obtained some interesting simul<strong>at</strong>ion results. In the third scenario, we assume th<strong>at</strong> the partners areuntrustworthy. Here, we apply d<strong>at</strong>a mining to defend our systems from virus and worms and <strong>at</strong> the sametime try to probe into our partners’ systems.This research has now resulted in a MURI project. We are investig<strong>at</strong>ing incentive-based inform<strong>at</strong>ionsharing and risk-based access control.Area 2: Secure Geosp<strong>at</strong>ial D<strong>at</strong>a Management: Funding from NGA, RaytheonIn the area <strong>of</strong> secure geosp<strong>at</strong>ial d<strong>at</strong>a management, we are developing technologies for geosp<strong>at</strong>ial semanticweb and d<strong>at</strong>a mining. We are specifying extensions to GML for access control policies, as well asdeveloping ontologies for geosp<strong>at</strong>ial d<strong>at</strong>a. Using these ontologies, we are conducting d<strong>at</strong>a mining. Inaddition, we are also developing geosp<strong>at</strong>ial web services. Finally, we are developing a new languagecalled GRDF (Geosp<strong>at</strong>ial Resource Description Framework) and Secure GRDF for a geosp<strong>at</strong>ial semanticweb. While we are developing various pieces <strong>of</strong> technologies, our goal is to work through standardsorganiz<strong>at</strong>ions such as OGC (Open Geosp<strong>at</strong>ial Consortium) and corpor<strong>at</strong>ions such as Raytheon to transferour research to standards and oper<strong>at</strong>ional programs. We are members <strong>of</strong> both OGC and USGIF. We arealso members <strong>of</strong> UTD’s Geosciences program.Area 3: D<strong>at</strong>a Mining Applic<strong>at</strong>ions in Security, Funding from <strong>Texas</strong> Enterprise Funds, NASA,AFOSR (2007 - Present)Our main research in d<strong>at</strong>a mining applic<strong>at</strong>ions is to develop tools for intrusion detection and maliciouscode detection. In addition, we are developing tools for fault detection. We have also applied d<strong>at</strong>a miningfor surveillance and biometrics. In the area <strong>of</strong> surveillance and biometrics, our goal is to developtechnologies for detecting suspicious events. We developed a surveillance system to detect suspiciousevents. We identified normal events and used d<strong>at</strong>a mining techniques and determined whether an event issuspicious. In the area <strong>of</strong> biometrics, we developed tools for face recognition and fingerprint detection. Inaddition, we are conducting research on integr<strong>at</strong>ing robotics and security.Area 4: Secure Grid/Cloud and Web Services AFOSR (2008-Present)Here we are developing a deleg<strong>at</strong>ion model for web services. In addition, we are developing algorithmsfor secure storage <strong>of</strong> grid systems, as well as accountability policies for grid systems. We have alsodesigned and implemented secure query processing and inform<strong>at</strong>ion sharing in a cloud.Area 5: Secure Social Networks , Funding from AFOSR (2008 - Present),Here we are applying semantic web technologies to represent social networks and investig<strong>at</strong>e security andprivacy (jointly with <strong>University</strong> <strong>of</strong> Insubria).Area 6: Complexity <strong>The</strong>ory (2008 - Present)My PhD research, as well as early research in my career, was in computability theory (please see section3). After 25 years, I have gotten back into the field <strong>of</strong> co-advising students on complexity theory forsensory networks and security. This is more <strong>of</strong> a hobby <strong>at</strong> present.II.Inform<strong>at</strong>ion ManagementSemantic Web: Funding from IARPA (2007 - Present)Our research is in semantic web applic<strong>at</strong>ions for social networks, as well as knowledge management. Weare conducting research in enhancing JENA, building query techniques with Hadoop, as well asinvestig<strong>at</strong>ing security for semantic web and social networks. We are also exploring security for semanticweb and privacy for social networks.18.3 RESEARCH CONTRIBUTIONS TO CS (AUGUST 1980 – SEPTEMBER 2004)My research between 1980 and 2004 proceeded in five main areas: Computability <strong>The</strong>ory, D<strong>at</strong>a Security,Distributed Processing, D<strong>at</strong>a Management and Inform<strong>at</strong>ion Technologies for Homeland Security.114
