AppleMark

Name

George O.M. Yee, Ph.D., P.Eng., CISSP, CSDP

 

 

Expertise

Software Engineering, Software Design and Testing, Information Security and Privacy, Software Reliability, Operations Research

Current Employment

Adjunct Professor, Dept. of Systems and Computer Engineering, Carleton University; Information Technology Research Analyst, Office of the Privacy Commissioner of Canada

Location

Ottawa, Canada

Email

gmyee (at) sce.carleton.ca

WWW

http://georgeyee.ca (this site)

Phone

613-737-5967

BIOGRAPHICAL SUMMARY

George Yee is an Adjunct Research Professor with the Dept. of Systems and Computer Engineering, Carleton University, Ottawa, Canada. George also works as an Information Technology Research Analyst with the Office of the Privacy Commissioner of Canada. He was previously an independent consultant and worked contracts related to information security with Defence Research and Development Canada (DRDC) and Communications Security Establishment Canada (CSEC). Prior to this, he was a Senior Research Officer for over 7 years in the Information Security Group, National Research Council Canada (NRC). Prior to the NRC, he had significant experience as a member of scientific staff and manager at Bell-Northern Research and Nortel Networks. George received his Ph.D. in Electrical Engineering from Carleton University and is a member of Professional Engineers Ontario. In addition, he is a Certified Information Systems Security Professional (CISSP) and a Certified Software Development Professional (CSDP). George’s research interests as an adjunct professor lie in the engineering of reliable software systems, involving security, fault tolerance, performance, and correctness.

EDUCATION

B.Sc. in Mathematics, M.Sc. in Information and Systems Science, and most recently a Ph.D. in Electrical Engineering (Software Engineering)  from Carleton University in 1991.


PROFESSIONAL AFFILIATIONS

Member Professional Engineers Ontario, Member (ISC)2, Senior Member IEEE, Member ACM

 

REFEREED PUBLICATIONS

(Most available from: http://nparc.cisti-icist.nrc-cnrc.gc.ca/npsi/ctrl?lang=en

Select “Browse by Author” and “Yee, G.”; for others contact me.)

 

A. Journals

1.    Yee, G: Towards Designing E-Services that Protect Privacy. International Journal of Secure Software Engineering (IJSSE), IGI Global, 1(2), pp.18-34, April-June 2010.

2.    Yee, G.: Estimating the Privacy Protection Capability of a Web Service Provider. International Journal of Web Services Research (IJWSR), 6(2), pp. 20-41, IGI Global, April – June 2009. NRC 50725.

3.    Song, R., Korba, L., Yee, G.: A Scalable Group Key Management Protocol. IEEE Communications Letters, Vol. 12, 2008. NRC 50355.

4.    Yee, G., Korba, L.: Security Personalization for Internet and Web Services. International Journal of Web Services Research, Vol. 5, No. 1, pp. 1-23, IGI Global, 2008. NRC 49358.

5.    Song, R., Korba, L., Yee, G., Chen, Y.-C.: Protect Virtual Property in Online Gaming System. International Journal of Software Engineering and Knowledge Engineering (IJSEKE), Vol.17, No. 4, pp. 1-14, World Scientific Publishing, 2007.

6.    Korba, L., Song, R., Yee, G.: Privacy Rights Management: Implementation Scenarios. Information Resources Management Journal, Vol. 20, Issue 1, pp. 14-27, IGI Publishing, 2007.

7.    Yee, G., Korba, L., Lin, N.H., Shih, T.K.: Context-Aware Privacy and Security Agents for Distance Education. International Journal of High Performance Computing and Networking, Vol. 3, Issue 5/6, pp. 395-404, Inderscience, 2005.

8.    Chen, Y.C., Chen, P.S., Hwang, J.J., Korba, L., Song, R., Yee, G.: An Analysis of Online Gaming Crime Characteristics. Journal of Internet Research, Vol. 15, No. 3, pp. 246-261, Emerald Group Publishing, 2005.

9.    Yee, G., Korba, L. Semi-Automatic Derivation and Use of Personal Privacy Policies in E-Business. International Journal of E-Business Research, Vol. 1, No. 1, pp. 54-69, Idea Group Publishing, 2005.

10. El-Khatib, K., Korba, L., Xu, Y., Yee, G. Privacy and Security in E-Learning. International Journal of Distance Education Technologies, Vol. 1, No. 4, October-December 2003.

 

B. Conferences (PAR = Paper Acceptance Rate)

1.    Yee, G., Xie, X., Majumdar, S.: Automated Threat Identification for UML. Proceedings of the International Conference on Security and Cryptography (SECRYPT 2010), Athens, Greece, July 26-28, 2010. PAR=17.5%.

2.    Yee, G.: An Automatic Privacy Policy Agreement Checker for E-Services. Proceedings of The Fourth International Conference on Availability, Reliability, and Security (ARES 2009), Fukuoka, Japan, March 16-19, 2009. NRC 50741. PAR=25%.

