusted Database Management Systems, September 1993, Proceedings of the 16th National Computer Security Conference, (Chair: J. Williams).

12. Integrating Object-oriented and Security Technologies, Panel Chair, OOPSLA 93 Conference, Washington D.C. September 1993 (OOPSLA 93 Conference Proceedings).

13. Realtime Systems: From Research to Technology to Applications, 2nd IEEE Real-time Systems Applications Workshop, Calverton, MD, July 1994 (Chair: Bob Harrison).

14. Inference Problem, Panel Chair, 17th NCSC Conference, Baltimore, October 1994 (paper published in the Proceedings).

15. Real-time and CORBA, Object World West, San Francisco, August 1995 (chair: F. Kuhl - presentation in proceedings), also versions at panels at IEEE Workshop on Object-Oriented Real-time Systems February 1996 (chair R. Soley).

16. Distributed Systems Standards, IEEE Distributed Systems Conference, Hong Kong, May 1996, panel paper (chair: R. Soley).

17. Standards for ADADS, Panel at IEEE ISADS 1997, Berlin (Chair, K. Kim, Paper in Proceedings) .

18. Data Warehousing, Data Mining Overview and Security, Panels at National Computer Systems Security Conference, Baltimore, MD October 1996 (chairs: J. Campbell, J. Davis).

19. Data Mining, Data Warehousing, and Security, Panel discussion, Proceedings IFIP Database Security Workshop, 1997 (Chapman and Hall, 1998) (chair).

20. Data Mining of Text and Images, Panel at MIT Media Lab Forum October 1997 (chair: N. Adam).

21. Web Data Mining, inaugural panel at IEEE ICTAI 97 panel, November 1997 (chairs: Wei Syan Li, J. Srivastava).

22. Multimedia Data Mining, AFCEA Technet Panel, June 1997, (chair: T. Nyland), also version at AFCEA Data Mining Symposium Panel, December 1997.

23. CIO Conference on Object Security, FEDOOTS 1997 (chair).

24. Privacy for Data Mining and Web, Panel discussion, proceedings IFIP Database Security Conference, 1998 (Book chapter by Kluwer) (chair).

25. Web and Data Security, Panels at IEEE COMPSAC 1998 (Proceedings), and IEEE Data Engineering March 1999.

26. Migrating Legacy Databases, Proceedings IEEE Data Engineering Conference, 1998 (chair) (proceedings).

27. Directions for Software Technology, IEEE COMPSAC Distinguished panel, 1998 (chair: S. Yau).

28. Ecommerce Directions, IEEE KDEX 1998, Taiwan (Chair: J. Tsai).

29. Future Research in Multimedia Database Semantics, IFIP 2.6 panel discussion, New Zealand, January 1999 (chair).

30. Open ADADS Systems, IEEE ISADS, Tokyo, March 1999 (Proceedings).

31. Web and Network Security Panel, IEEE COMPSAC October 2000; IEEE ISADS March 2001 (chair).

32. Real-time Software Engineering, ASSET, Dallas, March 2000 (chair: I. Yen).

33. Data Mining, Protecting Children from Inappropriate Content on Wweb, National Academy of Sciences, July 2000. (Chair: R. Thornburgh, Former US Attorney General).

34. Data Fusion for Counter-terrorism, National Academy of Sciences, June 2002 (Chair: G. Strong).

35. Data Security Directions, Panel Chair, IFIP 11.3 Amsterdam, August 2000 (Chair, Proceedings Kluwer 2001).

36. Directions for ISADS, Distinguished panel, IEEE ISADS March 2001 (chair: S. Yau).

37. Secure Semantic Web , Future Distributed Computing Panel, (Chair: S. Yau, IEEE FTDCS, November 2001.

38. Data Integrity, IICIS Panel, November 2001 (Chair: L. Straus, Proceedings Lower, 2002).

39. XML SecurityPpanel, IFIP 11.3 July 2001 (Chair: S. Osborne, Proceedings, Lower, 2002).

40. Web Mining/Security Panel, April 2002 (SIAM Data Mining Conference).

41. Data Engineering Directions, IEEE Data Engineering Plenary Panel, March 2002.

42. Database Technologies, Security and Privacy Stanford University Database workshop, March 2002 (chair: J. Ullman).

43. Privacy, IFIP Data and Applications Conference, July 2002, Cambridge, UK, (Book chapter 2003, chair: P. Samarati).

44. Cyber Security and Terrorism, Panel at the United Nations Conference on Cyber Security (Chair: M. Lacey), New York, September 2002.

45. ADADS for National Security, Panel Paper, published Proceedings IEEE ISADS 2003 (Chair: L. Cordell; did not attend conference due to another commitment at NSF).

46. CRA-W Panel on Writing Career Proposals, CRA-W Workshop, San Diego, CA June 2003.

47. Privacy and Data Mining: Friends or Foes? KDD Panel, Washington DC, August 2003 (chair: R. Agrawal).

48. Future of XML Databases, Panel at XML Data Workshop at EDBT, March 2004 (chair: M. Mastitis, position paper in Springer).

49. Databases for Virtual Organizations, Panel at DIVO Workshop, ACM SIGMOD Conference, Paris, June 2004.

50. Secure Web Services, Panel at IEEE Web Services Conference. San Diego, CA, July 2004.

51. Database Security for Homeland Security, IFIP Database Security Conference, July 2004

52. Women and Cyber Security, Secure Knowledge Management Workshop, September 2004.

53. Sensor Information Management, MITRE Community Workshop, Mclean, VA, October 2005.

54. Data Mining for Cyber Security, Collin County Security Conference, April 2006.

55. Data Mining for Security Applications, Plenary Panel, Information and Security Informatics, San Diego, CA, May 2006.

56. Directions in Access Control, ACM SACMAT, 2006 (chair: R. Sandhu).

57. Security Engineering Education, Panel at IEEE COMPSAC Conference on Software Engineering Education, September 2006 (chair: D. Simmons).

58. Geospatial Semantic Web and Interoperability, OGC Interoperability Day, October 2006.

59. Information Security, DFW Chamber of Commerce, Dallas TX March 2007.

60. Assured Information Sharing, ACM SACMAT June 2007 (Chair).

61. Information Security Education, Software Engineering and Computer Science, Dallas, TX August 2007.

62. Directions for Cyber Security, Panel at Cyber Security Symposium, Arizona State U, April 2008 (chair: S. Yau).

63. Secure Distributed Systems, Panel IFIP Data Security Conference, July 2008, London (Proceedings) (chair: S. Barker).

64. Directions for Sensor and Pervasive Applications, TRUST 2008, Shanghai, December 2008 (chair: S. Yau).

65. Women in Cyber Security, Secure Knowledge Management Conference, Dallas, TX, November 2008 (Chair).

66. Data Security for Outsourcing, DFW Outsourcing Association, January 2009, Chair: Attorney Mr. Peter Vogel).

67. Intelligence and Security Informatics, ISI 2009, Dallas (Panel Chair)

68. Riend van der Riet Panel on Data and Applications Security, IFIP Data and Applications Security Conference, Montreal 2009 (Panel Chair).

69. Challenges of Effective Applications of Cloud Computing, The 4th International Conference on Frontier of Computer Science and Technology, Shanghai, December 2009 (Chair: S. Yau).

III. CONFERENCE/WORKSHOP PRESENTATIONS (Informal or no Proceedings)

Data and Applications Security

1. Mathematical Formalisms for Multilevel Object-Oriented Systems, April 1990, Presented at the Workshop on Object-Oriented Database Security, Karlshrue, West Germany.

2. Neural Network Applications in Intrusion Detection, paper distributed and presented at the 7th Intrusion Detection Workshop, Menlo Park, CA, May 1991 (co-author: W. Ford).

3. Secure Interoperability of Trusted Database Management Systems, Technical paper presented at the ACM Workshop on Data Management Security and Privacy Standards, San Antonio, TX, December 1991 (Held in conjunction with the 7th IEEE Computer Security Applications Conference).

4. Object-oriented Approach to Interconnecting Trusted Database Management Systems, Technical paper presented at the ACM Workshop on Data Management Security and Privacy Standards, San Antonio, TX, December 1992 (Held in conjunction with the 8th IEEE Computer Security Applications Conference) (co-author: H. Rubinovitz).

5. Fuzzy Logic and Multilevel Databases, Presented at the 1st Boston Area Fuzzy Logic Workshop, February 1993.

6. Towards a Global Multilevel Data Model in a Secure Heterogeneous Database System, Presented at the TIMS/ORSA Conference, October 1993. (abstract in proceedings)

7. Security and Integrity Constraint Processing in a Multilevel Secure Distributed Environment, Information Security for the 90s, AFCEA Conference, Ft. Monmouth, NJ, May 1993 (coauthors: A. Abreu, H. Rubinovitz, M. Collins).

8. Technologies and Security Issues for the Semantic Web, Data and Knowledge Engineering Workshop, Sonoma, May 2002.

9. Geospatial RDF and Secure GRDF, presented at the Geospatial SemanticWweb workshop at Semantic Web Symposium, November 2006, Athens, GA. (A. Ashraful).

10. Building Trustworthy Geospatial Semantic Web, Geospatial Technologies in Homeland Security Conference, College Station, TX. November 2006.

11. Sensor and Geospatial Data Management for Border Patrol and Crime Analysis, MITRE Sensor Community Workshop, Poster Presentation, May 2007 (coauthors: A. Ashraful, S. Shekar, K. Lhan, G. Subbiah).

12. Data Mining, Security and Privacy, Position Paper, NSF Workshop., September 2007.

13. Security and Ontologies, Microsoft Workshop on Semantic Technologies, June 2007 (coauthor: K. Hamlen).

14. Geospatial Data Mining for Crime Analysis, Next Generation Data Mining Conference, Baltimore, MD, October 2007 (coauthor: S. Shekhar et al).

Distributed Systems Management/AI Applications/Real-time Processing

15. Transaction Management for Real-time Command and Control Systems, Paper distributed and Presented at ATMA '96, Goa, India, September 1996 (coauthor: P. Krupp, et al).

16. RT-OMT: An Object-Oriented Design and Analysis Methodology for Real-time Database Systems Applications, Proceedings of the OOPSLA 94 Conference Workshop on Object-Oriented Real-time Systems Analysis (co-author: A. Schafer, Portland, OR. October 1994 ).

17. Adaptable Realtime Command and Control Systems, Work in Progress Session, RTSS, 1998 (coauthor: S. Wohlever et al; paper in Workshop report proceedings).

IV. Significant External technology Exchange Meetings and Presentations

1. Algorithmic Information Theory, University of Minnesota, Seminar Series, February 1982.

2. LDV: Design of a Secure Database System, RADC Technology Exchange, December 1987.

3. Trusted Database Management Systems: Where are we? Where should we go, Technology Exchange SPAWAR February 1991 (Washington D.C.), and NSA March 1991 (Ft. Meade, MD).

4. Multilevel Security for Multimedia Systems, Technology Exchange SPAWAR, February 1991, (Washington, D.C.) (co-presenters: H. Rubinovitz and M. Collins).

5. Towards Developing SDDT: A Secure Distributed Database Testbed System, Presented at the Rome Laboratory Technology Exchange Meeting, November 1991, Rome, NY.

6. Inference Problem in Secure Databases, University of Connecticut, April 1992.

7. Multilevel Security Impact on Database Management Systems Interface Standards, Presented to the Next Generation Computer Systems Database Management Systems Interface Standards Working Group, June 1992 (co-presenter: A. Carengelo), Newport, RI.

8. Approaches to Designing Secure Database Systems, NGCR (Navy Next Generation Computing Resources) Meeting, August 1992 (San Diego, CA).

9. Towards a Multilevel Data Model, NGCR (Navy Next Generation Computing Resources) Meeting, October 1992 (Orlando, FL).

10. Presentations on Multilevel Security for Object-Oriented Database Systems; Security and Integrity Constraint Processing in a Multilevel Secure Distributed Environment ; Applying OMT for Multilevel Database Application Design ; NSA Technology Exchange Conference, July 27, 1993, Ft. Meade, MD (Proceedings). (coauthors: H. Rubinovitz, M. Collins, L. Binns, P. Sell).

11. Transaction Processing for MDDS: Developments and Directions; Massive Digital Data Systems Workshop (Community Management Staff), February 1 and 2, 1994, Reston, VA.

12. RT-OMT: A Realtime Object Modeling Technique for Designing Real-time Database Applications, Presented to the Next Generation Computer Systems Database Management Systems Interface Standards Working Group, April 1994, Alexandria, VA. (also presented to OMG in Helsinki, July 1998) .

13. Real-time Processing and CORBA, Presented at the Next Generation Computer Systems, Database Management Systems Interface Standards Working Group, June 1994, Newport, RI; a version given as a guest presentation at the Department of the Navy NRaD's Distributed Systems Technology Conference, March 1995.

14. Evolvable Real-time C3 Systems Initiative, Navy SPAWAR August 1994 San Diego, Rome Laboratory Technology Exchange Meeting, October 1994, Rome, N.Y; NGCR Meeting, Salt Lake City, November 1994; enhanced versions at Ministry of Defense Australia 1996, INRIA Sophia Antipolis, November 1996; University of Kyoto, April 1997, EPFL Lausanne, May 1998, National University of Singapore, May 1999.

15. Massive Digital Data Systems, Rome Lab Workshop Boston October 1995, INRIA Paris November 1996, NEC Research Labs San Jose, April 1997, HPCC Maui May 1998, Univ. of RI June 1996, National Univ. of Singapore August 1997, Tokyo Institute of Technology May 1999, Hiroshima University, April 1998.

16. Real-time Database Management: IEEE Computer Society, Special Presentation Boston Chapter January 1996, version also given in Madrid, Spain at OMG Meeting, July 1996.

17. Internet Database Management, OMG Meeting, Internet SIG, June 1996, Washington D.C.

18. Data Warehousing, Data Mining and Security (version of IFIP 1996 keynote) Seminars at IBM Zurich and Univ. of Zurich 1996.

19. Object Technology for C4I Applications, Kickoff Presentation at OMG Meeting C4I Founding Working Group, June 1996.

20. Real-time Object Modeling, OMG Meeting, Helsinki, July 1998.

21. Data Mining, University of Cambridge, 1999, University of Stockholm 1999, IEEE Lecture at MIT 2000, University of Wales, 2001.

22. Directions for Securing Semantic Web Technologies, NSF-EU Workshop on Semantic Web, October 2001. Also version presented at NSF Amicalola workshop on Semantic Web, March 2002.

23. Research Directions in Data Management, NSF EPSCOR Conference, University of Arkansas (Little Rock, November 2001), Louisiana State University (Baton Rouge, April 2002).

24. Seminars on Data and Applications Security and XML Security Wright State University February 2003,

University of Illinois Urbana Champagne, April 2003, George Mason University, April 2003; University of Texas at Dallas, November 2003; University of Minnesota, December 2003.

25. Directions for Research in Data and Applications Security and CyberTrust, New England Database Meeting, September 2003.

26. Data and Applications Security and Discovery Informatics, Seminar series kickoff presentation, Johns Hopkins University, October 2003.

27. Computer and Information Science at NSF, NSF EPSCOR Conference, University of Oklahoma, January 2004.

28. Third Party Publications of XML Documents, Seminar series, Ohio State Univ. January 2004, University of California at Riverside, January 2004, Penn State University, April 2004, The MITRE Corporation, March 2005.

29. Data Mining for Security Applications, Plano Security Symposium, April 2005.

30. Data Mining for Counter-terrorism, IEEE Dallas Chapter Presentation, February 2005.

31. Data Mining for Cyber Security, ACM Dallas Chapter Presentation, April 2005.

32. Data Mining, Security and Civil Liberties, presentation to National White Collar Crime Center, June 2005.

33. Confidentiality, Privacy and Trust for the Semantic Web, The MITRE Corporation, November 2005.

34. Data Security Research at UTD, Raytheon Corporation, January 2006.

35. Data Mining for Security and Counter-terrorism, CIA Seminar Series, May 2006 (CIA Headquarters).

36. Information Operations: Assured Information Sharing, AFOSR Technology Exchange Conference, Utica NY, August 2006, Syracuse NY June 2007, Washington DC, June 2008.

37. Intellectual Property Pprotection, NAFTA Meeting, Dallas, December 2006.

38. Geospatial Semantic Web, OGC Interoperability Working Group, October 2006.

39. Geospatial RDF (with A. Ashraful), W3C Working Group on Geospatial Data, October 2006.

40. Data Mining and Applications in Malicious Code Detection and Security, Seminar series, University of North Texas, November 2006, University of Texas at Arlington, December 2006.

