Cynthia E. Irvine Department of Computer Science Naval ...cisr.us/downloads/cv_irvine.pdf ·...

Cynthia E. Irvine 1 March 2009

Cynthia E. Irvine Department of Computer Science

Naval Postgraduate School 1411 Cunningham Rd., GE-211

Code CS/Ic Monterey, CA 93943

[email protected] (831) 656 2461

http:// Research Interests

Computer and network security: high assurance systems, multilevel security, security architectures, system integrity, adaptive security services, and information assurance education. I have been involved in the development of architectures to enforce security policies since 1987. A theme in my research is the usability of high assurance systems through the synergistic combination of high assurance security policy enforcement mechanisms with commodity functional mechanisms.

Education

January 1975

Case Western Reserve University Cleveland, OH Ph.D. in Astronomy Advisor: William P. Bidelman NDEA Fellowship June 1970

Rice University Houston, TX B.A. Physics

Academic and Research Positions

1994 – Naval Postgraduate School Monterey, CA

Professor of Computer Science, 2003 – Associate Professor of Computer Science, 2001 – 2003 Director, Cebrowski Institute for Information Superiority and Innovation, 2001 – 2003 Director, Center for Information Systems Security Studies and Research, 1996 – Assistant Professor of Computer Science, 1994 – 2001 Instructor, Department of Computer Science, 1994.

1987 – 1994 Gemini Computers Monterey, CA Engineering staff


1982 – 1983 Monterey Peninsula College Monterey, CA. Astronomy Instructor

1975 – 1981 Naval Postgraduate School Monterey, CA

Adjunct Research Instructor, Computer Science Group, 1978 – 1981 Research Staff, Computer Science Group, 1975 – 1978

1973 – 1974 Department of Astronomy, Case Western Reserve University Cleveland, OH Research Assistant

1971 – 1986 Monterey Institute for Research in Astronomy Monterey, CA Member and Research Astronomer, 1971-1986 President, 1982-1986

1969 – 1970 Space Science Department, Rice University Houston, TX Volunteer Research Assistant

1967 – 1969 Bubble Chamber Group, Physics Department, SUNY Stony Brook Stony Brook, NY. Junior Programmer (summers)


Research Activities

Books

1. Helen Armstrong and Cynthia Irvine (eds.) Security Education and Critical Infrastructures, Kluwer Academic Publishers, Norwell, MA, 2003.

Book Chapters (Refereed)

1. Levin, T. E., Irvine, C. E., and Nguyen, T. D., “Least Privilege in Separation Kernels,” in E-Business and Telecommunication Networks, J. Filipe and M. S. Obaidat, eds., Vol. 9, Communications in Computer and Information Science, Springer-Verlag, 2008.

2. Levin, Timothy E., Irvine, Cynthia E., and Spyropoulou, Evdoxia, “Quality of Security Service: Adaptive Security,” Handbook of Information Security, Volume 3, ed. H. Bidgoli, John Wiley and Sons, Hoboken, NJ, pp. 1016-1025, 2006.

3. Irvine, Cynthia E., “Security Policy Enforcement,” Handbook of Information Security, Volume 3, ed. H. Bidgoli, John Wiley and Sons, Hoboken, NJ, pp 1026-1040, 2006.

4. Irvine, Cynthia E., “Cybersecurity Considerations for Information Systems,” Handbook of Public Information Systems, 2nd edition, ed. D. Garson, Marcel Dekker, Inc, New York, NY, 2005, pp. 203-218.

5. Rasmussen, Craig, Irvine, Cynthia E., Dinolt, George W., Levin, Timothy, and Burke, Karen L., “A Program for Education in Certification and Accreditation,” Security Education and Critical Infrastructures, ed. C. Irvine and H. Armstrong, Kluwer Academic Publishers, Norwell, MA, pp 131-149, 2003.

6. Irvine, Cynthia E. and Levin, Timothy, “A Cautionary Note Regarding the Data Integrity Capacity of Certain Secure Systems”, Integrity, Internal Control and Security in Information Systems, ed. M. Gertz, E. Guldentops, L. Strous, Kluwer Academic Publishers, Norwell, MA, pp 3-25, 2002.

7. Irvine, Cynthia E., “Security Issues for Automated Information Systems,” Handbook of Public Information Systems, ed. D. Garson, Marcel Dekker, Inc., New York, NY, pp.231-245, 2000.

8. Irvine, Cynthia E., “Astronomy and Astrophysics,” Academic American Encyclopedia, ed. S. J. Foderaro, Arete Publishing Co., Princeton, NJ, Vol 2, p. 281, 1980.

9. Irvine, Cynthia E., “Astronomical Maps and Catalogs,” Academic American Encyclopedia, ed. S. J. Foderaro, Arete Publishing Co., Princeton, NJ, Vol 2, p. 276, 1980.

10. Irvine, Cynthia E., “Faint Object Detection,” Academic American Encyclopedia, ed. S. J. Foderaro, Arete Publishing Co., Princeton, NJ, Vol 8, p. 8, 1980.

11. Irvine, Cynthia E., “Infrared Astronomy,” Academic American Encyclopedia, ed. S. J. Foderaro, Arete Publishing Co., Princeton, NJ, Vol 11, p. 175, 1980.

12. Irvine, Cynthia E., “Astronomical Photometry,” Academic American Encyclopedia, ed. S. J. Foderaro, Arete Publishing Co., Princeton, NJ, Vol 15, p. 274, 1980.


13. Irvine, Cynthia E., “X-ray Galaxies,” Academic American Encyclopedia, ed. S. J. Foderaro, Arete Publishing Co., Princeton, NJ, Vol 20, p. 309, 1980.

Refereed Journal Papers/Cases

1. T. Levin, J. Dwoskin, G. Bhaskara, T. Nguyen, P. Clark, R. Lee, C. Irvine, and T. Benzel, “Securing the dissemination of emergency response data with an integrated hardware-software architecture,” in International conference on the technical and socio-economic aspects of trusted computing (TRUST), Lecture Notes in Computer Science, University of Oxford, Springer, April 2009 to appear.

2. Huffmire, T., Brotherton, B., Sherwood, T., Kastner, R., Levin, T., Nguyen, T., and Irvine, C., “Managing Security in the Design of FPGA Based Embedded systems,” IEEE Design and Test of Computers, Vol. 25, No. 6, pp. 590-598.

3. Cone, Benjamin D., Irvine, Cynthia E., Thompson, Micahel F., and Nguyen, Thuy D., “A video game for cyber security training and awareness,” Computers and Security, Vol. 26, No. 1, pp. 63-72, 2007.

4. Irvine, Cynthia and Thompson, Michael, “CyberCIEGE: The Information Assurance Training and Awareness Video Game,” IA Newsletter, Vol. 10, No. 2, Summer 2007.

5. Irvine, Cynthia E., Thompson, Michael F., and Allen, Ken, "CyberCIEGE: Gaming for Information Assurance, IEEE Security and Privacy, Vol. 3, No. 2, 2005, pp. 64-67.

6. Dodge, Catherine, Irvine, Cynthia E., Nguyen, Thuy D., “A Study of Initialization in Linux and OpenBSD,” Operating Systems Review, Vol. 39, No 2, pp. 79-93.

7. Irvine, Cynthia E. and Levin, Timothy E., “A Doctoral Program with Specialization in Information Security: A High Assurance Constructive Security Approach,” Information Security Management, Education and Privacy, ed. Deswarte, Cuppens, Jajodia, and Wang, Kluwer Academic Publishers, Norwell, MA, pp. 173-180, 2004.

8. Anderson, Emory A., Irvine, Cynthia E., and Schell, Roger R., “Subversion as a Threat in Information Warfare,” Journal of Information Warfare, Vol. 3, No. 2, pp 52-65.

9. Irvine, Cynthia E., “Teaching Constructive Security”, IEEE Security and Privacy, Vol. 1, No. 6, 2003, pp 59-61.

10. Burke, Karen L, Craig W. Rasmussen, Craig W., Irvine, Cynthia E, Dinolt, George W., Levin, Timothy E., “Certification and Accreditation,: A Program for Practitioner Education,” Journal of Information Warfare, Vol. 2, No. 3, 2003, pp. 25-37.

11. Irvine, Cynthia E., Levin, Timothy, Wilson, Jeffrey D., Shifflett, David, and Pereira, Barbara, “An Approach to Security Requirements Engineering for a High Assurance System,” Requirements Engineering, Vol. 7, No. 4, 2002, pp. 192-208.

12. Irvine, Cynthia E., “The Reference Monitor Concept as a Unifying Principle in Computer Security Education,” Bezopasnost Information Technology, Moscow, No 4, 1999, pp. 31-36.

13. Irvine, Cynthia E., “Amplifying Security Education in the Laboratory,” Bezopasnost Information Technology, Moscow, No 4, 1999, pp.36-40.


14. Irvine, Cynthia E., Chin, Shu-Kai, and Frinke, Deborah, “Integrating Security into the Curriculum”, IEEE Computer, Vol 31, No 12, 1998, pp.25-30.

15. Irvine, Cynthia E., “Computer Security Education Challenges,” IEEE Software, Vol 14, No. 5, September 1997, pp.110-111.

16. Volpano, Dennis, and Irvine, Cynthia E., “Secure Flow Typing,” Computers and Security, Vol 16, No.2, 1997, pp.137-144.

17. Volpano, Dennis., Smith, Geoff. and Irvine, Cynthia E., “A Sound Type System for Secure Flow Analysis,” Journal of Computer Security, Vol 4, No. 3, 1996, pp. 1-21.

18. Irvine, Nelson J., and Irvine, Cynthia E., “Suspected Variability and Line Emission in Early-Type Stars,” Publ. Astron. Soc. Pacific, 91, 105, 1979.

19. Irvine, Nelson J., and Irvine, Cynthia E.,” A New Optical Supernova Remnant in Centaurus,” Astrophys, Journal Letters, 192, L111, 1974.

20. Irvine, Cynthia E., and Irvine, Nelson J.,”He II Line Profile Variations in the Wolf-Rayet Start EZ CMa,” Publ. Astron. Soc. Pacific, 85, 506, 1973.

Non-Refereed Journal Papers/Cases

1. Irvine, Cynthia E., “Security: Where Testing Fails,” ITEA Journal, June 2000, pp.53-57.

2. Irvine, Cynthia E., “The First ACM Workshop on Education Computer Security,” ACM SIGSAC Review, Vol. 15, No. 2, pp.3-5, 1997.