Public<strong>at</strong>ions: Several journal public<strong>at</strong>ions including IEEE Transactions on Knowledge and D<strong>at</strong>aEngineering, IEEE Transactions on S<strong>of</strong>tware Engineering, IEEE Transactions on Parallel and DistributedProcessing, Journal <strong>of</strong> Computer and Systems Sciences, Notre Dame Journal <strong>of</strong> Formal Logic, Computersand Security and IEEE Computer as well as several conference public<strong>at</strong>ions including in ICDE, VLDB,ACSAC, IFIP D<strong>at</strong>a Security, and OOPSLA.Area 1: Computability <strong>The</strong>oryMuch <strong>of</strong> my research in the early 1980s was on computability theory. I studied various decision problemsfor combin<strong>at</strong>orial systems such as systems functions and proved several results on the unsolvability and thecomplexity <strong>of</strong> the problems. I also invented the concept <strong>of</strong> an N-cylinder and this enabled me to giveseveral counter-examples for the complexity problems. I have also applied the results in these papers to mywork on the complexity <strong>of</strong> the inference problem. This complexity work was st<strong>at</strong>ed by NSA (N<strong>at</strong>ionalSecurity Agency) to be a significant development in d<strong>at</strong>abase security in 1990 (Proceedings N<strong>at</strong>ionalComputer Security Conference). I am now applying the results to the privacy problem. Several papers werepublished in the Journal <strong>of</strong> Computer and Systems Sciences and the Notre Dame Journal <strong>of</strong> Formal Logicbetween 1980 and 1993.Area 2: Secure D<strong>at</strong>a ManagementMy research in inform<strong>at</strong>ion security and secure d<strong>at</strong>abase systems started in 1985 and still continues.Around 70% <strong>of</strong> my public<strong>at</strong>ions are in this area. This work has had a major impact on the researchcommunity, as well as on the commercial and government communities. I have been invited to givenumerous keynote addresses on my research, as well as advice to the government on inform<strong>at</strong>ion security.My earlier contributions have been on secure rel<strong>at</strong>ional d<strong>at</strong>abases, secure object d<strong>at</strong>abases, securedistributed d<strong>at</strong>abases and the inference problem. My research in the early 2000s was on secure XMLd<strong>at</strong>abases, privacy constraint processing, and secure sensor inform<strong>at</strong>ion management. My current researchis discussed in Section 17.2. A summary <strong>of</strong> my research between 1985 and 2004 is given below.Secure Rel<strong>at</strong>ional Systems: In the mid to l<strong>at</strong>e1980s, I was part <strong>of</strong> a team <strong>at</strong> Honeywell designing one <strong>of</strong>the prominent secure rel<strong>at</strong>ional d<strong>at</strong>abase systems. This system was called Lock D<strong>at</strong>a Views (LDV) built ontop <strong>of</strong> a LOCK secure oper<strong>at</strong>ing system. Issues investig<strong>at</strong>ed in this research had an impact on some <strong>of</strong> thecommercial products th<strong>at</strong> were emerging in the l<strong>at</strong>e 1980s and early 1990s. We developed a securitypolicy, security model and designed modules for query, upd<strong>at</strong>e, and metad<strong>at</strong>a management. We alsodeveloped a multilevel rel<strong>at</strong>ional d<strong>at</strong>a model.Secure Objects: I investig<strong>at</strong>ed security for object d<strong>at</strong>abase systems based on MCC’s ORION. I was one <strong>of</strong>the first to carry out such an investig<strong>at</strong>ion. This work had a major impact on the secure d<strong>at</strong>abase researchcommunity. Subsequently I published a policy, model and design <strong>of</strong> a system. I also examined the use <strong>of</strong>object models for designing secure systems.Secure Distributed D<strong>at</strong>abases: In the early 1990s, I led a team and conducted research on securedistributed d<strong>at</strong>abase systems. Algorithms for secure query processing and transaction management weredesigned. Prototypes were implemented. We connected systems in Massachusetts, Washington DC andNew Jersey and built applic<strong>at</strong>ions. This was a very novel idea <strong>at</strong> th<strong>at</strong> time. Simul<strong>at</strong>ion studies were alsocarried out on secure query and transaction processing.Inference Problem/Secure Deductive D<strong>at</strong>abases: I was one <strong>of</strong> the first to conduct research on theinference problem and deductive d<strong>at</strong>abases and also cre<strong>at</strong>ed a logic for secure d<strong>at</strong>abases called NTML(Nonmonotonic Typed Multilevel Logic). I also proved th<strong>at</strong> the inference problem is unsolvable and thiswork was cited as one <strong>of</strong> the significant developments in d<strong>at</strong>abase security in 1990 by Dr. John Campbell<strong>of</strong> NSA in the Proceedings <strong>of</strong> the 1990 N<strong>at</strong>ional Computer Security Conference. I was successfully able touse my research on computability theory to study the complexity <strong>of</strong> the inference problem. I also led a teamth<strong>at</strong> conducted research on security constraint processing and designed and developed systems to processconstraints. We extended the prototypes to work in a distributed environment.Emerging Security Technologies: More recently my research has been on secure web d<strong>at</strong>a management.In particular I have examined security for XML d<strong>at</strong>abases and the semantic web. I am also investig<strong>at</strong>ing115
- Page 1:
Curriculum VitaeBhavani Thuraisingh
- Page 5 and 6:
EXTERNALSection 2: MAJOR AWARDSBest
- Page 7 and 8:
Section 3: SYNOPSIS OF RESEARCHMy r
- Page 9 and 10:
the concepts in semantic nets and c
- Page 11 and 12:
secure query processing for cloud.
