Access Control Management
Resume:
Curriculum Vitae
Dongwan Shin
1.1 Contact Information
Position: Associate Professor
Office: Computer Science & Engineering
New Mexico Tech., Cramer 211
*** ***** *****, *******, NM 87801
(office), 575-***-**** (fax)
Email: abos0q@r.postjobfree.com
Website: http://www.cs.nmt.edu/ doshin
1.2 Career Objectives
The consequence of rapid advances in computing and its ubiquity has brought the
importance of com-
puter security to the fore. In order to support information assurance for current and
future computing
systems, continuing research & development, and education in the area of information
security are
strongly required. My career objective is to play a major role in this arena by pursuing
research &
development, and education program in computer and information security.
1.3
Education
Ph.D
. in Information Technology, University of North Carolina at Charlotte, USA, 12/2004
M.S
. in Computer Science, University of North Carolina at Charlotte, USA, 12/1999
1.4 Specialities
Access control
Identity and privacy management
Wireless sensor and mobile computing
Distributed and cloud computing
2 EMPLOYMENT
New Mexico Institute of Mining and Technology
2010 onwards Associate Professor
2005
2010Assistant ProfessorDepartment of Computer Science & Engineering
New Mexico Tech, Socorro, New Mexico
University of North Carolina at Charlotte
2001
December 2004Research Assistant
Summer 2001
2003System Administrator
2000
Spring 2001Teaching AssistantCollege of Computing and Informatics
UNC Charlotte, Charlotte, North Carolina
1
3 RESEARCH ACCOMPLISHMENTS
3.1 Research at New Mexico Tech: 2005 onwards
1. Trustworthy Computing: Collaborative Research: User-controlled Persona in Virtual
Community
Sponsor: National Science Foundation, $209,748 - PI (no co-PI), 2009-12
2. ENSL:Experimental Network of Sensors Lab for Advancing Research
Sponsor: National Science Foundation (CRI), $160,000 - co-PI (PI: Dr. Hamdy Soliman),
2007-11
3. ARIEL: An Advanced Security Policy Engineering Framework for Protecting Dis-
tributed and Critical Systems
Sponsor: Sandia National Laboratories (SURP), $40,000 - PI (no co-PI), 2007-8
4. R&D: Secure Infrastructure Management Systems
Sponsor: Sandia National Laboratories, $9,000 - PI (no co-PI), 2007
5. DoD Information Assurance Scholarship Program: Capacity Building
Sponsor: Department of Defense, $41,168 - co-PI (PI: Dr. Andrew Sung), 2006-7
6. DoD Information Assurance Scholarship Program: Capacity Building
Sponsor: Department of Defense, $74,078 - co-PI (PI: Dr. Andrew Sung), 2005-6
7. Building a Secure State-of-the-Art Embedded Real-Time Systems Laboratory at NMT
Sponsor: Intel Corporation, $62,000 - co-PI (PI: Dr. Xiao Qin
), 2005-6
3.2 Prior Years:
2000
- 2004
The following list describes various funded projects (PI: Dr. Gail-Joon Ahn) that I have
actively
participated in, while serving as a Research Assistant at UNC Charlotte. Topics cover
authentication,
access control, trust management, security and privacy issues for e-business, and applied
cryptographic
techniques. Duties involved conducting research, contributing to grant proposals, and
publication and
presentation of research works.
1. Collaborative Research: Secure Information Sharing in Internet-based Collaborative
Applications
Sponsor:
National Science Foundation
(NSF), Summer 2003 - December 2004
2. Privacy Attribute Management
Sponsor:
Bank of America, Fall 2003 - December 2004
3. Engineering Role-based Infrastructure Management System
Sponsor:
Electronics and Telecommunications Research Institute, Summer 2002 - Spring 2003
4. Access and Identity Management
Sponsor:
Bank of America, Fall 2002 - Summer 20035. Email Fraud Protection for Financial Services
Sponsor:
Bank of America, Summer 20026
. Role-based Access Control on Privilege Management Infrastructure
Sponsor: Electronics and Telecommunications Research Institute,
Summer 2001 - Spring 2002
7. Scalable Token-based Authentication: Architecture and Mechanisms
Sponsor: National Science Foundation (NSF), Fall 2001
2
4 PUBLICATIONS
IEEE
IPCCC 06), Phoenix, Arizona, April 10-12, 2006.
29. William Claycomb and Dongwan Shin. Mobile-driven Architecture for Managing
Enterprise
Security Policies, In Proceedings of 44th ACM Southeast Conference (ACMSE 06),
Melbourne,
FL, March 10-12, 2006.