3.    Yee, G., Korba, L., and Song, R.: Cooperative Visualization of Privacy Risks. Proceedings, Fifth International Conference on Cooperative Design, Visualization and Engineering (CDVE 2008), Mallorca, Spain. Sept. 2008. NRC 50390. PAR=~27%.

4.    Korba, L., Wang, Y., Geng, L., Song, R., Yee, G., Patrick, A.S., Buffett, S., Liu, H., You, Y.: Private data discovery for privacy compliance in collaborative environments. Proceedings, Fifth International Conference on Cooperative Design, Visualization and Engineering (CDVE 2008), Mallorca, Spain. Sept. 2008. NRC 50386. PAR=~27%.

5.    Yee, G., Korba, L., and Song, R.: Assessing the Likelihood of Privacy Policy Compliance. Proceedings, 23rd IFIP International Information Security Conference (SEC 2008), Milan, Italy, Sept. 2008. NRC 50328. PAR=~25%.

6.    Song, R., Korba, L., Yee, G.: An Efficient Privacy-Preserving Data Mining Platform. Proceedings, 2008 International Conference on Data Mining (DMIN’08), July, 2008.

7.    Yee, G.: A Privacy Controller Approach for Privacy Protection in Web Services. Proceedings, 2007 ACM Workshop on Secure Web Services (SWS ’07), in conjunction with the 14th ACM Conference on Computer and Communications Security (CCS 2007), Alexandria, VA, USA, Oct. 29 – Nov. 2, 2007. PAR = 25%

8.    Song, R., Korba, L., and Yee, G.: Privacy Management System Using Social Networking. Proceedings of the 2007 IEEE International Conference on Systems, Man, and Cybernetics (SMC 2007), Montreal, Canada, Oct. 7-10, 2007. (Invited Paper)

9.    Korba, L., Song, R., Yee, G., Patrick, A.S., Buffett, S., Wang, Y., Geng, L.: Private Data Management in Collaborative Environments. Proceedings, The Fourth International Conference on Cooperative Design, Visualization and Engineering (CDVE 2007), Sept. 16-20, Shanghai, China. PAR = ~27%.

10. Yee, G.: Visual Analysis of Privacy Risks in Web Services. Proceedings, IEEE International Conference on Web Services 2006 (ICWS 2007), Salt Lake City, Utah, USA, July 9-13, 2007. NRC 49303. PAR = 35%.

11. Song, R., Korba, L., and Yee, G.: Analysis of Smart Card-Based Remote User Authentication Schemes. Proceedings of the 2007 World Congress in Computer Science, Computer Engineering, and Applied Computing (WORLDCOMP'07) - the 2007 International Conference on Security and Management (SAM'07), Las Vegas, USA, June 25-28, 2007. NRC 49308. PAR = 28%.

12. Song, R., Korba, L., and Yee, G.: Privacy Rights Management for Privacy Compliance Systems. Proceedings of the IEEE 21st International Conference on Advanced Information Networking and Applications (AINA-07) Symposium – The Third IEEE International Symposium on Security in Networks and Distributed Systems (SSNDS 07), Niagara Falls, Canada, May 21-23, 2007. NRC 49280. PAR = 42%.

13. Yee, G.: Visualization for Privacy Compliance. Proceedings, 3rd International Workshop on Visualization for Computer Security, George Mason University, Fairfax County, Virginia, U.S.A., November 2006. PAR=43%.

14. Yee, G.: A Privacy-Preserving UBICOMP Architecture. Proceedings, The 2006 International Conference on Privacy, Security and Trust, Toronto, Ontario, Canada, Oct. 30-Nov. 1, 2006. PAR=30%.

15. Korba, L., Song, R., Yee, G., and Patrick, A.: Automated Social Network Analysis for Collaborative Work. Proceedings of the Third International Conference on Cooperative Design, Visualization and Engineering (CDVE 2006), Palma de Mallorca, Spain, September 17-20, 2006, NRC 48732. PAR=27%.

16. Yee, G.: Measuring Privacy Protection in Web Services. Proceedings, IEEE International Conference on Web Services 2006 (ICWS 2006), Chicago, Illinois, USA, Sept. 18-22, 2006, NRC 48734. PAR=20%.

17. Yee, G., Korba, L., and Song, R.: Ensuring Privacy for Buyer-Seller E-Commerce. Proceedings of the 21st IFIP International Information Security Conference (SEC 2006), Karlstad University, Karlstad, Sweden, May 22-24, 2006. NRC 48461. PAR=25%.

18. Yee, G.: Personalized Security for E-Services. Proceedings, First International Conference on Availability, Reliability, and Security (ARES 2006), Vienna, Austria, April 20-22, 2006. NRC 48463. PAR=36%.

19. Yee, G., Korba, L., and Song, R.: Ensuring Privacy for E-Health Services. Proceedings of The First International Conference on Availability, Reliability and Security (ARES 2006), Vienna, Austria, April 20-22, 2006. NRC 48462. PAR=36%.

20. Yee, G., Korba, L., Song, R., and Chen, Y.C.: Towards Designing Secure Online Games. Proceedings of the IEEE 20th International Conference on Advanced Information Networking and Applications (AINA 2006), Vienna, Austria, April 18-20, 2006. NRC 48457. PAR=42% (for SNDS Workshop in which paper was accepted).

