CS Student Earns IEEE Best Paper Award
Ashish Kundu, a Ph.D. student in the Department of Computer Science received an award for the Best Student Paper at the 10th IEEE International Enterprise Distributed Object Computing Conference (EDOC 2006) held in Hong Kong, China, on October 16-20, 2006. This is a joint work with his advisor, Elisa Bertino, a professor in the department and Research Director of the Center for Education and Research in Information Assurance and Security (CERIAS). The award winning paper is titled "Secure Dissemination of XML Content using Structure-Based Routing". The award is annually given to the best papers having at least one author as a full-time student. The winners received a certificate and a memento. The award was formally announced and given to the winners at the conference banquet on October 19, 2006.
The paper addresses the problem of secure sharing of the standard meta-language used to specify information in a structured-manner, XML (Extensible Markup Language) content. The problem is fundamental to sharing of content. A content consumer should be able to reason about the integrity of the content it received, while the content producer must be sure that the sharing does not lead to any leakage. There has been a plethora of work towards the security and distribution requirements however in a isolated manner; the techniques also do not facilitate precise reasoning about the content integrity nor prevent leakage. In their paper, Kundu and Bertino make two major contributions: 1) use of structural properties in enabling sound and precise content security and 2) notion of a new content routing model: structure-based routing. Through these two contributions, they propose a simple holistic solution for distribution of XML content while addressing the security requirements. Among many other advantages, the technique facilitates flexible enforcement of security, which is a desirable property.
The proposed technique has significant influence on the way content security is reasoned about. There are promising applications of this work to content distribution and management networks, content sharing in server-less peer-to-peer communication (P2P) systems, on secure web services computing and web security.
EDOC is an established and highly recognized annual conference that focuses on paradigms, technologies and methods involved in enterprise computing. Papers at the EDOC conference covered topics related to open and distributed computing, based on services, components, objects, and workflows. This year's conference accepted 34 papers out of a total of 140 submissions.
Ashish Kundu joined Purdue in January 2005. He received his B.E. in Computer Science from the National Institue of Technology Rourkela in India and his M. Tech. in Computer Science from the Indian Institue of Technology in Bombay. His current research interests are in information security and programming technologies.