41. Data Mining for Buffer Overflow, Seminar series, Purdue University (February 2007); Polytechnic University New York, August 2007.

42. Data Security Research at UTD, Navy SPAWAR, August 2007.

43. Digital Forensics, SWE UT Dallas Chapter Meeting, October 4, 2007.

44. Digital Forensics, ACM UT Dallas Chapter Meeting, October 25, 2007.

45. Data Mining for Security Applications, SWE Dallas Chapter Meeting, February 2008.

46. Semantic Web Research at UT Dallas. IARPA KDD Workshop, February 2008.

47. Blackbook Experiences, RDEC User Conference, May 2008.

48. Assured Information Requirements Gathering, DoD MURI Program Review, Baltimore, MD September 2008

49. Assured Information Sharing, Seminar at National University of Singapore, October 2008, University of Penang, October 2008.

50. Managing Large RDF Graphs, IARPA KDD Workshop, December 2008.

51. Knowledge Discovery and Security Informatics, SAP Labs, May 2009, Rockwell Collins, March 2009.

52. Secure Semantic Grid, AFOSR Program Review, Washington DC, June 2009.

53. Data Mining and Security, Microsoft Invitational Workshop in Data for Interdisciplinary Research, September 2009.

54. Information and Security Analytics at UTD, Presentation at Wright State University, November 2009.

55. Assured Information Sharing: Opportunities and Challenges for Indo-US Collaboration, Presented at the Info-US Summit on Infrastructure Security, January 2010 (sponsored by NSF and IUSSTF).

56. Cyber Security Research and Education at UTD, Mississippi State University, January 2010.

57. Data Mining for Malware Detection, University of Arizona, February 2010.

58. Dallas – Ideal city for a technology conference, Presented to the IEEE Data Engineering Steering Committee, March 2010 (co-author: Ms Rhonda Walls)

V. MITRE SYMPOSIA AND TECHNOLOGY EXCHANGE MEETINGS

1. Security in Object-Oriented Database Systems, Presented at the MITRE Symposium on Object-Oriented Technology, April 1990, Bedford, MA (Proceedings published in Technical Report, MTP 382, Editor: D. Grigaro).

2. Issues in Object-Oriented Database Systems, Presented at the MITRE Managers' Symposium on Supercomputing, May 1990 (Proceedings Ed. L. Zeitlsler) McLean, VA.

3. Parallel Processing and Trusted Database Management Systems, Presented at the 5th MITRE Symposium on Parallel processing, May 1991, Bedford, MA.

4. An Overview of Parallel Database Management Systems, Presented at the 7th MITRE Symposium on Parallel processing, April 22, 1993 (Bedford, MA).

5. Object-oriented Database Management Systems, Presented at the Object-oriented Technology Day, October 7, 1993 (Bedford, MA) and March 15, 1994 (McLean, VA).

6. Massive Data and Information Systems, Presented at the 1^st MITRE Technology Symposium, McLean, VA, June 15, 1994 (McLean, VA) (coauthor: M. Zemankova, proceedings).

7. Data Management for Workflow Computing, Presented at the MITRE Symposium on Databases for the 90s, McLean, VA, June 16, 1994 (Abstract and presentation in Proceedings; coauthor: B. Lavender).

8. Proceedings of the 1st Applied Database Technology Day, August 1994 (co-editor: C. Loizides – also co-chaired 2nd symposium, December 1995).

9. MITRE's Role in Real-time Systems, Presented at the panel on Real-time Systems, Real-time Systems Technology Day, 26 September 1994 (chair: J. Knobel).

10. Real-time Database Management Systems, Presented at the Advanced Information Systems Technology Day, February 1995 (chair: M. Maybury).

11. MITRE's role in Parallel Database Systems, Presented at the Parallel Processing Symposium, 1995.

12. Massive Data and Information Systems Initiative at MITRE; Proceedings of the MITRE Data Management Symposium, June 1995

13. Intelligence Community Massive Digital Data Systems, MITRE McLean November 1995, MITRE Fort Monmouth May 1996, MITRE San Diego, March 1998.

14. Massive and Heterogeneous Data, Massive Data and Information Systems Umbrella; Massive Digital Data Systems Initiative; Poster Presentations at the 2nd MITRE Technology Symposium, 20 June 1995 (Bedford, MA) and 27 June 1995 (McLean, VA); Plenary presentations also presented at 1996 MITRE Technology Symposium, Bedford (11 June 1996), Reston (25 June 1996).

15. Evolvable Interoperable Information Systems Thrust, MITRE Technology Symposium, 11 June 1996 (Bedford), 25 June 1996 (Reston) Proceedings, version also at 1997 symposia (June 1997).

16. Proceedings of the 1st MITRE Object-Oriented Technology Conference, June 1996 (Co-Editor: T. Mowbray) Welcome address.

17. Privacy, MITRE Technical Exchange, April 2003.

18. Cyber Security Roadmap, MITRE Technical Exchange, June 2009

VI. TUTORIALS

Conference Tutorials

1. Recent Developments in Database Security, Presented at the 14th Annual Computer Security Conferences Workshops, Anaheim, CA, November 1987, lecture notes published in the tutorial proceedings; Enhanced version published in the IEEE COMPSAC Conference Tutorial Proceedings, Orlando, FL, November 1989.

2. Multilevel Secure Database Management Systems, Presented at the AFCEA Conference Tutorials, Princeton, NJ, August 1993 (lecture notes published in the tutorial proceedings).

3. A Tutorial in Object-Oriented Database Systems, Presented at the IEEE Dual Use Technology Conference, Utica, NY, May 1994.

4. Data Mining, ACM SAC, March 1998.

5. Data Mining, IEEE COMPSAC, August 1998.

6. Data Mining, IEEE ANNIE, November 1999.

7. Web Information Management and Ecommerce, IEEE ISADS March 1999.

8. Web Information Management and Ecommerce IEEE COMPSAC October 1999.

9. Data Mining Technologies and Applications in Counter-terrorism, Technet May 2003, Washington DC.

10. Data Mining Technologies and Applications in Counter-terrorism, Technet May 2004, Washington DC.

11. Data and Applications Security, TechNet, Washington DC, May 2005.

Department of Defense and Other Agencies

1. A Tutorial in Database System and Database System Security, A Three full day tutorial presented to the U.S. Army CECOM, Ft. Monmouth (August 1992, January 1993), and Dept. of the Navy SPAWAR, Washington D.C. (February 1993).

2. A Seminar on Secure Database System, Full day tutorial presented to the Dept. of the Navy NCCOSC, San Diego (January 1993, June 1993); Versions also presented to the U.S. Air Force AFCSC (June, August, September, 1991 - San Antonio, TX).

3. A Seminar in Object-Oriented DBMS , Full day tutorial presented to the Department of the Navy NCCOSC, San Diego, June 1993; U.S. Army, CECOM, Ft. Monmouth, April 1994; DISA November 1994; NSA April 1995.

4. A Seminar in Distributed and Heterogeneous DBMS, Full day tutorial presented to the Department of the Navy NCCOSC, San Diego, June 1993; U.S. Army, CECOM, Ft. Monmouth, April 1994; DISA, November 1994.

5. A Seminar in Real-time DBMS, Presented to U.S. Army, CECOM, Ft. Monmouth, N.J., April 1994.

6. A Tutorial in Database Management Systems, series of seven lectures given at ESC University, Hanscom AFB, Bedford, MA, September 1994 - April 1995 (Introduction, Relational, Object-Oriented, Distributed, Heterogeneous DBMS, Real-time, Intelligent Data Management/Data Mining).

7. Data Mining, Developments and Challenges, July 1998, San Antonio (AIA), and Stuttgart (Eucom). (versions given to many govt. organizations).

8. Data Management Systems Evolution and Interoperation, AFCEA (Three days) June 1999, September 1998, DISA-DARPA-JPO (One day) September 1999.

9. Data Management, Data Mining and E-Commerce, AFCEA, October 2000 (Three days).

10. Data Management, Information Management and Knowledge Management, AFCEA October 2001, also versions at AFCEA October 2002, October 2003, September 2004, October 2005 (Air Force Bases: October 2004 - Offut, March 2005 - Eglin, August 2005 - Lackland, June 2006 – Edwards, September 2006 - Kirkland).

11. Data Mining and Applications in Counter-terrorism, AFCEA June 2003, December 2003, December 2004, March 2006 (Three days) , December 2006, November 2007, May 2007, November 2007, November 2008 (enhanced version of Technet presentation).

12. Knowledge Management, Semantic Web and Social Networks, AFCEA April 2008, October 2009.

13. Data Mining Technologies and Applications in Counter-terrorism, Department of State, 2010.

MITRE Tutorials (excludes informal tutorial presentations at MITRE)

1. Database Security, Presented at the MITRE Institute, February 1990 (co-presenter: R. Graubart, Lecture notes and one Videotape) (Bedford, MA).

2. Database Systems and Database Systems Security, Presented at the MITRE Institute, January 1992 (Bedford, MA) (Lecture notes and two Videotapes).

3. A Seminar In Object-Oriented Database Systems, Presented at the MITRE Institute, April 21, 1993 (Bedford, MA), (five videotapes and lecture notes), March 14, 1994 (McLean, VA).

4. A Seminar In Distributed and Heterogeneous Database Systems, Presented at the MITRE Institute, June 3, 1993 (Bedford, MA) (Videotapes and lecture notes), March 15, 1994 (McLean, VA).

5. A Course in Database Management Systems, Presented at the MITRE Institute, Fall 1992 and Fall 1993 (Videotapes and Lecture notes available) (Bedford, MA).

6. A Seminar on Real-time Database Systems, Presented at the MITRE Institute, June 13, 1994, (Videotapes and lecture notes available) (Bedford, MA).

7. A Three Day Seminar on Database System, Presented at the MITRE Institute, September 1996, Ft. Monmouth, NJ.

8. Data Management Systems Evolution and Interoperation, MITRE Institute, Washington, Bedford, Colorado Springs, Ft. Monmouth, 1997 (Bedford, Washington and Fort Monmouth), 1998 (Colorado Springs), 1999 (Bedford and Washington).

9. Data Mining, Bedford, and DC, Video tapes and notes, May 1998 (Bedford and Washington), November 1999 (Bedford and Washington), Colorado Springs March 2000.

VII: University of Texas at Dallas Conference Presentations (Sample)

1. Data and Applications Security at the University of Texas at Dallas,

Eric Jonsson School Advisory Board Presentations, October 2004, April 2005, April 2006, November 2006; University of Texas at Dallas, Research Advisory Board, April 2006.

2. Data Mining for Security, FBI Symposium, March 2006.

3. First UTD Cyber Security Symposium, Program Chair, April 2005.

4. Critical Infrastructure Protection, Department of Energy Symposium, January 2006.

5. UTD/OGC Joint Meeting on Geospatial Information Management, July 2006.

6. Data Mining for Cyber Security and National Security, (co-authors: L. Khan, R. Layfield), National White Collar Crime Conference, March 2007.

7. Secure Collaboration, NSA/DHS COE Conference, at UTDallas, June 2008.

VIII: University of Texas at Dallas Presentations to Visitors to UTD

Knowledge Discovery and Security Informatics at UTD

Open Geospatial Consortium, April 2006
Raytheon Corporation, September 2006
Freshman Class, August 2007
IARPA, September 2007
IAB Meeting, November 2008
DFW Teachers, June 2009
Lockheed Martin, January 2010
L-3 Communications, January 2010
Ball Aerospace, February 20010

Section 13. DISCUSSION OF RESEARCH AND PUBLICATIONS

1. Introduction:

In this note I describe the research I have carried out since I started my professional career in August 1980 after my PhD. I first describe my research focus at the University of Texas at Dallas (UTD) since October 2004, and then describe my research contributions to computer science from 1980-2004. Research at UTD is focusing in 2 major areas: Data Security and Privacy (Assured Information Sharing; Secure Geospatial Data Management and Secure Social Networks) and Information Management (Semantic Web, Data Mining). In particular, we are developing novel data mining techniques and secure semantic web technologies to solve problems mainly for cyber security and national security.

My prior research, mainly carried out in industry, has focused on computability theory, data security, data management, distributed systems and data mining and is discussed in section 3. It shows the depth and breadth of my work and explains how they all fit together. My research spans from theory to system design, modeling and implementation to application design to technology transfer to big-picture/vision. I have discussed my research in five areas (Computability Theory, Information Security, Distributed Systems and Real-time Objects, Data Management, and Homeland Security).

My main research area since 1985 has been in Data/Information Security and still continues. My research has resulted in over 90 journal papers, over 200 conference/workshop papers, over 70 keynote presentations, 3 patents and 11 books ( 9 published, 2 in preparation).

A. Research at the University of Texas at Dallas

(October 2004 – Present: Data and Applications Security, Information Management)

Research is proceeding in two main areas: Data Security and Privacy, and Information Management.

Publications: Several journal publications including IEEE Transactions on Systems, Man and Cybernetics, Very Large Database Journal, Computer Systems Science and Engineering, Multimedia Tools, ACM Transactions on Information Systems Security, IEEE Transactions on Dependable and Secure Systems, Data and Knowledge Engineering. Conferences include ACM SACMAT, IFIP Data Security, IEEE ICDM. ACM GIS, IEEE ISORC, PKDD.

I. Data and Applications Security

Area 1: Assured Information Sharing: Funding from AFOSR, NSF (2004 - Present)

In the area of assured information sharing, the goal is for organizations to share data and at the same time enforce policies. We are investigating confidentiality, privacy, trust, integrity, provenance, standards and infrastructure aspects. In particular, we are examining three scenarios. In the first scenario we assume that the partners of a coalition are trustworthy (e.g, US, UK, Australia). However, each partner may want to enforce various security policies. We are investigating the use of Ravi Sandhu’s RBAC and UCON policies for such a scenario, carrying out data mining and conducting experimental studies as to the amount of information that is lost by enforcing policies. We are also investigating ways to transfer our technologies to programs such as DoD’s NCES (Network Centric Enterprise Services).

In the second scenario, we assume that the partners are semi-trustworthy. In this case, we want to play games with the partners and extract as much information as possible without giving out information about ourselves. We are using results from game theory to formulate strategies for such a scenario and have obtained some interesting simulation results. In the third scenario, we assume that the partners are untrustworthy. Here, we apply data mining to defend our systems from virus and worms and at the same time try to probe into our partners’ systems.

This research has now resulted in a MURI project. We are investigating incentive-based information sharing and risk-based access control.

Area 2: Secure Geospatial Data Management: Funding from NGA, Raytheon

In the area of secure geospatial data management, we are developing technologies for geospatial semantic web and data mining. We are specifying extensions to GML for access control policies, as well as developing ontologies for geospatial data. Using these ontologies, we are conducting data mining. In addition, we are also developing geospatial web services. Finally, we are developing a new language called GRDF (Geospatial Resource Description Framework) and Secure GRDF for a geospatial semantic web. While we are developing various pieces of technologies, our goal is to work through standards organizations such as OGC (Open Geospatial Consortium) and corporations such as Raytheon to transfer our research to standards and operational programs. We are members of both OGC and USGIF. We are also members of UTD’s Geosciences program.

Area 3: Data Mining Applications in Security, Funding from Texas Enterprise Funds, NASA, AFOSR (2007 - Present)

Our main research in data mining applications is to develop tools for intrusion detection and malicious code detection. In addition, we are also developing tools for fault detection. We have also applied data mining for surveillance and biometrics. In the area of surveillance and biometrics, our goal is to develop technologies for detecting suspicious events. We developed a surveillance system to detect suspicious events. We identified normal events and used data mining techniques and determined whether an event is suspicious. In the area of biometrics, we developed tools for face recognition and fingerprint detection. In addition, we are conducting research on integrating robotics and security.

Area 4: Secure Grid and Web Services AFOSR (2008-Present)

Here we are developing a delegation model for web services. In addition, we are developing algorithms for secure storage of grid systems, as well as accountability policies for grid systems.

Area 5: Secure Social Networks , Funding from AFOSR (2008 - Present),

Here we are applying semantic web technologies to represent social networks and investigate security and privacy (jointly with University of Insurbria).

Area 6: Complexity Theory (2008 - Present)

My PhD research, as well as early research in my career, was in computability theory (please see section 3). After 25 years, I have gotten back into the field of co-advising students on complexity theory for sensory networks and security. This is more of a hobby at present.

II. Information Management

Semantic Web: Funding from IARPA (2007 - Present)

Our research is in semantic web applications for social networks, as well as knowledge management. We are conducting research in enhancing JENA, building query techniques with Hadoop, as well as investigating security for semantic web and social networks. We are also exploring security for semantic web and privacy for social networks.