- Page 13 and 14:
Section 4: RESEARCH LEADERSHIPhttp:
- Page 15 and 16:
Section 5: RESUME SUMMARYName:Dr. B
- Page 17 and 18:
Army, NSA, and CIA as well as consu
- Page 19 and 20:
Section 6: INDUSTRY/GOVERNMENT EXPE
- Page 21 and 22:
management to discuss projects as w
- Page 23 and 24:
Current (2004 - Present)The Univers
- Page 25 and 26:
Object Databases (1 day course taug
- Page 27 and 28:
Section 8: ACADEMIC RESEARCH SUPERV
- Page 29 and 30:
Thesis Committees: Serving/served o
- Page 31 and 32:
Section 9: RESEARCH FUNDINGI have o
- Page 33 and 34:
PI: L. KhanAmount: $260,00020. Nati
- Page 35 and 36:
3. CIA: As manager of fifteen resea
- Page 37 and 38:
15. Multilevel Security Issues in D
- Page 39 and 40:
48. E-Mail Worm Detection Using Dat
- Page 41 and 42:
79. Information Demands Drive Data
- Page 43 and 44:
2. Foundations of Multilevel Databa
- Page 45 and 46:
32. Parallel Processing and Trusted
- Page 47 and 48:
66. Privacy Preserving Data Mining,
- Page 49 and 50:
99. Data Mining for Cyber Security
- Page 51 and 52:
130. Object-oriented Implementation
- Page 53 and 54:
161. XIMKON- An Expert Simulation a
- Page 55 and 56:
194. Ontology Alignment Using Multi
- Page 57 and 58:
225. RETRO: A Framework for Semanti
- Page 59 and 60:
5. Inference Problem in Database Se
- Page 61 and 62:
I. JOURNAL SPECIAL ISSUES EDITEDSec
- Page 63 and 64: 12. Proceedings ISI Conference, IEE
- Page 65 and 66: Bhavani ThuraisinghamUTDCS-45-06UTD
- Page 67 and 68: UTDCS-32-08A Practical Approach to
- Page 69 and 70: UTDCS-27-11Towards the Design and I
- Page 71 and 72: 29. A Seminar on Real-time Database
- Page 73 and 74: 14. Concurrency Control in Real-tim
- Page 75 and 76: 17. Data Management Systems Evoluti
- Page 77 and 78: 54. Data Mining for National Securi
- Page 79 and 80: 5. Recent Developments in Some Trus
- Page 81 and 82: 44. Data Engineering Directions, IE
- Page 83 and 84: 6. Towards a Global Multilevel Data
- Page 85 and 86: 19. Object Technology for C4I Appli
- Page 87 and 88: 59. Assured Cloud Computing, AFOSR
- Page 89 and 90: 2. A Seminar on Secure Database Sys
- Page 91 and 92: VIII. The University of Texas at Da
- Page 93 and 94: 5. Secure Distributed Query Process
- Page 95 and 96: Simulated algorithms for informatio
- Page 97 and 98: 1. Geospatial Proximity Algorithm,
- Page 99 and 100: Section 16: INTELLECTUAL PROPERTY A
- Page 101 and 102: Section 17: DISCUSSION OF PUBLISHED
- Page 103 and 104: conceptual structures (e.g., semant
- Page 105 and 106: 1990s, we designed and implemented
- Page 107 and 108: inference problem. Back in the earl
- Page 109 and 110: 9. A Semantic Web Based Framework f
- Page 111 and 112: Policy management: While discretion
- Page 113: Section 18: DISCUSSION OF COMPLETE
- Page 117 and 118: Research and Technology Transfer in
- Page 119 and 120: 13. IEEE WORDS Workshop, Santa Barb
- Page 121 and 122: 82. AAAI, Vancouver, BC, Canada, Ju
- Page 123 and 124: http://findarticles.com/p/articles/
- Page 125 and 126: NSF Grants to Help Create Next-Gene
- Page 127: SECTION 21. CYBER SECURITY RESEARCH