21. Chen, P.S., Tsai, L.M.F., Chen, Y.C., Yee, G.: Standardizing the Construction of a Digital Forensics Laboratory. Proceedings, First International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE 2005), Taipei, Taiwan, Nov. 2005.

22. Korba, L., Xu, Y., Song, R., Yee, G.: Environment-Aware Security Enforcement (EASE) for Cooperative Design and Engineering. Proceedings, 2nd International Conference on Cooperative Design, Visualization, and Engineering (CDVE 2005), Mallorca, Spain, Sept. 2005.

23. Song, R., Korba, L., Yee, G.: AnonDSR: Efficient Anonymous Dynamic Source Routing for Mobile Ad-Hoc Networks. Proceedings, The Third ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN 2005) (in conjunction with the 12th ACM Conference on Computer and Communications Security (CCS '05)), Alexandria, VA, USA, November 7, 2005.

24. Yee, G., Korba, L.: Context-Aware Security Policy Agent for Mobile Internet Services. Proceedings, The 2005 IFIP International Conference on Intelligence in Communication Systems (INTELLCOMM 2005), pp. 249-259, Montreal, Quebec, Canada, Oct. 17-19, 2005.

25. Yee, G., Korba, L.: Specifying Personal Privacy Policies to Avoid Unexpected Outcomes. Proceedings, Third Annual Conference on Privacy, Security and Trust, St. Andrews, New Brunswick, Canada, Oct. 12-14, 2005.

26. Song, R., Korba, L., and Yee, G.: Agent-based Transactions for Home Energy Services. Proceedings, The 2005 International Workshop on Mobile Systems, E-Commerce and Agent Technology (MSEAT'2005), Banff, Alberta, Canada,  Sep.5-7, 2005.

27. Song, R., Korba, L., Yee, G., and Chen, Y.C.: Protection of Virtual Property in Online Gaming. Proceedings, 2005 Conference on Distributed Multimedia Systems, Banff, Alberta, Sept. 5-7, 2005.

28. Yee, G., Korba, L.: Negotiated Security Policies for E-Services and Web Services. Proceedings, IEEE International Conference on Web Services 2005 (ICWS 2005), Orlando, Florida, USA, July 11-15, 2005.

29. Yee, G., Korba, L.: Comparing and Matching Privacy Policies Using Community Consensus. Proceedings, The IRMA International Conference, San Diego, California, USA, May 15-18, 2005. NRC Paper Number: NRC 47430.

30. Korba, L., Song, R., Yee, G., Chen, Y.-C.: Scenarios for Privacy Rights Management Using Digital Rights Management. Proceedings, The IRMA International Conference, San Diego, California, USA, May 15-18, 2005. NRC 47428.

31. Chen, Y.C., Chen, P.S., Song, R., Yee, G., and Korba, L.: Classification of Online Gaming Crime and Security. Proceedings, The IRMA International Conference, San Diego, California, USA, May 15-18, 2005. NRC Paper Number: NRC 47425.

32. Chen, Y.C., Chen, P.S., Yee, G., Song, R., and Korba, L.: Online Gaming Cheating and Security Issue. Proceedings, International Conference on Information Technology Coding and Computing (ITCC 2005), Vol. 1, pp. 518-523, Las Vegas, NV, USA, April 4-6, 2005.

33. Lin, H.W., Chang, W., Yee, G., Shih, T.K., Wang, C., and Yang, H.: Applying Petri Nets to Model SCORM Learning Sequence Specification in Collaborative Learning.  Proceedings, The IEEE 19th International Conference on Advanced Information Networking and Applications, Vol. 1, pp. 203-208, Taipei, Taiwan, March 28-30, 2005.

34. Hung, J.C., Wang, C., Yang, C., Chiu, M., and Yee, G.: Applying Word Sense Disambiguation to Question Answering System for E-Learning. Proceedings, The IEEE 19th International Conference on Advanced Information Networking and Applications, Vol. 1, pp. 157-162, Taipei, Taiwan, March 28-30, 2005.

35. Yee, G.: Using Privacy Policies to Protect Privacy in UBICOMP. The First International Workshop on Ubiquitous Smart Worlds (USW2005) held in conjunction with AINA 2005, in Proceedings of  AINA 2005, Vol. 2, pp. 633-638, Tamkang University, Taiwan, March 28-30, 2005.

36. Yee, G., Korba, L.: An Agent Architecture for E-Services Privacy Policy Compliance. Proceedings, The IEEE 19th International Conference on Advanced Information Networking and Applications (AINA 2005), Vol. 1, pp. 374-379, Tamkang University, Taiwan, March 28-30, 2005.

37. Korba, L., Song, R., Yee, G., Chen, Y.C.: Enforcing Privacy: A Rights Management Approach. Proceedings, The IRMA International Conference, San Diego, California, USA, May 15-18, 2005.

38. Yee, G. and Korba, L.: Privacy Policy Compliance for Web Services. Proceedings, IEEE International Conference on Web Services (ICWS 2004), San Diego, California, USA, July 6-9, 2004.