3. Irvine, Cynthia E., “V1302 Aquilae (IRC +10420),” I.A.U. Circ., No. 4286, 1986.

4. Irvine, Cynthia E., “Optical and Near Infrared Changes in IRC +10420,” Bull. Amer. Astron. Soc., 18, 961, 1986.

5. Bidelman, William P., and Irvine, Cynthia E., “On the Identification of an Unidentified Feature in CS Stars,” Bul. Amer. Astron. Soc., 6, 365, 1974.

6. Irvine, Cynthia E., and Titter, John C., Exposure Eliminator--A Serendipitous Discovery, The Observatory, No. 1000, 1974.

Demonstrations

1. Cynthia E. Irvine and David Shifflett, “High Assurance Multilevel Secure LAN”, system demonstration Navy MSL/MLS Workshop, Norfolk, VA, May 2001.

2. Irvine, Cynthia E., Levin, Timothy, and Spyropoulou, Evdoxia, “Security Costing Demonstration,” system demonstration at DARPA Quorum Program Principal Investigator Meeting, Seattle, WA, May 2000.

Refereed Conference Accepted Papers/Published Papers

1. Irvine, C. E., Levin, T. E., Clark, P. C., and Nguyen, T. D., “A Security Architecture for Transient Trust,” Computer Security Architecture Workshop, Fairfax, VA, October 2008.


2. Shaffer, A., Auguston, M., Irvine, C. and Levin, T. “A Security Domain Model for Implementing Trusted Subject Behaviors,” in Proceedings of the Modeling Security Workshop, Toulouse, France, September 2008.

3. Ted Huffmire, Jonathan Valamehr, Timothy Sherwood, Ryan Kastner, Timothy Levin, Thuy D. Nguyen, and Cynthia Irvine, “Trustworthy System Security through 3-D Integrated Hardware,” Proceedings of the 2008 IEEE International Workshop on Hardware-Oriented Security and Trust (HOST-2008), Anaheim, CA, June 2008.

4. Nguyen, T. D., and Irvine, C. E., “Use of Evaluation Criteria in Security Education,” in Proc. of the Third International Conference on i-Warfare and Security, (Omaha, NB), April 2008, pp. 285-292.

5. Ong, K. L., Nguyen, T. D., and Irvine, C. E., “Implementation of a Multilevel Wiki for Cross-Domain Collaboration,” in Proc of the Third International Conference on i-Warfare and Security, (Omaha, NB), April 2008, pp. 293- 304.

6. Orwat, M., Levin, T. and C. Irvine, “An Ontological Approach to Secure MANET Management,” in Proc. of the Third International Conference on Availability, Security, and Reliability, (Barcelona, Spain), pp. 787-794, Mar. 2008.

7. DeLong, R., Nguyen, T. D., Irvine, C. E., and Levin, T. E., “Toward a Medium-Robustness Separation Kernel Protection Profile,” Annual Computer Security Applications Conference, Miami Beach, FL, December 2007, pp 40-51.

8. Levin, Timothy E., Irvine, Cynthia E., Weissman, Clark, and Nguyen, Thuy D., “Analysis of Three Multilevel Security Architectures,” Computer Security Architecture Workshop, Fairfax, VA, November 2007, pp. 37-46.

9. Shaffer, A., Auguston, M., Irvine, C. and Levin, T. “Toward a Security Domain Model for Static Analysis and Verification of Information Systems.” Proceedings of the 7th OOPSLA Workshop on Domain-Specific Modeling (DSM '07). Montreal, Canada. October 2007. pp. 160- 71.

10. Chiang, Ken, Nguyen, Thuy D., and Irvine, Cynthia E., “A Linux Implementation of Temporal Access Controls,” Proceedings 8th IEEE Systems, Man, and Cybernetics Information Assurance Workshop, West Point, NY, June 2007, pp. 309-316. This work was given the award of Best Paper at the conference.

11. Irvine, Cynthia E. and Levitt, Karl, “Trusted Hardware: Can it Be Trustworthy?,” Proc. Design Automation Conference, San Diego, CA, June 2007, pp 1-4.

12. Huffmire, Ted, Brotherton, Brett, Wang, Gang, Sherwood, Tim, Kastner, Ryan, Levin, Timothy Nguyen, Thuy, and Irvine, Cynthia. “Moats and Drawbridges: An Isolation Primitive for Reconfigurable Hardware Based Systems,” Proc. IEEE Symposium on Security and Privacy, May 2007, Oakland, CA. pp. 281-295.

13. Cullum, J., Irvine, C. E., Levin, T. E., “Performance Impact of Connectivity Restrictions and Increased Vulnerability Presence on Automated Attack Graph Generation”, ICIW 2007 2nd International Conference on i- Warfare and Security, Monterey, CA, March 2007, pp. 33-46

14. Levin, Timothy E., Irvine, Cynthia E., and Nguyen, Thuy, D., Least Privilege in Separation Kernels, Proceedings International Conference on Security and Cryptography, Setubal, Portugal, August 2006, pp. 355-362.


15. Vernon, Richard C., Irvine, Cynthia E., and Levin, Timothy E., “Toward a Boot Odometer”, Proceedings from the 7th IEEE Systems, Man and Cybernetics Information Assurance Workshop, West Point, NY, June 2006.

16. Nguyen, T. D. and Irvine, C. E., “Utilizing the Common Criteria for Advanced Student Research Projects,” 2006, in IFIP International Federation for Information Processing, Volume 201, Security and Privacy in Dynamic Environments, eds. Fischer-Hubner, S., Rannenberg, K., Yngstrom, L., Lindskog, S., (Boston: Springer), pp. 317-328.

17. Cone, B. D., Thompson, M. F., Irvine, C. E. and Nguyen, T. D., “Cyber Security Training and Awareness Through Game Play,” 2006, in IFIP International Federation for Information Processing, Volume 201, Security and Privacy in Dynamic Environments, eds. Fischer-Hubner, S., Rannenberg, K., Yngstrom, L., Lindskog, S., (Boston: Springer), pp. 431-436.

18. Irvine, Cynthia E., “What Might We Mean by 'Secure Code' and How Might We Teach What We Mean?”, Proceedings Workshop on Secure Software Engineering Education and Training, Oaho, HI, April 2006.

19. Nguyen, Thuy D., Levin, Timothy E., and Irvine, Cynthia E., “High Robustness Requirements in a Common Criteria Protection Profile,” Proceedings of the 4th IEEE International Information Assurance Workshop, Royal Holloway, UK, April 2006, pp. 66-75.

20. Barwinski, Mark, Irvine, Cynthia E., and Levin, Timothy E., “Empirical Study of Drive-By-Download Spyware,” Proceedings of the International Conference on i-Warfare and Security, Princess Anne, MD, March 2006, pp. 1-12.

21. Nguyen, Thuy D., Irvine, Cynthia E., and Kane, Douglas R., “Using Common Criteria Methodology to Express Informal Security Requirements”, Proc. International Symposium on Secure Software Engineering, Arlington, VA, March 2006, pp. 75-85.

22. Afinidad, Francis, Levin, Timothy, Irvine, Cynthia E., and Nguyen, Thuy D., “A Model for Temporal Interval Authorizations,” Hawaii International Conference on System Sciences, Software Technology Track, Information Security Education and Foundational Research, Kauai, Hawaii, January 2006, p. 218.

23. Afinidad, Francis, Levin, Timothy, Irvine, Cynthia E., and Nguyen, Thuy D., “Foundation for a Time Interval Access Control Model”, Mathematical Methods, Models, and Architectures for Computer Networks Security, MMM-ACNS 2005, St. Petersburg, Russia, September 24-28, 2005, Proceedings, Lecture Notes in Computer Science, ed. Vladimir Gorodetsky, Igor Kotenko, and Victor Skormin, Springer-Verlag GmbH, Vol. 2685, pp 406-411, St. Petersburg, Russia, Septebmer 24-28, 2005.

24. Clark, Paul C., Irvine, Cynthia E., Levin, Timothy E., Nguyen, Thuy D., Shifflett, David J., Miller, Donna, “Initial Documentation Requirements for a High Assurance System: Lessons Learned”, Proceedings from the 6th IEEE Systems, Man and Cybernetics Information Assurance Workshop, West Point, NY, June 2005, pp. 434-435.

25. Nguyen, Thuy D., Levin, Timothy E., and Irvine, Cynthia E., “MYSEA Testbed”, Proceedings from the 6th IEEE Systems, Man and Cybernetics Information Assurance Workshop, West Point, NY, June 2005, pp. 438-439.


26. Irvine, Cynthia E., Thompson, Michael F., and Allen, Ken, “CyberCIEGE: An Extensible Tool for Information Assurance Education”, Proceedings of the 9th Colloquium for Information Systems Security Education, Atlanta, GA, June 2005, pp 130-138.

27. Nguyen, Thuy D., Levin, Timothy E., and Irvine, Cynthia E., “TCX Project: High Assurance for Secure Embedded Systems,” Proceedings of the 11th IEEE Real-Time and Embedded Technology and Applications Symposium, Work in Progress Session, San Francisco, CA, March 2005, pp. 21-25. (Also appeared in SIGBED Review, Vol. 2, No. 2, April 2005, Special Issue on IEEE RTAS 2005 Work-in-Progress)

28. Irvine, Cynthia E., “A Common Criteria-Based Team Project for High Assurance System Education, Success Through Information Security Knowledge,” Proc. Fourth World Conference on Information Security Education, Moscow, Russia, May 2005, pp. 82-93.

29. Irvine, Cynthia E., Thompson, Michael F., and Allen, Ken, “CyberCIEGE (TM): An Information Assurance Teaching Tool for Training and Awareness,” Proceedings of the 2005 FISSEA Conference, Bethesda, MD, March 2005.

30. Irvine, Cynthia E., and Thompson, Michael F., “Expressing an Information Security Policy Within a Security Simulation Game, in Avoiding Fear, Uncertainty and Doubt,” Proceedings of the Sixth Workshop on Education in Computer Security, Monterey, California, July 2004, pp. 43-49.

31. Irvine, Cynthia E., Levin, Timothy E., Nguyen, Thuy D., and Dinolt, George W., “The Trusted Computing Exemplar Project,” Proceedings of the 2004 IEEE Systems Man and Cybernetics Information Assurance Workshop, West Point, NY, June 2004, pp. 109-115.

32. Irvine, Cynthia E., Levin, Timothy E., Nguyen, Thuy D., Shifflett, David, Khosalim, Jean, Clark, Paul C., Wong, Albert, Afinidad, Francis, Bibighaus, David, and Sears, Joseph, “Overview of a High Assurance Architecture for Distributed Multilevel Security,” Proceedings of the 2004 IEEE Systems Man and Cybernetics Information Assurance Workshop, West Point, NY, June 2004, pp. 38-45.

