CS faculty +=3

Department welcomes three new faculty

The Department of Computer Science welcomed three strong new faculty hires this fall. The tenure-track faculty joining the Department are Yanlei Diao, Kevin Fu, and Gerome Miklau. The new faculty members have research strengths in databases and XML, secure data management, and security. “I am delighted with our success in hiring three top-notch systems faculty this year. With the addition of Yanlei, Kevin, and Gerome to our faculty, our department is well positioned to offer world-class research programs in databases and computer security,” said Associate Professor Prashant Shenoy, faculty recruiting chair. “I also look forward to collaborating with our newest faculty members in the years to come.” With a faculty growth rate of 20% in the last four years, the Department continues to evolve, ensuring its vitality and innovation in the many emerging fields of computer science.

Yanlei Diao

Yanlei Diao joined the Department this fall as an Assistant Professor. Her research interests are in information architectures and data management systems, with a focus on data streams, data dissemination, XML query processing, and learning-based data processing. “I am very pleased to have the opportunity to join the Computer Science Department at UMass Amherst,” said Diao. “For years, I have highly respected the quality of research from this department. I have also been impressed with its culture of collaboration and support.”

Diao’s thesis topic was “Query Processing for Large-Scale XML Message Brokering.” Her dissertation work has focused on leveraging XML (Extensible Markup Language) messaging to build large-scale distributed information systems for applications such as Web services, network and application monitoring, and personalized content delivery. “Emerging distributed information systems require increasingly flexible and adaptive infrastructures,” said Diao. Traditional distributed systems tend to be tightly coupled either at the communication level or at the content level. Recently, messaging technology has gained wide acceptance as a solution for the loose coupling of systems in terms of communication. With respect to content, XML is becoming a de facto standard for data exchange on the Internet. Her research explores a combination of these two trends to build highly flexible infrastructures for distributed information systems. In addition, Diao’s research exploits declarative XML queries to make such systems adaptive to the evolving needs of distributed applications.

“ My thesis research is an important initial step towards the longer-term agenda of employing declarative queries to offer flexibility and adaptivity in emerging types of distributed information systems,” said Diao. She plans to extend her approach to systems such as Internet-scale data dissemination, sensor-based networks, and mobile services. Existing query processing techniques need to be broadened and enriched to rise to the challenges of these new environments, added Diao.
As part of her research, Diao has designed YFilter, a message brokering system that provides fast, on-the-fly filtering of incoming XML messages for a large number of users, and transforms the matching messages according to user-specific requirements. The YFilter software, produced while she was a student at Berkeley, was released as open source. The software has been used in research projects for grid monitoring and event processing, and has served as an exemplary implementation of such functionality for product-oriented development. Recently, it has also been integrated into Apache Hermes to provide an implementation of Web Services Notification. “In my future research, I will continue to follow my research philosophy of identifying important problems grounded in reality, finding right solutions, building real systems, and using such systems to evaluate software infrastructures and research concepts,” said Diao.

Dr. Diao completed her Ph.D. in Electrical Engineering and Computer Science at the University of California, Berkeley in 2005, her M.S. in Computer Science at the Hong Kong University of Science and Technology, and a B.S. in Computer Science from Fudan University in Shanghai, China. While at Berkeley, Professor Diao was a member of the database research group. She was also a research intern at BEA Systems and IBM Almaden Research Center and a Research Assistant at the Hong Kong University of Science and Technology. She is a member of the Association for Computing Machinery (ACM) and the Institute of Electrical and Electronics Engineers (IEEE).

Kevin Fu

Kevin Fu joined the Department in September as an Assistant Professor. His research interests in secure computer systems include secure storage, RFID security, Web security, applied cryptography, and cryptanalysis.

“The strong community of people at UMass Amherst fosters an ideal home for collaborative research in secure computer systems. In the Common Room, we can talk about cryptography and home-roasted espresso in the same breath. The security research group is already growing with projects in RFID security and secure storage, and I will begin offering a class in Applied Cryptography this Spring,” said Fu.

Fu’s thesis was entitled “Integrity and access control in untrusted content distribution networks.” As part of his research, Fu designed and implemented cryptographic key regression protocols for use in secure storage. The protocols enable efficient group key management for access control of content served by untrusted hosts.

