• Selected Refereed Journal Publications
    1. Gail-J. Ahn, Badrinath Mohan and S. Hong, " Secure Information Sharing Using Role-based Delegation,"Journal of Network and Computer Applications, Elsevier, January 2007.
    2. Seok-Won Lee, Divya Muthurajan, Robin Gandhi, Deepak Yavagal and Gail-J. Ahn, " Building Decision Support Problem Domain Ontology from Security Requirements to Engineer Software-intensive Systems ," International Journal of Software Engineering and Knowledge Engineering, World Scientific, 2006.
    3. Seok-Won Lee, Robin Gandhi and Gail-J. Ahn, " Certification Process Artifacts Defined as Measurable Units for Software-intensive Systems Lifecycle, " Software Process: Improvement and Practice, John Wiley & Sons, 2006
    4. Dongwan Shin and Gail-J. Ahn, " Role-based Privilege and Trust Management," Computer Systems Science & Engineering Journal, Vol. 20, No. 6, CRL Publishing, November 2005.
    5. B. Tolone, Gail-J. Ahn, T. Pai and S. Hong, "Access Control in Collaborative Systems," ACM Computing Surveys, Vol. 37, No. 1, ACM, March 2005.
    6. Dongwan Shin and Gail-J. Ahn, " A Role-based Infrastructure Management System: Design and Implementation," Concurrency and Computation: Practice and Experience, Vol.16, No. 11, John Wiley & Sons, August 2004.
    7. Longhua Zhang, Gail-J. Ahn and Bill Chu, " A Rule-Based Framework for Role-Based Delegation and Revocation, " ACM Transactions on Information and System Security, Vol.6, No.3, August 2003.
    8. S. Hong, Gail-J. Ahn and Myungchul Kim, " Secure Consolidated Authorization Mechanism for Supply Chain Management " International Journal of Computer and Information Science, Vol. 4, No. 1, 2003.
    9. Gail-J. Ahn, S. Hong and M. Shin, "Reconstructing a Formal Security Model," Information and Software Technology, Vol. 44, No. 11, Elsevier Science, August 2002 .
    10. Gail-J. Ahn and Kwangjo Kim, " CONUGA: Constrained User Group Assignment," Journal of Network and Computer Applications, Vol. 24, No. 2, Academic Press, April 2001, Also appeared in Reader's Guide to Journal Papers in Cipher.
    11. Gail-J. Ahn and Ravi Sandhu, "Decentralized User Group Assignment in Windows NT," Journal of Systems and Software,Elsevier Science, Vol. 56, No. 1, February 2001, Also appeared in Reader's Guide to Journal Papers in Cipher.
    12. Joon Park, Gail-J. Ahn and Ravi Sandhu, "Secure Attribute Services on the Web," ACM Transactions on Information and System Security, Vol. 4, No. 1, February 2001
    13. Gail-J. Ahn, "Role-based access control in DCOM," Journal of Systems Architecture, Vol. 46, No. 13, Elsevier Science, November 2000
    14. Gail-J. Ahn and Ravi Sandhu, "Role-based Authorization Constraints Specification,"ACM Transactions on Information and System Security, pages 207-226, Vol. 3, No. 4, ACM, November 2000
    15. Gail-J. Ahn and Ravi Sandhu, "Towards Role-Based Administration in Network Information Services,"Journal of Network and Computer Applications, Vol. 22, No. 3, pages 199-213, Academic Press, 1999.
    16. Gail-J. Ahn, "Adopting Roles in Network Information Services," International Journal of Computers and Applications, Vol. 21, No. 3, ACTA Press, 1999.

     

  • Selected Refereed Conference Publications
    1. "Enabling Role-Based Delegation and Revocation on Security-Enhanced Linux," (with Dhruv Gami), In Proceedings of 12th IEEE Symposium on Computers and Communications (ISCC'07), Aveiro, Portugal, July 1-4, 2007.
    2. "Towards Realizing a Formal RBAC Model in Real Systems," (with Hongxin Hu), In Proceedings of 12th ACM Symposium on Access Control Models And Technologies (SACMAT), Sophia Antipolis, France, June 20-22, 2007.
    3. "Towards Effective Security Policy Management for Heterogeneous Network Environments," (with Lawrence Teo), In Proceedings of IEEE Workshop on Policies for Distributed Systems and Networks (POLICY'07), Bologna, Italy, June 13-15, 2007.
    4. "Managing Heterogeneous Network Environments Using an Extensible Policy Framework," (with Lawrence Teo), In Proceedings of ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS'07) Singapore, March 20-22, 2007.
    5. "Towards Secure Information Sharing and Management in Grid Environments," (with Jing Jin), In Proceedings of 2nd IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, Atlanta, GA, USA, November 17-20, 2006.