39. Yee, G. and Korba, L.: Semi-Automated Derivation of Personal Privacy Policies. Proceedings, The IRMA International Conference, New Orleans, Louisiana, USA, May 23-26, 2004.

40. Lin, N.H., Korba, L., Yee, G., Shih, T.K., and Lin, H.W.: Security and Privacy Technologies for Distance Education Applications. Proceedings, AINA 2004, Fukuoka, Japan, Mar. 29-31, 2004.

41. Shih, T.K., Liao, Y.-C., Chang, H.-B., Kuan, M.-Y., and Yee, G.: Multistory Annotation System: a Novel Application of Distance Learning. Proceedings, AINA 2004, Fukuoka, Japan, Mar. 29-31, 2004.

42. Han, Y., Petriu, D.C., Yee, G.: Towards Better Key Exchange Performance in IPSec-Based VPNs. Proceedings, The IRMA International Conference, New Orleans, Louisiana, USA, May 23-26, 2004.

43. El-Khatib, K., Korba, L., Song, R., Yee, G.: Secure Dynamic Distributed Routing Algorithm for Ad Hoc Wireless Networks. Proceedings, Workshop on Wireless Security and Privacy 2003, The 2003 Conference on Parallel Processing (ICPP 2003), Kaohsiung, Taiwan, Oct 6-9, 2003.

44. Yee, G., Korba, L.: Feature Interactions in Policy-Driven Privacy Management. Proceedings, Seventh International Workshop on Feature Interactions in Telecommunications and Software Systems, Ottawa, Canada, June 11-13, 2003.

45. Korba, L., El-Khatib, K., Patrick, A., Song, R., Xu, Y., Yee, G., Yu., J.: Agent-Based Systems Privacy Enhancing Technologies. 18th IFIP International Information Security Conference (SEC 2003), Athens, Greece, May 26-28, 2003. NRC 44992.

46. Korba, L., Song, R., Patrick, A.S., Yee, G., Xu, Y., El-Khatib, K.: Developments in Privacy Enhancing Technologies. 15th Annual Canadian Information Technology Security Symposium, Ottawa, Ontario, Canada, May 12-15, 2003. NRC 45790.

47. Yee, G., Korba, L.: The Negotiation of Privacy Policies in Distance Education. Proceedings, 14th IRMA International Conference, Philadelphia, Pennsylvania, USA, May 18-21, 2003.

48. Yee, G., Korba, L.: Bilateral E-services Negotiation Under Uncertainty. Proceedings, The 2003 International Symposium on Applications and the Internet (SAINT2003), Orlando, Florida, USA, Jan. 27-31, 2003.

49. Korba, L., Song, R., Yee, G.: Anonymous Communications for Mobile Agents. Proceedings, Fourth International Workshop on Mobile Agents for Telecommunication Applications (MATA’02), Barcelona, Spain, Oct. 23-24, 2002. Available on July 6, 2006 at http://link.springer-ny.com/link/service/series/0558/tocs/t2521.htm

50. Yee, G.: Building-In Software Quality. Conference Proceedings, International Software Development and Management (ISD&M) Conference, Hong Kong, Dec. 14-15, 2000.

51. Yee, G.: Telecom Services Implementation: From Switch-Based to Internet-Based and Beyond. Proceedings, IEEE Canadian Conference on Electrical and Computer Engineering, Vol 1, pp. 237-240, Waterloo, Ontario, Canada, May 1998.

52. Yee, G., Ho, C.: An Architectural Toolkit for Internet-Based Multi­media Services. Nortel Design Forum, Ottawa, Ontario, Canada, Oct. 1997.

53. Yee, G., Tamura, D., Dhar, P.: Operational Profiling for Customer Use-Based Development. BNR Design Forum, Ottawa, Ontario, Canada, Dec. 1995.

54. Yee, G.: Software Revealed! BNR Design Forum, Ottawa, Ontario, Canada, June 1995.

55. Yee, G.: Peeking Inside the Black Box. BNR Design Forum, Ottawa, Ontario, Canada, Dec. 1994.

56. Yee, G., Woodside, C.M.: A Transformational Approach to Process Partitioning Using Timed Petri Nets. Proceedings, International Computer Symposium 90 (ICS 90), pp. 395-401, Hsinchu, Taiwan, December 1990.

57. Woodside, C.M., Yee, G.: Teletraffic Relationships in Networks of Tasks. Proceedings, IEEE Infocom '89, pp.1040-1049, Ottawa, Ontario, Canada, April 1989.

 

C. Books and Chapters

1.    Yee, G.: Security Metrics: An Introduction and Literature Review. In: Vacca, J.R. (ed.) Computer and Information Security Handbook, 2nd Edition, Morgan Kaufmann Publishing, to be published in 2013.

2.    Pearson, S., Yee, G. (eds.): Privacy and Security for Cloud Computing. Book. Springer, 2012.

3.    Yee, G. (ed.).: Privacy Protection Measures and Technologies in Business Organizations: Aspects and Standards. Book. IGI Publishing, 2011.

