Selected Projects.
 |
|
Secure Provenance in High-End Computing Systems.
Designing secure provenance mechanisms for high Performance Computing and Clouds.
Sponsors: NSF CCF 0937833
Research:
2007storagess-provenance,
2009sprov-fast,
2009remembrance-cidr,
2009sprov-usenix-login,
sion2009sprov-tos,
sion2010tapp
|
|
|
|
Secure Sensing.
|
|
|
|
CAREER: Practical Privacy for Outsourcing Systems.
Mechanisms for secure data outsourcing, private information retrieval and oblivious transaction processing.
Sponsors: NSF CAREER CNS 0845192
Research:
2006pir-panel,
2007pir,
2007sdo-chapter,
2007ns2demo,
2007sdo-tutorial,
2008pir-ndss,
2008pir-ccs,
sion2009otp-ndss,
sion2009ccsw,
sion2009mitT3,
sion2009mitTR2,
sion2009mitTR
|
|
 |
|
The Stony Brook Trusted Hardware Lab.
The THL (established in the Fall of 2007 as part of the NSAC Lab)
constitutes a central academic expertise and research knowledge repository
on secure hardware, a nation-wide first of its kind. It will support
community-wide educational and research activities, and provide direct hands-on
or networked access to remote or visiting research community members. Plan to
visit ? Do not hesitate to contact us.
Sponsors: NSF CRI
CNS 0708025, IBM Cryptography Software Group
Research:
2008hardware-tutorial-usenix,
2008hardware-tutorial-ccs,
2009hardware-tutorial-oakland
|
|
|
|
cDB: Strong Regulatory Compliant Databases.
Regulatory compliance for relational databases
Sponsors: NSF IIS 0803197,
CRI CNS 0708025
Research:
2007sdm-health,
2007storagess-provenance,
2009sprov-fast,
2009remembrance-cidr,
2009sprov-usenix-login,
sion2009sprov-tos,
sion2009compliance-chapter
|
|
 |
|
NS3: Networked Secure Searchable Storage with Privacy and Correctness.
Robust, efficient, and scalable content-search mechanisms for networked data
storage with confidentiality, search pattern privacy, and data retrieval
correctness.
Sponsors: NSF CNS 0627554,
CRI CNS 0708025
Research:
2006pir-panel,
2007pir,
2007sdo-chapter,
2007ns2demo,
2007sdo-tutorial,
2008pir-ndss,
2008pir-ccs,
sion2009otp-ndss
|
|
 |
|
Secure Document Management.
Infrastructure for document management with secure provenance assurances.
Sponsors:
Xerox
Research:
2007storagess-provenance,
2009sprov-fast,
2009remembrance,
2009sprov-usenix-login
|
|
|
|
SecureWORM: Strong Regulatory Compliant Storage.
A regulatory compliant store with guaranteed data
retention and deletion, quick lookup, and compliant migration.
Sponsors: NSF CNS 0716608,
CRI CNS 0708025
Research:
2008worm-icdcs,
2007worm-chapter,
2007worm-tutorial,
2007sdm-health,
2007storagess-provenance,
2007eds-WORM
|
|
 |
|
Personal DRM in cellular contexts.
User-level DRM controls for content access, data integrity and rights management in cellular contexts, enabling
enforcement of ORCON-type policies.
Sponsors: Motorola Labs
Research:
2007drmdemo,
2009drm
|
|
|
|
Secure Location Certification for Sensor Networks.
Achieving Assurances for Location Claims for Sensor Network
Data Flows in Hostile Environments.
Collaborators: Jie Gao, Sol Lederer
Sponsors: CEWIT
Research:
2009sensors,
2008sensors,
2007sensors
|
|
 |
|
SQi: The Secure Query Interface.
A secure extension to a legacy query interface to allow for proofs of query execution,
correctness and completeness. It is extensible in that it allows for arbitrary plugins
to be written for additional expression ability (e.g. a constraint plugin that could
be used to handle privacy constraints and enforce inference controls). It allows for
access to any arbitrary (set of) remote data sources.
Research:
2005sdo-vldb
|
|
 |
|
IBM Almaden (2004)
In the On Demand and Grid Computing Group,
at the IBM Almaden Research Lab I
was responsible for designing and implementing a data-aware grid scheduling infrastructure.