C. Research Contributions to CS (August 1980 – September 2004)

Research is proceeding in five main areas: Computability Theory, Data Security; Distributed Processing, Data Management and Information Technologies for Homeland Security.

Publications: Several journal publications including IEEE Transactions on Knowledge and Data Engineering, IEEE Transactions on Software Engineering, IEEE Transactions on Parallel and Distributed Processing, Journal of Computer and Systems Sciences, Notre Dame Journal of Formal Logic, Computers and Security and IEEE Computer as well as several conference publications including in ICDE, VLDB, ACSAC, IFIP Data Security, and OOPSLA.

Area 1: Computability Theory

Much of my research in the early 1980s was on computability theory. I studied various decision problems for combinatorial systems such as systems functions and proved several results on the unsolvability and the complexity of the problems. I also invented the concept of an N-cylinder and this enabled me to give several counter-examples for the complexity problems. I have also applied the results in these papers to my work on the complexity of the inference problem. This complexity work was stated by NSA (National Security Agency) to be a significant development in database security in 1990 (Proceedings National Computer Security Conference). I am now applying the results to the privacy problem. Several papers were published in the Journal of Computer and Systems Sciences, Notre Dame Journal of Formal Logic between 1980 and 1993.

Publications: Number of Journal Papers: 9; Number of Technical Articles: 1.

Area 2: Information Security

My research in information security and secure database systems started in 1985 and still continues. Around 70% of my publications are in this area. This work has had a major impact on the research community, as well as on the commercial and government communities. I have been invited to give numerous keynote addresses on my research, as well as advice to the government on information security. My earlier contributions have been on secure relational databases, secure object databases, secure distributed databases and the inference problem. My research in the early 2000s was on secure XML databases, privacy constraint processing, and secure sensor information management. My current research is discussed in section 2. A summary of my research between 1985 and 2004 is given below.

Secure Relational Systems: In the mid to late1980s I was part of a team at Honeywell designing one of the prominent secure relational database systems. This system was called Lock Data Views (LDV) built on top of LOCK secure operating system. Issues investigated in this research had an impact on some of the commercial products that were emerging in the late 1980s and early 1990s. We developed a security policy, security model and designed modules for query, update, and metadata management. We also developed a multilevel relational data model.

Secure Objects: I investigated security for object database systems based on MCC’s ORION. I was one of the first to carry out such an investigation. This work had a major impact on the secure database research community. Subsequently I published a policy, model and design of a system. I also examined the use of object models for designing secure systems.

Secure Distributed Databases: In the early 1990s I led a team and conducted research on secure distributed database systems. Algorithms for secure query processing and transaction management were designed. Prototypes were implemented. We connected systems in Massachusetts, Washington DC and New Jersey and built applications. This was a very novel idea at that time. Simulation studies were also carried out on secure query and transaction processing.

Inference Problem/Secure Deductive Databases: I was one of the first to conduct research on the inference problem and deductive databases and also created a logic for secure databases called NTML (Nonmonotonic Typed Multilevel Logic). I also proved that the inference problem is unsolvable and this work was cited as one of the significant developments in database security in 1990 by Dr. John Campbell of NSA in the Proceedings of the 1990 National Computer Security Conference. I was successfully able to use my research on computability theory to study the complexity of the inference problem. I also led a team that conducted research on security constraint processing and designed and developed systems to process constraints. We extended the prototypes to work in a distributed environment.

Emerging Security Technologies: More recently my research has been on secure web data management. In particular I have examined security for XML databases and the semantic web. I am also investigating designs for privacy constraint processing which is along the lines of my work on the inference problem. I am exploring some new directions such as security for sensor information systems.

Other Information: Some of my research in secure databases was carried out in collaboration with the University of Minnesota in the 1980s and I supervised MS and PhD students there. At MITRE I had students working on my projects in secure databases from CMU and Cornell. I have also collaborated with the University of Milan and supervised a PhD student. I mentored junior staff at the NSA at the request of the chief between 1991 and 1997 and wrote joint papers. I also reviewed university research proposals for NSA in this area between 1991 and 1996. I invented three US patents for MITRE on database inference control and have authored a very comprehensive book in database and applications security. I served on the editorial board of the Journal of Computer Security for ten years and now serve on the editorial boards of two of the major journals in security: ACM Transactions on Information Systems Security and IEEE Transactions on Dependable and Secure Computing. In addition, I serve on the editorial and advisory boards of four other security journals. My research in secure databases has also resulted in being elected a Fellow of both IEEE AAAS and the British Computer Society. I received the IEEE CS 1997 Technical Achievement award for this work and was also quoted by Silicon India as one of top seven technology innovators of South Asian origin (other six are from Stanford, Berkeley, MIT, NASA, HP Labs and PARC). Several articles have appeared in IEEE Computer, IEEE Transactions on Knowledge and Data Engineering, ACM OOPSLA, Journal of Object-Oriented Programming, Computers and Security Journal, Data and Knowledge Engineering, and Journal of Systems and Software.

Publications: Number of Journal Papers: 38; Number of Conference Papers: 55; Number of Technical Articles: 11; Number of Book Chapters: 4; Number of Books 1, Number of Books Edited: 4; Number of Journal Special Issues Edited: 5 (in addition, numerous technical reports from Honeywell, MITRE and University of Minnesota; keynote and panel presentations, edited conference proceedings, and workshop/special session reports).

Area 3: Distributed Systems and Real-time Objects

Distributed Systems: I believe strongly that to carry out security research one needs a good understanding of systems. Therefore, while conducting security research since 1985, I have also worked in systems including database systems, distributed systems and networks. Some of my early work with the University of Minnesota in the 1980s was on distributed fault tolerant systems. We worked on binary tree task models for fault tolerant computing. I supervised PhD students in this area. While at Honeywell I spent part of my time designing a network operating system for space station networks. Prior to Honeywell I had over 2 years of product development experience with CDCNET at Control Data Corporation.

Survivable Real-time Object Systems: Between 1993 and 2000 I worked with a team at MITRE and the University of Rhode Island conducting research for next generation AWACS (Airborne Warning and Control System). My goal was to integrate my security research with real-time processing and fault tolerance techniques to build survivable systems. We designed and developed an infrastructure and data manager based on objects for next generation AWACS and transferred the technology to Air Force programs. We also investigated aspects of integrating security, real-time processing and fault tolerance issues. I led the real-time information management part of the project and also helped found the real-time object request broker group at the Object Management Group. We were the first to propose real-time aspects for Object Request Brokers in 1994. We continued our investigation on real-time CORBA and also investigated scheduling for real-time middleware. We also designed and developed new concurrency control algorithms for real-time object databases. This research had a major impact not only on Air Force programs but also on other DoD programs. We influenced the standards community, the commercial community (for real-time CORBA) and the research community (e.g., real-time concurrency control). I also supervised MS and PhD students in this area from University of Rhode Island and North Eastern University. Several papers on fault tolerant and real-time computing were published including articles in IEEE Transactions on Parallel and Distributed Systems, IEEE Transactions on Knowledge and Data Engineering, IEEE Transactions on Software Engineering, IEEE Symposium of Object-Oriented Real-time Computing, Real-time Systems Journal, IEEE Network, VLDB Conference, and Computer Systems Science and Engineering. I am continuing to combine my research in security and real-time computing to investigate properties of survivable dependable systems and serve on the editorial board of newly formed journal IEEE Transactions on Dependable and Secure Computing.

Publications: Number of Journal Articles: 5; Number of Conference Papers: 24; Number of Technical Articles: 1 (in addition numerous technical reports from MITRE, University of Minnesota, and University of Rhode Island and keynote/panel presentations in this area).

Area 4: Data Management

Research and Technology Transfer in Data Management: During the mid to late 1980s while at Honeywell Computer Sciences Center, I worked with a team on a number of research projects funded by the commercial divisions. In one effort we developed an application generator toolkit to help the residential control division programmers develop database applications. In another effort we explored the use of expert systems technology for designing process control systems such as Honeywell’s TDC3000 for Industrial Automation division. We also designed and developed a distributed data dictionary system for Honeywell’s Residential control division. While my main research has been in data and applications security, I have a solid background in database systems, as I believe strongly that to conduct security in data management, one needs a good understanding of database systems.

Data, Information and Knowledge Management: At MITRE, in the mid to late 1990s and early 2000, I managed a research group in Information Management (which included data management, multimedia, information management, data mining and knowledge management) for several years. I also advised the government and MITRE on data/information management and wrote five books in the field for technical managers. I managed university research programs for the Intelligence Community for six years. Several journal and conference papers were published in Knowledge and Process Management Journal, Computer Standards and Interface Journal and IEEE Data Engineering Conference. I also served on the editorial board of IEEE Transactions on Knowledge and Data Engineering for four years. Having a strong systems background has helped my security research a great deal as security is not a stand-alone field and has to be integrated with systems.

Publications: Number of Journal Papers: 11, Number of Conference Papers: 36; Number of Technical

Articles: 2; Number of Book Chapters 7; Number of Books Edited: 2 (in addition numerous technical reports, keynote/panel presentations, edited conference proceedings and workshop/special session reports in this area).

Area 5: Information Technologies for Homeland Security

Since 9/11 I have been very active at NSF on interagency research in Homeland security. In particular, I have set the direction for data mining for counter-terrorism and gave keynote presentations at the White House and the United Nations. I consulted for DHHS (Health and Human services) on Bioterrorism. I am also very aware of privacy concerns and as part of my research on Information security I am addressing privacy. I will continue to contribute to homeland security areas. I am using my expertise in areas such as data security, real-time systems and data mining and theory to investigate problems in national security.

Publications: Number of Keynote Presentations 4; Number of Panel Papers: 5; Number of Technical Articles 2; Number of Book Chapters 1; Number of Books 1 (Web Data Mining and Applications in Business Intelligence and Counter-terrorism, 2003)

Section 14. Software Systems/ Prototypes/

Products Developed

Control Data Corporation

CDCNET, 1983-6

Transport, Session and Network Layers as well as Memory Management Algorithms and Command Processors for CDCNET. Release 1 December 1985

Approx 60 members in the CDCNET Team

Honeywell Inc.

1. Lock Data Views 1986 - 1988

Paul Stachour, Bhavani Thuraisingham, Pat Dwyer, Emmanuel Onuegbe, Tom Haigh, Dick O’Brien

Designed a Multilevel Secure Relational Database System Design Contract from RADC (implementation contract was awarded to Honeywell using Oracle in 1989, but I did not work on this).

2. Distributed Data Dictionary System, 1986 - 1987

Krishna Mikkilineni, Hongjun Lu, Bhavani Thuraisingham, Cho-Li Ho

Designed and implemented a system for Honeywell Divisions using NIST IRDS System.

3. Network Operating System, 1987

Bhavani Thuraisingham, Tammy Chan, Pat Gonia

Designed a Network Operating System as part of MCNIU network for NASA (implementation contract was also awarded, but I did not work on this).

4. XIMKON, 1988 - 1989

Ferit Konar, Paul Felix, Bhavani Thuraisingham

Designed and implemented a expert process control system .

The MITRE Corporation

1. Multilevel Secure Data Management System ,1989

Amiel Kamon, Bhavani Thuraisingjam

Prototype system developed using Sybase for the backend system and SUN Unix for front-end. Security at the front-end was simulated.

2. Inference Control during Query Processing, 1989 -1990

William Ford, Bhavani Thuraisingham, Jonathan O’Keeffe

Secure Sybase running on Ultrix for MLS/DBMS and built inference controller for query processing as an application.

3. Inference Control during Update Processing,1990

Marie Collins, Bhavani Thuraisingham

Secure Sybase running on Ultrix for MLS/DBMS and built inference controller for update processing was built as an application.

4. Inference Control during Database Design, 1993 - 1994

Marie Collins, Bhavani Thuraisingham

Used CLIPS expert system and implemented in COOL.

5. Secure Distributed Query Processing, 1989 - 1991

Harvey Rubinovitz, Bhavani Thuraisingham

Built Secure Distributed Processor DQP that connected multiple Secure Sybase Server running on Ultrix operating system.

6. Simulation of Secure Transaction processing, 1990 - 1992

Harvey Rubinovitz and Bhavani Thuraisingham

Simulation tool was developed to simulate multiple secure concurrency control algorithms and compare performance.

7. Multilevel Secure Multimedia System, 1990 - 1991

Marie Collins, Harvey Rubinovitz and Bhavani Thuraisingham

Implemented a multilevel multimedia system on the MAC environment. Simulated security features for text image, audio, animation and video.

8. Multilevel Secure Object System, 1991

Harvey Rubinovitz and Bhavani Thuraisingham

Simulated security features for Object Store Object DBMS. Implementation in C++.

9. Distributed Secure Query Constraint Processor, 1991 - 1993

Harvey Rubinovitz, Bhavani Thuraisingham, David Foti

Utilized the DQP and built a distributed inference controller for query processing. Utilized Secure Sybase Server on Ultrix.

10. Distributed Secure Update Constraint processor, 1992 -1993

Harvey Urbanity and Bhavani Thuraisingham

Utilized the Distributed Update Processor and built an Inference Controller for processing updates, 1991 – 1993.

11. Secure Distributed processor for Army Applications, 1994 - 1996

Harvey Rubinovitz, Marie Collins and Bhavani Thuraisingham,

Implemented a system with Army MCS application utilizing the distributed constraint processor .

12. Active Real-time Data Manager ,1994

Gary Gengo, Bhavani Thuraisingham

Using ZIP-RTDBMS, built a rule processor for processing rules in real-time.

13. Infrastructure for Real-time Applications, 1994 - 1996

Peter Krupp, Bhavani Thuraisingham, John Maurer, Mike Squadrito

Developed an ORB-based infrastructure on Lynx operating system for command and control applications with AWACS as an example.

14. Real-time Main Memory Data Manager, 1995 - 1996

Mike Squadrito, Victor Wolfe, Bhavani Thuraisingham, Peter Krupp

Developed a main memory data manager and concurrency control algorithms for real-time applications hosted on the infrastructure.

15. Adaptive Real-time Infrastructure, 1997 - 1999

Mike Squadrito, Roman Ginis, Peter Krupp, Bhavani Thuraisingham

Designed and implemented an adaptive component based infrastructure for real-time applications.

University of Texas at Dallas

1. Suspicious Event Detection and Surveillance, 2004 - 2005

Gal Lavee, Bhavani Thuraisingham, Latifur Khan

Developed a system for detecting suspicious events. Developed a distance matrix to identify events that are similar.

2. Data Mining Toolkit for Malware Detection, 2005 - 2009

Mehedy Masud, Latifur Khan, Bhavani Thuraisingham

Developed data mining algorithms using WEKA and other tools to detect buffer overflow, and malicious code.

3. Assured Information Sharing, 2007 - 2008

Yashaswini Harshakumar, Bhavani Thuraisingham, Latifur Khan

Using Oracle database systems and XACML policies implemented assured information sharing prototype.

4. Geospatial Policy Interoperability, 2006 - 2007

Alam Ashraful, Farhan Hussein, Latifur Khan, Bhavani Thuraisingham

Develop a prototype for implementing security policies in heterogeneous geospatial data management systems.

5. Geospatial Data Mining, 2006 - 2007

Chuan Li, Latifur Khan, Bhavani Thuraisingham

Developed tool for classifying geospatial data.

6. Ontology Alignment in Geospatial Data, 2007 - 2009

Jeff Partyka, Latifur Khan, Bhavani Thuraisingham

Developed ontology alignment algorithms for integrating heterogeneous geospatial database systems. The algorithms were integrated into Intelligence Community’s Black book .

7. Stream Mining Algorithms, 2008 - 2009

Mehedy Masud, Latifur Khan, Jiawei Han, Bhavani Thuraisingham

Developed a stream mining algorithms for novel class detection. The tool will be distributed for external users.

8. Translators and Mappings from Relational to RDF Data and Vice Versa, 2007 - 2009

Sunitha Sriram, Latifur Khan, Bhavani Thuraisingham

Developed a tool for use by relational database users and RDF users to carry put translations. Tool will be distributed to external users.

9. Privacy Preserving Decision Tree, 2005 - 2007

Li Liu, Murat Kantarcioglu, Bhavani Thuraisingham

Developed a tool based on decision tree for privacy preserving data mining.

10. Game Theory-based Algorithms for Biosecurity, 2005 - 2008

Ryan Layfield, Murat Kantarcioglu, Bhavani Thuraisingham

Simulated algorithms for information sharing using game theory concepts for bioterrorism and insecurity.

