Edit My Profile

Integrated Search Menu

Search in:

Gail-Joon Ahn

Profile photo
School of Computing, Informatics, and Decision Systems Engineering
Professor
Faculty, TEMPE Campus, Mailcode 8809
Biography: 

Gail-Joon Ahn is a professor of computer science and engineering in the School of Computing, Informatics, and Decision Systems Engineering and the director of Center for Cybersecurity and Digital Forensics at Arizona State University. He is also a Fulton Entrepreneurial Professor. He has authored more than 150 refereed research papers. Prior to joining ASU, he was an associate professor of the College of Computing and Informatics and founding director of Center for Digital Identity and Cyber Defense Research at University of North Carolina at Charlotte.

His research foci include security analytics and big data driven security intelligence, vulnerability and risk management, access control and security architecture for distributed systems, identity and privacy management, cyber crime analysis, security-enhanced computing platforms, and formal models for computer security device. His research has been supported by National Science Foundation, National Security Agency, Department of Defense, Office of Naval Research, Department of Energy, Department of Justice, Allstate, Intel, Bank of America, CISCO, GoDaddy, Hewlett Packard, Google, Microsoft and Robert Wood Johnson Foundation.

He is currently the information director of ACM Special Interest Group on Security, Audit and Control (SIGSAC) and he is a recipient of U.S. Department of Energy Early Career Principal Investigator Award, Educator of the Year Award from Federal Information Systems Security Educators' Association (FISSEA) and Best Researcher Award from CIDSE. Also, he serves as associate editor-in-chief of IEEE Transactions on Dependable and Secure Computing, associate editor of ACM Transactions on Information and Systems Security and editorial board of Computers & Security. He is also the Steering Committee chair of ACM Symposium on Access Control Models and Technologies and the general chair of ACM Conference on Computer and Communications Security (CCS 2014).

 

Education: 

Ph.D. George Mason University 2000

Research Interests: 

His research foci include security analytics and big data driven security intelligence, vulnerability and risk management, access control and security architecture for distributed systems, identity and privacy management, cyber crime analysis, security-enhanced computing platforms, and formal models for computer security device. His research has been supported by National Science Foundation, National Security Agency, Department of Defense, Office of Naval Research, Department of Energy, Department of Justice, Allstate, Intel, Bank of America, CISCO, GoDaddy, Hewlett Packard, Google, Microsoft and Robert Wood Johnson Foundation.

Research/Areas of Expertise:

Security analytics and big data driven security intelligence 
Formal Models for Computer Security
Network and Distributed Systems Security
Vulnerability and Risk Assessment
Cyber Crime Analysis

Publications: 

Selected publications:

  • Ziming Zhao, Gail-J. Ahn, and Hongxin Hu, Picture Gesture Authentication: Empirical Analysis, Automated Attacks, and Scheme Evaluation, ACM Transactions on Information and System Security, 2015.
  • Yiming Jing, Gail-J. Ahn, Ziming Zhao, and Hongxin Hu, Towards Automated Risk Assessment and Mitigation of Mobile Application, IEEE Transactions on Dependable and Secure Computing, 2014.
  • Mukesh Singhal, Santosh Chandrasekhar, Ge Tingjian, Ravi Sandhu, Ram Krishnan, Gail-J. Ahn and Elisa Bertino, Collaboration in Multi-Cloud Applications: Framework and Security Issues, IEEE Computer, February, 2013.
  • Hongxin Hu, Gail-J. Ahn and Jan Jorgense, Multiparty Access Control for On-line Social Networks: Model and Mechanisms, IEEE Transactions on Knowledge and Data Engineering, Vol. 25, No. 7, July 2013.
  • Hongxin Hu, Gail-J. Ahn and Ketan Kulkarni, Discovery and Resolution of Anomalies in Web Access Control Policies, IEEE Transactions on Dependable and Secure Computing, 2013.
  • Mohamed Shehab, Anna Squicciarini, Gail-J. Ahn, Irini Kokkinou, Access Control for Online Social Networks Third Party Applications, Computers & Security, Elsevier, Vol. 31, No. 8, November 2012.
  • Gail-J. Ahn, Jing Jin and Mohamed Shehab, Policy-driven Role-based Access Management for Ad-hoc Collaboration, Journal of Computer Security, Vol. 20, 2012.
  • Hongxin Hu, Gail-J. Ahn and Ketan Kulkarni, Detecting and Resolving Firewall Policy Anomalies,  IEEE Transactions on Dependable and Secure Computing, Vol. 9, No. 3, 2012.
  • Ziming Zhao, Hongxin Hu, Gail-J. Ahn and Ruoyu Wuy, Risk-Aware Response for Mitigating MANET Routing Attacks, IEEE Transactions on Dependable and Secure Computing, Vo.9, No. 2, 2012.
  • Jing Jin, Gail-J. Ahn, Hongxin Hu, Michael Covington, and Xinwen Zhang, Patient-centric Authorization Framework for Electronic Health Records, Computers & Security, Vol. 30, No. 2-3, Elsevier Science, March-May 2011.
  • Hassan Takabi, James Joshi, and Gail-J. Ahn, Security and Privacy Challenges in Cloud Computing Environments, IEEE Security and Privacy, November/December 2010.
  • Karsten Sohr, Michael Drouineaud, Gail-Joon Ahn, and Martin Gogolla. Analyzing and Managing Role-Based Access Control Policies. IEEE Transactions on Knowledge and Data Engineering (2008).
  • Gail-J. Ahn, Hongxin Hu and Jing Jin. Towards Role-based Authorization for OSGi Service Environments. Proc. of the 12th IEEE International Workshop on Future Trends of Distributed Computing Systems (FTDCS 2008) (2008).
  • Gail-J. Ahn, Moonam Ko and Mohamed Shehab. Portable User-Centric Identity Management. Proc. of 23rd IFIP International Information Security Conference (SEC 2008) (2008).
  • Gail-J. Ahn, Napoleon Paxton and Kevin Pearson. Understanding IRC Bot Behaviors in Network-centric Attack Detection and Prevention Framework. Proc. of 3rd International Conference on Information Warfare and Security (2008).
  • Gail-J. Ahn, Wenjuan Xu and Xinwen Zhang. Visualization Based Policy Analysis: Case Study in SELinux. Proc. of IEEE Workshop on Policies for Distributed Systems and Networks (POLICY’08) (2008).
  • Hongxin Hu and Gail-J. Ahn. Enabling veri?cation and conformance testing for access control model,. Proc. of 13th ACM Symposium on Access Control Models And Technologies (SACMAT) (2008).
  • Jing Jin, Gail-J. Ahn, Michael J. Covington, and Xinwen Zhang. Toward an Access Control Model for Sharing Composite Electronic Health Records. Proc. of the 4th International Conference on Collaborative Computing (2008).
  • Karsten Sohr, Tanveer Mustafa, Gail-J. Ahn and Xinyu Bao. Enforcing Role-Based Access Control Policies in Web Services with UML and OCL. Proc. of the 24th Annual Computer Security Applications Conference (ACSAC) (2008).
  • Mizuho Iwaihara, Kohei Murakami, Gail-J. Ahn and Masatoshi Yoshikawa. Risk Evaluation for Personal Identity Management Based on Privacy Attribute Ontology. Proc. of the 27th International Conference on Conceptual Modeling (ER 2008) (2008).
  • Mohamed Shehab, Anna Squicciarini and Gail-J. Ahn. Beyond User-to-User Access Control for Online Social Networks. Proc. of the10th International Conference on Information and Communications Security (ICICS 2008), LNCS 5309 (2008).