30. Dongwan Shin. Securing Spontaneous Communications in Wireless Pervasive Computing En-
vironments, In Proceedings of IEEE International Symposium on Multimedia
(ISM 05),
Irvine,
CA, December 12-14, 2005.
31. Gail-Joon Ahn, Dongwan Shin, and Prasad Shenoy. Information Assurance in Federated
Iden-
tity Management: Experimentations and Issues, In Proceedings of International Conference
on
Web Information Systems Engineering (WISE 04), Lecture Notes in Computer Science,
Brisbane,
Australia, November 22-24, 2004.
32. Dongwan Shin and Gail-Joon Ahn. Role-based Trust Assignment in Trust Management Sys-
tems, In Proceedings of the 17th International Conference on Parallel and Distributed
Computing
Systems (PDCS 04), San Francisco, USA, September 15-17, 2004.
33. Gail-Joon Ahn, Dongwan Shin, and Longhua Zhang. Role-based Privilege Management
Using
Attribute Certificates and Delegation, In Proceedings of International Conference on
Trust and
Privacy in Digital Business (TrustBus 04), Lecture Notes in Computer Science, Zaragoza,
Spain,
August 30 - September 3, 2004.
34. Dongwan Shin, Gail-Joon Ahn, and Prasad Shenoy. Ensuring Information Assurance in
Fed-
erated Identity Management, In Proceedings of the 23rd IEEE International Performance
Com-
puting and Communications Conference (IPCCC 04), Phoenix, Arizona, April 14-17, 2004.
35. Prasad Shenoy, Dongwan Shin, and Gail-Joon Ahn. Towards Security-Aware Web Services
for Federated Identity Management, In Proceedings of the IASTED International Conference
on
Communication, Network, and Information Security (CNIS 03), New York City, December 10-
12,
2003.
36. Gail-Joon Ahn, Longhua Zhang, Dongwan Shin, and Bill Chu. Authorization Management
for
Role-based Collaboration, In Proceedings of IEEE International Conference on System, Man
and
Cybernetic (SMC 03), Washington, D.C., October 5-8, 2003.
37. Dongwan Shin, Gail-Joon Ahn, Sangrae Cho, and Seunghun Jin. On Modeling System-
centric
Information for Role Engineering, In Proceedings of 8th ACM Symposium on Access Control
Models and Technologies (SACMAT 03), Villa Gallia, Como, Italy, June 2-3, 2003.
38. Dongwan Shin, Gail-Joon Ahn, Sangrae Cho, and Seunghun Jin. A Role Administration
Sys-
tem in Role-based Authorization Infrastructures - Design and Implementation, In
Proceedings of
18th ACM Symposium on Applied Computing (SAC 03) in Special Track on Computer Security,
Melbourne, Florida, USA, March 9-12, 2003.
39. Dongwan Shin, Gail-Joon Ahn, and Joon S. Park. An application of DSML for RBAC, In
Proceedings of 26th IEEE Annual International Computer Software and Application
Conference
(CompSec 02), Oxford, England, August 26-29, 2002.
40. Dongwan Shin, Gail-Joon Ahn, and Sangrae Cho. Role-based EAM Using X.509 Attribute
Certificate, In Proceedings of 16th Annual IFIP WG 11.3 Working Conference on Data and
Application Security (DBSec 02), King s College, University of Cambridge, UK, July 29-31,
2002.
41. Gail-Joon Ahn and Dongwan Shin. Towards Scalable Authentication in Health Services,
In
Proceedings of 7th IEEE International Workshop on Enterprise Security (WETICE 02), CMU,
PA, June 10-12, 2002.
5
4.3 Poster and Work-in-progress
42. William Claycomb and Dongwan Shin. Designing and Implementing Access Control for Im-
promptu Collaboration, In Annual Computer Security Application Conference (ACSAC 06),
Works-in-Progress, Miami Beach, Florida, December 11-15, 2006.
4.4 Miscellaneous Technical Publications
43. Rodrigo Lopes and Dongwan Shin. Towards Secure Infrastructure Management System
Devel-
opment, Technical Report, SIS-Fall-07-01, New Mexico Tech, September 2007. Also
submitted
to Sandia National Laboratories.
44. Prasad Shenoy, Badrinath Mohan, Uttam Sankhala, Dongwan Shin, and Gail-Joon Ahn. Com-
parative Study of Microsoft .NET Passport and Liberty Alliance, Technical Report, LIISP-
Fall-
03-01, UNC Charlotte, August 2003. Also submitted to Bank of America (copyrighted
material).