11. Federated Query Processing in Clouds, 2008 - 2009

Farhan Hussein, Pankil Doshi, Latifur Khan, Bhavani Thuraisingham

Develop a cloud computing platform with Hadoop and Mapreduce and implemented secure federated query processing and optimization algorithms on top of this platform.

12. Inference Controller for Semantic Web, 2009

Tyrone Cadenhead, Murat Kantarcioglu, Bhavani Thuraisingham

Prototype developed for Policy Management using descriptive logic base inference controlee.

13. Geospatial Semantic Web, 2006 - 2007

Ganesh Subbiah, Latifur Khan, Bhavani Thuraisingham, Alam Ashraful

Developed a system called DAGIS to answer geospatial semantic queries. Implemented an access control module for DAGIS.

14. Implementation of Fingerprinting Algorithms, 2006 - 2007

Abinanthan, Bhavani Thuraisingham

Implemented a novel fingerprinting matching algorithm and associated system.

15. Face Detection Algorithms, 2006 - 2007

Parveen Pallabi and Bhavani Thuraisingham

Developed a system that detects facial features using neural networks. The algorithm combines SVM and ANN and uses Dempster-Shafer theory for fusing the results.

16. Assured Information Sharing Simulation, 2005 - 2006

Mamoun Awad, Latifur Khan, Bhavani Thuraisingham

Simulated policy management in information sharing algorithms and determined the amount of information that would be lost by enforcing policies. This would give guidance to the decision makers of the policies that need to be enforced.

17. Design and Implementation of a Secure Social Network System, 2005 - 2006

Ryan Layfield, Bhavani Thuraisingham, Latifur Khan

Developed a prototype secure social network system and analyzed the properties using the Enron data set.

18. Secure Web Services, 2007 - 2010

Wei-She, I-Ling Yen, Bhavani Thuraisingham

Implemented a delegation model for secure web services.

19. Access Control Model for Social Networks, 2009 - 2010

Raymond Weatherly, Murat Kantarcioglu, Barbara Carminati, Elena Ferrari

Prototype being developed for a system of a secure social network using a novel access control model.

20. Secure XACML Implementation with Hadoop, (2009 - )

In progress.

Blackbook Enhancements and GOTS (Government Off the Shelf)

1. Geospatial Proximity Algorithm, 2008 - 2009

Sonia Chib, Bhavani Thuraisingham, Jyothsna Rachapalli, Latifur Khan

Implemented geospatial proximity algorithms using Google maps for Blackbook users.

2. REST Interface and Integration of Amazon.com Web Services into Blackbook, 2008 - 2009

Pranav Parikh, Murat Kantarcioglu, Bhavani Thuraisingham

Implemented the REST Interface to Black book. Then using this interface integrated Blackbook with Amazon.com webs services for query processing.

3. MALLET/Blackbook Integration, 2009 - 2010

Pralav, Bhavani Thuraisingham

Developed a professionalization service for the MALLER Machine learning algorithms and integrated into Blackbook.

4. NIST NVD Ontology Management, 2009

Developed an ontology based system for specifying the data in the NIST NVD Databases

Jyothsna Rachapalli, Vaibhav Khadilkar, Bhavani Thuraisingham, NIST

Open Source Software at the University of Texas at Dallas

SCRUB tool

1. http://scrub-tcpdump.sourceforge.net/index.php

http://sourceforge.net/projects/scrub-tcpdump/

JENA Contributions, Very Large RDF Graphs

2. http://jena.sourceforge.net/contrib/contributions.html

http://cs.utdallas.edu/semanticweb/jenaextension.html

Tool Repositories developed and hosted at UTD

Data Mining Tools

http://dml.utdallas.edu/Mehedy/

Anonymization Tools

http://cs.utdallas.edu/dspl/cgi-bin/toolbox/index.php

Semantic Web Tools

http://cs.utdallas.edu/semanticweb/index.html

Section 15: Intellectual Property and Patents

1. The MITRE Corporation

US Patent, October 1994 an Apparatus and Method for a System for Security Constraint Processing during database query update and design operations. (With William Ford and Marie Collins)

US Patent, January 1996, An Apparatus and method for a system for handling the inference problem based on Nonmonotoic Typed Multilevel Logic

US Patent, December 1997, An Apparatus and method for a system for Expert inference control (with William Ford)

Status my of patents: In 2003 former Microsoft CTO Nathan Mvhrvold’s company (Intellectual Ventures) wanted to purchase 4 patents from MITRE. Three of them were mine. MITRE also as a bonus gave them additional patents together with the 4 must have patents for $2m approx. Each of the inventors was given $7K.

2. The University of Texas at Dallas

Intellectual Property Disclosures

09-037	Policy Management for Assured Information Sharing in a Coalition Environment *****************		PI: Bhavani Thuraisingham Latifur Khan Murat Kantarcioglu **********
10-017	Classification and Novel Class Detection in Concept-Drifting Data Streams under Time Constraints *****************	PI: Latifur Khan Mohammad Mehedy Masud (UTD post-doc) Bhavani Thuraisingham
10-019	Biological Weapon Attack Simulation Using Social Network and Game Theoretic Modeling	************** PI: Murat Kantarcioglu Ryan Layfield (former PhD Student) Bhavani Thuraisingham

Based on this disclosure, we are starting a spin-off company with UTD titled: “Security and Information Analytics” in March 2010. The company founder is Bhavani Thuraisingham and major share holders will be UTD, Latifur Khan, and Murat Kantarcioglu and minor share holders will be Mehedy Masud and Ryan Layfied.

Section 16: PROFESSIONAL ACTIVITIES

Editor-in-Chief

Computer Standards and Interface Journal, June 2005 – January 2009

Editorial Boards

Journal of Computer Security, 1990 – 2000

IEEE Transactions on Knowledge and Data Engineering, 1996 - 2000

Computer Standards and Interfaces, 1993 - 2005

IEEE Transactions on Secure and Dependable Computing, 2004 -

ACM Transactions on Information Systems Security, 2004 - 2007

Journal of Distributed Sensor Networks, 2004 -

Journal of Computer Science and Network Security, 2006 –

Journal of Information and Computer Security, 2005 -

Journal of Information Security and Privacy, 2006 -

Very Large Database Journal, 2007 -

Advisory Boards

Purdue University, Computer Science Department, 2004 - 2006

Journal of Privacy Technologies, 2004 -

Journal of Computer Security, 2000 -

IASTED, 2001 - 2004

General Conference Chair/Co-Chair

IEEE WORDS Conference, Rome, Italy, January 2001

IFIP Data Integrity and Control Conference, Warrenton VA, November 2005

Intelligence and Security Informatics, ISI, San Diego, CA, May 2006

Secure Knowledge Management, Dallas, TX, November 2008

Intelligence and Security Informatics, ISI, Dallas, TX, June 2009

NSF Workshop on Data and Applications Security, Arlington, VA, February 2009

Program Chair/Co-Chair

1. IFIP Database Security Conference, Vancouver, Canada, August 1992 (Chair)

2. ACM OOPSLA Conference Workshop on Secure Object, Washington DC, Sept 1993 (Co-chair)

3. ACM Multimedia Conference Workshop on Multimedia Data, San Fran CA, October 1994 (Co-chair)

4. ACM OOPSLA Conference Workshop on Objects in Healthcare, Portland OR, Oct 1994 (Co-chair)

5. IEEE Workshop on Multimedia Database Systems, Blue Mountain Lake NY, August 1995 (Co-chair)

6. ACM OOPSLA Conference Workshop on Objects in Healthcare, Austin TX, October 1995 (Co-chair)

7. ACM Multimedia Conference Workshop on Multimedia Database, San Fran CA, Nov 1995 (Co-chair)

8. IEEE Metadata Conference, Silver Spring, MD, April 1996 (Founding Chair)

9. ACM OOPSLA Conference Workshop on Objects in Healthcare, San Jose CA, Oct 1996 (Co-chair)

10. Federal Data Mining Symposium, Washington DC, December 1997 (Founding Co-Chair)

11. IEEE Multimedia Database Workshop, Dayton, Ohio August 1998 (Cco-chair),

12. IEEE COMPSAC Conference, Vienna Austria, 1998 (Co-chair)

13. IEEE WORDS Workshop, Santa Barbara CA, January 1999 (Chair)

14. IEEE ISORC, Newport Beach, CA, March 2000 (Co-chair)

15. IFIP Database Security Conference, Amsterdam Netherlands, August 2000 (Primary Co-chair)

16. CODATA Symposium on Integrating Heterogeneous Data, Stressa Italy, October 2000 (Co-chair)

17. IEEE ISADS Conference, Dallas TX, March 2001 (Chair)

18. IEEE COMPSAC Conference Workshop on Web Security, Oxford UK, August 2002 (Co-chair)

19. IEEE ISORC, Korea, April 2006 (Co-chair)

20. ACM SACMAT Conference, Sophia Antipolis, France, June 2007 (Chair)

21. ICDE Secure Semantic Web Workshop, Mexico, April 2008 (Co-chair)

22. ICWS Security Workshop, Los Angeles, CA, July 2009 (Co-chair)

23. PASSAT, Vancouver, Canada, August 2009 (Chair)

24. Indo-US Summit in Infrastructure Security, Bangalore, January 2010 (Co-Chair)

Program Vice Chair and/or Special Roles

1. IEEE ICDE Conference, Mexico, 2008, Vice Chair for Security

2. IEEE IDCE Conference, Sydney, 1999, Panel Chair

3. Computer Security Applications Conference, 1990, Chair, Database Security Track

Program Committee Member (Sample, not a complete list)

1. IEEE Local Area Networks Conference, Minneapolis, MN, October 1987

2. ACM Computer and Communications Security Conference, Fairfax, VA, November 1994

3. ACM SAC 1994, Phoenix, AZ, March 1994

4. ACM SAC 1995, Nashville, TN, February 1995

5. IEEE ICECCS Conference, Ft. Lauderdale, FL, October 1995

6. ACM SIGMOD Conference Workshop on Data Mining, Montreal, Canada, June 1996

7. Pacific Workshop on Distributed Multimedia Systems, Hong Kong, June 1996

8. IEEE ICECCS, Montreal, Canada, October 1996

9. IEEE WORDS Workshop, Newport Beach, CA, February 1997

10. Rough Sets and Soft Computing Workshop, Raleigh, NC, March, 1997

11. Pacific Workshop on Distributed Multimedia Systems, July 1997

12. Real-time Database Systems Workshop, Burlington, VT, September 1997

13. IEEE COMPSAC, Bethesda, MD, August 1997

14. Compugraphics and Visualization Conference, Algarve, Portugal, December 1997

15. IEEE ICDE, Orlando, FL, February 1998

16. IEEE ISORC, Kyoto, Japan, April 1998

17. PAKDD, Melbourne, Australia, April 1998

18. Real-time Systems Applications Conference, Denver, CO, June1998

19. Euro micro Workshop on Multimedia and Communications, Vesteras, Sweden, August 1998

20. ASSET, Dallas, TX, March 1999

21. IEEE ISADS, Tokyo, Japan, March 1999

22. DASFAA, Taiwan, April 1999

23. Federal Data Mining Symposium, McLean, VA, March 1999

24. IEEE COMPSAC, Tempe, AZ, October 1999

25. IEEE WORDS 1999F, Monterey, CA November 1999

26. E-Commerce and Web-based Information Systems Workshop, San Jose, CA, April 1999

27. PAKDD, Beijing, China, April 1999

28. Federal Data Mining Symposium, Washington DC, March 2000

29. PAKDD, Kyoto, Japan, April 2000

30. ACM CCS Workshop on E-Commerce Security, Athens, Greece, November 2000

31. IEEE ISORC, Magdeberg, Germany, May 2001

32. IEEE COMPSAC, Chicago, IL, October 2001

33. International Workshop on Multimedia Middleware, Ottowa, Canada, November 2001

34. IEEE FTDCS, Bologna, Italy, November 2001

35. IEEE WORDS, San Diego, CA, January 2002

36. IASTED Applied Informatics, Innsbruck, Austria, February 2002

37. PAKDD Workshop on Rough Sets and Data Mining, Taiwan, May 2002

38. IEEE ISORC, Washington DC, May 2002

39. IEEE ICDM, 2002, Maebashi City, Japan, December 2002

40. ACM SACMAT, Monterey, CA, June 2002

41. Second Semantic Web Symposium, Sardinia, Italy, June 2002

42. IEEE COMPSAC, Oxford, UK, August 2002

43. COOPIS, Irvine, CA, October 2002

44. IEEE ICTAI 2002, Crystal City, VA, November 2002

45. IFIP Integrity and Control Conference, Bonn, Germany, November 2002

46. NSF/NIJ Symposium on Security Informatics, Tucson, AZ, June 2003

47. IASTED Applied Informatics, Innsbruck, Austria, February 2003

48. IEEE ISADS, Pisa, Italy, April 2003

49. IEEE ISORC, Japan, May 2003

50. IFIP Data Security, Colorado Springs, CO , August 2003

51. IEEE WORDS 2003F, Capri Island, Italy, October 2003

52. IFIP Integrity and Control Conference, Lausanne, Switzerland, November 2003

53. ACM Computer and Communications Security, Washington DC, October 2003

54. IEEE ICTAI, Sacramento, CA, November 2003

55. IEEE COMPSAC, Dallas, TX, November 2003

56. IFIP Database Security Conference, Estes Park, CO, August 2003

57. IEEE ISORC, Vienna, Austria, May 2004

58. NSF/NIJ Symposium on Security Informatics, Tucson, AZ, June 2004

59. ACM SACMAT, Yorktown Heights, NY, June 2004

60. ACM SIGMOD Workshop on Databases in Virtual Organizations, Paris, France, June 2004

61. IFIP Database Security Conference, Sitges, Spain, July 2004

62. DEXA Workshop on Web Security, Zaragoza, Spain, August 2004

63. DEXA Workshop on Trust and Privacy in Digital Business, Zaragoza, Spain, August 2004

64. IEEE COMPSAC, Hong Kong, September 2004

65. IEEE SRDS, Florianapolis, Brazil, October 2004

66. IEEE ISADS, Chengdu, China, March 2005

67. IEEE ICDE, Tokyo, Japan, April 2005

68. ACM SACMAT, June 2005

69. ACM SIGMOD, Baltimore, MD, June 2005

70. IEEE Distributed Systems in Sensor Systems, CA, July 2005

71. IFIP Database Security Conference, August 2005

72. Privacy in Data Mining Workshop, November 2005

73. ACM SACMAT, June 2006

74. ACM SIGKDD. Philadelphia, PA, August 2006

75. IFIP Database Security Conference, August 2006

76. IEEE COMPSAC, September 2006

77. IEEE SRDS, London, England, October 2006

78. ISWC 2006

79. CIKM, November 2006

80. Privacy in Data Mining Workshop, December 2006

81. IEEE Policy Workshop, 2007

82. ACM SIGKDD, 2007

83. AAAI 2007

84. POLICY 2007

85. IFIP Database Security Conference, July 2007

86. IEEE POLICY 2008

87. ACM SACMAT 2008

88. ASIA CCS 2009

89. ACM SACMAT 2009

90. IEEE ICDE 2009

91. ICWS 2009

92. DHS/CPS Workshop, 2009

93. IEEE Globecom 2009

94. IEEE ACSAC, 2010

(I am compiling a list of all conferences I served as program committee member)

Other Boards and Activities

1. Member, National Academy Panel on Protecting Children from Inappropriate Content on the Internet, 2000 (Chair, Hon. Dick Thornburgh)

2. Vice Chair, AF SAB Panel on Migrating Legacy Databases, 2000

3. Member,National Academy Workshop on GIS, 2001 (participated from NSF)

4. Member, National Academy Panel on Information Fusion and Counter-terrorism, 2002 (participated from NSF; Chair: T. Mitchell)

5. Member, Curriculum Committee, K-6, 7-12, USGIF, 2006 (Geospatial Intelligence)

6. IEEE Distinguished Lecturer (2002-2005)

7. IEEE Conferences and Tutorials Board (1997-1998)

8. Reviewer for numerous journals and conferences including IEEE Computer, IEEE TSE, IEEE TKDE, ACM TODS

9. Steering committee for conferences and workshops

10. Session chair for numerous conferences and workshops (100+)

Internal Activities

CS Department Head Search Committee Chair, 2008 - 2009

Engineering School Dean Search Committee, 2007 - 2008

CS Faculty Search Committee, 2005 - Present

CS Tenure and Promotion Committee, 2005 - 2006, 2006 - 2007, 2007 - 2008

University Science School Dean Search Committee, 2006 - 2007

University Vice President for Business Search Committee, 2005 - 2006

Section 17: Selected Media Reports

Television Interviews

Cyber Security

http://www.the33tv.com/news/kdaf-jim-cyber-czar-story,0,571554.story

Facebook Privacy

http://www.the33tv.com/news/kdaf-facebook-privacy-story,0,5566137.story

External Articles

Thuraisingham receives IEEE Computer Society’s 1997 Technical Achievement Award; IEEE Computer Magazine, October 1997

http://ieeexplore.ieee.org/xpl/tocresult.jsp?isYear=1997&isnumber=13587&Submit32=Go+To+Issues