In other research, Fu implemented and benchmarked the read-only dialect of the Self-certifying File System (SFSRO). The SFS read-only file system makes the security of published content independent from that of the distribution infrastructure. In a secure area (possibly offline), a publisher creates a digitally-signed database out of a file system’s contents, explained Fu. The publisher then replicates the database on untrusted content distribution servers, allowing for high availability. The read-only file system avoids performing any cryptographic operations on servers and keeps the overhead of cryptography low on clients, allowing servers to scale to a large number of clients. The implementation of this research appeared in the ACM TOCS journal.

In another project, Fu reverse engineered several Web user authentication systems. The work resulted in a USENIX Security paper on the importance of simple, correct protocols for authentication. The paper, “Dos and Don’ts of Client Authentication on the Web,” won the Best Student Paper Award at the 10th USENIX Security Symposium, generated several invited talks, and provoked two articles in the Wall Street Journal.

“Computer system security is an interdisciplinary area,” said Fu. “What initially captured my interest was the mix of theory, practice, and law in the great debate over export control of cryptography. The interdisciplinary nature also allows me to explore new areas of research.” A likely direction for Fu’s future research is the improvement of RFID (radio frequency identification) security. RFID exhibits many of the ominous signs of a security crisis, given that RFID tags and readers communicate over semi-trusted, open channels, added Fu. He intends to build and measure systems that make RFID secure.
Prior to arriving at UMass Amherst, Dr. Fu was a Visiting Scholar at the Johns Hopkins Information Security Institute. While at MIT, he founded the Applied Security Research Group at the MIT Lab for Computer Science. Prior experience included positions at Sightpath/Cisco Systems, the MIT Network Security Team, and intern positions at the Bellcore (Telcordia) Security Research Group and Hewlett-Packard Labs.

Dr. Fu received his M.Eng. and Ph.D. in Electrical Engineering and Computer Science at the Massachusetts Institute of Technology in 1999 and 2005 respectively, and his S.B. in Computer Science and Engineering from MIT in 1998.

Gerome Miklau

Gerome Miklau joined the Department in September as an Assistant Professor. His research spans the areas of databases and security with a focus on classical security concerns such as confidentiality, privacy, and integrity of data. He has developed novel theoretical and practical tools for secure data management with the objective of enabling new forms of collaboration and data exchange. Other research interests include database theory and semi-structured data.

Miklau’s Ph.D. thesis, “Confidentiality and Integrity in Distributed Data Exchange,” addresses the problem of managing information disclosure – in both conventional database systems and distributed environments like the World Wide Web – in order to safely facilitate the sharing of data. “I believe security and trustworthiness can be enabling technologies, not merely application extensions that add expense or limit usability,” commented Miklau. “When data management tasks are trusted, new forms of communication, interaction and collaboration become possible since participants are comfortable releasing data or are certain of its authenticity.”

Miklau’s research has addressed the problem of ensuring confidentiality of published data in both theoretical and practical terms. The owner of sensitive data is faced with the challenge of permitting its legitimate use while protecting it from unauthorized disclosure. When data is stored in a database, this is often accomplished by publishing a view of the database that is useful to the end user and hopefully omits confidential data items and associations.

Miklau’s research provided a new theoretical standard for determining when it is safe to publish a view of a database without disclosing information about a sensitive query: when a view and a privileged query are secure, the view contains no information about the answer to the query, and the user will have no advantage in computing or guessing the answer. Intuitively, a query and view are deemed secure if the user’s a priori knowledge about the query is the same as the user’s knowledge about the query having seen the view and its answer. Miklau has also designed a practical framework for the controlled publication of views to multiple parties. In that work, he designed a controlled-publishing framework to permit the efficient, safe, and flexible exchange of data beyond trusted systems that conventionally govern access. A single partially-encrypted version of the database – to be used by all users – is automatically generated to enforce an access control policy.

Miklau received his M.S. and Ph.D. in Computer Science from the University of Washington in 2001 and 2005 respectively, and a B.S. in Mathematics and B.A. in Rhetoric with Honors from the University of California, Berkeley in 1995. Before joining the Department, Miklau had research internship positions at IBM Almaden Research Center and Lucent, Bell Laboratories. In a prior position, he was a derivatives trader for J.P. Morgan and Company.

“I am thrilled to be a new member of the Computer Science faculty,” said Miklau. “The students are enthusiastic and dedicated, and the faculty have been very supportive. I look forward to contributing to the department as an educator and researcher.”