4.    Yee, G., Korba, L.: Personal Privacy Policies. In: Vacca, J.R. (ed.) Computer and Information Security Handbook, Morgan Kaufmann Publishing, 2009.

5.    Yee, G., Korba, L.: Avoiding Pitfalls in Policy-Based Privacy Management. In: Gupta, M., Sharman, R. (eds.) Handbook of Research on Social and Organizational Liabilities in Information Security, IGI Publishing, 2007.

6.    Song, R., Korba, L., Yee, G. (eds.). Trust in E-Services: Technologies, Practices, and Challenges. Book. IGI Publishing, 2007.

7.    Yee, G.: Building Consumer Trust for Internet E-Commerce. In: Song, R., Korba, L., Yee, G. (eds.) Trust in E-Services: Technologies, Practices, and Challenges, IGI Publishing, 2007.

8.    Yee, G., Korba, L.: Semiautomatic Derivation and Application of Personal Privacy Policies. In: Lee, I. (ed.) Advances in E-Business Research: E-Business Innovation and Process Management, Vol. 1, 2006.

9.    Yee, G., Xu, Y., Korba, L., El-Khatib, K.: Privacy and Security in E-Learning. In: Shih, T., Hung, J. (eds.) Future Directions in Distance Learning and Communication Technologies, Idea Group Inc., 2006.

10. Yee, G. (ed.). Privacy Protection for E-Services. Book. Idea Group Publishing, March 2006.

11. Yee, G., Korba, L., Song, R.: Legislative Bases for Personal Privacy Policy Specification. In: Yee, G. (ed.) Privacy Protection for E-Services, pp. 281-294, Idea Group Inc., March 2006.

12. Korba, L., Song, R., Yee, G.: Privacy Management Architectures for E-Services. In: Yee, G. (ed.) Privacy Protection for E-Services, pp. 234-264, Idea Group Inc., March 2006.

13. Song, R., Korba, L., Yee, G.: Pseudonym Technology for E-Services. In: Yee, G. (ed.) Privacy Protection for E-Services, pp. 141-171, Idea Group Inc., March 2006.

14. Yee, G., Korba, L.: Semi-Automated Seeding of Personal Privacy Policies in E-Services. In: Khosrow-Pour, M. (ed.) Encyclopedia of E-Commerce, E-Government, and Mobile Commerce, Idea Group Publishing, March 2006.

15. Yee, G.: Security and Privacy in Distance Education. In: Howard, C., Schenk, K., Boettcher, J., Justice, L. (eds.) Encyclopedia of Online Learning and Technology, Idea Group Publishing, 2005.

16. Yee, G. and Korba, L.: Privacy Policies and their Negotiation in Distance Education. In: Darbyshire, P. (ed.) Instructional Technologies: Cognitive Aspects of Online Programs, Idea Group Inc., 2004.

17. Korba, L., Yee, G., Xu, Y., Song, R., Patrick, A., El-Khatib, K.: Privacy and Trust in Agent-Supported Distributed Learning. In: Lin, F.O. (ed.) Designing Distributed Learning Environments with Intelligent Software Agents, Idea Group Inc., 2004.

18. Yee, G., El-Khatib, K., Korba, L., Patrick, A., Song, R., Xu, Y.: Privacy and Trust in E-Government. In: Huang, W., Siau, K., Wei, K.K. (eds.) Electronic Government Strategies and Implementation, Idea Group Inc., 2004.

 

D. Theses

·     G. Yee, A Transformational Approach to Process Partitioning, Ph.D. thesis, Dept. of Systems and Computer Engineering, Carleton University, Ottawa, Canada, May 1991.

·     G. Yee, Optimal Routing in Dimensioning Communication Networks with Time-Varying Traffic Demand,  M.Sc. thesis, Dept. of Mathematics, Carleton University, Ottawa, Canada, 1985.

 

NON-REFEREED PUBLICATIONS

·     Song, R., Korba, L., Yee, G.: Security and Privacy Protection for the Private Data Flows in the SNAP Prototype. ERB-1149. NRC 49850. CONFIDENTIAL REPORT, 13 pages, September, 2007.

·     Song, R., Korba, L., Yee, G.: Privacy Data Processing Events Data Structure for Privacy Compliance Systems. ERB-1145. NRC 49315. 12 pages, May, 2007.

·     Song, R., Korba, L., Yee, G.: Agent-Based Privacy Rights Management Architecture. ERB-1144. NRC 48818. CONFIDENTIAL REPORT, 11 pages, January 10, 2007.          

·     Yee, G.: Recent Research in Secure Software. ERB-1134. NRC 48478. 8 Pages, March 2006.

·     El-Khatib, K., Korba, L., Shih, T.K., Xu, Y., Yee, G.: An E-Learning Infrastructure for Mobile Virtual University. Symposium Proceedings, The 5th Anniversary Event of NSC-NRC Collaborative Research Program, June 24-25, 2002, Taipei, Taiwan.

·     Yee, G.: Improving Software Testability. Testability Course, Nortel Networks, January 2000.