33. Falby, Naomi, Fulp, J.D., Clark, Paul C., Cote, R. Scott, Irvine, Cynthia E., Dinolt, George W., Levin, Timothy E., Rose, Matthew, and Shifflett, Deborah, “Information Assurance Capacity Building: A Case Study,” Proceedings of the Colloquium on Information Systems Security Education, pp. 31-36.

34. Falby, Naomi, Thompson, Michael F., and Irvine, Cynthia, “A Security Simulation Game Scenario Definition Language,” Innovative Program Abstracts - Colloquium on Information Systems Security Education, West Point, NY, June 2004.

35. Mohan, Raj, Levin, Timothy E., and Irvine, Cynthia E., “An Editor for Adaptive XML-Based Policy Management of IPsec,” Proceedings of the 19th Computer Security Applications Conference, Las Vegas, NV, December 2003, pp. 276-285.

36. Irvine, Cynthia E., and Thompson, Michael, “Teaching Objectives of a Simulation Game for Computer Security,” Proceedings of Informing Science and Information Technology Joint Conference, Pori, Finland, June 2003.

37. Xie, Geoffrey, Irvine, Cynthia E., and Levin, Timothy, “Quantifying Effect of Network Latency and Clock Drift on Time-Driven Key Sequencing,” Proceedings of IEEE First International


Workshop on Assurance in Distributed Systems and Networks, Vienna, Austria, July 2002, pp. 35-42.

38. Spyropoulou, Evdoxia, C. Agar, Christopher, Levin, Timothy E., and Irvine, Cynthia E., “IPsec Modulation for Quality of Security Service”, Proceedings of the International Systems Security Engineering Conference, Orlando, FL, March 2002.

39. Irvine, Cynthia E., and Levin, Timothy E., Spyropoulou, Evdoxia, and Allen, Bruce, “Security as a Dimension of Quality of Security Service”, Proceedings of the Active Middleware Services Workshop, August 2001, San Francisco, CA, pp 87-93.

40. Irvine, Cynthia E., and Levin, Timothy E., “Teaching Security Engineering Principles,” Proceedings Second World Conference on Information Security Education, Perth, Australia, July 2001, pp. 113-127.

41. Kim, J.-K., Kidd, T., Siegel, H. J., Irvine, C., Levin, T., Hensgen, D. A., St. John, D., Prasanna, V. K., Freund, R. F., and Porter, N. W., “Collective Value QoS: A Performance Measure Framework for Distributed Heterogeneous Networks,” Proceedings of the 15th International Parallel and Distributed Processing Symposium, San Francisco, California, April 2001, pp. 810-823.

42. Irvine, Cynthia E., Levin, Timothy, Wilson, Jeffrey D., Shifflett, David, and Pereira, Barbara, “A Case Study in Security Requirements Engineering for a High Assurance System,” Proceedings of the 1st Symposium on Requirements Engineering for Information Security, Indianapolis, Indiana, March 2001.

43. Irvine, Cynthia E., and Levin, Timothy, “Data Integrity Limitations in Highly Secure Systems,” Proceedings of the International Systems Security Engineering Conference, Orlando, FL, February 2001.

44. Sypropoulou, Evdoxia, Levin, Timothy, and Irvine, Cynthia E., “Calculating Costs for Quality of Security Service,” Proceedings of the 16th Computer Security Applications Conference, New Orleans, LA, December 2000, pp. 334-343.

45. Balmer, Steven R., and Irvine, Cynthia E. “Analysis of Terminal Server Architectures for Thin Clients in a High Assurance Network,” Proceedings of the National Information Systems Security Conference, Baltimore, MD, October 2000, pp 192-202. This paper was given the award of “Best Paper” at the conference.

46. Irvine, Cynthia E., and Levin, Timothy, “Quality of Security Service,” Proceedings of the New Security Paradigms Workshop, Ballycotton, Ireland September 2000, pp. 91-99. (Reprinted in the Proceedings of the National Information Systems Security Conference, Baltimore, MD, October 2000, CD version).

47. Robin, J. Scott, and Irvine, Cynthia E., “Analysis of the Intel Pentium's Ability to Support a Secure Virtual Machine Monitor,” Proceedings of the 9th Usenix Security Symposium, Denver, CO, August, 2000, pp.129 - 144.

48. Irvine, Cynthia E. and Levin, Timothy, “Toward Quality of Security Service in A Resource Management System Benefit Function,” Proceedings of the 2000 Heterogeneous Computing Workshop, Cancun, Mexico, May 2000, pp.133-139.


49. Kim, Jong-Kook, Hensgen, Deborah A., Kidd, Taylor, Siegel, Howard J., St. John, David, Irvine, Cynthia E., Levin, Timothy, Prasanna, Viktor K., and Freund, Richard F., “A QoS Performance Measure Framework for Distributed Heterogeneous Networks,” Proceeding of EuroMicro-PDP, Rhodos, Greece , January 2000, pp. 18 - 27.

50. Irvine, Cynthia E., and Levin, Timothy, “Toward a Taxonomy and Costing Method for Security Services,” Proceedings of the 15th Computer Security Applications Conference, December 1999, pp. 183-188, Scottsdale, AZ.

51. Irvine, Cynthia E., “The Reference Monitor Concept as a Unifying Principle in Computer Security Education,” Proceedings of the First World Conference on Information Systems Security Education, Stockholm, Sweden, pp.27-37, June 1999.

52. Isa, H.R., Shockley, W. R., and Irvine, Cynthia E., “A Multi-threading Architecture for Multilevel Secure Transaction Processing,” Proceedings of 1999 Symposium on Security and Privacy , Oakland, California, pp. 166-180, May 1999.

53. Hensgen, D., Kidd, T., St. John, D., Schnaidt, M.C., Siegel, H. J., Braun, T., Maheswaran, M., Ali, S., Kim, J-K, Irvine, Cynthia E., Levin, Timothy, Freund, R.F., Kusso, M., Godfrey, M., Duman, A., Carff, P., Kidd, S., Prasanna, V., Bhat, P, Alhusaini, A., “An Overview of the Management System for Heterogeneous Networks (MSHN),” Proceedings of the 8th Workshop on Heterogeneous Computing Systems (HCW '99), San Juan, Puerto Rico, pp. 184-198, April 1999.

54. Xie, Geoffrey, Cowell, Cary, and Irvine Cynthia E., “LLPA: high speed link layer packet authentication” Proceedings of Annual IEEE Gigabits Networking Workshop (GBN'99), New York City, NY, March 1999.

55. Wright, R.E., Shifflett, D.J., and Irvine, Cynthia E., “Security for a Virtual Heterogeneous Machine,” Proceedings of the Fourteenth Computer Security Applications Conference, Scottsdale, AZ, pp. 167-177, December 1998.

56. Irvine, Cynthia E., Anderson, J.P., Robb, D.A., and Hackerson, J., “High Assurance Multilevel Services for Off-The-Shelf Workstation Applications,” Proceedings of the National Information Systems Security Conference, Crystal City, VA, pp.421-431, October 1998.

57. Irvine, Cynthia E., “Naval Postgraduate School Center for INFOSEC Studies and Research: Teaching the Science of Computer Security,” MILCOM Proceedings (unclassified), Monterey, California, November 1997.

58. Irvine, Cynthia E., Warren, D.F., and Clark, P.C., “The NPS CISR Graduate Program in INFOSEC: Six Years of Experience,” Proceedings of the 20th National Information Systems Security Conference, Baltimore, MD, pp.22-30, October 1997.

59. Currie, D. and Irvine, Cynthia E., “Surmounting the Effects of Lossy Compression on Steganography,” Proceedings of the 19th National Information System Security Conference , Baltimore, pp. 194-201, Md, October 1996.

60. Irvine, Cynthia E., and Volpano, D., “A Practical Tool for Developing Trusted Applications,” in Proceedings of the 11th Computer Security Applications Conference, New Orleans, LA, pp. 190-195, December 1995.


61. Irvine, Cynthia E., “A Multilevel File System for High Assurance,” Proceedings 1995 IEEE Symposium on Security and Privacy, Oakland, CA, pp. 78-87, May 1995.

62. Schell, R.R. and Irvine, Cynthia E., “Future Roles for Balanced Assurance in Trusted Database Management Systems,” Proceedings of the 5th RADC Database Security Workshop, October 1992.

63. Irvine, Cynthia E., Schell, R.R. and Thompson, M.F., “Using TNI Concepts for Near-Term Use of High Assurance Database Management Systems,” Proceedings of the 4th RADC Database Security Workshop, Little Compton, RI, April 1991.

64. Irvine, Cynthia E., Schell, R.R. and Vetter, L., “Architecture for an Embedded Secure Database Management System,” Proceedings of the 6th Annual Computer Applications Conference, Tucson, AZ, December 1990.

65. Irvine, Cynthia E., Acheson, T.B. and Thompson, M.F., “Building Trust into a Multilevel File System,” Proceedings of the 13th National Computer Security Conference, October 1990, Washington, DC.

66. Schell, R.R. and Irvine, Cynthia E., “Performance Implications for Multilevel Database Systems,” Proceedings of the 3rd RADC Database Security Workshop, June 1990, Castile, NY.

67. Levin, Timothy, Padilla, S. and Irvine, Cynthia E., “A Formal Model for UNIX SETUID,” Proceedings of the IEEE Conference on Security and Privacy, pp.78-83, May 1989, Oakland, CA.

68. Irvine, Cynthia E., Thompson, M.F., Schell, R.R., Tao, T.F., Lessin, R.E., Wopat, J.R., and BenArieh, E., “Genesis of a Secure Application: A Multilevel Secure Message Preparation Workstation Demonstration”, Proceedings of the 4th Aerospace Security Applications Conference, December 1988, Orlando, FL.

Invited Conference Papers

1. Irvine, Cynthia E., Shifflett, David, Clark, Paul, Levin, Timothy, and Dinolt, George, “MYSEA Technology Demonstration,” in Proceedings DISCEX Conference, April 2003, pp. 10-12.

2. Irvine, Cynthia E., Shifflett, David, Clark, Paul, Levin, Timothy, and Dinolt, George, “Monterey Security Enhanced Architecture Project,” in Proceedings DISCEX Conference, April 2003, pp. 176-181.

3. Irvine, Cynthia E., and Levin, Timothy, “Is Electronic Privacy Achievable?,” Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 2000, pp.76-77.

