Short Bio
I have graduated from
Department of Computer Science
in December 2009.
My PhD advisor is Professor Ninghui
Li. I am a member of TruSe lab and CERIAS center.
Before I came to Purdue, I got a bachelor's degree in Computer Science &
Technology at Tsinghua
University in 2004.
Research
I am interested in various areas of information security.
In my dissertation, I propose models and tools to analyze
complicated security policies in operating systems. In modern
operating systems, a security policy usually consists of a large number
of rules. It is difficult to verify if a configuration successfully
enforces a security goal. Misconfigurations can lead to serious
security consequences. Our models and tools help to bridge the gap
between low-level security configurations and high-level security goals
by constructing and analyzing attack graphs given a policy and a
security goal. Currently we have tools for Windows systems and Linux
systems (SELinux, AppArmor). The tools can be used by system
administrators, software vendors and security researchers to analyze
and verify security policies for operating systems.
My past projects are related to Role-Based Access Control (RBAC).
In projects during my internships, I studied web browser security,
designed a scheme for query verification in outsourced database, and
designed and implemented a distributed application to compress data in
Webmap (a database used by Yahoo! search engine).
Publications
-
Trojan Horse Resistant Discretionay Access Control
(paper)
Ziqing Mao, Ninghui Li, Hong Chen, Xuxian Jiang
In Proceedings of ACM Symposium on Access Control Models and
Technologies (SACMAT), June 2009
-
Analyzing and Comparing the Protection Quality of Security
Enhanced Operating Systems
(paper
slides)
Hong Chen, Ninghui Li, Ziqing Mao
In the 16th Network and Distributed System Security
Symposium (NDSS), February 2009.
-
Access Control Friendly Query Verification for Outsourced Data
Publishing (paper)
Hong Chen, Xiaonan Ma, Windsor Hsu, Ninghui Li,
Qihua Wang
In Proceedings of the 13th European Symposium on
Research in Computer Security (ESORICS), October 2008.
-
On the Security of Delegation in Access Control Systems
Qihua Wang,
Ninghui Li, Hong Chen
In Proceedings of the 13th European Symposium on
Research in Computer Security (ESORICS), October 2008.
- Mining Roles with Semantic Meanings
(paper)
Ian Molloy, Hong Chen, Tiancheng Li,
Qihua Wang,
Ninghui Li, Elisa
Bertino, Seraphin Calo, Jorge Lobo
In Proceedings of ACM Symposium on Access Control Models and
Technologies (SACMAT), June 2008.
- Usable Mandatory Integrity Protection for
Operating Systems
(paper)
Ninghui Li, Ziqing Mao, Hong Chen
In Proceedings of IEEE Symposium on Security and Privacy
(Oakland), May 2007.
- Constraint Generation for Separation of Duty
(paper
slides)
Hong Chen, Ninghui Li
In Proceedings of ACM Symposium on Access Control Models and
Technologies (SACMAT), June 2006.
Work Experience
- May 2008 - Aug 2008
Summer intern, ISRC, Microsoft Research, Redmond, WA
Topic: web browser security
- May 2006 - Aug 2006
Summer intern, storage division, IBM Almaden Research Center, San Jose, CA
Topic: privacy preserving data verification
- May 2005 - Aug 2005
Summer intern, search team, Yahoo! Inc., Sunnyvale, CA
Topic: data compression for webmap
- Jul 2003 - Aug 2003
Consultant, Department of Industrial Engineering & Engineering
Management,
Hong Kong University of Science & Technology, Hong Kong
Topic: algorithm design and implementation for bin packing problem
- Oct 2000 - Jul 2001
Part-time intern, Microsoft Research Asia, Beijing
Topic: media agents for managing personal multimedia files
Teaching Experience
- Aug 2008 - Dec 2008
Teaching assistant of CS526: Information Security
- Jan 2007 - May 2007
Teaching assistant of CS381: Introduction to the Analysis of Algorithms
Teaching assistant of CS565: Programming Languages
- Aug 2006 - Dec 2006
Teaching assistant of CS426: Computer Security
- Jan 2005 - May 2005
Teaching assistant of CS182: Foundations of Computer Science