Publications

 

Book

  1. James B. D. Joshi, "A Generalized Temporal Role Based Access Control Model for Developing Security Systems," Thesis, Purdue University, 2003.

  2. Yi Qian, James B. D. Joshi,  David Tipper, Prashant Krishnamurthy,  (Editors) "Information Assurance: Survivability and Security in Networked Systems," To be published by Morgan Kaufmann Publishers, an imprint of ELSEVIER, Jan, 2008.

  3. James B. D. Joshi et al. "Network Security: Know It All," May, 2008 (Contributor)

Book Chapter

  1. James B D Joshi, Yue Zhang “Access Control and Trust Management for Emerging Multidomain Environments,” in Annals of Emerging Research in Information Assurance, Security and Privacy Services, Editors: S. Upadhyaya, R. O. Rao (in progress; invited)

  2. James, B.D. Joshi and Yue Zhang, "Role Based Access Control," Encyclopedia of Database Systems, Editors-in-Chief: Ling Liu, M. Tamer Özsu, Springer (In Print).

  3. James, B.D. Joshi and Yue Zhang, "Temporal Access Control," Encyclopedia of Database Systems, Editors-in-Chief: Ling Liu, M. Tamer Özsu, Springer (In Print).

  4. James Joshi et al (all editors), “Information Assurance,” (Chapter 2), in our edited book [2] listed above

  5. James Joshi, Prashant Krisnamurthy, “Network Security,” (Chapter 1) in book [3] above.

  6. James B. D. Joshi, Mei-Ling Shyu, Shu-Ching Chen, Walid Aref, Arif Ghafoor, "A Multimedia-Based Threat Management and Information Security Framework," in Multimedia Technologies: Concepts, Methodologies, Tools, and Applications (3 Volumes) Edited By: Mahbubur Rahman Syed, Minnesota State University, Mankato, USA, June, 2008

  7. James B D Joshi, Prashant Krishnamurthy,  “Network Security”, a chapter for book Information Assurance: Survivability and Security in Networked Systems to be Published in 2007 by Elsevier, Inc.

  8. James B D Joshi, Siqing Du, Saubhagya R Joshi, “A Trust Based Access Control Management Framework for a Secure Grid Environment” in Book titled: Security in Distributed, Grid, and Pervasive Computing, Edited by Dr. Yang Xiao, to be published by Auerbach Publications, CRC Press 2007.

  9. James B. D. Joshi, S. R. Joshi, and  S. M. Chandran, "Information Security Issues and Challenges," in Encyclopedia of Digital Government, 2006.

  10. James B. D. Joshi, S. R. Joshi, and S. M. Chandran, "Identity Management and Privacy Issues," in Encyclopedia of Digital Government, 2006.

  11. James B. D. Joshi, S. M. Chandran, A. Ghafoor, and W. G. Aref, "Survivability Issues and Challenges," in Encyclopedia of Digital Government, 2006.

  12. James B. D. Joshi, Arif Ghafoor, Walid Aref, Eugene H. Spafford, "Digital Government Security and Privacy Challenges", William J. McIver, Jr. and Ahmed K. Elmagarmid (eds) (Fall 2001) Advances in Digital Government: Technology, Human Factors, and Policy . Boston : Kluwer, 2002, Chapter 7, pages 121-136.

  13. James B.D. Joshi, Mei-Ling Shyu, Shu-Ching Chen, Walid Aref, Arif Ghafoor, "A Multimedia-Based Threat Management and Information Security Framework," in eds: Elena Ferrari, Bhavani Thuraisingham in Web and Information Security, IDEA Group, 2005.

  14.  James B. D. Joshi, Siqing Du, Saubhagya R. Joshi, “A Trust Based Access Control Management Framework for a Secure Grid  Environment” in Book titled "Security in Distributed, Grid, and Pervasive Computing", Edited by  Prof. Yang Xiao, to be published by Auerbach Publications, CRC Press 2006.

Journal article/paper

  1. Carlos E. Caicedo, James Joshi, Summit Tuladhar, “IPv6 Security Challenges,” Vol(42), Issue(2), (Feb, 2009), IEEE Computer, Page(s): 36-42.