4. Irvine, Cynthia E., “Amplifying Security Education in the Laboratory,” Proceedings of the First World Conference on Information Systems Security Education, Stockholm, Sweden, pp. 139-146, June 1999.

5. Irvine, Cynthia E., “The Benefits of Student Research in Information Systems Security Education,” Proceedings of the 1999 National Colloquium on Information Systems Security Education, Palisades, NY, May 1999.

6. Irvine, Cynthia E., “Security in Innovative New Operating Systems,” Proceedings IEEE Symposium on Security and Privacy, May 1997, pp. 202-203.


7. Irvine, Cynthia E., “Goals for Computer Security Education,” Proceedings 1996 IEEE Symposium on Security and Privacy, Oakland, CA, pp.24-25, May 1996.

Currently Submitted Papers or Papers in Progress: Journals & Conferences

1. Irvine, C. E., Multilevel Security, Handbook of Science and Technology for Homeland Security, Wiley-Interscience. To appear.

Non-Refereed Technical Memoranda and Working Papers

1. Clark, Paul C., Irvine, Cynthia E., Levin, Timothy E., Nguyen, Thuy D., Vidas, Timothy M., SecureCore Software Architecture: Trusted Path Application (TPA) Requirements, NPS-CS-07-001, Naval Postgraduate School, December 2007.

2. Clark, Paul C., Irvine, Cynthia E., Levin, Timothy E., Nguyen, Thuy D., Vidas, Timothy M., Shifflett, David J., SecureCore Software Architecture: SecureCore Operating System (SCOS) Functional Specification, NPS-CS-07-018, Naval Postgraduate School, December 2007.

3. Shifflett, David J., Clark, Paul C., Irvine, Cynthia E., Nguyen, Thuy D., Vidas, Timothy M., and Levin, Timothy E., Secure Core Software Architectures: Trusted Management Layer (TML) Kernel Extension Module Integration Guide, NPS-CS-07-022, Naval Postgraduate School, December 2007.

4. Shifflett, David J., Clark, Paul C., Irvine, Cynthia E., Nguyen, Thuy D., Vidas, Timothy M., Levin, Timothy E., SecureCore Software Architecture: Trusted Management Layer (TML) Kernel Extension Module Interface Specification, NPS-CS-07-021, Naval Postgraduate School, December 2007.

5. Levin, T. E., Irvine, C. E., Benzel, T. V., Bhaskara, G., Clark, P. C., and Nguyen, T. D., Design Principles and Guidelines for Security, NPS-CS-08-001, Naval Postgraduate School, November 2007.

6. Huffmire, Ted and Irvine, Cynthia. Field Programmable Gate Array Guidance for Information Systems Security Engineers: Analysis and Recommendations, NPS Technical report NPS-CS-07-009, August 2007.

7. Nguyen, Thuy D., and Levin, Timothy E., Irvine, Cynthia E., Benzel, Terry V., and Bhaskara, Ganesha, Preliminary Security Requirements for SecureCore Hardware, NPS-CS-06-014, Naval Postgraduate School, Monterey, California, September 2006.

8. Levin, Timothy E., Irvine, Cynthia E., and Nguyen, Thuy D., An Analysis of Three Kernel-based Multilevel Security Architectures, NPS-CS-06-001, Naval Postgraduate School, Monterey, California, August 2006.

9. Clark, Paul C., and Irvine, Cynthia E., Levin, Timothy E., and Nguyen, Thuy D., The GIG Information Access Control Policy: An Interpretation, Analysis and Conceptual Design, NPS-CS-06-018, Naval Postgraduate School, Monterey, California, June 2006.

10. Clark, Paul C., Irvine, Cynthia E., Levin, Timothy E., Nguyen, Thuy D., Shifflett, David J., Miller, Donna, Initial Documentation Requirements for a High Assurance System: Lessons Learned, NPS-CS-06-007, Naval Postgraduate School, Monterey, California, February 2006.


11. Afinidad, Francis, Irvine, Cynthia E., Nguyen, Thuy D., and Levin, Timothy E., A Time Interval Memory Protection System, NPS-CS-06-002, Naval Postgraduate School, Monterey, California, November 2005.

12. Benzel, Terry V., Irvine, Cynthia E., Levin, Timothy E., Bhaskara, Ganesha, Nguyen, Thuy D., and Clark, Paul C., “Design Principles for Security,” NPS-CS-05-010, Naval Postgraduate School, Monterey, California, September 2005.

13. Miller, Donna, Levin, Timothy E., and Irvine, Cynthia E., A Case Study of Wireless Integration into an Enterprise Network, Naval Postgraduate School Technical Report, NPS-CS-005-004, Naval Postgraduate School, Monterey, CA, January 2005.

14. Irvine, Cynthia E., Nguyen, Thuy D., and Levin, Timothy E., A High Assurance Testbed for Multilevel Interoperabiity: 2004 Developments, Naval Postgraduate School Technical Report, NPS-CS-05-002, Naval Postgraduate School, Monterey, CA, October 2004.

15. Levin, Timothy E., Irvine, Cynthia E., and Nguyen, Thuy D., A Least Privilege Model for Static Separation Kernels, Naval Postgraduate School Technical Report, NPS-CS-05-003, Naval Postgraduate School, Monterey, CA, October 2004.

16. Irvine, Cynthia E., Levin, Timothy E., and Nguyen,Thuy D., Trusted Computing Exemplar: 2004 Developments, Naval Postgraduate School Technical Report, NPS-CS-05-001, Naval Postgraduate School, Monterey, CA, October 2004.

17. Irvine, Cynthia E., Levin, Timothy E., and Dinolt, George W., “Diamond High Assurance Security Program: Trusted Computing Exemplar,” Technical Report NPS-CS-02-004, September 2002.

18. Spyropoulou, E., Levin, T., and Irvine, C., “Demonstration of Quality of Security Service Awareness for IPsec,” Technical Report NPS-CS-02-005, Naval Postgraduate School, Monterey, CA, September 2002.

19. Irvine, Cynthia E., Shifflett, David, Clark Paul C., Levin, Timothy E., and Dinolt, George W., “MYSEA Security Architecture,” Technical Report NPS-CS-02-006, May 2002.

20. Irvine, Cynthia E., Levin, Timothy, Dinolt, George W., “A National Trusted Computing Strategy” Technical Report NPS-CS-02-003, May 2002.

21. Spyropoulou, E., Levin, T., and Irvine, Cynthia E., “Keynote Policy Files and Conversion to Disjunctive Normal Form for Use in IPsec,” Technical Report NPS-CS-02-001, Naval Postgraduate School, Monterey, CA, January 2002.

22. Spyropoulou, E., Agar, C., Levin, T., and Irvine, C., “IPsec Modulation for Quality of Security Service,” Technical Report NPS-CS-02-01, Naval Postgraduate School, Monterey, CA, January 2002.

23. Irvine, Cynthia E. and Levin, Timothy, “Data Integrity Limitations in Hybrid Security Architectures,” NPS Technical Report NPS-CS-00-008, December 2000.

24. Irvine, Cynthia and Levin, Timothy, “The Effects of Security Choices and Limits in a Metacomputing Environment,” NPS Technical Report NPS-CS-00-004, April 2000.

25. Irvine, Cynthia and Levin, Timothy, “An Introduction to Quality of Security Service,” NPS Technical Report NPS-CS-00-005, April 2000.


26. Irvine, Cynthia, Howard J. Seigel, Viktor Prasanna, Debra Hensgen, Levin, Timothy, “Management System for Heterogeneous Networks Final Report, Volume I: Project Summary and Papers,” NPS Technical Report NPS-CS-00-006, April 2000.

27. Spyropoulou, Evdoxia, Levin, Timothy, and Irvine, Cynthia, “Quality of Security Service Costing Demonstration for the MSHN Project,” NPS Technical Report NPS-CS-00-007, April 2000.

28. Levin, Timothy, and Irvine, Cynthia E., “Quality of Security Service in A Resource Management System Benefit Function,” NPS-CS-99-005, Naval Postgraduate School, Monterey, California June 15, 1999.

29. Irvine, Cynthia E., and Levin, Timothy, “A Note on Mapping User-Oriented Security Policies to Complex Mechanisms and Services,” NPS-CS-99-008, Naval Postgraduate School, Monterey, California June 15, 1999.

30. Irvine, Cynthia E. and Levin T., “Toward a Taxonomy and Costing Method for Security Services,” NPS-CS-99-007, Naval Postgraduate School, Monterey, California 15 June 1999.

31. Levin, Timothy, and Irvine, Cynthia E., “An Approach to Characterizing Resource Usage and User Preferences in Benefit Functions,” NPS-CS-99-005, Naval Postgraduate School, Monterey, California June 15, 1999.

32. Irvine, Cynthia E. and Shockley, William R., “Roundhouse: A Security Architecture for Active Networks,” Naval Postgraduate School Technical Report, NPSCS-98-002, Naval Postgraduate School, Monterey, California, May 1998.

33. Irvine, Cynthia E., “NPS CISR Annual Report,” June 1998.

34. Chin, Shu-Kai, Irvine, Cynthia E., and Frinke, Deborah, “An Information Security Education Initiative for Engineering and Computer Science,” Naval Postgraduate School Technical Report, NPSCS-97-003, Naval Postgraduate School, Monterey, California, December 1997.

35. Irvine, Cynthia E., Warren, D. F., and Stemp, R., “Teaching Computer Security at a Department of Defense University,” NPS-CS-97-002, April 1997.

36. Irvine, Cynthia E., “NPS CISR Annual Report,” December 1996.

37. Irvine, Cynthia E., and Towle, Bradley S., “Embedded Secure Database Management System,” RADC-TR-90-439, Rome Air Development Center, Griffiss AFB, December 1990,

38. Irvine, Cynthia E., and Acheson, Todd B., “Factors Affecting Software Ports to the GEMSOS Environment,” Technical Note, GCI-89-03-01, July 1989.

39. Irvine, Cynthia E., and Bergez, John, “Mission to Mars: A Classroom Activities Manual,” Monterey Institute for Research in Astronomy, 1984.

40. Irvine, Cynthia E., “Application of Acoustic Signal Processing Techniques to Seismic Data,” Naval Postgraduate School, 1977.

Book Reviews

1. Experiencing Science, by Jeremy Bernstein for The Humanist, 1982.


Other Papers and Publications

1. Irvine, Cynthia E., “The SimSecurity Information Assurance Virtual Laboratory,” extended abstract for IEEE Symposium on Security and Privacy, Oakland, California, May 2003.