Managing the Web, Silicon India, May 2002 (on Leading Seven Technology Innovators of South Asian Origin in USA) http://www.siliconindia.com/magazine/displaydetail.asp?article_id=1578

http://www.siliconindia.com/magazine/articledesc.php?articleid=HPK497612166&errid=7

Security Beat, National Defense Magazine, 2004 http://www.nationaldefensemagazine.org/issues/2004/Jul/Security_Beat.htm

Taking a Byte out of Cyber Crime,

Dallas Morning News, Sunday Edition, February 26, 2005 http://www.dallasnews.com/sharedcontent/careers/it2/022705ccwcCareersTechmain.f1f446c9.html

Dr. Bhavani Thuraisingham, AFCEA-PDC Instructor Profile,

SIGNAL Magazine, February 2005

University of Texas at Dallas, Sample faculty profile, June 2005, December 2005 http://www.utdallas.edu/profiles/thuraisingham.html

The Terrorist Hunter, D-Magazine, July 2005 (Monthly Magazine for DFW) http://dmagazine.com/article.asp?articleid=874

Cyber Security, DFW Metroplex Technology Magazine, January 2006

Lonely at the Top, Dallas Morning News Education Supplement, February 22, 2006

The Semantic Web, Deep in the Heart of Texas

http://www.semanticweb.com/article.php/3786086

Air Safety Data Mining Research Ongoing (Aviation Safety Week)

http://findarticles.com/p/articles/mi_m0UBT/is_27_22/ai_n27916054/

Assured Information Sharing

Seminar at Purdue University, Video Presentation

http://www.cerias.purdue.edu/news_and_events/events/security_seminar/flash.p

hp?uid=ckjq5ef1oaga6g2kquu42f7350@google.com

UTDallas Press Releases

Cyber Security Expert Joins the University of Texas at Dallas

http://csepi.utdallas.edu/PR_2Dec2004_CSRCenterDirector.pdf

Cyber Security Research Center at UT Dallas Tops $1 Million in Funding

http://www.utdallas.edu/news/archive/2007/09-11-001.html

UT Dallas Researchers to Play Key Role in $7.5 Million Department of Defense MURI

http://www.utdallas.edu/news/2008/03/25-002.php

UT Dallas Leads $2.2 Million Effort to Build Secure Information Grid for the U.S. Air Force

http://www.utdallas.edu/news/2008/08/12-001.php

NSF Grants to Help Create Next-Generation Web

http://www.utdallas.edu/news/2008/10/08-003.php

Data Mining for Flight Safety

http://www.utdallas.edu/news/2008/07/07-002.php

Prof Gives Keynote Speech on Data Mining and Privacy

http://www.utdallas.edu/news/2008/09/04-002.php

Advances in Data Safety Drawing Wider Attention

http://www.utdallas.edu/news/2009/03/25-002.php

Cyber Security Conference Planned For April 20-21 at U. T. Dallas

Symposium to Feature Leading Researchers, Policymakers

http://www.utdallas.edu/news/archive/2005/security-conference.html

Cyber Security Center Offers Data Mining Tools

http://www.utdallas.edu/news/2010/01/26-003.php

MITRE Articles

1. MITRE Matters Short Write-ups on Achievements

MITRE has a strong showing at AFCEA DoD Database Colloquium

Press releases 1994, 1995, 1996

2. Patent awards, MITRE Matters

September 1995, November 1996

3. Author of the Month, MITRE Matters

July 1997, April 1999

4. Uniquely MITRE, MITRE Matters June 2000 (feature article)

5. I Really Want to be Challenged; MITRE Matters February 2003 (feature)

6. MITRE Internal News Releases on IEEE Fellow, AAAS Fellow among others

SECTION 18. SAMPLE PAPERS

Representation of One-One Degrees by Decision Problems, 1982, Journal of Computer and Systems Sciences (Academic Press), Vol. 24, pp. 373-377.

Cylindrical Decision Problems, 1983, Notre Dame Journal of Formal Logic, Vol. 24, No. 2, pp. 188-198.

Secure Query Processing Strategies, IEEE Computer, March 1989, Vol. 22, No. 3, (invited paper - coauthors: T. F. Keefe and W. T. Tsai).

Knowledge based support for the development of database centered applications, Proceedings IEEE ICDE, 1989. Co-authors: H. Atachan. R. Bell.

Mandatory Security in Object-Oriented Database Systems, October 1989, Proceedings of the ACM Conference on Object-Oriented Programming, Systems, Languages and Applications (ACM OOPSLA) Conference, New Orleans, LA.

Design of LDV - A Multilevel Secure Database Management System, June 1990, IEEE Transactions on Knowledge and Data Engineering, Vol. 2, No. 2, June 1990, (coauthor: P. Stachour).

Recursion Theoretic Complexity of the Inference Problem in Database Security, June 1990, Presented at the 3rd IEEE Workshop on Foundations of Computer Security, Franconia, NH (public release was not obtained in time for proceedings; printed as MITRE Paper M291 June 1990).

A Nonmonotonic Typed Multilevel Logic for Multilevel Database Management Systems, June 1991, Proceedings of the 4th IEEE Computer Security Foundations Workshop, Franconia, NH.

Design and Implementation of a Distributed Query Processor for a Trusted Distributed Database Management Systems, April 1993, Journal of Systems and Software (North Holland), Vol. 21, #1 (co-author: Harvey Rubinovitz).

Design and Implementation of a Database Inference Controller, December 1993, Data and Knowledge Engineering Journal (North Holland), Vol 11, #3 (co-authors: W. Ford, M. Collins, J. O'Keeffe); (Article reprinted by the MITRE Journal, 1994).

Towards Developing a Standard Multilevel Relational Data Model for Representing a Multilevel Universe, Computer Standards and Interfaces Journal (North Holland), Vol. 15, #1, 1993 (also published by Computer Standards Interface Journal special issue in 1999 as one of the seminal papers to appear in the journal).

Security Constraint Processing in a Multilevel Secure Distributed Database Management System, IEEE Transactions on Knowledge and Data Engineering, April 1995 (coauthor: W. Ford).

MOMT: A Multilevel Object Modeling Technique for designing Secure Database Applications, Journal of Object-Oriented Programming, 1996 (co-authors: D. Marks and P. Sell)

Information Survivability for Real-time Command and Control Systems, IEEE Transactions on Knowledge and Data Engineering, January 1999 (coauthor: J. Maurer)

Real-time Priority Ceiling Algorithm, Real-time Systems Journal (Kluwer), 2001 (co-author: V. Wolfe, L. DiPippo et al)

Data Mining, National Security, Privacy and Civil Liberties, ACM SIGKDD, December 2002

Security and Privacy for Sensor Databases, Sensor Letters, Inaugural Issue (American Scientific), Volume 2, #1, March 2004

Data Mining for Counter-terrorism, AAAI Press (editor: H. Kargupta et al), 2004 (MGDM Conference, 2002)

RDF Security, Proceedings of the DEXA Workshop on Web Semantics, Spain, August 2004 (coauthor: B. Carminati et al)

Secure Third Party Publication of XML Documents, IEEE Transactions on Knowledge and Data Engineering, 2004 (coauthor: E. Bertino et al; version also published as MIT Working Paper, 2002)

Secure Semantic E-Business, Invited Paper, Communications of ACM, December 2005.

Secure Knowledge Management, IEEE Transactions on Systems, Man and Cybernetics, May 2006 (coauthors: E. Bertino et al, based on keynote I presented at SKM2004)

A framework for a video analysis tool for suspicious event detection. Gal Lavee, Latifur Khan, Bhavani M. Thuraisingham: Multimedia Tools Appl. 35(1): 109-123 (2007)

A New Intrusion Detection System using Support Vector Machines and Hierarchical Clustering, Accepted in VLDB Journal, 2007 (coauthor: M. Awad et al)

PP-trust-X: A system for privacy preserving trust negotiations. ACM Trans. Inf. Syst. Secur. 10(3): (2007) Anna Cinzia Squicciarini, Elisa Bertino, Elena Ferrari, Federica Paci, Bhavani M. Thuraisingham:

A Practical Approach to Classify Evolving Data Streams: Training with Limited Amount of Labeled Data. ICDM 2008: 929-934, Mohammad M. Masud, Jing Gao, Latifur Khan, Jiawei Han, Bhavani M. Thuraisingham

A semantic web based framework for social network access control. SACMAT 2009: 177-186 Barbara Carminati, Elena Ferrari, Raymond Heatherly, Murat Kantarcioglu, Bhavani M. Thuraisingham

Secure Data Objects Replication in Data Grid Manghui Tu, Peng Li, I-Ling Yen, Bhavani Thuraisingham, and Latifur Khan, IEEE Transactions on Dependable and Secure Computing, January 2010.

SECTION 19. Cyber Security Research Center and Affiliated Labs

Cyber Security Research Center (Bhavani Thuraisingham)

http://csepi.utdallas.edu/

http://csrc.utdallas.edu/

Semantic Support and Software Professionalization Lab

www.semnticsupport.org

Data Security and Privacy Lab (Murat Kantarcioglu)

http://cs.utdallas.edu/dpal/project.htm

Data Mining Lab (Latifur Khan)

http://www.utdallas.edu/~lkhan/DMLab.html

Secure Systems and Languages Lab (Kevin Hamlen)

http://www.utdallas.edu/~hamlen/index.html

Security Analysis and Information Assurance Lab

Cloud Computing Lab

Digital Forensics Lab

http://csrc.utdallas.edu/saial_lab.htm

Section 20.MOTIVATIONAL ARTICLES

Disclaimer: I will be writing a series of motivational articles. These articles are entirely my opinion and do not reflect the policies and procedures of any organization I have worked for or am working for. These articles are not meant to give anyone advice or set the direction for anyone’s education and/or career. Nor are they meant to set policies, procedures and guidelines for one's education and/or career. I am giving my opinions based on my 30 year career in commercial industry, nonprofit think tank, federal government and academia. As I have stressed, each individual is unique and special and one size does not fit all.

1. From Industry to Government to Academia

My Story: From Industry to Government to Academia

Bhavani Thuraisingham

Dallas, TX

July 4, 2009

Through my story I hope I can motivate young women wherever they are to (i) work hard (ii) take advantage of all the opportunities in front of them and (iii) be positive, patient and flexible. To understand my career transitions from Industry to Government to Academia one has to read my life story. To protect the privacy of my family, I only give minimum information about them so as to understand my career moves. So here is my story - - - -

I was born a Tamil in Colombo Sri-Lanka (what used to be known as Ceylon), the youngest of several girls. My parents were high school educated; my father an Inspector of Excise and my mother a housewife who had a passion for mathematics. I was educated mostly in convent schools run by Irish missionary nuns, Holy Family Convent Jaffna for my primary education, then boarding school at Holy Family Convent Colombo 4, and then finished my last year and a half of schooling at Vembadi Girls High School in Jaffna. I then studied Mathematics and Physics at the University of Ceylon and obtained my B.Sc in 1975 with a first class.

My father passed away in 1971 when I was 16. Growing up female in a third world country without a father and brothers and with very limited resources was not easy. Furthermore, I had decided on an arranged marriage early on, and had prepared myself for it by studying classical western music for 10 years and getting a college degree in the physical sciences. It also meant that I did not want to travel abroad for graduate education before getting married. I was very fortunate when my maternal uncle arranged my marriage. My husband to be was eight years my senior and was finishing his PhD at Cambridge, England. My uncle’s astrologer said “it is a union made in heaven”. So we got married in 1975 when I was 20 and I was ecstatic. Soon after I followed my husband to Cambridge in May 1975, and started my graduate education at the University of Bristol where my husband had just gotten a job in the Fall. The first year was not easy, adjusting to marriage with a husband I hardly new and coping with my studies made it tough. In May 1976 we even had second thoughts. But we made it in the end. Since my husband’s position in Bristol was only for a year, I was hoping that after my Masters in Bristol I could go to Imperial College London for my PhD. Unfortunately my husband did not get a position in London, instead he got one in Swansea. This was the late 1970s and the economy was quite bad in England. Therefore after my Masters degree in Mathematics, I followed him to Swansea and started my PhD at the University of Wales. My main advisor was still at Bristol and I also had a second advisor at the University of Wales. At that time I made up my mind, determined to maximize all the opportunities offered to me instead of lamenting on the opportunities not offered to me. I completed my PhD in 1979 at 24 soon after my son was born.

At that time my husband was offered an exciting opportunity in New Mexico. While waiting for our Visa to migrate to the US, I stayed home for almost a year, took care of my son, and also taught high school Math in the evenings. While my son took his naps I wrote research papers. This was more or less the pattern for the next 3 years for me. We moved to Socorro New Mexico in the summer of 1980 and I got a position in the Computer Science department as Visiting professor at New Mexico tech. In fact I turned down a tenure track assistant professor position I was offered, even though my childhood dream was to become a tenured professor. I felt at that time that working toward tenure and having a normal family life was very hard for me. Therefore I was home most of the time and went to the university to teach while my husband took time off from his work to take care of our son. After my son went to bed I did my research. My husband then got a research position in the commercial industry in Minneapolis and we moved again in 1981. The following year was also more or less the same where I taught at the University of Minnesota and took care of my son most of the time. The times I taught my neighbor, who is now my best friend, took care of my son. Those three years, from 1979 to 1982 was a productive period. I wrote 8 papers and got them accepted in top tier journals. I was able to do that as my area was in theory of computation.

Around mid 1982 I got interested in more applied areas of computing and therefore I decided to pursue an MS in Computer Science focusing more in systems. I completed this in 1983 and landed a job at Control Data Corporation designing and developing networks and distributed systems, a complete deviation from my PhD work. It suited well with family life. My son was in a Montessori school. Even though I had to put in long hours with the development work, I was able to manage my time very well. Furthermore, 1984 was a difficult year for me personally as my mother lost her one year battle to cancer in October 1984 and my company was very supportive. By end of 1985 I longed to do more research and was fortunate to get a research position at Honeywell. This is when I began my research in data security and data management. My son was now in grade school. After five years in the industry, my husband wanted to get back into academia, and took a year sabbatical at a university in England. On the one hand that year was tough as my husband was away, but on the other hand my son and I travelled together to many cities visiting friends in NM, Broadway shows in NY, Disney land and Golden gate bridge in CA.

After his sabbatical my husband got a research position at MIT in Boston and I applied for jobs in the Boston area. I had made lot of progress with my research in data security and was offered quite a few jobs in Boston. I chose the MITRE Corporation as I had a gut feeling that it was the right place for me and I was right. The next 9 years were great for all three of us. My husband worked in Boston for 9 months and spent the summers at a university in England. My son accompanied him to England every summer. My research progressed a great deal. Several of my papers were published in premier journals. In addition, I had patents and also wrote my first book. In 1997 my son went to university and he had opportunities in US and UK and he chose to go to UK. That was very difficult for me and I missed him a great deal. The next four years I cannot imagine how I was able to focus on my work. I did manage to write more books and papers and complete projects. But my heart was not in my work. On New Year’s Day in 2001 I made a resolution to make a change that year. For the first time I felt that I had to follow my own instincts. On January 24, 2001 my friend from NSF asked me to take over her position for a year while she was on sabbatical. I said yes without even consulting with my husband. My friend lost no time and within a week had arranged for me to interview at NSF. My husband was reluctant in the beginning but said yes in the end as he wanted me to be happy. By May 2001 I was offered the IPA position at NSF for the Fall. I was very excited, but also anxious as this was the first time I was going to be alone.

I remember going to Washington in August 2001 to get my apartment and making arrangements for the move on September 30, 2001. Then came September 11^th. I was devastated as one of my sponsors from the Treasury was hit by AA#11 while going into the world trade center for a meeting. At that time I had second thoughts about going to Washington. However my husband strongly encouraged me to go. On Sunday September 30^th was a sad day for me, especially when I said good bye to my husband.