  2. Yue Zhang, James Joshi, “SRBAC07: A Scoped Administration Model for RBAC with Hybrid Hierarchy,” The Third International Symposium on Information Assurance and Security, Journal of Information Assurance and Security 2007 (Volume 2, issue 4)

  3. James, B.D. Joshi, Elisa Bertino, Arif Ghafoor and Yue Zhang, "Formal Foundations for hybrid hierarchies in GTRBAC", ACM Transactions on Information and System Security (TISSEC), Vol. 10, No. 4, Jan, 2008, pp. 1-39.

  4. James B. D. Joshi, Elisa Bertino, Arif Ghafoor, "Analysis of Expressiveness and Design Issues for a Temporal Role Based Access Control Model," Transactions on Dependable and Secure Computing, April-June 2005. (PDF)

  5. Basit Shafiq, James B. D. Joshi, Elisa Bertino, Arif Ghafoor, "Secure Interoperation in a Multi-Domain Environment Employing RBAC Policies," IEEE Transactions on Knowledge and Data Engineering. Vol. 17, No. 11, Pages 1557 - 1577, Nov. 2005.

  6. James B. D. Joshi, Rafae Bhatti,  Elisa Bertino, Arif Ghafoor, “An Access Control Language for Multidomain Environments”, IEEE Internet Computing, Nov-Dec, 2004.

  7. Rafae Bhatti, James B. D. Joshi, Elisa Bertino, Arif Ghafoor, "X-GTRBAC: An XML-based Policy Specification Framework and Architecture for Enterprise-Wide Access Control", Submitted to ACM Transactions on Information and System Security, Vol. 8, No. 2, Pages 187-227, May 2005.

  8. Rafae Bhatti, Basit Shafiq, James B. D. Joshi, Elisa Bertino, Arif Ghafoor, "X-GTRBAC Admin: A Decentralized Administration Model for Enterprise Wide Access Control," ACM Transactions on Information and System Security Vol. 8, No. 4, November 2005, Pages 388–423.

  9. James B. D. Joshi, Elisa Bertino, Usman Latif, Arif Ghafoor, "Generalized Temporal Role Based Access Control Model," IEEE Transactions on Knowledge and Data Engineering Vol 7, No. 1, Jan, 2005.

  10. Rafae Bhatti, James B. D. Joshi, Elisa Bertino, Arif Ghafoor, "XML-Based Specification for Web Services Document Security", IEEE Computer, Vol. 37, Number 4, April, 2004, pp 41-49.

  11. James B. D. Joshi, Kevin Li, Husni Fahmi, Basit Shafiq, Arif Ghafoor, "A Model for Secure Multimedia Document Database System in a Distributed Environment", IEEE Transactions on Multimedia: Special Issue of on Multimedia Datbases, Vol. 4, No. 2, June , 2002.pages 215-234.

  12. James B. D. Joshi, Arif Ghafoor, Walid Aref, Eugene H. Spafford, "Digital Government Security Infrastructure Design Challenges", IEEE Computer , Vol. 34, No. 2, February 2001, pages 66-72.

  13. James B. D. Joshi, Walid G. Aref, Arif Ghafoor and Eugene H. Spafford, "Security models for web-based applications" , Communications of the ACM, 44, 2 (Feb. 2001), Page 38-44.

Refereed conference/workshop/symposium paper

  1. Saman Taghavi Zargar, M. Amir Moulavi, Rajkumar Buyya, Mahmoud Naghibzadeh, and James B. D. Joshi, “RRNA: Reliable Soft Real-Time Network Aware Grid Scheduling Algorithm Using Round Trip Time”, to be published in the12 th Communications and Networking Simulation Symposium (CNS'09), March22 -27,2009 , San Diego, CA.

  2. Amirreza Masoumzadeh and James B. D. Joshi, "PuRBAC: Purpose-aware role-based access control," in Proc. 3rd Int'l Symposium on Information Security, ser. Lecture Notes in Computer Science. Springer, Nov. 10-11 2008.

  3. Yue Zhang and James B.D. Joshi, "Temporal UAS: Supporting Efficient RBAC Authorization in Presence of the Temporal Role Hierarchy", IEEE/IFIP International Symposium on Trust, Security and Privacy for Pervasive Applications (TSP-08), Dec. 2008, ShangHai, China

  4. Youna Jung, Amirreza Masoumzadeh, James B.D. Joshi, Minkoo Kim, " RiBAC: Role Interaction based Access Control Model for Community Computing", The 4th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom2008), Nov.13-16, 2008, Orlando, FL, USA.