2. Irvine, Cynthia E., Levin, Timothy, Nguyen, Thuy, and Dinolt, George, “Trusted Computing Exemplar Project,” extended abstract for IEEE Symposium on Security and Privacy, Oakland, California, May 2003.

3. Irvine, Cynthia, and Levin, Timothy, “An Extended-OpenBSD Security Architecture: MYSEA,” extended abstract for Secure Trusted Operating System Conference ‘02, Monterey, California, August 2002.

4. Spyropoulou, Evdoxia, Irvine, Cynthia E., Levin, Timothy E., and Allen, Bruce, “Managing Costs and Variability of Security Services,” extended abstract for IEEE Symposium on Security and Privacy, Oakland, California, May 2001.

5. Irvine, Cynthia E., and Levin, Timothy E., “Overview of Quality of Security Service,” extended abstract for IEEE Symposium on Security and Privacy, Oakland, California, May 2001.

6. VanPutte, Michael, Irvine, Cynthia E., and Hiles, John, “Distance Learning and Virtual Laboratory for Information Assurance,” extended abstract for IEEE Symposium on Security and Privacy, Oakland, California, May 2001.

7. Balmer, Steven, Bryer-Joyner, Susan, Eads, Bradley, Heller, Scott D., Irvine, Cynthia E. “High Assurance Multilevel Secure Mail Service: Session Server and IMAP Server” extended abstract, distributed as part of 5-minute talks at IEEE Symposium on Security and Privacy, Oakland, California, May 1999.

8. Irvine, Cynthia E. and Levin, Timothy, “Security Approach for a Resource Management System,” extended abstract distributed as part of 5-minute talks at IEEE Symposium on Security and Privacy, Oakland, California, May 1999.

9. Irvine, Cynthia E., and Bergez, J., “An Astronomy Outreach Program for Grades 4, 5, and 6,” Bull. Amer. Astron. Soc., 18, 1000, 1986.

10. Irvine, Nelson J., and Irvine Cynthia E., “SIRTF, Space Infrared Telescope Facility” for NASA-Ames Research Center, 1985.

11. Irvine, Cynthia E., “New Observatory Rising to the Stars,” Monterey Peninsula Herald, January 1, 1984.

12. Irvine, Nelson J., and Irvine, Cynthia E., “The Oliver Observing Station: MIRA's New Observatory,” Bull. Amer. Astron. Soc., 15, 998, 1983.

13. Irvine, Cynthia E., “Intelligent Life Beyond Earth,” MIRA Newsletter, 6, No 2, 1983.

14. Irvine, Cynthia E., “The Big Bang and Cosmic Radiation,” Monterey Peninsula Herald, September 9, 1983.

15. Irvine, Cynthia E., “Women in the Field of Astronomy,” Monterey Peninsula Herald, June 26, 1983.

16. Irvine, Cynthia E., “Sir Arthur Eddington--Author, Scientist,” Monterey Peninsula Herald, December 26, 1982.


17. Irvine, Cynthia E., “Gregorian Calendar is 400 Years Old,” Monterey Peninsula Herald October 26, 1982.

18. Irvine, Cynthia E., “Planetary Nebulae: Tombstones in the Sky,” Monterey Peninsula Herald, 1982.

19. Irvine, Cynthia E., “Excitement Over a Lot of Nothing,” Monterey Peninsula Herald, December 27, 1981 (Interstellar Matter).

20. Irvine, Cynthia E. and Irvine, N. J., “Stars in Their Eyes,” Monterey Life, November 1981, p. 66.

21. Irvine, Cynthia E., “The 'Evil Eye' that Stars in the Heavens,” Monterey Peninsula Herald, September 27, 1981 (Algol).

22. Irvine, Cynthia E., “Scientists View the Dark Spots in the Heavens,” Monterey Peninsula Herald, July 5, 1981 (Interstellar Matter).

23. Irvine, Cynthia E., “Astronomer's Notebook--More on the Big Bang,” MIRA Newsletter, 4, No. 1, 7, 1981.

24. Irvine, Cynthia E., “What is MIRA Anyway? From Cleveland to Monterey,” MIRA Newsletter, 4, No. 1, 5, 1981.

25. Irvine, Cynthia E., “The Death of a Star in 1054,” Monterey Peninsula Herald, January 4, 1981 (Crab Nebula).

26. Irvine, Cynthia E., “Sunspots Spoiled Ancient Theory of 'Perfect' Sun,” Monterey Peninsula Herald, August 31, 1980 (Maunder Minimum).

27. Irvine, Cynthia E., “Double Hubble Troubles Universe,” Monterey Peninsula Herald, April 27, 1980 (Extra-galactic distance scale).

28. Chester, Craig, Irvine, Cynthia E., Irvine, Nelson J., Merville, Al, Ross, H., and Weaver, W.B., “MIRA, A Status Report,” Bul. Amer. Astron. Soc., 11, 631, 1980.

29. Irvine, Cynthia E., “Changing Views on the Origin of the Universe,” Monterey Peninsula Herald, March 30, 1980.

30. Irvine, Cynthia E., “It Wasn't Easy for February to Get that Extra Day,” Monterey Peninsula Herald, February 3, 1980.

31. Irvine, Cynthia E., “Great Nebula is Month's Display,” Monterey Peninsula Herald, September 2, 1979 (M31, The Andromeda Galaxy).

32. Irvine, Cynthia E., “A Star called Mira,” MIRA Newsletter, Winter 1978.

Conference Presentations

1. 11 December 2003: “An Editor for Adaptive XML-Based Policy Management of IPsec”, 19th Annual Computer Security Applications Conference, Las Vegas, Nevada.

2. 4 December 2003: “NPS Information Assurance Research Overview”, invited presentation at DoD Information Assurance Research and Development Symposium, Alexandria, Virginia.


3. 25 September 2003: “Monterey Security Architecture (MYSEA),” invited presentation at Office of the Secretary of Defense Workshop on Multilevel Security, Alexandria, Virginia.

4. 24 September 2003: “Considering Lifecycle Subversion,” invited presentation at Office of the Secretary of Defense Workshop on Multilevel Security, Alexandria, Virginia.

5. 17 June 2003, “Subversion” invited talk National Security Agency, Fort Meade, Maryland.

6. 6 May 2003: Invited Presentation at Federal Aviation Administration (FAA) Information Technology (IT) Information Systems Security (ISS) Research and Development (R&D) Workshop entitled “Current Research Supporting the FAA”.

7. 20 March 2003: “Trusted Computing Exemplar,” invited presentation at Information Assurance Task Force Forum, Columbia, Maryland.

8. 20 August 2002: “An Extended-OpenBSD Security Architecture: MYSEA,” presented at Secure Trusted Operating System Conference ‘02, Monterey, California.

9. 15 October 2001: Invited Presentation at SANS entitled “Naval Postgraduate School: A Success Story in Information Assurance”.

10. 6 August 2001: “Security as a Dimension of Quality of Service in Active Service Environments”, Third Annual International Workshop on Active Middleware Services, San Francisco, CA.

11. 12 July 2001: “Teaching Security Engineering Principles”, IFIP TC11 WG 11.8 Second World Conference on Information Security Education, Perth, Australia.

12. 9 July 2001: “Quality of Security Service Costing and Control”, Invited talk for National Defense University, Singapore.

13. 10 May 2001: “High Assurance Multi-level Secure LAN for Commercial PCs”, Navy MSL/MLS Workshop, Norfolk, VA.

14. 10 October 2000: Presented panel paper at the National Information Systems Security Conference, Baltimore, MD. Position paper title: “An Argument for Academic Research in Information Security”.

15. 17 October 2000: Presented paper at the National Information Systems Security Conference, Baltimore, MD. Presentation title: “Analysis of Terminal Server Architectures for Thin Clients in a High Assurance Network”.

16. 16 October 2000: As part of a conference review panel, presented paper at the National Information Systems Security Conference, Baltimore, MD. Position paper title: “An Argument for Quality of Security Service”. Reprinted paper title: “Quality of Security Service”.

17. 26 September 2000: “The Naval Postgraduate School Multilevel Secure Local Area Network Project,” presented at Workshop on Innovations in Strong Access Control, Monterey, California.


18. October 1999 - May 2000: Organized and ran a debate on the technical aspects of electronic privacy at IEEE (Institute of Electrical and Electronics Engineers) Symposium on Security and Privacy, Oakland, California. Debate title: “Is Electronic Privacy Achievable?”

19. 15 May 2000: Organized (with Timothy Levin) and introduced panel session at IEEE (Institute of Electrical and Electronics Engineers) Symposium on Security and Privacy, Oakland, California. Panel Title: “Is Electronic Privacy Achievable?”

20. 9 - 10 May 2000: Presented talks at the DARPA/ITO Quorum Program principal Investigator's meeting, Seattle, WA. Talk titles: “MSHN Security Architectures and QoSS” and “Management System for Heterogeneous Networks: Phase I Summary”.

21. 1 May 2000: “Toward Quality of Security Service in A Resource Management System Benefit Function,” 2000 Heterogeneous Computing Workshop, Cancun, Mexico.

22. 8 - 10 December 1999: Presented a talk at the 15th Computer Security Applications Conference, December 1999, Scottsdale, Arizona. Talk title: “Toward a Taxonomy and Costing Method for Security Services”.

23. 18 - 21 October 1999: Presentations for two panels at the National Information Systems Security Conference, Crystal City, Virginia. Panel presentations: “From Evolution to Revolution: An Educator's Perspective” and “The NPS CISR Approach to Information System Security Education”.

24. 22 September 1999: Invited Speaker at,1999 Annual Symposium of International Testing and Evaluation Association, Atlanta, Georgia. Talk title: “Security: Where Testing Fails”.

25. 17-19 June 1999: Invited speaker at First World Conference on Information Security Education, Kista, Sweden. Invited talk title: “Amplifying Security Education in the Laboratory”. Talk title: “The Reference Monitor Concept as a Unifying Principle in Computer Security Education.”.

26. 25 - 27 May 1999: Invited speaker at NCISSE (National Colloquium On Information Systems Security Education), Palisades, New York. Talk titles: “The Government Perspective on INFOSEC Education” and “The Benefits of Student Research in Information Systems Security Education”.

27. January 1998 - January 1999: Organized and ran Third Workshop on Computer Security Education, Pacific Grove, California. Responsible for setting the theme of the workshop, its general organization and financing.

28. 9 - 11 December 1998: “Security for a Virtual Heterogeneous Machine,” Fourteenth Computer Security Applications Conference, Scottsdale, AZ.