My one year at NSF turned out to be three and it was a great experience. Most weekends I went to Boston and off and on my husband would visit me in Washington. I believe that this arrangement was good for our marriage at that time and at times it was really exciting – almost like being newly-weds. Also my son had finished his education and was working in London. I was slowly accepting the fact that he had grown up, and thoroughly enjoyed shopping with him for his clothes at fashionable stores in London. At NSF I started new programs, collaborated with other agencies, was invited to give talks at the White House Office of Science and Technology Policy as well as the United Nations. I was planning to return to Boston Fall 2004, but my mentor who was at UC Berkley suggested that I should try academia. So I started exploring possibilities in academia – being a tenured professor used to be my dream. I discussed with my husband and he was very supportive. He had three criteria. The city that I chose should not be too expensive to live, had to have excellent hospitals and preferably be a hub city. I had an additional criteria – job has to be a tenured full professor. I had a few offers, but the only university that matched all our criteria including being a major hub city was the University of Texas at Dallas. It was a growing university with massive investments and I felt I could really thrive in Dallas.

I left Washington on October 2, 2004, spent a night in Boston and left for Dallas on October 3, 2004. At first it felt really odd living in such a massive and spacious city. It took me a year to get used to it. I believe strongly that Dallas is the ideal place for me. Believe it or not, I love the weather in Dallas, the people and the university. My son is now settled in US and is planning to get married to a woman of his choice; my husband now has a start up company and spends his time between Boston, Dallas and England. He is planning to move to Dallas when he retires.

You may ask, what are the lessons I have learned through life’s experiences? I am very fortunate to have led a very rich and varied life, moving from Sri-Lanka to UK to US. I have travelled the world, 31 countries to be precise, mostly to give keynote addresses at technical conferences. At times I have had many choices and at times I have had none. Through it all, I have tried my best to keep a positive attitude, to take advantage of all the opportunities offered to me, work hard, be flexible, be patient, and never lament on what I do not have. I always ask myself, what can I learn from my failures and my successes? How would I have done things differently? - and this only to improve my decisions and actions for the future. I remember my husband telling me early on in our marriage “everybody makes mistakes, the successful learn from them and the failures dwell on them”. This statement helped me a lot over the years. My mother used to say this to me often when I was growing up “little drops of water make a mighty ocean”. Therefore every step of the way, I focus on accumulating the little drops, e.g., a paper here and a book there. To me there is no ocean, it’s all in the little drops, and that gives me hope. I love planning my life, but very aware that it hardly ever works out the way you want it to, and I’m quick to adjust to reality.

And, it’s not all about work and family for me. I have many hobbies – an avid sports fan (e.g., Tennis, Soccer), enjoy comedies (e.g., Bridget Jones Diary, Coupling), like music (e.g., Beatles, Michael Jackson, Strauss, Mozart), love reading (e.g., books by Jane Austin, George Elliott), hardly miss some magazines (e.g., Harpers Bazaar, Oprah), follow world news (e.g., Economist, Financial Times) and practice mindful meditation. I have dabbled at writing romance and mystery novels without success, had visions of being an artist with little artistic talent, pay attention to my appearance as it’s very important I believe for a professional woman to look elegant, but I can never quite put it all together, and so over the years have developed my own odd sense of fashion. Every bit of it is a learning experience for me that I cherish whether it is success or failure.

Today at 54, I am more positive than ever. I can never ever look at a glass as half empty. By the grace of God, I hope I can have at least another 20 years of active working life ahead of me as there is so much to learn and so much to contribute to society. Most of all I am very grateful to my husband for having supported me through thick and thin for the last 34 years.

ACKNOWLEDGEMENTS: This article was motivated by a panel I chaired on “Women in Cyber Security” at the Secure Knowledge Management Conference in Dallas Texas in November 2008. I thank the members of my panel: Professors Elisa Bertino (Purdue University), Marianne Winslett (University of Illinois, Urbana Champaign), Csilla Farkas (University of South Carolina) and I-Ling Yen (University of Texas at Dallas).

Please visit my web site at http://www.utdallas.edu/~bxt043000 for details on my career.

You can contact me at dr.bhavani@yahoo.com

2. Why is Interdisciplinary Research Hard

Why is Interdisciplinary Research Hard?

Bhavani Thuraisingham

Dallas, TX

September 27, 2009

For those who have read “My Story” or browsed through my web site would know that I was a Program Director at NSF between 2001 and 2004. That was when I was introduced to interdisciplinary research. Before that, while I was at MITRE, all of my research was in computer science including in information security and data management. However when I went to NSF, I soon realized that interdisciplinary research was strongly encouraged. Furthermore, I was the representative from my division on programs in bioinformatics and geo-informatics. This was because Dr. Maria Zemankova invited me to join NSF as IPA and take over her programs while she was on sabbatical at NLM conducting interdisciplinary research herself. I learnt at that time that biologists, computer scientists and geologists had to work together to advance bioinformatics and geo-informatics. I learnt a lot about bioinformatics from Dr. Sylvia Spengler who was at NSF and also by managing proposals in bioinformatics. I benefited from discussions with Dr. Steve Meacham at NSF on geo-informatics.

Around 2002 I had many discussions with the acting Division director of my division Dr. William (Bill) Bainbridge who was a social scientist. Until then I had very little appreciation for the work carried out by social scientists. At that time I thought that social scientists were doing esoteric research and this research was not concrete. However discussions with Bill made me realize that social scientists did tangible research and made enormous contributions to society. Furthermore, about this time I got interested in social networks for my research on applying data mining for counter-terrorism. Therefore I encouraged proposals on the integration of social networks and data mining for my programs.

When I joined the University of Texas at Dallas, I started interacting with those from our school of management and the school of economics and policy sciences. These interactions have given us enormous success in getting awards from organizations such as NSF, AFOSR, IARPA, ONR, NASA, NGA and NIH. While there are numerous benefits from conducting interdisciplinary research, in my opinion such research can be very challenging. Here are the main reasons.

(i) Computer scientists and non computer scientists speak different languages. For example, social scientists and biologists think that computer scientists build tools to support them. However we computer scientists have to overcome several obstacles in building successful tools. We have to analyze semantics, improve performance, and make sure that the tools are usable. This is not a simple activity. Therefore we feel in general that social scientists, physical scientists and bioscientists do not appreciate us enough.

(ii) Social scientists and bio-scientists often complain that computer scientists work on toy applications. They state that Computer scientists start building the tools immediately without much consideration for the users. This criticism is a valid criticism. Because, a computer scientist is interested in the design and development of the system, we plunge into the development without understanding the needs of the application specialists.

(iii) It is very hard to publish the research results. Because our research is not pure social science or pure computer science, it is very difficult to get the papers accepted in premier conferences or journals. We often get comments that the paper is not within the scope of the conference or the journal. There are a few journals like the IEEE Transactions in Systems, Man and Cybernetics that publish the interdisciplinary papers. We need more venues for publishing such papers.

(iv) Having real world data to test the results is a challenge. This is something both the computer scientists and the non computer scientists feel is a major obstacle to conducting interdisciplinary research. Computer scientists want some data to test the tools and so any data that they can get hold of, even simulation data, is sufficient for them. However social scientists or bio-scientists will only accept the results that have been tested with real world data. It is almost impossible to get meaningful data. Due to privacy concerns it is difficult to get data about people. Corporations do not release data as their data is gold for them. Furthermore, agencies sanitize the data before releasing them. While sanitized data is agreeable to most computer scientists, this is absolutely not the case say with social scientists and bio-scientists. Computer scientists conduct experiments by randomizing and perturbing values. This is totally unacceptable to the non computer scientists.

So what should we do about interdisciplinary research? Should we abandon it? Absolutely not. For us computer scientists interdisciplinary research is the future. Here are some suggestions that we might want to follow.

(i) First be patient and try and understand the non computer scientists. Understand their needs and challenges. Do not try and push your technology into them. One size does not fit all. Therefore technology developed for say a financial application may have to be tailored for bio science applications. We may even have to develop a new technology for the bio science applications. For example financial data are very structured while say geospatial data are unstructured. Therefore we may need different tools for geospatial data.

(ii) Organize joint conferences with the non computer scientists and this will result in new opportunities to establishing interdisciplinary journals. There are very few of them now. But as we make progress in interdisciplinary fields there will be opportunities to establish new journals.

(iii) With respect to data, this is still a big challenge. However here we need to work jointly with the non computer scientists and obtain data. We need to find out from data providers what their concerns are and work together to alleviate their concerns.

(iv) Finally we may want to take certificates and courses in the non commuter science area. Here is my example. About 50% of my research is to apply data mining for counter-terrorism applications. However I know very little about terrorism. Therefore I am planning to take the online certificate course on terrorism studies offered by St. Andrews University in Scotland. This will I hope give me a much better understanding of how terrorists operate. As a result I could develop special purpose tools to catch the terrorists.

What prompted me to write this article at this time is a workshop I attended at Microsoft Research in Seattle earlier this month. This workshop was sponsored by NSF. At this workshop we discussed how we can obtain data to conduct research between social scientists and computer scents. As part of the breakout sessions we discussed the opportunities and barriers to conduct interdisciplinary research. I discussed many of my ideas that I had developed since 2001 on interdisciplinary research. I thought I would summarize these ideas so that those who conduct interdisciplinary research could benefit from this article.

I hope this article was useful to you. I would welcome comments and suggestions. Please visit my web site at http://www.utdallas.edu/~bxt043000 for details on my work. For questions, please email me at dr.bhavani@yahoo.com

ACKNOWLEDGEMENTS: This article was motivated by the NSF/Microsoft Workshop I attended in Seattle on September 9 and 10, 2009. In addition, I have had many discussions with my colleagues and collaborators at the University of Texas at Dallas and elsewhere. I am encouraging my colleague Prof. Murat Kantarcioglu to conduct interdisciplinary research. He has been very successful and has interdisciplinary projects sponsored by AFOSR, NSF, ONR and more recently NIH. My colleague Prof. Latifur Khan and I collaborate with geospatial scientists to integrate geospatial data sources. Finally I thank my colleagues at NSF from whom I benefitted a great deal between 2001 and 2004 in understanding interdisciplinary research. They are: Dr. Maia Zemankova, Dr. Sylvia Spengler, and Dr; Rita Rodriguez, Dr. William Bainbridge, Dr. Ty Znati and Dr. Steve Meacham.

3. A Day in the Life of a Computer Science Professor

A Day in the Life of a Computer Science Professor

Bhavani Thuraisingham

Dallas, TX

October 12, 2009

Welcome to the motivational articles section of my web site. I continue to write these articles based on the vast experience I have accumulated over the past 30 years in the commercial industry, government and academia in computer science/IT. It is always a learning process and a work in progress. However over the years I have learnt to manage time and get the maximum out of the little time we have. Furthermore, as one hits 50, it’s a different story. You cannot afford to do all the things you did in your 20s, 30s or even 40s. For example at 42 I used to be able to travel from say Tokyo to San Francisco and take the connection from San Francisco to London all in coach class. Now I find it difficult to travel coach even from Boston to London. Furthermore, one can work effectively only if one is healthy both physically and mentally. Therefore I take a holistic approach to work and living. Work is part of a way of life. So here is my story – how I manage the 24 hours in a day and get the maximum out of it.

Most important in my life now is sleep. Back in my 30s and 40s I used to get by with 4 hours of sleep a night. But over the years I have abused my body doing that and now I try and get 8 hrs of sleep at least. I have to do damage control. So my first advice, whether you are 30, 40, 50 or 60 please get your 8 hours. So I set my alarm to 7am and get a cup of tea and rest in bed for 15 mins while sipping my tea and plan a list for the day. Then after some morning activities, it’s time for 60 mins of Yoga. I do this with Maritsa’s DVD – 20 mins of Yoga, 20 mins of body scan and 20 mins of meditation. At 8:30 I do some serious reading/studying for an hour. This could be some important research paper or a book chapter. It takes me about 30 mins to get ready, have a quick breakfast – typically a banana, a fat free yogurt and a cup of tea. I make sure I wear a suit to work every day. As a female professor, I believe it is very important to look professional without overdoing to set an example for female students – that computer scientists are not geeks. It takes me 20 mins to drive to work.

I am now at work at 10:30am. I spend half hour checking emails, going through plans with my admin asst. and catching up with my team of 3 professors. Then from 11 to 12 it is continuation of the serious reading. At 12 I have a quick lunch - usually a piece of chicken and an apple. I drink lots of water – about 3 bottles while at work. Then in the afternoons MW I have classes, Fall I teach 2 courses and Spring I teach 1. In between classes I read professional magazines and have office hours. On Tu, Th I write papers/proposals and meet with students and my team of 3 professors instead of teaching. We discuss progress on prototypes/systems we develop, papers we have written as well as new ideas for fundamental research. Fridays are more relaxing and we have dept and school meetings that day. I also set up meetings with local industry on Fridays. I leave work around 5:30pm. I may stop by grocery store or pharmacy to get some milk or other essentials, but usually try and do all that during the weekends. I am home by 6 or latest by 6:30 and finish dinner by 7. Dinner is usually a TV dinner with lots of boiled vegetables. I read/study for an hour after dinner. I am in the gym at 8 and workout for about 50 mins with about 10 min break. I am home at 9. Then after some night activities, I do some more technical reading, the more complex the subject is the more tired I get. Its now 10:30. I have my cereal – all bran – watch a little of the night show comedies for about 15 mins. I am in bed by 11 these days.

Now the days I travel, the routine is completely different. I have done extensive travel in the past, but now I have cut back quite a bit. I am planning to cut back even more in January 2010 and beyond. However when I travel, I still try to meditate for 20 mins (without the DVD of course) and try and workout in the hotel gym for about 30 mins as my work is usually from 8 to 5 when on travel. Also summer months the schedule varies slightly as I usually do not teach, So I do lot of the book writing as well as catching up on reading technical books during the summer.

Weekends are more relaxing. My routine until 8:30am is the same for both weekdays and weekends. Then on Saturdays I plan the shopping list for the week, and then go shopping, go to star bucks with my husband for tea, spend time at Barnes and Noble etc until noon. Then in the afternoon I spend a few hours doing consulting work if I have any. Evening we may go out to dinner. I workout at home for about 30 mins to exercise video. Then around 8:30pm we watch a movie. Sunday morning after meditation, it is “meet the press” and then British comedy for about an hour. Afternoon some consulting work, do some book writing, workout at home, and also prepare for the week’s lecture.

I must confess that while I try my best to follow this routine, there are days when I slip. I love milk chocolates and vanilla ice cream. So I indulge a bit, often more than I should. There might be an interesting movie or a news show on TV that I may watch off and on. I don’t punish myself when I get out of the routine. I look at it as part of life and then move on.

So on a good week, on average I work about 60 hours, no longer the crazy 70-80 hours per week. The routine I have tried to follow keeps me very motivated, but still very calm. There are only 24 hours in a day. Therefore, as I get older, it’s important to keep that in mind, get plenty of rest, drink lots of water and eat healthily. It is crucial that I do everything I can do to reduce stress.

My career has transitioned from Industry to Government to Academia. I would say a day in the life of a computer science professor is least stressful. This is because I create my own stress. In addition to teaching I also conduct research, write books and travel to give keynote talks. This is one of the greatest advantages of being in academia. However Government and Industry also have their unique advantages. Being in the Government one can shape the research directions of the future. Being in Industry, one can develop useful products. Again my story is to take maximum advantage of the opportunities and make the most of the 24 hours you have in a day.

4. Professional Certification: Pros and Cons

Professional Certification: Pros and Cons

Dr. Bhavani Thuraisingham

March 29, 2010

Welcome to the motivational articles section of my web site. In this article I will discuss the pros and cons of obtaining professional certifications for professors.

As mentioned in my first motivational article dates July 2009, I joined academia after a 24 year career in the industry and government. Therefore while I strongly believe that conducting excellent research is of utmost importance, being a professor also means striving for excellence in education and being up to date with all of the developments in the computer industry. Computer Science is advancing rapidly. For example, much of the content for a solid grounding in Mathematics will include algebra, calculus, linear algebra and matrices, and analysis back in 1970 as well as now. Many of the principles were developed in the 16^th, 17^th and 18^th centuries and have not changed. However an education in computer science back in the 1970s and 1980s would include Fortran, Pascal, Data Structures, and Assembly Language Programming. Today it will be Java, Enterprise Java Beans, Distributed systems, and Information Security. Therefore it is critical that a professor has up to date knowledge about this rapidly evolving field.

Many of our BS and MS students will have a career in the industry as practitioners of computer science and information security. Therefore they have to get certifications in relevant topics for many of these jobs. For example, the 8570 directive of the Department of Defense has mandated every person (either DoD personnel or contractors) must be a CISSP (Certified Information Systems Security Professional). It is not easy to get this certification. There is a lot of technical material both in terms of breadth and depth and the students will have to answer 250 multiple choice questions in 6 hours. Passing this exam means an interesting job with the DoD for my students. For other jobs, certifications such as say Oracle DBA would be helpful. Therefore to remain competitive, computer science departments will have to introduce courses that would result in certifications. This means that the instructor has to be knowledgeable about these certifications. I know of many professors who can pick up a book, read and get the knowledge they need to teach some of the tough classes. However some others (and me being one) prefer some formal training. I can really focus when I know that there is an exam at the end.