45. Dongwan Shin and Gail-Joon Ahn. Engineering Role-based Infrastructure Management Sys-
tem, Technical Report, LIISP-Spring-03-01, UNC Charlotte, May 2003. Also submitted to
Elec-
tronics and Telecommunications Research Institute (ETRI).
46. Dongwan Shin, Gail-Joon Ahn, and Zhaoyu Liu. On Email Spoofing and Web Spoofing,
Technical Report, LIISP-Summer-02-01, UNC Charlotte, July 2002. Also submitted to Bank of
America.
47. Dongwan Shin, Gail-Joon Ahn, and Sangrae Cho. Role-based Access Control on Privilege
Management Infrastructure, Technical Report, LIISP-Spring-02-01, UNC Charlotte, May
2002.
Also submitted to Electronics and Telecommunications Research Institute (ETRI).
5 PROFESSIONAL ACTIVITIES
5.1 Journal Editorial Board
International Journal of Secure Software Engineering (IJSSE)
{ Reviewer Board, 2009
5.2 Conference Committee
Organizing Committee
{ Publication Chair, ACM Symposium on Applied Computing (SAC 09-11)
{ Publicity Chair, ACM Symposium on Access Control Models & Technologies (SACMAT 10)
{ Workshop co-Chair, IEEE International Workshop on Trusted Collaboration (TrustCol 09-
10)
{ Workshop co-Chair, IEEE International Workshop on Emerging Applications for Cloud Com-
puting (CloudApp 10)
Program Committee
{ IEEE/IFIP International Conference on Embedded and Ubiquitous Computing (EUC 09)
{ International World Wide Web Conference - Security and Privacy Track (WWW 09)
{ ACM Symposium on Access Control Models and Technologies (SACMAT 06-10)
{ IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec 07-09)
{ International workshop on Software Engineering for Secure Systems (SESS 08-09)
6
ARIEL:
Advanced Security Policy Engineering Framework for Distributed and Critical
Systems,
Sandia Labs, Albuquerque, New Mexico, 2/29/2008
Enabling Delegation for Impromptu Collaboration in Pervasive Computing Environments,
ISCIS
07, Turkey, 11/9/2007
A Visual Framework for Securing Impromptu Collaboration in Pervasive Computing, TrustCol
06,
Atlanta, 11/17/2006.
Modeling Role-Based Trust and Authority in Open Environments, SAM 06, Las Vegas,
6/26/06.
Enabling Mobility in Enterprise Security Management, WIA 06, Phoenix, Arizona, 4/12/2006.
Securing Spontaneous Communications in Wireless Pervasive Computing Environments,
Workshop
on Security and Pervasive Multimedia Environments (MultiSec05) held in conjunction with
the 7th
IEEE ISM, 12/2005.
Panel Moderator at Information Technology Forum at NMT, Socorro, New Mexico Tech,
05/2005.
Access Control and Trust Management, Army Research Lab-New Mexico Tech Symposium at White
Sand Missle Range (WSMR), 04/2005.
Ensuring Information Assurance in Federated Identity Management, Workshop on Information
Assurance (WIA04) held in conjunction with the 23rd IEEE IPCCC, 04/2004.
Towards IA-Aware Web Services for Federated Identity Management, IASTED International Con-
ference on Communication, Network, and Information Security (CNIS 2003), 12/2003.
A Role-based Infrastructure Management System, Electronics and Telecommunications
Research
Institute, South Korea, 05/2003.
The RolePartner: A Role-based Infrastructure Management System, 18th ACM Symposium on
Applied Computing, 03/2003.
Remote NT System Intrusion and Its Countermeasures, ACM Student Chapter at UNC Charlotte,
12/2000.
8
5.6 Departmental Services
Led efforts to prepare for NM Tech CS Department s application for a Center of Academic
Ex-
cellence in Information Assurance Research (CAE-R) sponsored by National Security Agency
(NSA) and Department of Defense (DoD). NM Tech has been a CAE-IAE (Education) since
2002. Application was submitted on 1/15/2009. Certified on 6/1/2009 (till 2014).
Led efforts (course development and mapping) to prepare for NM Tech CS Department s ap-
plication for national information assurance (IA) certification programs (CNSS 4013:
System
Administrators, CNSS 4016: Audit Analysts) managed by National Security Agency (NSA).
{ CNSS 4013: application submitted on 1/15/2007 and certified on 6/5/2007 (till 2012)
Primary courses mapped : Access Control and System Security, Cryptography
{ CNSS 4016: application submitted on 1/15/2008 and certified on 6/4/2008 (till 2013)
Primary courses mapped : Secure Software Construction
Participated in NM Tech CS Department s efforts to get its program ABET-accredited.
Application
was submitted in 2007 summer. Accredited in 2007.