29. 5 - 8 October 1998: Presented a talk and participated in a panel on Information Systems Security education at the National Information Systems Security Conference, Crystal City, Virginia. Talk title: “High Assurance Multilevel Services for Off-The-Shelf Workstation Applications”. Panel presentation title: “NPS CISR Graduate Program in Computer Security”.


30. 6 October 1998: Presented a panel paper entitled: “Information Dominance: Questions in Teaching,” National Information Systems Security Conference, Crystal City, Virginia.

31. 8 October 1998: Presented a panel paper entitled: “NPS CISR Graduate Program in Computer Security,” National Information Systems Security Conference, Crystal City, Virginia.

32. 16 - 18 June 1998: Organized panel session and presented at NCISSE (National Colloquium On Information Systems Security Education), Harrisonburg, Virginia, Panel and talk title: “Meeting Security Requirements for Global Commerce: Can Education Help?”.

33. January 1997 - January 1998: Organized and ran Second Workshop on Computer Security Education, Pacific Grove, California. Talk title: “Exploitation of a Covert Channel”. Responsible for setting the theme of the workshop, its general organization and financing.

34. November 1997 Attended and presented at MILCOM, Monterey, California. Talk title: “Naval Postgraduate School Center for INFOSEC Studies and Research: Teaching the Science of Computer Security”.

35. 7 - 10 October 1997: “The NPS CISR Graduate Program in INFOSEC: Six Years of Experience,” 20th National Information Systems Security Conference, Baltimore, Maryland.

36. September 1996 - May 1997: Organized and presented a panel session at the IEEE Symposium on Security and Privacy, Oakland, California. Panel title: “Security in Innovative New Operating Systems”.

37. April 1997: Invited speaker at NCISSE (National Colloquium On Information Systems Security Education), Baltimore, Maryland. Talk title “Graduate Education in Computer Security”.

38. March 1997: Invited Speaker at Federal Information System Security Conference, Gaithersburg, Maryland, Talk title: “University Education in Computer Security”.

39. January 1996 - January 1997: Organized and ran First ACM (Association for Computing Machinery) Workshop on Computer Security Education, Monterey, California. Responsible for setting the theme of the workshop, its general organization and financing.

40. 9 -13 December 1996: Tutorial presenter at Computer Security Applications Conference, San Diego, California. Tutorial title: “High and Low Assurance: What are the Differences?”

41. September 1995 - May 1996: Organized and introduced panel session at IEEE (Institute of Electrical and Electronics Engineers) Symposium on Security and Privacy, Oakland, California. Panel Title: “Goals for Computer Security Education”.

42. 11 -15 December 1995: Presented a paper and a tutorial at Computer Security Applications Conference, New Orleans, Louisiana. Tutorial title: “High and Low Assurance: What are the Differences?” Paper title: “A Practical Tool for Developing Trusted Applications”

43. May 1995: “A Multilevel File System for High Assurance,” 1995 IEEE Symposium on Security and Privacy, Oakland, California.


Invited Participant or Speaker

1. Computing Research Association Grand Challenges in Information Assurance, November 2003.

2. OSD Defense Venture Catalyst Initiative (DeVenCI) Project, July 2003

3. “Enforcement of Security Policies.” Invited Speaker, ACM sponsored lecture series, Bowling Green State University, Bowling Green, Ohio, 5 March 1998

4. “Meeting Security Requirements for Global Commerce,” Invited Speaker, University of Toledo, Toledo, Ohio, 6 March 1998

5. “Halley's Comet”, Invited Speaker, Monterey Bay Aquarium. Winter 1985.


Educational Activities

Courses Taught

Graduate

• Information Assurance: Introduction to Computer Security (CS3600) • Design and Analysis of Algorithms (CS3650) • Network Security (CS3690) • Distributed Systems (CS4112) • Secure Systems (CS4600) • Security Policies, Models and Formal Methods (CS4605) • Advanced Topics in Computer Security (CS4614) • Reading classes (CS4800) • Special topics classes (CS4920)

Undergraduate

• Introduction to Astronomy

Current Students

Masters

1. Sanders, Kyle 2. Roussas, Greg 3. Schultz, Eric 4. Welliver, Terrence 5. Wiley, Jeff

Former Students

Doctoral

1. Orwat, Mark, A Decision Framework for Enhancing Mobile Ad Hoc Network Stability and Security, Ph.D. Dissertation, Naval Postgraduate School, Monterey, California, June 2008.

2. Afinidad, Francis, An Interval Algebra-based Temporal Access Control Protection Architecture, PhD Dissertation, Computer Science Department, Naval Postgraduate School, Monterey, California, June 2005.

3. VanPutte, Michael, A Computational Model and Multi-Agent Simulation for Information Assurance, Ph.D. Dissertation, Naval Postgraduate School, Monterey, California, June 2002.

Doctoral Committee Member

1. Shaffer, Alan, An Application of Alloy to Static Analysis for Secure Information Flow and Verification of Software Systems, Ph.D. Dissertation, Computer Science Department, Naval


Postgraduate School, Monterey, California, December 2008.

2. Bibighaus, David L., Applying Doubly Labeled Transition Systems to the Refinement Paradox, Ph.D. Dissertation, Computer Science Department, Naval Postgraduate School, Monterey, California, September 2005.

3. Luke, Brian, PhD Dissertation, Electrical and Computer Engineering Department, Naval Postgraduate School, Monterey, California, June 2005.

4. Wahdan, Mahmoud, New Motion Planning and Real-time Localization Methods Using Proximity for Autonomous Mobile Robots, Ph.D. Thesis, Computer Science Department, Naval Postgraduate School, Monterey, California, September 1996.

Masters Students, Thesis Advisor

1. Tiat Leng, TEO, Scenario Selection and Student Assessment Modules for CyberCIEGE, Masters Thesis, Naval Postgraduate School, Monterey, California, December 2003.

2. Lack, Lindsay, Using the Bootstrap Concept to Build an Adaptable and Compact Subversion Artifice, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2003.

3. Murray, Jessica, An Exfiltration Subversion Demonstration, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2003.

4. Rogers, David, A Framework for Dynamic Subversion, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2003.

5. Mohan, Raj, XML Based Adaptive IPsec Policy Management in a Trust Management Context, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2002.

6. Anderson, Emory A., A Demonstration of the Subversion Threat: Facing a Critical Responsibility in the Defense of Cyberspace, Masters Thesis, Naval Postgraduate School, Monterey, California, March 2002.

7. Price, Patrick D., Toward an Internet Service Provider (ISP) Centric Security Approach, Masters Thesis, Naval Postgraduate School, Monterey, California, March 2002.

8. Smith, Kevin, Linux, OpenBSD, and Talisker: A Comparative Complexity Analysis, Masters Thesis, Naval Postgraduate School, Monterey, California, March 2002.

9. Agar, Christopher, Dynamic Parameterization of IPsec, Masters Thesis, Naval Postgraduate School, Monterey, California, December 2001.

10. Brodhun, Carl P., Prioritization of Information Assurance (IA) Technology in a Resource Constrained Environment, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2001.

11. Burns, Titus R., Analyzing Threads and Processes in Windows CE, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2001.

12. Glover, Mark V., Integrating a Trusted Computing Base Extension Server and Secure Session Server into the Linux Operating System, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2001.

13. Haynes, Letitia D., Implications of User Identification Devices (UIDs) for the United States


Navy, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2001.

14. Ziemba, Marcia L., Training Users for Public Key Infrastructure in the U.S. Navy: User Roles, Responsibilities, and Training Requirements, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2001.

15. McGovern, Susan, System Requirements to Facilitate Interoperability in a Coalition Network, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2001.

16. Pereira, Barbara A., Analyzing Input/Output Subsystem Security in Windows CE, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2001.

17. Whalen, Timothy, Human Factors in Coast Guard Computer Security - An Analysis of the USCG's Current Awareness Level and Potential Techniques to Improve Security Program Viability, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2001.

18. Drake, Timothy, An Application Emulator for HiPer-D, Masters Thesis, Naval Postgraduate School, Monterey, California, March 2001

19. Karadeniz, Kadir, Analysis of Intel IA-64 Processor Support for a Secure Virtual Machine Monitor, Masters Thesis, Naval Postgraduate School, Monterey, California, March 2001.

20. Unalmis, Bugra, Analysis of Intel IA-64 Processor Support for Secure Systems, Masters Thesis, Naval Postgraduate School, Monterey, California, March 2001.

21. Bersack, Evelyn, Implementation of a HTTP (Web) Server on a High Assurance Multilevel Secure Platform, Masters Thesis, Naval Postgraduate School, Monterey, California, expected graduation date December 2000.

22. Brown, Emma, SMPT on a High Assurance Mulitlevel Server, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2000.

23. Everette, Theresa, Enhancement of Internet Message Access Protocol for User-Friendly Multilevel Mail Management, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2000.

24. Rossetti, Richard K., A Mail File Administration Tool for a Multilevel High Assurance LAN, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2000.

25. Wilson, J. D., Trusted Networking in a Multilevel Secure Environment, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2000.

26. Polk, Kenneth, Transparently Tracking QoS Requirements to Permit Next Generation Combat Systems to More Effectively Utilize COTS, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2000.

27. Agacayack, Cihan, Controlling Object Reuse in Clients Supported by a Trusted Computer Base Extension, Masters Thesis, Electrical and Computer Engineering, Naval Postgraduate School, Monterey, California, March 2000.

28. Turan, Bora, Client Bootstrap under Trusted Computing Base Extension Control, Masters Thesis, Electrical and Computer Engineering, Naval Postgraduate School, Monterey, California, March 2000

29. Balmer, Steven, Trusted Computing Base Extension Control System For Client Workstations,


Masters Thesis, Naval Postgraduate School, Monterey, California, September 1999.

30. Morris, Dan, and Rowe, David, Public Key Infrastructure Requirements, Planning and Implementation Issues of the Marine Corps, Masters Thesis, Naval Postgraduate School, Monterey, California, September 1999.

31. Clark, Paul, Supporting Mandatory Access Control in an Educational Environment, Masters Thesis, Naval Postgraduate School, Monterey, California, September 1999.

32. Robin, Scott Analyzing the Intel Pentium III Processor's Capability to Run a Secure Virtual Machine Monitor, Masters Thesis, Naval Postgraduate School, Monterey, California, September 1999.

33. Bryer-Joyner, Susan, and Heller, Scott D., A Protocol for Establishing a Trusted Path Over an Untrusted Local Area Network, Masters Thesis, Naval Postgraduate School, Monterey, California, March 1999. Navy League Award received by LT Heller upon graduation.

34. Eads, Bradley, Developing a High Assurance Multilevel Mail Server, Masters Thesis, Naval Postgraduate School, Monterey, California, March 1999.