My colleagues and students have asked me why I am taking certifications such as CISSP (ISC2) and Terrorism Studies (St. Andrews University). As I have explained before I do very well in a formal setting. Next I am very keen on my students who are not pursuing research careers get these certifications so that they can be competitive in the marketplace. Furthermore, these certifications also help me in my research. For example, by taking the certification on Terrorism studies at St. Andrews, I have a much better idea on the motivation, ideology and the modus operandi of the terrorist. Then I can develop more effective data mining tools to deal with the terrorists and hackers. Taking the CISSP certification makes me understand what the students have to go through so that I can better prepare them for the exam. Back in 1998 when I was a department manager at MITRE I felt that there was a need to understand the code that some members of my technical staff were developing. Therefore I got a certification in Java programming at that time so that I can participate in the development and discussions with my staff. Another area I feel is important for me is to get a much better understanding of social sciences. More recently I have been putting together interdisciplinary programs that integrate computer sciences with social sciences. Therefore an understanding of the social theories would be most helpful for my research. I have noted that as researchers we would prefer to have depth in our work and not breadth. However as educators we also need the breadth.

Now, what are the cons of getting these certifications? Its time and money. Taking classes, reading text books and doing assignments are time consuming. While it will enhance the teaching, it may have a negative impact on the research. Therefore I will not advice this plan of action for assistant professors many of whom work night and day to get their tenure or for associate professors who are focused on getting to that next level. Furthermore, for those who do teaching only because they have to, such certifications may not be worthwhile if their heart is not in it. However, if they can get the knowledge and teach students effectively without going through a formal process then its fine. It’s up to the individual.

I must say that I am really enjoying doing some serious studying for about 4 hours a week. It does give variety to the work I do. I have had many professional roles in my career including those of a researcher, educator, developer, author, project leader, department manager, program manager, principal investigator, director, consultant, and entrepreneur. Adding the role of a student to the mix makes my job even more interesting. I also find that studying gives me better focus and motivation. The positive attitude also infiltrates into my personal life and gives me motivation to eat healthy foods, meditate and workout daily. Most importantly it helps me in my personal roles as a wife and a mother.

Acknowledgement: What prompted me to write this article are the questions that a bright young female PhD student asked me about my career when I visited the University of Louisville last Friday to give an invited talk. I thank Ms. Esin Saka for her questions which have encouraged me a great deal.

5. Protecting Our Children In Cyberspace

PROTECTING OUR CHILDREN IN CYBERSPACE

Dr. Bhavani Thuraisingham

May 5, 2010

Today I would like to write something that is very dear to me and that is protecting our children, the most vulnerable in our society. This article was motivated by the panel in which I participated at the East West Institute’s (EWI) First Worldwide Cyber Security Summit held in Dallas Texas May 3-5, 2010. Ever since I became a mother thirty years ago, I have been passionate about this topic. In the early years, I was concerned about preventing dangerous events like kidnapping and abuse and more recently I have been exploring ways to protect children in cyberspace. My eighth grade teacher, Rev. Sister Regis, repeatedly instilled into us girls – “the children of today are the citizens of tomorrow”. We need to take our duties and obligations as adults, parents, teachers and lawmakers very seriously and protect our children.

I was fortunate to be invited to participate in a panel at the National Academy of Sciences chaired by Hon. Richard Thornburgh, former Governor of Pennsylvania and former US Attorney General in 2000. My first talk to this group in July 2000 was on the application of Data Mining to detect Pornography on the Internet as well as discussing the privacy implications of data mining. Note that we are talking about 2000 when Internet was still in its first generation. We did not have online social networks. We were only beginning to have chat rooms. So from the technology point of view, it was the “old days’. So my talk was on classifying images using the classification techniques in data mining to determine whether an image was inappropriate or not. In fact, Professor Gio Wiederhold of Stanford University was also a member of this panel and he gave a very interesting talk on this topic. I also talked about the privacy problems that could arise due to data mining. Note that this was two years before DARPA’s Total Information Awareness program and a year before 9/11.

I attended the press conference held in 2002 on this effort. However, I noted that within 2 years, technology had advanced rapidly. Therefore, many of the things we were looking at in the year 2000 were somewhat obsolete. I was also quite disappointed to watch a program on a PBS station a few weeks prior to this 2002 event about so little being done about preventing pornography being displayed on the Internet. In fact, I mentioned to Hon. Richard Thornburgh that one way to prevent children from watching pornography on the Internet was to stop pornography on the Internet entirely. Now thinking about it, I was rather naïve at that time. Some estimate that it is now a $20 billion industry (likely in the US alone) and near impossible to stop it. There is too much at stake for too many parties.

So now we are in the year 2010 with significant advancements in online social networks and gaming technologies. Furthermore, we still have not solved the problem of protecting children from inappropriate content on the Internet. The meetings I attended the last two days gave me several new ideas on how we could proceed. We have many challenges including the following:

Exploiting Children in Cyberspace: Here adults use children as porn objects and make money. There are strict laws against this in many countries. But still this horrible activity is being carried out. Even more dangerous, children are being lured by adults via online social networks and raped and murdered.

Bullying children in Cyberspace: We have heard of cases where children have committed suicide due to cyber bullying. We heard of the girl who committed suicide in Boston in January 2010. We also heard of the mother of a girl bullying another girl via a social network site and drawing the latter to suicide. Still the bullies are walking away free in many cases. This is absolutely unacceptable in a civilized society.

Corrupting Children in Cyberspace: Viewing pornographic material can be terribly disturbing to children and even to many adults. Violence in movies including violent games on the web can also be very disturbing. These images could have long-term psychological damages and these very innocent children could turn into rapists and murderers when they grow up.

Distracting Children in Cyberspace: We are talking about the gaming industry. Many children are addicted to games and this is causing them to lose sleep and get failing grades. The long term effects of this are enormous to our society. In fact a former FCC (Federal Communications Commission) commissioner mentioned to me that he/she was taken on by the gaming industry.

While Cyberspace can be terribly detrimental to our children, it is also the greatest resource for our children with respect to Education, Entertainment, Enlightenment and Evolution. So many good things can be learned from the web, such as information about places, people and things. Online social networks in some ways have been great for society especially keeping in touch with friends and family. Children, through good education in cyberspace, can evolve into responsible adults. Therefore, we cannot go back to 1900, 1950 or even 2000. So the challenge is how do we move forward and take advantage of all the great technologies we have today and still have a safe society?

The answer is in the three or more P’s: Policies, Parental Control, and Privacy. Policy makers have to work with lawyers to develop appropriate policies and laws for Internet use. In fact, at the EWI summit, there was a discussion about an Internet Passport. It was stated that when we travel abroad we have to carry passports. Yet in cyberspace there is no such passport. Without a doubt, policymakers and lawyers have a critical role to play. However, I feel that there is this perception that due to technology changes, we should not be focusing on technology as much. This is completely a wrong approach to take. Without technology we would not have had cyberspace. Therefore, without technology we cannot secure the cyberspace. We can have the best policies, procedures, and laws. But we need appropriate technologies. That is everyone has a critical role to play.

Parental control is a must. Parents, teachers and law enforcement have to work together and share as much information as possible. Many of us are working on assured information sharing for organizations such as the DoD, Intelligence Community, DHS and DOJ. However we must extend this to the Department of Education also. I believe that parents have to provide the primary control for the children in cyberspace. This means parents have to be intimately involved with what their children are doing in every aspect. Parents have to spend time with their children – not have babysitters raise their children. There are many viewpoints on this from psychologists. I know that some would be furious about strong parental controls, but we need such controls. I strongly believe in children’s rights. Children should not be beaten or punished. However, children should be protected and therefore parental controls are critical for the privacy and protection of the children.

It should be noted that often parents are proud for their children’s accomplishments and they post information about their minor (under 18) children on their web sites. I believe that this should be a strict no-no, unless at the very minimum the files are password protected. Then the question is what should the passwords be?.They should be complex enough to make them nearly impossible to break. I would love to post information about my son’s accomplishments, (and he is now an adult) but I will not. My husband is even stricter than me about this. The parents who are posting information about their minor (under 18) children are exploiting their own children and essentially telling the predators, “molest my child”.

The third P is Privacy. At the meetings the last two days, one young university student said that she has solicitations from those outside her circle to be friends with her. She does not like this aspect at all. I see children divulging many aspects of their lives and even the most intimate details about them in their Face Book pages. This is a complete disaster. Therefore, we need to educate our children about these dangers, be vigilant and of course have appropriate privacy controls.

So what then is the role of technologists? They are crucial. They are the ones who have to ensure appropriate privacy controls. For example, in addition to direct privacy violations, we also need agents that will monitor what the children enter, reason about the information and determine whether there could be unauthorized inferences. If so, the agent must inform the child and perhaps even the parent. A recent article in the Boston Globe (September 20, 2009) talks about various initiatives on privacy of online socials networks. In the project Gadar at MIT students were able to predict whether a person was gay or straight from his/her web pages. In the project at the University of Texas at Dallas researchers were able to predict political affiliations from Facebook pages. In the work at the University of Maryland he researchers were able to make some predictions about attacks on social network pages. These works show that data mining on Facebook pages can reveal many things about many people. In many cases we don’t even have to do data mining. Just reading the Facebook pages can give us highly sensitive information. Therefore, we need to develop appropriate technologies to prevent the general public from making unauthorized inferences that can violate the privacy of individuals.

Another technology that can help a great deal is intelligent firewalls. I believe that this has to be a must. Any image that passes the firewall that is deemed unacceptable should be removed from the traffic. The question then is what about the pornographic material watched by adults? I believe that this has to be discarded also by the firewalls unless there is a way to separate the adults from children. I believe that parents have to make sacrifices for the sake of their children.

The group at the EWI summit also spent quite some time discussing cyber bullying. While some felt strongly that profiling can be dangerous as innocent people may be profiled, they agreed we need ways to profile bullies by interviewing law enforcement, teachers and even the children. I believe that we need to gather as much information about them as possible and install agents that could detect bullying and immediately disconnect the perceived bully’s account. Now this could violate civil liberties, but I would rather this happen temporarily than a child committing suicide.

Finally, I cannot stress enough the importance of education. We need adults to be educated on child psychology. This could be through universities, community colleges, nonprofit organizations and yes, even online. Adults need to have a good understanding of what it means to raise and educate children. If the adults are educated in child psychology, sociology and health issues, then perhaps we might have less violence and abuse against children which might lessen the dangers in cyberspace. Religion could also play a role here.

Remember our children are precious, they are our future. As citizens of our respective countries and as citizens of the world, we owe it to ourselves, our children and the world communities to not only raise well-balanced children but also it is our duty to protect them as much as we can. Let us work with organizations such as the East West Institute, the United Nations, Save the Children and many others to make this happen. Recently, the US First Ladies have taken child causes as their platforms and this is great. Hillary Clinton (current Secretary of State) wrote a wonderful book “It Takes a Village” to raise children. Laura Bush took on early childhood education as her platform. Michelle Obama has taken on obesity against children as her platform. All are very worthy causes. Hopefully our current or the next First Lady will take on the protection of children in cyberspace as her platform. We need celebrities like Oprah Winfrey and Angelina Jolie to do more in this area. They have devoted a lot of their time and money to children’s causes. We also need people like them to take on “Children in Cyberspace”. It now takes a World to raise children. Every citizen of the world must do his or her part to save our children in cyberspace.

6. Computer Science Careers in the Global Economy

Computer Science Careers in the Global Economy

Prof. Bhavani Thuraisingham

May 10, 2010

Computer Science (CS), also popularly known as Information Technology (IT), has enabled numerous individuals all over the world to have highly successful and lucrative careers. The field started in the 1960s and became popular in the 1970s and1980s and sky rocketed in the 1990s with the dot com boom. In spite of the dot com bust, it continues to produce a significant number of jobs in numerous fields. However, with globalization, outsourcing and the emergence of China and India as powerhouses in information technology, the opportunities for IT specialists are changing rapidly. Today I would like to share some of my thoughts with you on the opportunities and challenges that computer scientists have in the global marketplace. I strongly believe that we cannot have CS/IT education as usual. We need innovative ways to educate our students in CS/IT, especially in interdisciplinary programs, so that they can be effective and thrive in an extremely competitive global marketplace.

First let us look at the history of computing. While many credit Charles Babbage and Ada Lovelace as the Father and Mother of Computing for the development of the early mechanical computers in early 19^th century, electronic computing was born around the 1930s and 1940s. The work of the greatest minds in logic including Kurt Gödel (incompleteness Theorem), Alonzo Church (Church’s Thesis) and Alan Turing (Turing Machines) resulted in exploring the theory of computability which in turn resulted in the von Neumann machines of the 1940s. Soon after that, corporations such as IBM were formed followed by Control Data Corporation and Digital Equipment Corporation. Powerful mainframes were used for complex numerical computations to support scientists and engineers in the 1950s and 1960s. Then in the 1970s and 1980s, there was a revolution in computing with computers being used to store records, textual data and eventually multimedia data. Numerous computer science departments were set up in universities throughout the world and those who had their undergraduate degrees in other fields including even arts and humanities took conversion courses and subsequently got their masters degree in CS and had successful careers in IT, With the numerous opportunities not only in computer corporations but also in applications programming, there just was not enough supply of CS/IT graduates in those days. While there were some ups and downs in the computer industry in the late 1980s and early 1990s, the advent of the web and the Internet increased the demand for IT professionals a great deal in the late 1990s. Even those with English majors with some programming knowledge got into high paying IT work without knowing the fundamentals of computing. However, the dot com bust, together with jobs being outsourced to countries like India, made the computing community more realistic and focused. With the advent now of web 2.0, social networking and the application of computing in numerous fields, as well as non-computer scientists taking up in programming, we need to develop novel programs for computer scientists. In the next few paragraphs, I will discuss my opinions of how we could devise novel and interdisciplinary programs in computing.

First of all, a computer scientist should have a solid understanding of the essentials. Therefore, every computer scientist must learn the following subjects: Algorithms and Data Structures, Computer Architectures, Automata Theory and Formal Languages, Theory of Computation, Operating Systems, Database Systems, Programming Languages, Assemblers and Compilers, Computer Networks and Distributed Systems, Artificial Intelligence, Software Engineering, Systems Modeling and Analysis and Information Security. These are what I call hard-core computing subjects and should be part of every CS curriculum. Furthermore, more advanced courses of these subjects can be offered for graduate degrees in CS in addition to some specialized courses. For example, those wanting to specialize in information security should also take some additional courses in Network Security, System Security, Data and Applications Security, Digital Forensics, Vulnerability Analysis, Web and E-commerce Security, Cryptography, Governance and Risk Analysis, Business Continuity Planning, and Legal and Policy Issues among others.

The question then is: are the courses described in the previous paragraph sufficient for a CS education? I believe that while these courses may have been sufficient for a CS education back in the 1980s and 1990s, in today’s competitive world with increasing number of non-computer scientists excelling in programming, CS grads should also have a minor in a second field (e.g., science, engineering, finance, arts, medicine, sociology, psychology, or law among others). Note that interdisciplinary research and education is becoming key to having successful careers. For example, a person in healthcare IT should not only have a strong IT background, but he/she must also have a solid understanding of healthcare issues. Therefore, a certificate, minor or even an MS in healthcare would be highly desirable.

Since I am most interested in integrating computer sciences with social sciences, I will give my views on what a PhD in CS/IT should do with respect to social sciences if he/she wants to work in say social informatics. First of all, the CS/IT education should include all the courses I have mentioned earlier. In addition, for analyzing social data, the person should have a solid background in the following IT areas: Data Mining/Machine Learning, Semantic Web, and Information Retrieval. An MS in social sciences would be ideal. The student should have a good knowledge of the following topics: Probability and Statistics, Economics, Social Theories and Methods, Sociology Principles, Risk Analysis and Supply Chain, Organizational Learning Theory, Game Theory, and Policy Management.

Gone are the days when a CS degree with the core subjects is sufficient. Corporations and even Universities are now looking for people who can not only excel in IT, but those who have excellent domain knowledge. Before the banking and financial crisis in 2008, typically investment banks hired IT folks, traders, and business specialists. The business specialists would go back and forth between the traders and the IT folks. Now traders are expected to know some IT. More importantly, IT folks are expected to carry out the functions of the middleman. This means the IT folks must have an excellent understanding of the business processes and finance issues.

