About Xinwen Zhang (CV)

I graduated from the Department of Information System and Software Engineering, School of Information Technology and Engineering, George Mason University, in Summer 2006 with Ph.D. of Information Technology.  I was a research assistant in the Laboratory for Information Security Technology. My advisor was Prof. Ravi Sandhu. I was the teaching assistant of INFS762 (Information System Security), INFS766 (Internet Security Protocols) and INFS767 (Secure E-commerce), Fall 2001 - Spring 2004, and the instructor of INFS767/ISA767 (Secure E-commerce), Fall 2005. 

Before joined GMU, I was a development engineer in CE-Infosys, and a graduate student in Nanyang Technology University, Singapore. Before that I received Master and Bachelor degrees from Huazhong University of Science and Technology, Wuhan, China. 

I am working in Samsung Information Systems America, Samsung's R&D Center at San Jose, California. Contact me: xinwen.z AT samsung DOT com.

Research Interests

Computer security policies, models, architectures, and mechanisms
Secure mobile platforms, services, and applications
Trusted computing and high assurance information systems
Security in distributed and collaborative systems

Professional Activities

Program committee of: ACM SACMAT 2010ACM STC 2009, ChinaCom 2009 ACM SACMAT 2009MOTHIS 2008ACM STC 2008IS 2008ACM SACMAT 2008IEEE SUTC 2008TRUST 2008ACM STC 2007
Conference review for: ACSAC 2009  IEEE/IFIP DSN 2009ACM EMSOFT 2008 IEEE POLICY 2008ACM CCS 2007ICC 2007ACSAC 2006BROADNETS 2006ACM SACMAT 2006
Journal review for:  IEEE TSCIEICEACM TISSECSpringer JNSMIEEE TSMCElsevier Computer & Security
 

Recent Publications (Publication List)

  1. Liang Xie, Xinwen Zhang, Jean-Pierre Seifert, and Sencun Zhu, pBMDS: A Behavior-based Malware Detection System for Cellphone Devices , in ACM Conference on Wireless Network Security (WiSec), March 22-24, 2010, Hoboken, NJ, USA.

  2. Mohammad Nauman, Sohail Khan, Masoom Alam, and Xinwen Zhang, Apex: Extending Android Permission Model and Enforcement with User-defined Runtime Constraints (short paper), in ACM Symposium on Information, Computer and Communications Security (ASIACCS), April 13-16, 2010, Beijing, China.

  3. Xinwen Zhang, Joshua Schiffman, Simon Gibbs, Anugeetha Kunjithapa, Sangoh Jeong, Securing Elastic Applications on Mobile Devices for Cloud Computing, in ACM Cloud Computing Security Workshop (CCSW), Chicago, IL, USA, 13 November 2009.

  4. Basel Katt, Xinwen Zhang, and Michael Hafner, Building Stateful Reference Monitor with Colored Petri Nets, in 5th International Conference on Collaborative Computing (CollaborateCom), Crystal City, Washington D.C., USA, November 11-14, 2009.

  5. Lie Liu, Xinwen Zhang, Guanhua Yan, and Songqing Chen, Exploitation and Threat Analysis of Open Mobile Devices, in ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS), Princeton, New Jersey, USA, October 19-20, 2009.

  6. Ge Cheng, Hai Jin, Deqing Zou, Xinwen Zhang, Min Li, Chen Yu, and Guofu Xiang, Building Dynamic Integrity Protection for Multiple Independent Authorities in Virtualization-based Infrastructure, in 10th IEEE/ACM International Conference on Grid Computing (Grid'09), Banff, Alberta, Canada, October 13 - 15, 2009.

  7. Lei Liu, Guanhua Yan, Xinwen Zhang and Songqing Chen. VirusMeter: Preventing Your Cellphone from Spies, in 12th International Symposium On Recent Advances In Intrusion Detection (RAID'09), Saint-Malo, Brittany, France, September 23-25, 2009.

  8. Liang Xie, Xinwen Zhang, Ashwin Chaugule, Trent Jaeger, and Sencun Zhu, Designing System-level Defenses against Cellphone Malware, in 28th International Symposium on Reliable Distributed Systems (SRDS'09), Niagara Falls, New York, USA; September 27-30, 2009.

  9. Min Xu, Duminda Wijesekera,  Xinwen Zhang, and Deshan Cooray, Towards Session-aware RBAC Administration and Enforcement with XACML, in IEEE International Symposium on Policies for Distributed Systems and Networks (POLICY), Imperial College London, UK, 20-22 July 2009.

  10. Masoom Alam, Mohammad Nauman, Xinwen Zhang, Tamleek Ali, and Patrick C.K. Hung, Behavioral Attestation for Business Processes (BA4BP), in 7th IEEE International Conference on Web Services (ICWS), Los Angeles, CA, USA, July 6-10, 2009.

  11. Xinwen Zhang, Onur Aciicmez, and Jean-Pierre Seifert, Building Efficient Integrity Measurement and Attestation for Mobile Phone Platforms, in The First International Conference on Security and Privacy in Mobile Information and Communication Systems (MobiSec), 2009.