35. Fowler, James, Security Planning for Wireless Networks, Masters Thesis, Naval Postgraduate School, Monterey, California, March 1999.

36. Joyner, Lee, Development of a Load-Balancing Mechanism for Parallel Firewalls, Masters Thesis, Naval Postgraduate School, Monterey, California, March 1999. Rear Admiral Grace Murray Hopper Award for Computer Science received upon graduation.

37. Isa, Haruna, Utilizing Hardware Features for Secure Thread Management, Masters Thesis, Naval Postgraduate School, Monterey, California, December 1998.

38. Hackerson, Jason, Constructing a Trusted Computing Base Extension in Commercial-Off-the Shelf Personal Computers for Multilevel Secure Local Area Networks, Masters Thesis, Naval Postgraduate School, Monterey, California, September 1998.

39. Wright, Roger, Integrity Architecture and Security Services Demonstration for Management System for Heterogeneous Networks, Masters Thesis, Naval Postgraduate School, Monterey, California, June 1998.

40. Weldon, Steve, Security Issues in the JMCIS-Ashore Command and Control System, Masters Thesis, Naval Postgraduate School, Monterey, California, September 1997.

41. Buettner, Ray, and Harris, Robert, Comparative Analysis of Commercial Off The Shelf (COTS) Encryption Products for Use in Transmitting Sensitive But Unclassified (SBU) Data, Masters Thesis, Naval Postgraduate School, Monterey, California, September 1997.

42. Downey, James P., and Robb, Dion, A High Assurance Label-Based Mail Service for LANs, Masters Thesis, Naval Postgraduate School, Monterey, California, September 1997.

43. Marlett, Robert, Analysis of General Magic Telescript with Respect to Class C2 Requirements, Masters Thesis, Naval Postgraduate School, Monterey, California, September 1996.

44. Fulp, John D., A National Imagery System Security Policy, Masters Thesis, Naval Postgraduate School, Monterey, California, March 1996.


45. Bollwerk, William V., Classification of N-type Carbon Stars. Supervision of this research was conducted in my capacity as a MIRA research astronomer on behalf of the Physics Department, Masters Thesis, Naval Postgraduate School, Monterey, California, 1985.

Masters Students, Thesis Co-Advisor

1. Tenhunen, Thomas, Implementing an Intrusion Detection System in the MYSEA Architecture, Masters Thesis, Naval Postgraduate School, Monterey, California, March 2008. (co-advised with Thuy Nguyen)

2. Lavelle, Claire, A Preliminary Analysis for Porting XML-Based Chat to MYSEA , Masters Thesis, Naval Postgraduate School, Monterey, California, March 2008. (co-advised with Thuy Nguyen)

3. Gilkey, Craig, Proof of Concept Integration of a Single-Level Service-Oriented Architecture into a Multi-Domain Secure Environment, Naval Postgraduate School, Monterey, California, March 2008. (co-advised with Randy Maule)

4. Adams, Coy M. VOIP Quality Measurements in a Multilevel Secure (MLS) Environment, Masters Thesis, Naval Postgraduate School, Monterey, California, March 2008. (co-advised with Nelson Irvine)

5. Ong, K. L., Design and Implementation of Wiki Services in a Multilevel Secure Environment, Masters Thesis, Naval Postgraduate School, Dec 2007. (co-advised with Thuy D. Nguyen)

6. Portner, A. D., A Prototype of Multilevel Data Integration in the MYSEA Testbed, Masters Thesis, Naval Postgraduate School, Sept 2007. (co-advised with Thuy D. Nguyen)

7. Carter, D. W., An OSkit-Based Implementation Of Least Privilege Separation Kernel Memory Partitioning, Masters Thesis, Naval Postgraduate School, June 2007. (co-advised with Thuy D. Nguyen) BibTex

8. Wiese, B., Preliminary Analysis Of A Trusted Platform Module (TPM) Initialization Process, Masters Thesis, Naval Postgraduate School, June 2007. (co-advised with Thuy D. Nguyen)

9. Cullum, J. J., Performance Analysis Of Automated Attack Graph Generation Software, Masters Thesis, Naval Postgraduate School, Dec 2006 (co-advised with Timothy E. Levin)

10. Chiang, Ken. H., A Prototype Implementation Of A Time Interval File Protection System (TIFPS) In Linux, Masters Thesis, Naval Postgraduate School, Sept 2006 (co-advised with Thuy D. Nguyen)

11. DeCloss, Daniel P., An Analysis of Specware and its Usefulness in the Verificatio of High Assurance Systems, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2006. (co-advised with Timothy Levin)

12. Bradney, Jeremiah A., Use of WebDAV to Support a Virtual File System in a Coalition Environment, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2006. (co-advised with Thuy D. Nguyen)

13. Cone, Benjamin D., A CyberCIEGE Campaign Fulfilling Navy Information Assurance Training and Awareness Requirements, Masters Thesis, Naval Postgraduate School,


Monterey, California, March 2006. (co-advised with Nelson J. Irvine)

14. Egan, Melissa, An Implementation of Remote Application Support in a Multilevel Environment, Masters Thesis, Naval Postgraduate School, Monterey, California, March 2006. (co-advised with Thuy D. Nguyen)

15. Whitehorn, Patrick, Security Requirements Elicitation for Application Platforms in Environments Requiring High Robustness, Masters Thesis, Naval Postgraduate School, Monterey, California, March 2006. (co-advised with Thuy D. Nguyen)

16. Estlund, Mark J., A Survey and Analysis of Access Control Architectures for XML Data, Masters Thesis, Naval Postgraduate School, Monterey, California, March 2006. (co-advised with Timothy Levin)

17. Chay, Chua, A CyberCIEGE Scenario Illustrating Software Integrity and Management of Air-Gapped Newtworks in a Military Environment, Masters Thesis, Naval Postgraduate School, Monterey, California, December 2005. (co-advised with Paul Clark and Michael Thompson)

18. Ng, Chee Mun, A CyberCIEGE Scenario to Illustrate Classified Information Management in Multilevel Secure Systems for Command and Control, Masters Thesis, Naval Postgraduate School, Monterey, California, December 2005. (co-advised with Paul Clark and Michael Thompson)

19. Ruppar, Carrie, Identity Theft Prevention in CyberCIEGE, Masters Thesis, Naval Postgraduate School, Monterey, California, December 2005. (co-advised with Paul Clark and Michael Thompson)

20. Tan, Nai Kwan, A Firewall Training Program Based on CyberCIEGE, Masters Thesis, Naval Postgraduate School, Monterey, California, December 2005. (co-advised with Paul Clark and Michael Thompson)

21. Barwinski, Mark, Taxonomy of Spyware and Empirical Study of Network Drive-By Downloads, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2005. (co-advised with Timothy Levin)

22. Bui, Sonia, Single Sign-on Solution for MYSEA Services, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2005. (co-advised with Thuy D. Nguyen)

23. Muller, David, Authentication Scenario for CyberCIEGE, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2005. (co-advised with Paul C. Clark and Michael Thompson)

24. Vernon, Richard, A Design for Sensing the Boot Type of a Trusted Platform Module-Enabled Computer, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2005. (co-advised with Timothy E. Levin)

25. Tse, Lily, Feasibility study of VOIP Integration into the MYSEA Environment, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2005. (co-advised with Thuy D. Nguyen)

26. Hasbrouck, Carrie, A Study of Current Policies and Procedures Affecting Multilevel Security Technology and Implementation, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2005. (co-advised with Steve Iatrou)


27. Kane, Robert, Web-Based Dissemination System for the Trusted Computing Exemplar Project, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2005. (co-advised with Thuy D. Nguyen)

28. Lysinger, James, Multilevel Print Server Requirements for DoN Application, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2005. (co-advised with Thuy D. Nguyen)

29. Cooper, Robert, Remote Application Support in a Multilevel Environment, Masters Thesis, Naval Postgraduate School, Monterey, California, March 2005. (co-advised with Thuy D. Nguyen)

30. Horn, John, IPsec-Based Dynamic Security Services for the MYSEA Environment, Masters Thesis, Naval Postgraduate School, Monterey, California, March 2005. (co-advised with Thuy D. Nguyen)

31. Dodge, Catherine, Recommendations for Secure Initializaiton Routines in Operating Systems, Masters Thesis, Naval Postgraduate School, Monterey, California, December 2004. (co-advised with Thuy D. Nguyen)

32. Herbig, Christopher, Use of OpenSSH Support for Remote Login to a Multilevel Secure System, Masters Thesis, Naval Postgraduate School, Monterey, California, December 2004. (co-advised with Thuy D. Nguyen)

33. Fielk, Klaus W., CyberCIEGE Scenario Illustrating Integrity Risks to a Military-Like Facility, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2004. (co-advised with Paul Clark and Michael Thompson)

34. Hart, Dennis, An Approach to Vulnerability Assessment for Navy Supervisory Control, and Data Acquisition (SCADA) Systems, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2004. (co-advised with Karen Burke)

35. Hilchie, Allan, Trusted Path SELinux, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2004. (co-advised with David Shifflett)

36. Lamorie, Justin, A CyberCIEGE Scenario Illustrating Secrecy Issues in an Internal Corporate Network Connected to the Internet, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2004. (co-advised with Paul Clark and Michael Thompson)

37. Sears, Joseph D., Simultaneous Connection Management and Protection in a Distributed Multilevel Security Environment, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2004. (co-advised with Thuy D. Nguyen)

38. Sherman, Michael A., An Analysis of VPN Solutions and Best Practices for Use in Conjunction with Cyber Attack and Defend Exercises, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2004. (co-advised with J.D. Fulp)

39. Baumgartner, Trevor J. and Phillips, Matthew D. W., Implementation of a Network Address Translation Mechanism Over IPv6, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2004. (co-advised with Thuy D. Nguyen)

40. LaMore, Robert L. CyberCIEGE Scenario Illustrating Secrecy Issues Through Mandatory and Discretionary Access Control Policies in a Multilevel Security Network, Masters Thesis,


Naval Postgraduate School, Monterey, California, June 2004. (co-advised with Paul Clark and Michael Thompson)

41. Meyer, Marc K. A CyberCIEGE Scenario Illustrating Multilevel Secrecy Issues in an Air Operations Environment, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2004. (co-advised with Paul Clark and Michael Thompson)

42. Athanasopoulos, Vasileios, Design and Development of a Web-Based DoD PKI Common Access Card (CAC) Instruction Tool, Masters Thesis, Naval Postgraduate School, Monterey, California, March 2004. (co-advised with J.D. Fulp)

43. Gross, Michael E., Configuration Management Evaluation Guidance for High Robustness Systems, Masters Thesis, Naval Postgraduate School, Monterey, California, March 2004. (co-advised with Timothy E. Levin)

44. Guild, R. James, Design and Analysis of a Model Reconfigurable Cyber-Exercise Laboratory (RCEL) for Information Assurance Education, Masters Thesis, Naval Postgraduate School, Monterey, California, March 2004. (co-advised with J.D. Fulp)

45. Johns, Kenneth W. Toward Managing and Automating CyberCIEGE Scenario Definition File Creation, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2004. (co-advised with Paul Clark and Michael Thompson)

46. Phan, Kandy Q., Design and Implementation of NFS for a Multilevel Secure System, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2004. (co-advised with David Shifflett)

47. Schoberg, Paul, Secure Ground-Based Remote Recording and Archiving of Aircraft “Black Box” Data, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2003.