  • Wenjuan Xu, Mohamed Shehab and Gail-J. Ahn. Systematic Policy Analysis for High-assurance Services in SELinux. Proc. of 13th ACM Symposium on Access Control Models And Technologies (SACMAT) (2008).
  • B. Tolone, Gail-Joon Ahn, T. Pai and S. Hong, Access Control in Collaborative Systems, ACM Computing Surveys, Vol. 37, No. 1, ACM, March 2005.
  • Longhua Zhang, Gail-Joon Ahn and Bill Chu, A Rule-Based Framework for Role-Based Delegation and Revocation, ACM Transactions on Information and System Security, Vol.6, No.3, August 2003.
  • Gail-Joon Ahn, S. Hong and M. Shin, Reconstructing a Formal Security Model, Information and Software Technology, Vol. 44, No. 11, Elsevier Science, August 2002.
  • Joon Park, Gail-Joon Ahn and Ravi Sandhu, Secure Attribute Services on the Web, ACM Transactions on Information and System Security, Vol. 4, No. 1, February 2001.
  • Gail-Joon Ahn and Ravi Sandhu, Role-based Authorization Constraints Specification, ACM Transactions on Information and System Security, pages 207-226, Vol. 3, No. 4, ACM, November 2000.
Research Activity: 
Summer 2021
Course NumberCourse Title
CEN 584Internship
Spring 2021
Course NumberCourse Title
CSE 493Honors Thesis
CSE 580Practicum
CSE 584Internship
CSE 590Reading and Conference
CSE 595Continuing Registration
CSE 599Thesis
CSE 790Reading and Conference
CEN 792Research
CSE 792Research
CEN 795Continuing Registration
CSE 795Continuing Registration
CSE 799Dissertation
Fall 2020
Course NumberCourse Title
CSE 580Practicum
CSE 590Reading and Conference
CSE 599Thesis
CSE 790Reading and Conference
CEN 795Continuing Registration
CSE 799Dissertation
CEN 799Dissertation
Summer 2020
Course NumberCourse Title
CEN 584Internship
Spring 2020
Course NumberCourse Title
CSE 493Honors Thesis
CSE 580Practicum
CSE 584Internship
CSE 590Reading and Conference
CSE 595Continuing Registration
CSE 599Thesis
CSE 790Reading and Conference
CEN 792Research
CSE 792Research
CEN 795Continuing Registration
CSE 795Continuing Registration
CSE 799Dissertation
Fall 2019
Course NumberCourse Title
CSE 580Practicum
CSE 590Reading and Conference
CSE 599Thesis
CSE 790Reading and Conference
CSE 799Dissertation
CEN 799Dissertation
Summer 2019
Course NumberCourse Title
CSE 580Practicum
CEN 584Internship
Spring 2019
Course NumberCourse Title
CSE 492Honors Directed Study
CSE 493Honors Thesis
CSE 580Practicum
CSE 584Internship
CSE 590Reading and Conference
CSE 595Continuing Registration
CSE 599Thesis
CSE 790Reading and Conference
CEN 792Research
CSE 792Research
CSE 795Continuing Registration
CSE 799Dissertation
Fall 2018
Course NumberCourse Title
CSE 492Honors Directed Study
CSE 493Honors Thesis
CEN 580Practicum
CSE 580Practicum
CSE 590Reading and Conference
CSE 595Continuing Registration
CSE 599Thesis
CSE 790Reading and Conference
CEN 792Research
CSE 792Research
CSE 795Continuing Registration
CSE 799Dissertation
Summer 2018
Course NumberCourse Title
CSE 580Practicum
CSE 584Internship
CEN 584Internship
CSE 595Continuing Registration
CSE 599Thesis
CSE 790Reading and Conference
CSE 792Research
CSE 795Continuing Registration
Spring 2018
Course NumberCourse Title
CSE 492Honors Directed Study
CSE 493Honors Thesis
CEN 580Practicum
CSE 580Practicum
CSE 584Internship
CSE 590Reading and Conference
CSE 595Continuing Registration
CSE 599Thesis
CSE 790Reading and Conference
CEN 792Research
CSE 792Research
CSE 795Continuing Registration
CSE 799Dissertation
Fall 2017
Course NumberCourse Title
CSE 492Honors Directed Study
CSE 493Honors Thesis
CEN 580Practicum
CSE 580Practicum
CSE 590Reading and Conference
CSE 595Continuing Registration
CSE 599Thesis
CSE 790Reading and Conference
CEN 792Research
CSE 792Research
CSE 795Continuing Registration
CSE 799Dissertation
Summer 2017
Course NumberCourse Title
CSE 580Practicum
CSE 584Internship
CEN 584Internship
CSE 595Continuing Registration
CSE 599Thesis
CSE 790Reading and Conference
CSE 792Research
CSE 795Continuing Registration
Spring 2017
Course NumberCourse Title
CSE 492Honors Directed Study
CSE 493Honors Thesis
CEN 580Practicum
CSE 580Practicum
CSE 584Internship
CSE 590Reading and Conference
CSE 595Continuing Registration
CSE 599Thesis
CSE 790Reading and Conference
CEN 792Research
CSE 792Research
CSE 795Continuing Registration
CSE 799Dissertation
Fall 2016
Course NumberCourse Title
CSE 492Honors Directed Study
CSE 493Honors Thesis