 

PRESENTATIONS, INVITED TALKS, INVITED AS PANELIST

·     Achieving Software Reliability: A Look at Security Testing. Ottawa IEEE Reliability Society, Algonquin College, Ottawa, Canada, Sept. 21, 2010. Invited.

·     Automated Threat Identification for UML. International Conference on Security and Cryptography (SECRYPT 2010), Athens, Greece, July 26-28, 2010.

·     Software Vulnerabilities You Should Be Targeting. Ottawa Software Quality Association, Carleton University, Ottawa, Canada, May 19, 2010. Invited.

·     An Automatic Privacy Policy Agreement Checker for E-Services. The Fourth International Conference on Availability, Reliability, and Security (ARES 2009), Fukuoka, Japan, March 16-19, 2009.

·     Assessing the Likelihood of Privacy Policy Compliance. The 23rd IFIP International Information Security Conference (SEC 2008), Milan, Italy, Sept. 8-10, 2008.

·     Threat Modeling and its Applications. DRDC Ottawa, Ottawa, Ontario, March 13, 2008. Invited.

·     The IT Challenges of Online Games. NRC-IIT Brown Bag Forum. NRC Institute for Information Technology, Ottawa, Ontario, Canada, January 23, 2008. Invited.

·     A Privacy Controller Approach for Privacy Protection in Web Services. 2007 ACM Workshop on Secure Web Services (SWS ’07), Alexandria, VA, USA, Nov. 2, 2007.

·     Visual Analysis of Privacy Risks in Web Services. IEEE International Conference on Web Services 2007 (ICWS 2007), Salt Lake City, Utah, USA, July 9-13, 2007.

·     Research Directions in Secure Software Engineering. School of Computing, Queens University, Kingston, Ontario, April 24, 2007. Invited.

·     Research in Secure Software. Ottawa IEEE Computer Society technical meeting, Carleton University, Ottawa, Ontario, April 17, 2007. Invited.

·     Towards Designing Secure Online Games. Meeting of Real-Time and Distributed Systems Group, Dept. of Systems and Computer Engineering, Carleton University, Ottawa, Canada, February 16, 2006. Invited.

·     Visualization for Privacy Compliance. 3rd International Workshop on Visualization for Computer Security, George Mason University, Fairfax County, Virginia, USA, November 3, 2006.

·     Measuring Privacy Protection in Web Services.  IEEE International Conference on Web Services 2006 (ICWS 2006), Chicago, Illinois, USA, Sept. 18-22, 2006.

·     Ensuring Privacy for Buyer-Seller E-Commerce.  21st IFIP International Information Security Conference (SEC 2006), Karlstad University, Karlstad, Sweden, May 22-24, 2006.

·     Personalized Security for E-Services. The First International Conference on Availability, Reliability, and Security (ARES 2006), Vienna, Austria, April 20-22, 2006.

·     Ensuring Privacy for E-Health Services. The First International Conference on Availability, Reliability and Security (ARES 2006), Vienna, Austria, April 20-22, 2006.

·     Towards Designing Secure Online Games. IEEE 20th International Conference on Advanced Information Networking and Applications (AINA 2006), Vienna, Austria, April 18-20, 2006.

·     Context-Aware Security Policy Agent for Mobile Internet Services. The 2005 IFIP International Conference on Intelligence in Communication Systems (INTELLCOMM 2005), Montreal, Quebec, Canada, Oct. 17-19, 2005.

·     Negotiated Security Policies for E-Services and Web Services. IEEE International Conference on Web Services 2005 (ICWS 2005), Orlando, Florida, USA, July 11-15, 2005

·     Comparing and Matching Privacy Policies Using Community Consensus. The IRMA International Conference, San Diego, California, USA, May 15-18, 2005

·     Negotiated Security and Privacy Policies for Web Services. DIMACS Workshop on Security of Web Services and E-Commerce”, Rutgers University, Piscataway, New Jersey, U.S.A., May 5-6, 2005. Invited.

·     Using Privacy Policies to Protect Privacy in UBICOMP. The First International Workshop on Ubiquitous Smart Worlds (USW2005) held in conjunction with AINA 2005, Tamkang University, Taipei, Taiwan, March 28-30, 2005.

·     An Agent Architecture for E-Services Privacy Policy Compliance. The IEEE 19th International Conference on Advanced Information Networking and Applications (AINA 2005),  Tamkang University, Taipei, Taiwan, March 28-30, 2005.

·     The Use of Privacy Policies in E-Services. Central Police University, Taipei, Taiwan, March 25, 2005. Invited.

·     Security, Privacy, and Trust in E-Learning: Requirements and Solutions. CIPS Edmonton ICE Conference, Edmonton, Alberta, November 2004. Invited.

·     Security and Privacy in Service-Based Computing (Panel 4). Panelist, 2004 IEEE International Conference on Web Services, San Diego, California, USA, July 2004. Invited.

·     Privacy Policy Compliance for Web Services. IEEE International Conference on Web Services (ICWS 2004), San Diego, California, USA, July 6-9, 2004.

·     Semi-Automated Derivation of Personal Privacy Policies. The IRMA International Conference, New Orleans, Louisiana, USA, May 23-26, 2004.