48. Bailey, Carmen F., Analysis of Security Solutions in Large Enterprises, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2003. (co-advised with Paul C. Clark)

49. Carrillo, Cassandra M., Continuous Biometric Authentication for Authorized Aircraft Personnel: A Proposed Design, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2003. (co-advised with Timothy Levin)

50. O’Neal, Matthew, A Design Comparison Between IPv4 and IPv6 in the Context of MYSEA, and Implementation of an IPv6 MYSEA Prototype, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2003. (co-advised with Thuy D. Nguyen)

51. Senter, Jasper W., and Thornton, Cayetano S., Information Technology (IT) Ethics: Training and Awareness Materials for the Department of the Navy, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2001. (co-advised with Floyd Brock)

52. Brock, Jerome, Multiple Session Management for the Linux Operating System, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2001. (co-advised with Paul C. Clark)

53. Stocks, Alan R., Requirements for the Deployment of Public Key Infrastructure (PKI) in the USMC Tactical Environment, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2000. (co-advised with Daniel F. Warren)

54. Bartram, Scott, Supporting a Trusted Path for the Linux Operating System, Masters Thesis,


Naval Postgraduate School, Monterey, California, June 2000. (co-advised with Paul C. Clark)

55. Darroca, Gregorio G., A Flow-Based Security Protocol for Fast IP Tag Switching, Masters Thesis, Naval Postgraduate School, Monterey, California, September 1998 (co-advised with Geoff Xie).

56. English, John, Security Analysis for a Management System for Heterogeneous Networks (MSHN), Masters Thesis, Naval Postgraduate School, Monterey, California, September 1997 (co-advised with Taylor Kidd).

57. Umentum, Bart, Using Web Technology to Disseminate INFOSEC Lectures, Masters Thesis, Naval Postgraduate School, Monterey, California, September 1997 (co-advised with Dennis Volpano).

58. Hester, James W., and Moormann, Richard C., Innovative Teaching Techniques and the Role of Web Programming in Education, Masters Thesis, Naval Postgraduate School, Monterey, California, March 1997. (co-advised with Dennis Volpano)

59. Lucas, Julie, Ensuring a C2 Level of Trust and Interoperability in a Networked Windows NT Environment, Masters Thesis, Naval Postgraduate School, Monterey, California, September 1996. (co-advised with Gus Lott).

60. Heaton, Lee A., Radiant Mercury: An Assessment of the Issues, Masters Thesis, Naval Postgraduate School, Monterey, California, September 1996. (co-advised with Carl Jones).

61. Campbell, Hannelore and Currie, Daniel L. III, Implementation and Efficiency of Steganographic Techniques in Bitmapped Images and Embedded Data Survivability Against Lossy Compression Schemes, Masters Thesis, Naval Postgraduate School, Monterey, California, March 1996. Rear Admiral Grace Murray Hopper Award for Computer Science received by LT Campbell upon graduation. (co-advised with Hal Fredericksen).

62. Wootten, David, A Graphic User Interface for Rapid Integration of Steganography Software, Masters Thesis, Naval Postgraduate School, Monterey, California, March 1996. (co-advised with Michael Zyda).

63. DeJong, Ronald, A Study of Covert Channels in a Trusted System, Masters Thesis, Naval Postgraduate School, Monterey, California, March 1995. (co-advised with Timothy Shimeall).

64. Muschalek, Keith, Mandatory Security Policy Enforcement in Commercial Off The Shelf Database Management System Software: A Comparative Analysis of Informix On-Line/Secure and Trusted Oracle, Masters Thesis, Naval Postgraduate School, Monterey, California, September 1994 (co-advised with Thomas Wu).

65. Weatherford, Mark T., Interpretative Analysis of the Joint Maritime Command Information System (JIMCIS) Sensitive Compartmented Information (SCI) Local Area Network (LAN) Security Requirements, Masters Thesis, Naval Postgraduate School, Monterey, California, September 1994 (co-advised with Carl Jones).

Masters Students, Thesis Second Reader

1. Hensley, Katrina, and Ludden, Fredrick, ATM Security Via Stargate Solution, Masters Thesis, Naval Postgraduate School, Monterey, California, September 1999 (advisor Geoff Xie).


2. Ioannis Kondoulis, A Protocol for Building a Network Access Controlller (NAC) for “IP Over ATM”, Masters Thesis, Naval Postgraduate School, Monterey, California, September 1998 (advisor Geoff Xie).

Visitors

Scientists

• William H Murray, Independent, 2005-2007

• Clark Weissman, Independent, 1998

• William R. Shockley, Independent, 1996

Ph.D. Students

• Janne Hagen, Norwegian Defence Research Establishment (FFI), Kjeller, Norway, 2008-2009


Service Activities

National Organizations

Honors

• Navy Information Assurance Award, October 2001. • Best Paper Award, National Information Systems Security Conference, October 2000 • Who's Who in Frontier Science and Technology, 1984 • Outstanding Young Women of America, Nominated by Provost, Naval Postgraduate

School, 1980 • Outstanding Young Women of America, Nominated by Provost, Naval Postgraduate

School, 1977

Committees, Boards

• January 2008 – present: Chair, IEEE Computer Society Technical Committee on Security and Privacy

• January 2006 – 2007: Vice Chair, IEEE Computer Society Technical Committee on Security and Privacy

• Steering Committee, National Cyber Defense Initiative, 2007-present • Directorate Review Committee, Pacific Northwest National Laboratories, 2005 – 2007 • Senior Advisory Board, Association of Old Crows, 2002 – 2004 • Member, INFOSEC Science and Technology Study Group, appointed by Dr. Frank

Fernandez, Director, DARPA, 1999-2000 • Annual Computer Security Applications Conference Invited Essay Committee, January

2000 – 2001 • Chair, Sub-committee on Academic Affairs, IEEE Technical Committee on Security and

Privacy, 1999 - present. • Secretary, ACM Special Interest Group on Security and Audit Control

Regional Organizations

Honors

• Naval Postgraduate School award for Outstanding Research Achievement, Computer Science Department, from Provost, Naval Postgraduate School, 1998

• Naval Postgraduate School award for Outstanding Research Achievement, Information Warfare Academic Group, from Provost, Naval Postgraduate School, 1997

Journal Organizations

Editorial • Co-Editor, Security Education Section, IEEE Security and Privacy Magazine, 2008-

present

Conference and Workshop Organizations

Workshop Organizer


• General Chair, National Cyber Defense Initiative Workshop, Monterey, CA, 3-7 December 2007

• Co-Chair, National Science Foundation Invitational Workshop on Cybersecurity Workforce Needs Assessment and Educational Innovation, August 2003.

• General Chair and Program Committee Chair, Third World Conference on Information Security Education, Monterey, California, 26-28 June 2003.

• General Chair, Fifth Workshop on Education in Computer Security, Monterey, California, 23-25 June 2003.

• Co-Chair, Workshop on Computer Misuse and Anomaly Detection (CMAD), Monterey, CA, 12-14 November 1996 (with Karl Levitt)

• Chair, Workshop on Education in Computer Security, Monterey, CA, 1999. • Chair, Workshop on Education in Computer Security, Monterey, CA, 1998. • Chair, Workshop on Education in Computer Security, Monterey, CA, 1997.

Program Committee

• ACEIS 2009 • ESSOS 2009 • SECRYPT 2006, 2008, 2009 • Computer Security Applications Conference, December 2008. • ICIW 2008 • Computer Security Applications Conference, Miami, FL, December 2007. • Tutorial Committee, Computer Security Applications Conference, May 1998 – Dec 2003

• International Joint Conference on e-Business and Telecommunications, Barcelona, Spain, August 2007.

• Information Assurance Workshop, West Point, NY, June 2007. • Infrastructure Security, Brighton, United Kingdom, October 2002 • Requirements for High Assurance Systems, Monterey, California, 9 September 2003. • Network and Distributed Systems Symposium, San Diego, CA, February 2000 • IEEE Symposium on Security and Privacy, May 1996 - May 1999 • IEEE High Assurance Systems Engineering Symposium

University-wide Service

University

• Institutional Advancement, Director Search Committee, 2007 • PhD committee, National Security Institute, NPS, 2007-2008 • National Security Institute, Organizing Committee, 2007 • Director, Cebrowski Institute, NPS, 2001 – 2003 • Director, Center for Information Systems Security Studies and Research, NPS, 1996 –

present School

• Dean Search Committee, NPS, 2007 • Dean Search Committee, NPS, 2003 • Dean Search Committee, NPS, 2002

Department


• Chair, Computer Security Track, NPS, 1995 – present • Department Chair Search Committee, 2008 • Curriculum Committee (Chair), NPS, 2003 – present • Faculty Search Committee, 2008 – present • Lab Committee, 2002

Refereeing and Reviewing

Journals

• IEEE Computer • IEEE Security and Privacy • IEEE Transactions on Computing • Journal of Computer Security • The Computer Journal

Conferences

• National Computer Security Conference • Annual Security Applications Conference • Network and Distributed Security Symposium

Grant Proposals

• National Science Foundation

Books

• John Wiley and Sons

Other

• Participant, OSD Defense Venture Catalyst Initiative (DeVenCI) Project, July 2003

Other Professional Activities

Consultant

• Consultant, Computer Security Associates, 1995 – 1996 • NASA Ames, Moffett Field, California, 1985

Member

• ACM • IEEE (Senior Member) • Astronomical Society of the Pacific (Life Member)

Cynthia E. Irvine Department of Computer Science Naval ...cisr.us/downloads/cv_irvine.pdf ·...

Documents

Transcript of Cynthia E. Irvine Department of Computer Science Naval ...cisr.us/downloads/cv_irvine.pdf ·...