Research:
2004xg-icdm,
2005xg-jsspp,
2005xg-dexa,
sion2006xg-edbt
|
|
|
|
Rights Assessment for Discrete Digital Data.
A foundational framework for Digital Rights Protection through
Information Hiding, an important part of my doctoral dissertation.
Research: 2002:NLW,
2002nrwm,
2002wmpower,
talks,
ONR Proposal,
CERIAS Proposal,
Proposal NSF,
CERIAS TR 2002-30,
CERIAS TR 2001-54,
2002wmdb-sigmod,
2002wmbounds,
2002wmss,
2003categorical,
2003wmdb-icde-demo,
2003wmsensor-VLDB,
2004thesis,
sion2006wmdb-tutorial
|
|
 |
|
NEC Internship (Summer 2003)
My work at NEC Research in Cupertino. I work on
security and monitoring for Web Service Business Workflows.
Research: 2005wsmon-icws
|
|
 |
|
WMDB: Relational Database Watermarking.
A novel theory and proof-of-concept software implementation
for watermarking and information hiding in a relational data
framework. It includes a user-friendly GUI and enables remote
access to any arbitrary SQL database.
Research: 2002nrwm,
2002wmpower,
CERIAS TR 2002-28,
2002wmdb-sigmod,
sion2003categorical,
sion2003wmdb-icde-demo,
2005wmdb-chapter,
2007wmdb-chapter
|
|
 |
|
MATRIX. Peer to Peer CPU Sharing.
Matrix aims at using Peer to Peer computing in sharing CPU cycles.
Not finalized due to lack of time. Material for the future.
|
|
|
|
NEC Internship (Summer 2001, Spring 2002)
My work at NEC Research in San Jose. I worked on building
a cache for dynamic database web driven sites as well as
in the area of content based delivery networks.
Research: 2002vldb,
TR at NEC Research 2001,
TR at NEC Research 2002
|
|
|
|
XPRO: IP Router
A quite nice project, resulting in the writing from scratch of a TCP/IP Router,
including NAT, firewalling, network snooping, remote logging etc. I worked in a
team of 4 on this and wrote most of the routing structures, RIP, firewalling, control
interface, others. I invented a new routing structure, the TRIX. Was lots of fun.
Under the supervision of Doug Comer,
the ultimate authority on this matter.
Research: report
|
|
 |
|
QUASAR: Quality of Service Aware Repository
During my PhD, I briefly worked on data QoS stuff. This is a project that is still
alive and well, taken over by somebody else. For my part i produced an initial
functional draft and wrote a technical report.
Research: TR at Computer Sciences,
2003quasaq-edbt
|
|
|
|
IBM Internship (Summer 2000)
My work at IBM Transarc. This was my first internship
in the US. I worked in an R&D environment where
i developed an "object browser" for WebSphere tm.
as well as some other applications including
a stock quote retrieval application using EJBs,
hot technology at the time.
|
|
 |
|
The MicroServer
During my brief involvement with the Bond Agent System,
together with L. Boloni, I came up with an
idea of enabling access to methods and object through a HTTP interface (long before SOAP came about !!!).
This resulted in the MicroServer concept and implementation. It did not get finalized due to
largely political reasons. We nevertheless got a paper out of it.
Research: micros2000
|
|
 |
|
The Bond Agent System
In the first days of my PhD, I was co-opted to work in the
Bond Agent System
Research lab (moved to Florida now). I changed my research topic after my first year but
nevertheless wrote some agents code and parts of a Bond beginners manual. This resulted also in
a peer-reviewed paper and several tech-reports.
Research: 2000asama,
TR-CS-BOND-2000,
TR-CS-ACL-2000
|
|
 |
|
Talking Objects.
A distributed servicing system on top of JVM done during
my undergraduate college years (1996-98). The main idea was to use
natural language in inter-entity communication and service
advertisments. Maybe I will
continue this sometime in the future.
Research:
TR-CS-PUB-talking-nl-1999,
TR-CS-PUB-talking-id-1999,
TR-CS-PUB-talking-1999
|
|
 |
|
JVM: The Jet (Java) Virtual Medium
This is my main undergraduate thesis.
JVM is designed to use some of the advanced (in late 1995:))
features of java in order to create a friendly interface to a virtual
networked community. It is basically a distributed system enabling
a set of clients to transparently communicate by exchanging arbitrary
objects through itself.
Research:
TR-CS-PUB-distrib-1999
|
|