  5. Minsoo Kim, James B.D. Joshi, Minkoo Kim, " Access Control for Cooperation Systems based on Group Situation", The 4th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom2008), Nov. 13-16, 2008, Orlando, FL, USA

  6. Yue Zhang and James B.D. Joshi, "A Framework for User Authorization Query Processing in RBAC extended with Hybrid Hierarchy and Constraints", ACM symposium on access control models and technologies (SACMAT), Jun. 2008, Estes Park, CO.

  7. Yue Zhang, James Joshi, “SRBAC07: A Scoped Administration Model for RBAC with Hybrid Hierarchy,” The Third International Symposium on Information Assurance and Security, August 29-31, 2007, Manchester, United Kingdom.

  8. Yue Zhang, James Joshi, “ARBAC07: A Role-based Administration Model for RBAC with Hybrid Hierarchy,” IEEE Proceedings of the International Conference on Information Reuse and Integration, Las Vegas, Aug13-15, 2007.

  9. Summit R. Tuladhar, Carlos E. Caicedo, James B. D. Joshi, “Inter-Domain Authentication for Seamless Roaming in Heterogeneous Wireless Networks,” IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing, June 11-13, 2008 Taichung, Taiwan.

  10. Carlos E. Caicedo, James B. D. Joshi, “Security Issues in IPv6,” ITERA-08, March 27-29, 2008 (Rich Thompson, in his report, says: “I think this was the best paper at the conference”)

  11. Yue Zhang, James Joshi, “SRBAC07: A Scoped Administration Model for RBAC with Hybrid Hierarchy,” The Third International Symposium on Information Assurance and Security, August 29-31, 2007, Manchester, United Kingdom

  12. Yue Zhang, James Joshi, “ARBAC07: A Role-based Administration Model for RBAC with Hybrid Hierarchy,” IEEE Proceedings of the International Conference on Information Reuse and Integration, Las Vegas, Aug13-15, 2007.

  13. Kai Ouyang James B. D. Joshi, “CT-RBAC: A Temporal RBAC Model with Conditional Periodic Time,” Third International Workshop on Information Assurance, New Orleans, April 2007.

  14. Michael Chuang, Suronapee Phoomvuthisarn, James B. D. Joshi, “An Integrated Framework for Trust-Based Access Control for Open Systems,” CollaborateCom 2006, GA, USA.

  15. Jun-Hyung Park, Min-Soo Kim, Bong-Nam Noh, James B. D. Joshi, “A Similarity based Technique for Detecting Malicious Executable files,” IEEE Proceedings of the International Conference on Information Reuse and Integration, Hawaii, 2006.

  16. Siqing Du, James B. D. Joshi, “Supporting Authorization Query and Inter-domain Role Mapping in Presence of Hybrid Role Hierarchy,” The 11th ACM Symposium on Access Control Models and Technologies, USA, June 2006.

  17. James B. D. Joshi, Elisa Bertino, “Fine-grained Role-based Delegation in Presence of Hybrid Role Hierarchy,” The 11th ACM Symposium on Access Control Models and Technologies, USA, June 2006.

  18.  Suroop M Chandran, Korporn Panyim, James B. D. Joshi, “A Requirements-Driven Trust Framework for Secure Interoperation in Open Environments", The Fourth International Conference on Trust Management, (iTrust-06), May 16-19, Italy, 2006.

  19. Suroop M Chandran, James B. D. Joshi, “LoT RBAC: A Location and Time-based RBAC Model", Proceedings of the 6th International Conference on Web Information Systems Engineering (WISE 2005), New York, Nov 2005 (12% acceptance).

  20. Suroop M Chandran, James B. D. Joshi, “Towards Administration of a Hybrid Role Hierarchy", IEEE International Conference on Information Reuse  and Integration, 2005.

  21. Smithi Piromruen, James B. D. Joshi, “An RBAC Framework for Time Constrained Secure Interoperation in Multi-domain Environment,” IEEE Workshop on Object-oriented Real-time Databases (WORDS-2005), 2005.

  22. Basit Shafiq, Ammar Masood, and Arif Ghafoor, James B. D. Joshi, "A Role-Based Access Control Policy Verification Framework for Real-Time Systems", IEEE Workshop on Object-oriented Real-time Databases (WORDS-2005), 2005.