6 TEACHING ACTIVITIES
6.1 University Teaching at New Mexico Tech
1
Spring 2010
- CS589: Access Control and System Security (co-instruct with Dr. Fu, 10 CS students)
- CS326/IT326: Software Engineering (undergraduate class, 28 CS/IT students)
Fall 2009
- CS589: Virtualization Technologies (co-instruct with Dr. Fu, 11 CS students)
- CS389/IT321: Internet and Web Programming (undergraduate class, 16 CS/IT students)
Spring 2009
- CS589: Cloud Computing and Application* (graduate class, 11 CS students)
- CS326/IT326: Software Engineering (undergraduate class, 28 CS/IT students)
Fall 2008
- CS589/CS441/IT441: Cryptography and Application (graduate/senior class, 18 CS/IT
students)
- CS328/IT328: Secure Software Construction (undergraduate class, 17 CS/IT students)
Spring 2008
- CS589: Access Control and System Security (graduate class, 10 CS students)
- CS326/IT326: Software Engineering (undergraduate class, 31 CS/IT students)
Fall 2007
- CS589/CS441/IT441: Cryptography and Application (graduate/senior class, 16 CS/IT
students)
+
- CS328/IT328: Secure Software Construction (undergraduate class, 23 CS/IT students)
Spring 2007
- CS589: Advanced Computer Security* (graduate class, 10 CS students)
- CS326/IT326: Software Engineering* (undergraduate class, 31 CS/IT students)
Fall 2006
- CS589/CS441/IT441: Cryptography and Application (graduate/senior class, 21 CS/IT
students)
- IT321/CS391: Internet and Web Programming* (undergraduate class, 18 CS/IT students)
1
New course development and existing course enhancement 9
Spring 2006
- CS589: Access Control and System Security* (graduate class, 9 CS students)
- CS222: Systems Programming (undergraduate class, 30 CS/IT students)
Fall 2005
+
- CS441/IT441: Cryptography and Applications (undergraduate class, 44 CS/IT students)
Spring 2005
- CS391/IT222: Internet Programming (undergraduate class, 17 CS/IT students)
6.2 Student Advising at New Mexico Tech
Doctoral Students
- Rodrigo Lopes (since Fall 2008)
- Hakan Akkan (since Spring 2010)
- William R. Claycomb (graduated in 2009, currently MTS at Sandia Labs)
Master Students
- Hakan Akkan (graduated in 2009) - Rodrigo Lopes (graduated in 2008)
- William R. Claycomb (graduated in 2005)
Doctoral Students whose committee I have served on
- Lonny Montoya
- Earl Eiland
- Danny Quist (Graduated in 2010)
- Majed Abusafiya (Graduated in 2008)
- Mohammed Alghamdi (Graduated in 2008)
- Gopalakrishna R Tadiparthi (Graduated in 2008)
- Anthonius Sulaiman (Graduated in 2007)
- Qingzhong Liu (Graduated in 2007)
- Srinivas Mukkamala (Graduated in 2005)
Master Students whose committee I have served on
- Victor T.E. Echeverria
- Nico Marrero (Graduated)
- Derek Smith (Graduated)
- Mengyu Qiao (Graduated)
- Sherry Thomas (Graduated)
- Aaron Torres (Graduated)
- James Curry (Graduated)
- Hari Paruchuri (Graduated)
- Direndra Jayakumar (Graduated)
- Moses Schwartz (Graduated)
- Mayuri Shakamuri (Graduated)
- Ronald Prine (Graduated)
- David Burton (Graduated)
- Paul Ferrell (Graduated)
- Piyush Srivastava (Graduated)
- Unnati Thakore (Graduated)
- Tanya Montoya (Graduated)
- Sayi J. Yendrapalli (Graduated)
- Carl Thomsen (Graduated)
- Kiranmai Bellam (Graduated)
- Heather Bitsoi (Graduated)
10
- Jianhua Zhou (Graduated)
- Karthikeyan Ramamoorthy (Graduated)
7 PROFESSIONAL CERTIFICATES/MEMBERSHIPS
Microsoft Certified Systems Engineer (MCSE) on Window NT Track, Microsoft, 1999.
ACM, ACM SIGSAC, ACM SIGAPP
IEEE, IEEE Computer Society
8 HONORS AND AWARDS
Academic-Year Ambassadorial Scholarship ($21,000), Rotary International (1996 - 97).
Merit-based Scholarship (Best Entrance Exam Category - 305/340 and above): full tuition
waiver
& stipend (monthly W 620,000 4 yrs.), Hongik University (1988-90, 1993-95).
9 REFERENCES
Available upon request.
11
Contact this candidate