·     Towards Better Key Exchange Performance in IPSec-Based VPNs. The IRMA International Conference, New Orleans, Louisiana, USA, May 23-26, 2004.

·     Semi-automated Derivation of Personal Privacy Policies. Digital Security Group, School of Computer Science, Carleton University, Ottawa, Canada, April 2004. Invited.

·     Security and Privacy for E-learning, Tamkang University, Taipei, Taiwan, October 2003. Invited.

·     Security and Privacy for E-learning, The Hong Kong Polytechnic University, Hong Kong, October 2003. Invited.

·     Secure Dynamic Distributed Routing Algorithm for Ad Hoc Wireless Networks. Workshop on Wireless Security and Privacy 2003, The 2003 Conference on Parallel Processing (ICPP 2003), Kaohsiung, Taiwan, Oct 6-9, 2003.

·     Feature Interactions in Policy-Driven Privacy Management. Seventh International Workshop on Feature Interactions in Telecommunications and Software Systems, Ottawa, Canada, June 11-13, 2003.

·     The Negotiation of Privacy Policies in Distance Education. 14th IRMA International Conference, Philadelphia, Pennsylvania, USA, May 18-21, 2003.

·     Bilateral E-services Negotiation Under Uncertainty. The 2003 International Symposium on Applications and the Internet (SAINT2003), Orlando, Florida, USA, Jan. 27-31, 2003.

·     Building-In Software Quality. International Software Development and Management (ISD&M) Conference, Hong Kong, Dec. 14-15, 2000.

·     Telecom Services Implementation: From Switch-Based to Internet-Based and Beyond. IEEE Canadian Conference on Electrical and Computer Engineering, Waterloo, Ontario, Canada, May 1998.

·     An Architectural Toolkit for Internet-Based Multi­media Services. Nortel Design Forum, Ottawa, Ontario, Canada, Oct. 1997.

·     Operational Profiling for Customer Use-Based Development. BNR Design Forum, Ottawa, Ontario, Canada, Dec. 1995.

·     Software Revealed! BNR Design Forum, Ottawa, Ontario, Canada, June 1995.

·     Peeking Inside the Black Box.  BNR Design Forum, Ottawa, Ontario, Canada, Dec. 1994.

·     A Transformational Approach to Process Partitioning Using Timed Petri Nets. International Computer Symposium 90 (ICS 90), Hsinchu, Taiwan, December 1990.

·     Teletraffic Relationships in Networks of Tasks. IEEE Infocom '89, Ottawa, Ontario, Canada, April 1989.

 

OTHER SCIENTIFIC AND TECHNICAL CONTRIBUTIONS

Participation as principal organizer or member of organizing committees for seminars, workshops and conferences; other service

 

As guest editor

·     Special issue on The Protection of Privacy in E-Business. International Journal of E-Business Research. April 2009.

·     Special issue on The Third IEEE International Symposium on Security in Networks and Distributed Systems (SSNDS-07). Journal of Computer Security. Vol. 16. No. 3, 2008.

·     Special issue on Privacy, Security, and Trust (PST) Technologies: Evolution and Challenges. Journal of Computer Security. Vol. 16. No. 2, 2008.

 

As member of organizing committees

·     Co-Chair, International Workshop on Cloud Privacy, Security, Risk & Trust (CPSRT 2010)

·     General Co-Chair, The 3rd IEEE International Symposium on Security in Networks and Distributed Systems (SSNDS-07)

·     Publication and Publicity Co-Chair, Privacy, Security, and Trust 2006 (PST 2006)

·     Track Chair for Security and Privacy, Canadian Conference on Electrical and Computer Engineering 2006 (CCECE 2006)

·     Tutorial and Workshop Chair, Canadian Conference on Electrical and Computer Engineering 2006 (CCECE 2006)

·     Track Co-Chair for Information Security Management, IRMA International Conference 2005

·     Co-organizer, Bell-Northern Research Design Forum, 1995-1998.

 

As member of program committees

·     Tenth Workshop on Security in Information Systems (WOSIS 2013)

·     2nd International Conference on Cloud Computing and Services Science (CLOSER 2012)

·     IEEE Cloudcom 2012 DaMIC Workshop

·     IEEE Cloudcom 2012

·     IBM Center for Advanced Studies Conference (CASCON 2002, 2004, 2006, 2007, 2008, 2011)

·     The International Conference on Security and Cryptography (SECRYPT 2009)

·     Secure Software Engineering Workshop (SecSE), 2009, 2010, 2011, 2012, 2013

·     IEEE International Workshop on Security, Trust, and Privacy for Software Applications (STPSA 2007, 2008, 2009, 2010, 2011, 2012, 2013)

·     IEEE Asia-Pacific Services Computing Conference (APSCC 2008)

·     The First International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2007)

·     IEEE International Conference on Systems, Man and Cybernetics (SMC 2007, 2008)

·     IEEE International Symposium on Ubisafe Computing (UbiSafe-07)

·     International Conference on Software Engineering Advances (ICSEA 2006. 2007, 2008)

