Short Bio

I have graduated from Department of Computer Science in December 2009. My PhD advisor is Professor Ninghui Li. I am a member of TruSe lab and CERIAS center.

Before I came to Purdue, I got a bachelor's degree in Computer Science & Technology at Tsinghua University in 2004.

Research

I am interested in various areas of information security.

In my dissertation, I propose models and tools to analyze complicated security policies in operating systems. In modern operating systems, a security policy usually consists of a large number of rules. It is difficult to verify if a configuration successfully enforces a security goal. Misconfigurations can lead to serious security consequences. Our models and tools help to bridge the gap between low-level security configurations and high-level security goals by constructing and analyzing attack graphs given a policy and a security goal. Currently we have tools for Windows systems and Linux systems (SELinux, AppArmor). The tools can be used by system administrators, software vendors and security researchers to analyze and verify security policies for operating systems.

My past projects are related to Role-Based Access Control (RBAC). In projects during my internships, I studied web browser security, designed a scheme for query verification in outsourced database, and designed and implemented a distributed application to compress data in Webmap (a database used by Yahoo! search engine).

Publications

Trojan Horse Resistant Discretionay Access Control (paper)
Ziqing Mao, Ninghui Li, Hong Chen, Xuxian Jiang
In Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT), June 2009
Analyzing and Comparing the Protection Quality of Security Enhanced Operating Systems (paper slides)
Hong Chen, Ninghui Li, Ziqing Mao
In the 16th Network and Distributed System Security Symposium (NDSS), February 2009.
Access Control Friendly Query Verification for Outsourced Data Publishing (paper)
Hong Chen, Xiaonan Ma, Windsor Hsu, Ninghui Li, Qihua Wang
In Proceedings of the 13th European Symposium on Research in Computer Security (ESORICS), October 2008.
On the Security of Delegation in Access Control Systems
Qihua Wang, Ninghui Li, Hong Chen
In Proceedings of the 13th European Symposium on Research in Computer Security (ESORICS), October 2008.
Mining Roles with Semantic Meanings (paper)
Ian Molloy, Hong Chen, Tiancheng Li, Qihua Wang, Ninghui Li, Elisa Bertino, Seraphin Calo, Jorge Lobo
In Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT), June 2008.
Usable Mandatory Integrity Protection for Operating Systems (paper)
Ninghui Li, Ziqing Mao, Hong Chen
In Proceedings of IEEE Symposium on Security and Privacy (Oakland), May 2007.
Constraint Generation for Separation of Duty (paper slides)
Hong Chen, Ninghui Li
In Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT), June 2006.

Work Experience

May 2008 - Aug 2008
Summer intern, ISRC, Microsoft Research, Redmond, WA
Topic: web browser security
May 2006 - Aug 2006
Summer intern, storage division, IBM Almaden Research Center, San Jose, CA
Topic: privacy preserving data verification
May 2005 - Aug 2005
Summer intern, search team, Yahoo! Inc., Sunnyvale, CA
Topic: data compression for webmap
Jul 2003 - Aug 2003
Consultant, Department of Industrial Engineering & Engineering Management,
Hong Kong University of Science & Technology, Hong Kong
Topic: algorithm design and implementation for bin packing problem
Oct 2000 - Jul 2001
Part-time intern, Microsoft Research Asia, Beijing
Topic: media agents for managing personal multimedia files

Teaching Experience

Aug 2008 - Dec 2008
Teaching assistant of CS526: Information Security
Jan 2007 - May 2007
Teaching assistant of CS381: Introduction to the Analysis of Algorithms
Teaching assistant of CS565: Programming Languages
Aug 2006 - Dec 2006
Teaching assistant of CS426: Computer Security
Jan 2005 - May 2005
Teaching assistant of CS182: Foundations of Computer Science