  23. Rafae Bhatti, James B. D. Joshi, Elisa Bertino, Arif Ghafoor, "X-GTRBAC Admin: A Decentralized Administration Model for Enterprise Wide Access Control" 9th ACM Symposium on Access Control Models and Technologies, New York, June 2-3, 2004.

  24. James B. D. Joshi, Elisa Bertino, Basit Shafiq, Arif Ghafoor, "Dependencies and Separation of Duty Constraints in GTRBAC", 8th ACM Symposium on Access Control Models and Technologies , Como , Italy , June 2-3, 2003.

  25. Rafae Bhatti, James B. D. Joshi, Elisa Bertino, Arif Ghafoor, "Access Control in Dynamic XML-based Web-Services with X-RBAC", The First International Conference on Web Services , Las Vegas, June 23-26, 2003.

  26. James B. D. Joshi, Elisa Bertino, Arif Ghafoor, "Hybrid Role Hierarchy for Generalized Temporal Role Based Access Control Model. 26th Annual International Computer Software and Applications Conference Workshop, (COMPSAC 2002 Workshop), Oxford , England , 26-29th August, 2002.

  27. James B. D. Joshi, Elisa Bertino, Arif Ghafoor, "Temporal Hierarchy and Inheritance Semantics for GTRBAC", 7th ACM Symposium on Access Control Models and Technologies, California , USA , June 3-4, 2002.

  28. James B. D. Joshi, A. Ghafoor, "A Petri-Net Based Multilevel Security Specification Mechanism for Multimedia Documents in a Multidomain Environment", The Second Annual Systems Security Engineering Conference, 28 Feb – Mar 2, 2001, Orlando, FL.

  29. J. Joshi, A. Ghafoor, "A Petri-Net Based Multilevel Security Specification Model for Multimedia Documents" IEEE International Conference on Multimedia and Expo, New York, USA, July 30-August 2, 2000.

  30. S. Sedigh, J. Joshi, A.Bashandy, A. Ghafoor,"Quality based evaluation of filtering mechanisms in MPEG video communications", Proc. of 17th IEEE Symposium on Reliable and Distributed Computing, 1998.

Technical Reports (Most of the above papers are also available as CERIAS tech reports)

  1. Joshi, J., Bhatti, R., Bertino, E., Ghafoor, A., “X- RBAC : An Access Control Language for Multi-domain Environments,” CERIAS, School of Electrical and Computer Engineering, Purdue University, Technical Report CERIAS TR 2004-46.

  2. Bhatti, R., Bertino, E., Ghafoor, A., Joshi, J., “XML-Based Specification for Web Services Document Security” CERIAS, School of Electrical and Computer Engineering, Purdue University, Technical Report CERIAS TR 2004-65.

  3. Joshi, J., Bhatti, R., Bertino, E., Ghafoor, “X- RBAC : An Access Control Language for Multi-domain Environments” CERIAS, School of Electrical and Computer Engineering, Purdue University, Technical Report CERIAS TR 2004-46.

  4. Bhatti, R., Joshi, J, Bertino, E., Ghafoor, A, “X-GTRBAC Admin: A Decentralized Administration Model for Enterprise Wide Access Control,” CERIAS, School of Electrical and Computer Engineering, Purdue University, Technical Report CERIAS TR 2004-04.

  5. Bhatii, R., Joshi, J., Bertino, E, Ghafoor, A., “Access Control in Dynamic XML-based Web-Services with X-RBAC” CERIAS, School of Electrical and Computer Engineering, Purdue University, Technical Report CERIAS TR 2003-26

  6. Joshi, J., “Generalized Temporal Role Based Access Control Model for Developing Secure Systems” CERIAS, School of Electrical and Computer Engineering, Purdue University, Technical Report CERIAS TR 2003-23.

  7. Shafiq, B. Joshi, J., Bertino, E., Ghafoor, A., “Optimal Secure Interoperation in a Multi-Domain Environment Employing RBAC Policies” CERIAS, School of Electrical and Computer Engineering, Purdue University, Technical Report CERIAS TR 2003-24.

  8. Joshi, J., Bertino, E., Shafiq, Ghafoor, A., “Dependencies and Separation of Duty Constraints In GTRBAC” CERIAS, School of Electrical and Computer Engineering, Purdue University, Technical Report CERIAS TR 2003-04.