My mentor, Prof. C. V. Ramamoorthy, mentioned to me last week “Mathematics is the Queen of Science. CS is the Queen of Engineering”. However, I believe that CS/IT is rapidly becoming the Queen of Queens or perhaps the King of Kings. IT has invaded every aspect of our lives – whether it is healthcare, finance, banking, accounting, security, energy or environment. We cannot have expertise in a stovepipe fashion. That is, expertise has to be well-integrated. To accomplish this we need a strong CS/IT education with a solid understanding of the application domains. Therefore, whether the person is a BS, MS or a PhD in CS/IT that person must have a minor, certificate, an MS or even a PhD in the application domain. Examples include PhD in CS with a JD, PhD in CS with an MD, PhD in CS with a Finance MS/PhD, PhD in CS with a MS/PhD in Social Sciences, or a PhD in CS with a MS/PhD in physics (e.g., for work in the high powered fields in nano technology or quantum computing). With such an education, we in the US will be in an excellent position to innovate and make breakthroughs and this will possibly alleviate the worries and concerns we have about programming jobs being outsourced. Therefore, our education should not be rushed. We need to plan about 10 years of education at least starting at 18 and some of this education should be in the form of industry experience. We need very strong public-private-academic partnerships to make our next generation of CS/IT grads extremely successful and competitive in the global marketplace.

I believe that globalization is here to stay. We cannot now go back to the post-war era (1950s) or even the pre-web area (1980s) Therefore, companies will continue to outsource to show profits to the investors and please their boards of directors. Therefore we have to be several steps ahead and ensure that our children and grand children are properly and truly educated so that they need not fear globalization, outsourcing and immigration. As President Franklin D. Roosevelt has so eloquently put it: “the only thing we have to fear is fear itself.” We have to bravely face the challenges of the global economy by getting the best education we can possibly have. Furthermore, the focus should not be on just getting degrees. We should have a very strong appreciation of the areas we get into and take our education very seriously and acquire true knowledge. Every move we make should have a strong purpose that will take us closer toward our vision and goals and ultimately serve our nation and help humanity.

I would like to leave you with the famous quotation of Sir Francis Bacon “Knowledge Is Power”. As stated in its wiki entry, “The famous phrase scientia potentia est is a Latin maxim - For also knowledge itself is power - stated originally by Francis Bacon in Meditationes Sacrae (1597), which in modern times is often paraphrased as "knowledge is power." The phrase implies that with knowledge or education one's potential or abilities in life will certainly increase. Having and sharing knowledge is widely recognized as the basis for improving one's reputation and influence, thus power. Sir Francis Bacon was truly an interdisciplinary researcher and visionary. As stated in his wiki entry, “Francis Bacon, 1st and Only Viscount of St. Alban, KC (22 January 1561 – 9 April 1626) was an English philosopher, statesman, scientist, lawyer, jurist and author. He served both as Attorney General and Lord Chancellor of England.

7. Having a Productive CS/IT Career at Every Age: in Your 20s, 30s, 40s, 50s, 60s, and 70s!

Having a Productive CS/IT Career at Every Age: in Your 20s, 30s, 40s, 50s, 60s, and 70s!

Motivation: After having completed my previous article about computer science education, I thought I would follow it up with an article on how to make the most of your education and have a great career at every age. I got the idea from one of my favorite magazines – Harper’s Bazaar. Every year there are some issues, especially in June, devoted to articles on “Fabulous at Every Age” which range from skin and hair care to clothes to accessories for women. In fact, Jenny Barnett and Nandini D’Souza wrote a book on this topic in 2009: Harper’s Bazaar Fabulous at Every Age: An elegant and lively guide showcasing the great styles of women in their 20s, 30s, 40s, 50s, 60s and 70s. Therefore, it is only natural that we also add “Fabulous Career” to the Fabulous at every age series.

Background: Back in the 1940s (the start of the baby boom), I doubt whether many articles would have discussed about having great skin in your 70s, but now they do. Similarly back in the 1940s, I doubt whether there were many articles on how to have great careers in your 70s, or even in your 60s for that matter. Thanks to technologies and innovations in medicine, we now live longer and hopefully healthier lives. Therefore, we can discuss not only having great skin and hair in your 70s, but also talk about great careers in your 70s and who know even in your 80s. However, since I am planning to work until my late 70s – of course if health permits and if I am still alive – I thought I will write about careers starting in your 20s until your 70s. Now, it does not mean you can’t have a career starting in your teens. However, if you read my previous article you will see that I stress a lot on education. So if one is to get anywhere between 5-10 years of education, then it is unrealistic to get all of this in your teens. So here are my beliefs, again based on my vast experience, on how you can enjoy your career throughout your life.

Words of Caution: I would, however, like to caution the reader. Career does not depend entirely on the individual. During school it depends on the parents and the family life. One cannot expect a child to excel in school when his/her parents fight like cats and dogs or even worse abuse the child. Similarly, it is difficult to excel at work when you are fighting with your spouse and having shouting matches and even worse - getting abused. Therefore, success in education and career depends a lot on the environment. Furthermore, gender and race may also play a factor in one’s education and career. Finally, loss of a loved one, divorce in the family, illness or financial difficulties will also likely have a tremendous impact on one’s education and career. Therefore, when I write about “Career at every age”, I am not taking into consideration any of these issues as these issues vary from individual to individual. Another point of caution is that I am writing this article entirely based on my life experiences which include a 30 year career in industry, non-profit think tank, government and academia (and a 35 year marriage). Furthermore, while I try my best to be gender neutral, I am a woman and therefore women might relate better to what I write. I also believe that one size does not fit all. Therefore CS/IT folks may relate better to what I write. I would like to point out that while there are excellent business schools that train people to excel in business work, many of the outstanding professors have not had the experience going through a career, say, in industry or in government. As a his/her industry and get their tips and advice for a great career.

Having said all this, here are my thoughts on a “Productive Career at Every Age” (I really don’t like to use the word “fabulous” career at every age).

Your 20s: If you read my previous article, I stated that you need to do as much studying as possible during this decade. But it’s not all about studying, do some teaching and also get some industry experiences, either as interns or a two year experience. Also learn as much programming as possible and learn the latest technologies. So if it were today, then I would learn all technologies such as J2EE (Sun/Oracle), dotNet (Microsoft), Hadoop (Apache) and MapReduce (Google). Theory combined with practice is essential for a successful career in CS/IT. It would be difficult to find the time later on in your career to learn all the details, so this is the time and make the most of it. Also, once you have mastered the concepts of systems, networks as well as application programming, you can pick it up in your 30s, 40s and beyond without much difficulty.

Your 30s: This is really a glorious time. One should not get obsessed about getting those promotions and rushing into management. This is the time you can really learn on your job. Learn to do great research if you want an academic career. Get a mentor with whom you can click. Learn from your seniors and the project leaders. If you are given an assignment, it is just not enough to do a good or very good job. You have to go above and beyond your assignment. For example, if you are asked to be part of a team to design a database system, learn about all the query processing and transaction management strategies out there. Learn how to differentiate between the good algorithms and bad ones. Learn also how to architect the systems. Even if you are not a system architect at this stage, learn from the architect. This is also the time perhaps you can afford to make some mistakes provided you learn from them.

I will give some examples. I was at Control Data from ages 28 - 30. My assignment was to design and implement the network, transport, session and memory management layers of the CDCNET product for the Release 1.0 that was scheduled for December 16, 1985. I learned a lot during this time. Not only did I master how the network, transport, session and memory management protocols worked, I also had a very good understanding of the entire CDCNET product. Every day I set aside two hours to learn everything that was going on with CDCET by reading other design documents. But I never forgot what my main responsibilities were. This means you have to be much focused and not try and be a master of all the modules. Learn about all the modules, but be the expert on the specific modules assignment to you.

If you are on a research career, learn to be an excellent critique of your own work. Critique other people’s work instead of accepting what is said. However, be very constructive. Don’t try and find fault with what others are doing. There is always something to learn from others. See if you can improve on your work and the work of others. You have to be extremely knowledgeable about the state of the art in order to improve on the current research. Try and collaborate with the top experts. This means you have to offer them something, such as working out all the details and the implementation, that they cannot get elsewhere. Note also, every step of the way, make valuable contacts and do keep in touch with them as long as you can. For academics, tenure s also during this period. The important thing is not to panic, but to work hard and be consistent.

Your 40s: You now have a great education and worked for about a decade doing excellent technical work (to the best of your abilities). So what should be your next move? This is the time you can get into management if you really want to. The late 30s would also be an OK age, but not before that as many people don’t have the maturity to manage people in the early 30s (there may be a few exceptions). Sometimes you may think you are not good at management, but you will not know until you try. This is the million dollar question. Should you get into management even if you do not have the confidence? If I had not had the personal experience I would have said no, but now I will say maybe. I was just turning 40 at that time in 1995 when my mentor at MITRE (Mr. Henry Bayard) essentially thrust me into management. When a few of my colleagues expressed concern (whether genuine or not I will not know), Henry was firm and said I will do an excellent job. Even when I mentioned to him that I was not sure, he said yes you will make a great department head. So I managed a department of about 28 staff. Within a year into management, I felt I was very good at it. While I do have strong opinions and want to have my way at times, I am very much a people person and an eternal optimist. Now at that time my management mentioned that perhaps I should get an executive MBA. Now looking back I should have taken that opportunity. However, my son was going into 11^th grade that fall and so I wanted to focus on his education, plan with him his AP subjects, and his college applications and so I put it off. That opportunity never came again. So in your late 30s or early 40s is about the time I believe one should get an MBA to strengthen the management experience. The question is should it be a one size fits all MBA or should it be specific such as healthcare management, defense management, non-profit management? I believe now that the latter would be better. Management in finance is not the same as management in healthcare and that is not the same as, say, getting into senior administration at a university.

What have I learned from my management experience? One thing is certain; while I was a manager for four years, and moved on to more of a lead technical role after that, this management experience has been invaluable for my work at NSF and being a leader in academia. So in my opinion it would be good for someone in his/her early 40s to try a management or even a project leadership role and master the art of putting together large technical teams. However, never give up your technical strengths. This means writing articles, perhaps at a higher level, and also keeping up with all the developments of technology. Remember technology changes rapidly. So if you were an excellent C programmer in the 1980s, that does not mean you will be an excellent Java programmer in the 1990s or program with the open source tools in the 2000s. If you are in academia, this is the time to expand from writing single PI proposals to putting together large team proposals such as a MURI or a center scale proposal.

You are still young in your 40s, but not as young as, say, a 32 year old. You also may have teen-aged children and they can be trying. You still need a good mentor, but at this time you may want to begin mentoring junior people (e.g. the 32 year old). This is also the time when you need to focus on marriage because I have noticed that many couples get into a routine and forget the important things in a marriage. I was taught at MITRE that you have to “keep your sponsor happy and make your sponsor look good”. I also strongly believe that you have to “make your spouse happy and make your spouse look good”. So this decade can be tough, but if you can overcome the challenges and make the most of your strengths and improve on your weaknesses, you can really become a winner in your 50s and beyond.

Your 50s: This is the time to consolidate your 20+ years experience and become a valuable resource to the community. You can start writing books in your fields, try and get some prestigious awards (e.g., in CS/IT it would be say an IEEE Fellowship) and be called upon by the government and the international community to be an expert. This also does not mean that you neglect your technical work. It is also time to brush up on your math and perhaps take some courses (e.g., certificate programs) that will help you in your career. Especially if you are in the CS/IT field and if you work in say database systems or networks, you are now in the fourth or fifth generation in terms of technologies, so you have to be on top of things. You are still relatively young and can have a full work schedule. Also your children will likely be away in college or even married and so you have more time for your work. You can also initiate your startup company and develop it and make it a success (provided of course the economy is conducive to this). This is also the time to get into senior management (e.g., CEO, Dean, and Provost etc.) and put together mergers and acquisitions between corporations.

Your 60s: This is the time when people tend to fall ill. No one can ever predict the future and sometimes you can do everything right (eat plenty of fruits and vegetables) but for some reason (e.g., bad genes), you could fall ill. Remember health is most important and so we have to do whatever we can within our power and means to stay healthy. Assuming that you are healthy, what should you be focusing on? During this stage, you are considered to be an expert. But there always the younger ones coming up. The last thing you want them to think of you as is “old” and a “has been”. This is the time you want to expand your mentorship to many junior staff and faculty and get their respect and admiration. In addition, you can really expand on your teaching. Then junior faculty has to focus on research to get tenure and promotions. You would take the burden away from them perhaps by teaching more courses and certificates. You can be a very valuable resource to the company or the university as you now have 30+ years expertise and experience. You can also be the person that the government comes to for technical advice, the go-to person. Many of you will likely be grandparents during this stage and so playing and teaching your grandkids together with focusing on you work can be very enjoyable. You can also combine academia with consulting. During the early part of the decade you can continue assuming senior management roles such as CEO and president and put together multi-national consortia.

Your 70s: If healthy, I believe that you can be really productive at this stage also. You can continue to teach, supervise research, do some consulting and hand over your company to your son or daughter or to your mentee, and perhaps continue to stay on the board. Your grandchildren will probably be graduating from high school and so you can enjoy family events. Continue to be a valuable resource to the university or to the CEO. Take on more administrative jobs like associate dean (provided there is not too much stress) and help everyone around you. What better way to top it all with a great 80^th birthday party on the day of your retirement!

Final Thoughts: Now, some would read the article and say “what is she writing? Life is not so simple”. I fully agree. This is why I mentioned early on that every individual is unique and special. Therefore, while I have given some general guidelines, they have to be tailored to meet the needs of an individual. For example, women go for tenure in their early to mid 30s. Today, this is also the common child-bearing age. This means they may have to put their career on hold for a couple of years. Unexpectedly, you may get cancer in your 40s or heart disease in your 50s. The important thing is to never get obsessed with your career. It’s OK not to get that promotion. You have to learn to enjoy what you are doing. If not, try and move on to do other things (change of company or even career or do a PhD). It is not difficult to create an interest in what you are doing. I have taken on jobs that my colleagues thought I was crazy to do. But I always tried my best to develop an interest in the topic and make it a success. If you can put your mind to it, you can do it. For many of us, work is not a choice, it is a necessity. This makes it harder to enjoy one’s job. I try not to think about the necessity part and focus on the work itself and not about the money. Money will come if you do good work and make yourself valuable to your company, agency or university. You will also note that I write a lot about your career in your 30s and 40s. This is because I have completed these two decades and can draw on my experience. I am still in my 50s and so have yet to see how my career evolves in my 50s, 60s and 70s.

Also note that I have stressed not to rush your career. Getting promoted well ahead of your time is not good in the long run; it may even be a bad thing, as you may stagnate later on. You have to learn your current job thoroughly before moving on to the next one. This means to thoroughly understand say how data mining systems function and learn to program applications in your 30s; manage say data mining pilot projects in your 40s, start your own data mining service company in your 50s, sell your company to a large company (e.g., Oracle or Microsoft) in your 60s, and teach data mining courses in your 70s. I believe that there is always a time and a place for everything. You have to take things step-by-step, but build assets as you move along. Just like we start accumulating financial assets, we have to start accumulating intellectual assets step-by-step. As I write in one of my previous articles, it’s a paper here and a patent there, a book here and a speech there. They all add up.

Remember the famous statements: “Little drops of water make a mighty ocean.”, “Knowledge is Power”, “Where there is a will there is a way”, “Everybody makes mistakes, the successful learn from them, the failures dwell on them”, “Slow and steady wins the race”.

Disclaimer: Please read the disclaimer in the motivational articles section of my web site.

I. EDUCATION

V. RESEARCH ACCOMPLISHMENTS

UTDallas Press Releases

Cyber Security Research Center at UT Dallas Tops $1 Million in Funding

UT Dallas Researchers to Play Key Role in $7.5 Million Department of Defense MURI

UT Dallas Leads $2.2 Million Effort to Build Secure Information Grid for the U.S. Air Force

NSF Grants to Help Create Next-Generation Web

Data Mining for Flight Safety

Prof Gives Keynote Speech on Data Mining and Privacy

Advances in Data Safety Drawing Wider Attention

Smarter Searches: Technology Merges Images, Data and Knowledge

Security Researcher Lands Defense Scholarship

Researcher Lands Computer Security Grant from Air Force

NSF Award Funds Data-Privacy Research Project

Cyber Security Conference Planned For April 20-21 at U. T. Dallas

Symposium to Feature Leading Researchers, Policymakers

Having said all this, here are my thoughts on a “Productive Career at Every Age” (I really don’t like to use the word “fabulous” career at every age).