    6. "Role-based Access Management for Ad-hoc Collaboration," (with Jing Jin), In Proceedings of 11th ACM Symposium on Access Control Models And Technologies (SACMAT), Lake Tahoe, CA, USA, June 7-9, 2006.
    7. "Building Problem Domain Ontology from Security Requirements in Regulatory Documents," (with Seok-Won Lee, Robin Gandhi, Divya Muthurajan and Deepak Yavagal), In Proceedings of ACM ICSE Workshop on Software Engineering for Secure Systems (SESS05), Shanghai, China, 20-28 May 2006.
    8. "Policy-Driven Access Management for Ad-hoc Collaborative Sharing," (with Jing Jin), In Proceedings of 2nd International Workshop on Pervasive Information Management (PIM 2006), Lecture Notes in Computer Science (LNCS-4254), Munich, Germany, March 30, 2006.
    9. "Managing Privacy Preferences in Federated Identity Management," (with John Lam), In Proceedings of ACM Workshop on Digital Identity Management (In conjuction with 12th ACM Conference on Computer and Communications Security), Fairfax, VA, November 11, 2005.
    10. "Specification and Validation of Authorisation Constraints Using UML and OCL, "(with Karsten Sohr and Lars Migge), In Proceedings of 10th European Symposium on Research in Computer Security (ESORICS), Lecture Notes in Computer Science (LNCS), Milan, Italy, September 12-14, 2005.
    11. "Security Requirements Driven Risk Assessment for Critical Infrastructure Information Systems," (with Seok-Won Lee and Robin A. Gandhi), In Proceedings of Symposium on Requirements Engineering for Information Security, (In conjunction with 13th IEEE International Requirements Engineering Conference), Paris, France, August 29, 2005.
    12. "Engineering Information Assurance for Critical Infrastructures: The DITSCAP Automation Study," (with Seok Won Lee, Robin A. Gandhi), In Proceedings of the 15th Annual International INCOSE Symposium, Rochester, New York, July 10-15, 2005.
    13. "Active Automation of the DITSCAP," (with Seok Won Lee, Robin A. Gandhi, Deepak Yavagal), In Proceedings of IEEE International Conference on Intelligence and Security Informatics, Lecture Notes in Computer Science (LNCS), Atlanta, GA, May 19-20, 2005.
    14. "Establishing Trustworthiness in Services of the Critical Infrastructure through Certification and Accreditation," (with Seok Won Lee, Robin A. Gandhi), In Proceedings of ACM ICSE Workshop on Software Engineering for Secure Systems (SESS05), St. Louis, Missouri, May 15-16, 2005 and also in ACM SIGSOFT Software Engineering Notes, Volume 30 , Issue 4, July 2005.
    15. "Articulating and Enforcing Authorisation Policies with UML and OCL," (with Karsten Sohr and Lars Migge), In Proceedings of ACM ICSE Workshop on Software Engineering for Secure Systems (SESS05), St. Louis, Missouri, May 15-16, 2005 and also in ACM SIGSOFT Software Engineering Notes, Volume 30 , Issue 4, July 2005.
    16. "Common Criteria Requirements Modeling and its Uses for Quality of Information Assurance (QoIA)," (with Deepak S. Yavagal, Seok Won Lee, Robin A. Gandhi), In Proceedings of 43rd ACM Southeast Conference, Atlanta, GA, March 18-20, 2005.
    17. "Supporting Access Control Policies Across Multiple Operating Systems," (with Lawrence Teo), In Proceedings of 43rd ACM Southeast Conference, Atlanta, GA, March 18-20, 2005.
    18. "Formal Specification of Role-based Security Policies for Clinical Information Systems (with Karsten Sohr), "In Proceedings of 20th Annual ACM Symposium on Applied Computing, Santa Fe, New Mexico, March 13 -17, 2005.
    19. "Interactive Exploration of Large Filesystems," (with K.R. Subramanian and J.A. Foster), In Proceedings of 17th SPIE Conference on Visualization and Data Analysis, January 16-20, 2005, San Jose, California, USA.
    20. "Information Assurance in Federated Identity Management: Experimentations and Issues, In Proceedings of 15th International Conference on Web Information Systems Engineering, Lecture Notes in Computer Science (LNCS3306), pp 79-90, November 22-24, 2004, Brisbane, Australia.
    21. "Role-based Trust Assignment in Trust Management Systems," (with Dongwan Shin), In Proceedings of 17th International Conference on Parallel and Distributed Computing Systems (PDCS 04), San Francisco, USA, September 15-17, 2004.
    22. " Role-based Privilege Management Using Attribute Certificates and Delegation ," In Proceedings of International Conference on Trust and Privacy in Digital Business, Lecture Notes in Computer Science (LNCS3184), August 30 - September 3, 2004.