·     The 2006 International Conference on Privacy, Security and Trust (PST 2006)

·     The IEEE International Conference on Services Computing (SCC 2006, 2007, 2008)

·     The Tenth IEEE International EDOC Conference (EDOC 2006, 2007, 2008)

·     Computer and Network Security Symposium 2006 (in conjunction with International Wireless Communications & Mobile Computing Conference (IWCMC 2006))

·     International conference on Information Society (i-Society 2006)

·     The 3rd International Conference on Ubiquitous Intelligence and Computing (UIC 2006, 2007)

·     The 3rd International Conference on Autonomic and Trusted Computing (ATC 2006)

·     The International Workshop on Security in Networks and Distributed Systems (SNDS-05, 06, 07)

·     The International Conference on Availability, Reliability and Security (AReS 2006, 2007, 2008, 2009, 2010, 2011)

·     Middleware for Web Services Workshop (MWS 2005, 2006, 2007, 2008, 2009, 2010)

·     International Conference on Computational Science and Its Applications 2005, 2006 (ICCSA 2005, 2006)

·     The IEEE International Conference on e-Technology, e-Commerce, and e-Service (EEE 2005)

·     The Second International Symposium on Ubiquitous Intelligence and Smart Worlds (UISW 2005)

·     The First International Workshop on Security in Ubiquitous Systems 2005 (SecUbiq 2005)

·     The 18th, 19th, and 20th International Conference on Advanced Information Networking and Applications (AINA 2004, 2005, 2006)

·     International Workshop on Ubiquitous Smart Worlds (USW2005)

·     International Software Development and Management Conference 2000 (ISD&M 2000)

·     14th, 15th, and 16th IRMA International Conference (IRMA 2003, 2004, 2005)

 

As associate editor for journals

·     International Journal of Secure Software Engineering (IJSSE) (from 2009)

 

As member of editorial review boards for journals

·     International Journal of E-Services and Mobile Applications (IJESMA) (from 2008)

·     International Journal of Patterns (IJOP) (from 2007)

·     International Journal of E-business Research (IJEBR) (from 2005)

·     Journal of Autonomic and Trusted Computing (JATC) (from 2005)

·     International Journal of Distance Education Technologies (JDET) (from 2002)

 

As reviewer (outside of program committee and editorial review board)

·     MASCOTS 2002, ICCSA 2005, IEA/AIE 2004, WPES 2004, ACSAC 2005, International Journal of High Performance Computing and Networks (IJHPCN), Encyclopedia of Online Learning and Technology (Information Science Publishing, 2005), Encyclopedia of E-Commerce, E-Government and Mobile Commerce (Idea Group Inc., 2005), Formal Methods Europe (1997-1998), IEEE Transactions on Parallel and Distributed Systems (1997-1998), Communications of the ACM (1996-1997), FORTE (1994-1997), Software Quality Journal (ongoing), IBM Systems Journal (ongoing), IEEE Transactions on Services Computing (ongoing), IEEE Spectrum, Data and Knowledge Engineering, IET Information Security, Advances in Software Engineering, book chapters

 

As session chair

·     The International Conference on Security and Cryptography (SECRYPT 2010), Athens, Greece, July 26-28, 2010.

·     The IEEE International Conference on Web Services 2007 (ICWS 2007), Salt Lake City, Utah, USA, July 9-13, 2007.

·     The 3rd IEEE International Symposium on Security in Networks and Distributed Systems (SSNDS-07), Niagara Falls, Canada, May 21-23, 2007.

·     The Second International Workshop on Security in Networks and Distributed Systems (SNDS-06), Vienna, Austria, April 18-20, 2006.

·     The IEEE Canadian Conference on Electrical and Computer Engineering (CCECE 2006), Ottawa, Ontario, Canada, May 7-10, 2006.

·     The IEEE International Conference on Web Services 2005 (ICWS 2005), Orlando, Florida, USA, July 11-15, 2005

·     19th International Conference on Advanced Information Networking and Applications (AINA 2005)

·     The IRMA International Conference, San Diego, California, USA, May 15-18, 2005.

·     14th IRMA International Conference, Philadelphia, Pennsylvania, May 2003

·     International Software Development and Management Conference 2000 (ISD&M 2000)

·     IEEE Canadian Conference on Electrical and Computer Engineering, May 1998

 

Other service

·     Vice-Chair of Ottawa IEEE Reliability and Power Electronics Society, helped to organize talks, 2010.

·     Chair of Ottawa IEEE Computer Society, organized and hosted 3 seminars per year on average, including speakers from the IEEE Computer Society Distinguished Visitors Program, 1998-2007 (Vice-Chair, 1995-1998)

·     Member of thesis defense boards for Carleton University and University of Ottawa, from 2003

·     Reviewer of grant applications to NSERC, NRC IRAP, AIF (Atlantic Innovation Fund), others

 

PREVIOUS EMPLOYMENT

·       Independent Consultant, 2009 - 2012

·       National Research Council Canada, 2001 - 2009

·       Nortel Networks, 1996 - 2001

·       Bell-Northern Research, 1990 - 1995

 

Last updated: February, 2013.