  9. Joshi, J., Bertino, E., Shafiq, B., Latif, U., Ghafoor, A., “Generalized Temporal Role Based Access Control Model (GTRBAC) (Part II) - Expressiveness and Design Issues” CERIAS, School of Electrical and Computer Engineering, Purdue University, Technical Report CERIAS TR 2003-01.

  10. Shafiq, B., Joshi, J. B. D., and Ghafoor, A., "A Petri-Net Model for Verification of RBAC Policies," CERIAS, Purdue University, Technical Report TR 2002-33, 2002.

  11. Shafiq, B., Joshi, J., Bertino, E., and Ghafoor, A., "Optimal Secure Interoperation in a Multi-Domain Environment Employing RBAC Policies," CERIAS, School of Electrical and Computer Engineering, Purdue University, Technical Report CERIAS TR 2003-24, 2003.

  12. Joshi, J. Bertino, E. Ghafoor, A., “Temporal Hierarchy and Inheritance Semantics for GTRBAC” CERIAS, School of Electrical and Computer Engineering, Purdue University, Technical Report CERIAS TR 2001-52
    [248] Joshi, J., Bertino, E., Latif, U., Ghafoor, A., “Generalized Temporal Role Based Access Control Model

  13. (GTRBAC) (Part I) - Specification and Modeling” CERIAS, School of Electrical and Computer Engineering, Purdue University, Technical Report CERIAS TR 2001-47

  14. Joshi, J. Ghafoor, A., Aref, W. G., Spafford, E., “Digital Government Security Infrastructure Design Challenges” CERIAS, School of Electrical and Computer Engineering, Purdue University, Technical Report CERIAS TR 2001-31.

  15. Joshi, J., Ghafoor, A., “A Petri-net Based Multilevel Security Specification Model for Multimedia Documents” CERIAS, School of Electrical and Computer Engineering, Purdue University, Technical Report CERIAS TR 2000-09.

  16. Joshi, J., Ghafoor, A, “A Petri-net Based Multilevel Security Specification Model for Multimedia Documents” CERIAS, School of Electrical and Computer Engineering, Purdue University, Technical Report CERIAS TR 2000-09

Invited Talks/Guest Lecture

  1. Carnegie Mellon University, April, 2007. (Guest Lecture for Robert Seacord, Author of “Secure coding in C/C++”).

  2. Department of Electrical and Computer Engineering, University of Florida, Gainesville, March, 2007

  3. Department Software and Information Systems, University of North Carolina, Charlotte, March, 2007

  4. School of Computer and Information Sciences, Florida International University, Miami, Feb, 2007

  5. Department Electrical and Computer Engineering, University of Pittsburgh, March 23, 2006

  6. Department of Electrical and Computer Engineering, CyCare, Virginia Tech, March 14, 2006

  7. Department of Computer Science, University of Pittsburgh, Nov 2, 2005

  8. Center of Education and Research in Information Assurance and Security (CERIAS), Purdue UniversityNov 10, 2004

  9. Guest Lecturer, School of Information Science, University of Pittsburgh, April 5, 2004

  10. Heinz School Public Policy and Management, Carnegie Mellon University, April 1, 2004

  11. School of Computer and Information Science, University of California, Irvine, 2003

  12. Department of Computer Science, University of Texas, Arlington, 2003.

Poster Presentations

  1. A Role-based Access Control Framework for Workflow Security. I-Fest, University of Pittsburgh, 2005

  2. A Trust-based Access Control Management Framework, I-Fest, University of Pittsburgh, 2005.

  3. A Generalized Temporal Role Based Access Control Framework for XML-based applications. Fourth Annual Research Symposium, Center of Education and Research in Information Assurance and Security, April 8-9 2003.

  4. Secure Interoperation in a Multidomain Environment. Fourth Annual Research Symposium, Center of Education and Research in Information Assurance and Security, April 8-9 2003.

  5. A Pragmatic Approach for Developing Secure Multidomain Environments. Third Annual Research Symposium, Center of Education and Research in Information Assurance and Security, April 2002.

  6. Specification & Development of an Automatic and Secure Multimedia Document System. First Annual Research Symposium, Center of Education and Research in Information Assurance and Security, April 2002.