    23. "Towards the Specification of Access Control Policies on Multiple Operating Systems," (with Lawrence Teo), In Proceedings of 5th Annual IEEE Information Assurance Workshop, United States Military Academy, West Point, New York, June 10-11, 2004.
    24. "Application Penetration Testing: Concepts and Taxonomy," (with John Melton), In Proceedings of 2004 Department of Energy Cyber Security Training Conference, Overland Park, Kansas, May 24-27, 2004 (Best Student Paper presented by Department of Energy Office of the Chief Information Officer).
    25. " Ensuring Information Assurance in Federated Identity Management, " (with Dongwan Shin and Prasad Shenoy), In Proceedings of the 23rd IEEE International Performance Computing and Communications Conference (IPCCC), Phoenix, Arizona, April 14-17, 2004.
    26. "Group Hierarchies with Constrained User Assignment in Linux," (with Seng-Phil Hong), In Proceedings of The Second International Workshop on Security In Information Systems (WOSIS) held in conjunction with the 6th International Conference on Enterprise Information Systems (ICEIS), Porto, Portugal, April 13, 2004.
    27. "Defeating Internet Attacks Using Risk Awareness and Active Honeypots," (with Lawrence Teo and Yu-An Sun), In Proceedings of IEEE International Information Assurance Workshop (IWIA 2004), Charlotte, NC, April 8-9, 2004.
    28. " Secure Information Sharing Using Role-based Delegation, " (with Badrinath Mohan), In Proceedings of IEEE International Conference on Information Technology: Coding & Computing (ITCC), Las Vegas, NV, April 5-7, 2004.
    29. " Towards IA-Aware Web Services for Federated Identity Management, " (with Prasad Shenoy and Dongwan), In Proceedings of IASTED International Conference on Communication, Network, and Information Security (CNIS 2003), New York, December 10-12, 2003.
    30. "Authorization Management for Role-based Collaboration, " (with Longhua Zhang, Dongwan Shin and Bill Chu), In Proceedings of IEEE International Conference on System, Man and Cybernetic (SMC2003), October 5-8, 2003, Washington, D.C.
    31. " Locale-Based Access Control: placing collaborative authorization decisions in context," (with Bill Tolone and Robin Gandhi), In Proceedings of IEEE International Conference on System, Man and Cybernetic (SMC2003), October 5-8, 2003, Washington, D.C.
    32. "Context & Environmental Aware Wireless Sensor Networks for Reconfigurable Manufacturing Systems," (with Ivan Howitt, Teresa Dahlberg, Asis Nasupri and Yuliang Zheng), In Proceedings of the 2nd CIRP Conference on Agile, Reconfigurable Manufacturing, Ann Arbor, MA, August 20-21, 2003.
    33. "Specification and Classification of Role-based Authorization Policies," In Proceedings of 8th IEEE International Workshop on Enterprise Security (WETICE 2003), June 9-11, 2003, Linz, Austria.
    34. " Dynamic and Risk Aware Network Access Management, " (with Lawrence Teo and Yuliang Zheng), In Proceedings of 8th ACM Symposium on Access Control Models And Technologies (SACMAT), June 2-3, 2003, Como, Italy.
    35. " Role Control Center: Features and Case Studies, " (with David Ferriolo), In Proceedings of 8th ACM Symposium on Access Control Models And Technologies (SACMAT), June 2-3, 2003, Como, Italy.
    36. " On Modeling System-centric Information for Role Engineering, " (with Dongwan Shin), In Proceedings of 8th ACM Symposium on Access Control Models And Technologies (SACMAT), June 2-3, 2003, Como, Italy.
    37. " Constrained Role-based Delegation, " (with Longhua Zhang), In Proceedings of Eighteenth IFIP International Information Security Conference, May 26-28, 2003, Athens, Greece.
    38. " Intrusion Detection Force: An Infrastructure for Internet-Scale Intrusion Detection, " (with Lawrence Teo and Yuliang Zheng), In Proceedings of IEEE International Information Assurance Workshop (IWIA 2003), March 2003, Germany.
    39. " Role-Based Authorization in Decentralized Health Care Environments," (with Badrinath Mohan), In Proceedings of Eighteenth Annual ACM Symposium on Applied Computing, March 9-12, 2003, Melbourne, Florida.
    40. "An Administration System for Role-based Authorization Infrastructures," (with Dongwan Shin and Sangrae Cho), In Proceedings of Eighteenth Annual ACM Symposium on Applied Computing, March 9-12, 2003, Melbourne, Florida.
