Panel on Security and Privacy in the Age of Internet of Things: Opportunities and Challenges

The Internet of Things (IoT) connects the world. Everyday devices, including home automation systems, vehicles, medical devices, cameras, watches, and phones, are increasingly equipped with sensors and Internet connectivity for remote sensing and control. Though they may seem harmless, these smart entities can actually track, collect, and relay consumers' data that could include confidential and sensitive personal information. This data can then be sent to remote locations for further analysis, processing, or retention on a variety of application and service platforms (e.g., cloud services). Every single device and platform in the IoT space might present a potential risk or threat that could be exploited to harm users. In response to the new security and privacy concerns raised by emerging Internet of Things (IoT) technology, this panel discusses the current efforts and challenges to secure the IoT devices and to protect the integrity and privacy of users' data.

Panel Chair

Jianwei Niu is an associate professor in the Department of Computer Science at University of Texas at San Antonio (UTSA). She received her Ph.D. from University of Waterloo and joined UTSA in 2005. The common thread running through her research projects has been applying rigorous, yet usable specification and verification techniques (formal methods) to improve software dependability, in particular, security and privacy. Her research has been funded by NSF, NSA, Texas Higher Education Coordinating Board, and Microsoft Inc., with a total amount of $1.8 million. Her teaching was recognized at UTSA by the President's Distinguished Achievement Award for Teaching Excellence in 2009. She has served on the organizing committees and program committees of many conferences, including ICSE, SACMAT, and ASIACCS.

---

Panelists

Yier Jin is currently an assistant professor in the EECS Department at the University of Central Florida. He received his PhD degree in Electrical Engineering in 2012 from Yale University after he got the B.S. and M.S. degrees in Electrical Engineering from Zhejiang University, China, in 2005 and 2007, respectively. His research focuses on the areas of trusted embedded systems, trusted hardware intellectual property (IP) cores and hardware-software co-protection on computer systems. He proposed various approaches in the area of hardware security, including the hardware Trojan detection methodology relying on local side-channel information, the post-deployment hardware trust assessment framework, and the proof-carrying hardware IP protection scheme. He is also interested in the security analysis on Internet of Things (IoT) and wearable devices with particular emphasis on information integrity and privacy protection in the IoT era. He is the best paper award recipient of the 52nd Design Automation Conference in 2015 and the 21st Asia and South Pacific Design Automation Conference in 2016. He serves and has served on the Organizing Committees and Technical Program Committees of many Conferences and Workshops such as DAC, ICCAD, ASPDAC, HOST, ISVLSI, ICCD, etc.

Adam J. Lee is currently an Associate Professor of Computer Science at the University of Pittsburgh, where he previously held the position of Assistant Professor (2008-2014). Prior to joining the University of Pittsburgh, he received the MS (2005) and PhD (2008) degrees in Computer Science from the University of Illinois at Urbana-Champaign, and received his BS in Computer Science from Cornell University (2003). His research interests lie at the intersection of the computer security, privacy, and distributed systems fields. Dr. Lee's research has been supported by the NSF and DARPA, and he is an NSF CAREER award recipient (2012). For more information, please see http://www.cs.pitt.edu/~adamlee.

Ravi Sandhu is Executive Director of the Institute for Cyber Security at the University of Texas at San Antonio, where he holds the Lutcher Brown Endowed Chair in Cyber Security. Previously he served on the faculty at George Mason University (1989-2007) and Ohio State University (1982-1989). He holds BTech and MTech degrees from IIT Bombay and Delhi, and MS and PhD degrees from Rutgers University. He is a Fellow of IEEE, ACM and AAAS, and has received awards from IEEE, ACM, NSA and NIST. A prolific and highly cited author, his research has been funded by NSF, NSA, NIST, DARPA, AFOSR, ONR, AFRL and private industry. His seminal papers on role-based access control established it as the dominant form of access control in practical systems. His numerous other models and mechanisms have also had considerable real-world impact. He served as Editor-in-Chief of the IEEE Transactions on Dependable and Secure Computing, and previously as founding Editor-in-Chief of ACM Transactions on Information and System Security. He was Chairman of ACM SIGSAC, and founded the ACM Conference on Computer and Communications Security, the ACM Symposium on Access Control Models and Technologies and the ACM Conference on Data and Application Security and Privacy. He has served as General Chair, Steering Committee Chair, Program Chair and Committee Member for numerous security conferences. He has consulted for leading industry and government organizations, and has lectured all over the world. He is an inventor on 30 security technology patents and has accumulated over 31,000 Google Scholar citations for his papers. At the Institute for Cyber Security his research projects include attribute-based access control, secure cloud computing, secure information sharing, social computing security, and secure data provenance. His web site is at http://www.profsandhu.com.

Wenyuan Xu is currently a professor in the College of Electrical Engineering at Zhejiang University. She received her B.S. degree in Electrical Engineering with the highest honor from Zhejiang University in 1998, an M.S. degree in Computer Science and Engineering from Zhejiang University in 2001, and the Ph.D. degree in Electrical and Computer Engineering from Rutgers University in 2007. Her research interests include wireless networking, network security, and IoT security. Dr. Xu received the NSF Career Award in 2009, and was selected as a young professional of the thousand talents plan in China in 2012. She was granted tenure (an associated professor) in the Department of Computer Science and Engineering at the University of South Carolina in the U.S. She has served on the technical program committees for several IEEE/ACM conferences on wireless networking and security, and she is an associated editor of EURASIP Journal on Information Security.

Xiaoguang Zhang is an Executive Director of Technology and Info Risk Department and responsible for Access Management Technology. Since joining Morgan Stanley in 2010, Xiaoguang Zhang has have devoted himself as a Developer manager and Architect in to a number of critical access management projects. He also led the team to set up the first Morgan Stanley Innovation Center of Computing on Financial Services in collaboration with Shanghai JiaoTong University since March 2011. Prior to Morgan Stanley, Xiaoguang Zhang served at SAP Sybase between 1998 and 2004 as a Developer Manager on PowerDesigner, which has the No. 1 market share worldwide of Data Modeling Tooling. He also worked in BenQ mobility between 1998 to and 2004, where he specialized in the first generation of GSM mobile phone. In 2000, Xiaoguang received his Ph.D degree from Shanghai JiaoTong University. His research results were published in EI/SCI Indexed IEEE conference and Journals. His recent research interests are mainly focused on Identify and Access Management, Data Analysis, and Behavior Based Monitoring.