  12. Wenjuan Xu, Xinwen Zhang, and Gail-Joon Ahn, Towards System Integrity Protection with Graph-Based Policy Analysis, in 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec'09), Montreal, Canada, July 12-15, 2009.

  13. Jing Jin, Hongxin Hu, Gail-Joon Ahn, Michael J. Covington, and Xinwen Zhang, Patient-centric Authorization Framework for Sharing Electronic Health Records, in 14th ACM Symposium on Access Control Models and Technologies (SACMAT), Stresa, Italy, 2009.

  14. Mohammad Nauman, Masoom Alam, Xinwen Zhang, and Tamleek Ali, Remote Attestation of Attribute Updates and Information Flows in a UCON System. in 2nd International Conference on Trusted Computing (TRUST), Oxford, UK, 2009: 63-80

  15. Jing Jin, Gail-Joon Ahn, Michael J. Covington, and Xinwen Zhang, Toward an Access Control Model for Sharing Composite Electronic Health Records, in the 4th International Conference on Collaborative Computing (CollaborateCom), Orlando, FL, USA, November 13-16, 2008.

  16.  Qi Li, Xinwen Zhang, Jean-Pierre Seifert, and Hulin Zhong, Secure Mobile Payment via Trusted Computing, in the 3rd Asia-Pacific Trusted Infrastructure Technology Conference (APTC), 2008: 98-112

  17. Gail-J Ahn, Wenjuan Xu, and Xinwen Zhang, Systematic Policy Analysis for High-assurance Services in SELinux, in Proc. of the  9th IEEE Workshop on Policies for Distributed Systems and Networks (POLICY), Palisades, NY, USA, 2008.

  18. Masoom Alam, Xinwen Zhang, and Jean-Pierre Seifert, Model-based Behavioral Attestation, in Proc. of the 13th ACM Symposium on Access Control Models and Technologies (SACMAT), Estes Park, Colorado, USA, 2008.

  19. Basel Katt, Xinwen Zhang, Ruth Breu, Michael Hafner, Jean-Pierre Seifert, A General Obligation Model and Continuity-Enhanced Policy Enforcement Engine for Usage Control, in Proc. of the 13th ACM Symposium on Access Control Models and Technologies (SACMAT), Estes Park, Colorado, USA, 2008.

  20. Xinwen Zhang, Masayuki Nakae, Michael J. Covington, and Ravi Sandhu, A Usage-based Authorization Framework for Collaborative Computing Systems, ACM Transactions on Information and System Security, (TISSEC), 11(1), 2008: 3:1-3:36. 

  21. Xinwen Zhang, Dongyu Liu, Songqing Chen, Zhao Zhang, and Ravi Sandhu, Towards Digital Rights Protection in BitTorrent-like P2P Systems, in the 15th SPIE/ACM Multimedia Computing and Networking (MMCN), San Jose, CA USA, January 30-31, 2008.

  22. Onur Aciicmez, Latifi Afshin, Jean-Pierre Seifert, and Xinwen Zhang, A Trusted Mobile Phone Prototype, in the 5th IEEE Consumer Communications and Networking Conference (CCNC), Las Vegas, Nevada, USA, Jan. 10-12, 2008: 1208-1209. 

Patents

  1. X. Zhang and J-P. Seifert, Method and System for Enforcing Trusted Computing Policies in a Hypervisor Security Architecture, US Patent (pending).
  2. X. Zhang, O. Aciicmez, J-P. Seifert and Q. Ma, Securing Stored Content for Trusted Hosts and Safe Computing Environments, US Patent (pending).
  3.  O. Aciicmez and X. Zhang, Methods for Building Enhanced Protocol Scripting Language for Safe Execution in Embedded Systems, US Patent (pending).
  4. X. Zhang, J-P Seifert, O. Aciicmez, and Q. Ma, Securing CPU Affinity in Multiprocessor Architectures, US Patent (pending).
  5. X. Zhang, J-P. Seifert, W. Min, and O. Aciicmez, Trusted Multi-stakeholder Environment, US Patent (pending).
  6. L. Xie, X. Zhang, J-P. Seifert, O. Aciicmez, and A. Latifi, Detecting Unauthorized Use of Computing Devices Based on Behavioral Patterns, US Patent (pending).
  7. X. Zhang, L. Xie, J-P Seifert, and O. Aciicmez, Trusted Device Management for Mobile Platforms, US Patent (pending).
  8.  X. Zhang, J-P Seifert, and O. Aciicmez, Consistent security Enforcement for safer computing systems, US Patent (pending).
  9. X. Zhang, J-P Seifert, and O. Aciicmez, Secure Inter-process Communication for Safer Computing Environments and Systems US Patent (pending).
  10. O. Aciicmez, J-P Seifert, and X. Zhang, Integrating Hashing and Decompression of Compressed Data for Safe Computing Environments and Systems US Patent (pending).
  11. X. Zhang, J-P Seifert, O. Aciicmez, and A. Latifi, Active Access Monitoring for Safer Computing Environments and Systems US Patent (pending).