    41. "Role-based EAM Using X.509 Attribute Certificate," (with Dongwan Shin and Sangrae Cho), In Proceedings of Sixteenth Annual IFIP WG 11.3 Working Conference on Data and Application Security, King's College, University of Cambridge, UK July 29-31, 2002.
    42. " A Neural Model for Network Intrusion Detection," (with Kayvan Najarian and Xiaolu Sun), In Proceedings of the 6th World Multi-Conference on Systemics, Cybernetics, and Informatics, Orlando, FL, U.S.A., July 2002.
    43. "An application of DSML for RBAC," (with Dongwan Shin and Joon S. Park), In Proceedings of 26th IEEE Annual International Computer Software and Application Conference, p934-939, Oxford, England, August 26-29, 2002.
    44. "Towards Scalable Authentication in Health Services," (with Dongwan Shin), In Proceedings of 7th IEEE International Workshop on Enterprise Security (WETICE 2002), CMU, PA, June 10-12, 2002.
    45. "A Role-Based Delegation Framework for Healthcare Information Systems " (with Longhua Zhang and Bill Chu), ACM Symposium on Access Control Models And Technologies (SACMAT) 2002.
    46. " Challenges to Multi-Enterprise Integration: the EECOMS Experience," (with William J. Tolone, Bei-tseng Chu, Robert G. Wilhelm, John E. Sims), In Proceedings of the IFIP TC5/WG5.12 International Conference on Enterprise Integration and Modeling Technique: Enterprise Inter- and Intra-Organizational Integration: Building International Consensus, Valencia, Spain, April 24-26, 2002.
    47. "A Secure Consolidated Authorization Mechanism for SCM, " (with Seung-Phil Hong, Myung-Chul Kim, Min-Hyung Kim and Jung Tae Yoon), In Proceedings of the 1st ACIS International Conference on Computer and Information Science (ICIS '01), Orlando, FL, October 3-5, 2001.
    48. "Scalable Authentication Architecture for Critical Information System, "In Proceedings of the 18th AFCEA (Armed Forces Communications and Electronics Association) Annual Federal Database Colloquium and Exposition, San Diego, California, August 28-30, 2001.
    49. "Browsing Structured Data with Role-based Security Realm, " (with Seung-Phil Hong), In Proceedings of the 2nd ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing, NIT, Japan, August 20-22, 2001.
    50. "RBAC on the Web Using LDAP," (with Joon S. Park and Ravi Sandhu),In Proceedings of 15th IFIP WG 11.3 Working Conference on Database and Application Security, Ontario, Canada, July 15-18, 2001.
    51. "Role-based Authorization Constraints Specification Using Object Constraint Language, " (with Eonsuk Shin), In Proceedings of 6th IEEE International Workshop on Enterprise Security (WETICE 2001), MIT, MA, June 20-22, 2001.
    52. " A Rule-Based Framework for Role-Based Delegation " (with Longhua Zhang), In Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT), Chantilly, VA, May 3-4, 2001.
    53. "Role Based Constraints Language (with Ravi Sandhu), Position Paper, Workshop on Policies for Distributed Systems and Networks (Policy2001), HP Labs Bristol, January 29-31 2001.
    54. "Injecting RBAC to Secure a Web-based Workflow System," (with Ravi Sandhu, Joon S. Park and Myong Kang), In Proceedings of 5th ACM Workshop on Role-Based Access Control, Germany, July 26-28, 2000.
    55. "UML-based Representation of Role-based Access Control," (with Eonsuk shin), In Proceedings of 5th IEEE International Workshop on Enterprise Security (WETICE 2000), NIST, MD, June 14-16, 2000.
    56. "The RSL99 Language for Role-Based Separation of Duty Constraints," (with Ravi Sandhu), In Proceedings of 4th ACM Workshop on Role-Based Access Control, p43-54, Fairfax, VA, October 28-29, 1999.
    57. "Hierarchical Administration in Network Information Services," In Proceedings of 17th IAoM Annual International Conference on Computer Science, August 6-8, 1999.
    58. "Security Architecture of DCOM and Its Integration with RBAC," (with Ravi Sandhu), In Proceedings of International Computer Symposium (ICS '98), p71-78, December 17-19, 1998.
    59. "Decentralized Group Hierarchies in UNIX: An Experiment and Lessons Learned," (with Ravi Sandhu), In Proceedings of 21st NIST-NCSC National Information Systems Security Conference, p486-502, October 5-8, 1998.
    60. "Group Hierarchies with Decentralized User Assignment in Windows NT," (with Ravi Sandhu), In Proceedings of IASTED International Conference on Software Engineering, October 28-31, 1998. (Also at NSA University Research Program Symposium August 18-19, 1998.)

 

 

 

Copyright © The Laboratory of Information Integration, Security and Privacy.
All Rights Reserved.