CEN 580Practicum
CSE 580Practicum
CSE 590Reading and Conference
CSE 595Continuing Registration
CSE 599Thesis
CSE 790Reading and Conference
CEN 792Research
CSE 792Research
CSE 795Continuing Registration
CSE 799Dissertation
Presentations: 
  • Jing Jin, Gail-J. Ahn, Michael J. Covington, and Xinwen Zhang. Toward an Access Control Model for Sharing Composite Electronic Health Records. The 4th International Conference on Collaborative Computing (Nov 2008).
  • Gail-J. Ahn, Moonam Ko and Mohamed Shehab. Portable User-Centric Identity Management. 23rd IFIP International Information Security Conference (SEC 2008) (Sep 2008).
  • Gail-J. Ahn. Network and Systems Assurance: Assurable and Usable Solutions. Research Breakfast Forum organized by Ira A. Fulton School of Engineering (Sep 2008).
  • Gail-J. Ahn. Assured Policy and Configuration Management: Risk-awareness and User-centricity. NSF Workshop on Assurable and Usable Security Configuration (Aug 2008).
  • Gail-J. Ahn. Role Engineering. ACM symposium on access control models and technologies (Jun 2008).
  • Hongxin Hu and Gail-J. Ahn. Enabling veri?cation and conformance testing for access control model. 13th ACM Symposium on Access Control Models And Technologies (SACMAT) (Jun 2008).
  • Wenjuan Xu, Mohamed Shehab and Gail-J. Ahn. Systematic Policy Analysis for High-assurance Services in SELinux. 13th ACM Symposium on Access Control Models And Technologies (SACMAT) (Jun 2008).
  • Gail-J. Ahn, Wenjuan Xu and Xinwen Zhang. Visualization Based Policy Analysis: Case Study in SELinux. IEEE Workshop on Policies for Distributed Systems and Networks (POLICY’08) (Jun 2008).
  • Gail-J. Ahn, Napoleon Paxton and Kevin Pearson. Understanding IRC Bot Behaviors in Network-centric Attack Detection and Prevention Framework. 3rd International Conference on Information Warfare and Security (Apr 2008).
  • Gail-J. Ahn. Access and Identity Management. Workshop on Information Assurance Research and Education (Apr 2008).
Honors / Awards: 
  • DOE CAREER (Early Career Principal Investigator Award), Department of Energy, 2003
  • Educator of the Year Award, Federal Information Systems Security Educators' Association, 2005
  • Best Senior Researcher Award, CIDSE, ASU, 2013
  • Best Paper Award, ACM CODASPY, 2014
Editorships: 
  • Editorial Review Board, Journal of Database Management, 2001 onwards
  • Associate Editor-in-Chief, IEEE Transactions on Dependable and Secure Computing, 2010 onwards
  • Editorial Board, Computers & Security, 2012 onwards
  • Associate Editor, ACM Transactions on Information and System Security, 2011-2014
  • Guest Editor, ACM Transactions on Information and System Security, Vol.10, No.1, February 2007
Service: 
  • General Chair, ACM Conference on Computer and Communication Security, 2014
  • Graduate Admission Committee, Member (2008 - Present)
  • NC A&T State University, Advisory Board (2008 - Present)
  • 12th IEEE International Workshop on Future Trends of Dis- tributed Computing Systems, PC member (2008 - Present)
  • ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS (SPRINGL 2008), PC member (2008 - Present)
  • ACM Symposium on Access Control Models And Technologies, Steering Committee Chair and Publicity Chair (2008 - Present)
  • ACM Symposium on Applied Computing (SAC)– Computer Se- curity Track,, PC member (2008 - Present)
  • ACM Workshop on Digital Identity Management, PC member (2008 - Present)
  • Annual IFIP WG 11.3 Working Conference on Data and Appli- cations Security, PC member (2008 - Present)
  • First ACM Conference on Wireless Network Security, Proceedings Chair (2008 - Present)
  • IEEE International Conference on Col laborative Computing: Networking, Applications and Worksharing, Workshop Chair (2008 - Present)
  • IEEE International Conference on Information Reuse and Integration, PC member (2008 - Present)
  • IEEE Workshop on Policies for Distributed Systems and Net- works, PC member (2008 - Present)
  • IEEE Workshop on Web and Pervasive Security, General Co-Chair (2008 - Present)
  • International Conference on Security and Cryptography, PC member (2008 - Present)
  • International Symposium on Information Assurance and Security, PC member (2008 - Present)
  • nternational Conference on I-Warfare and Security, PC member (2008 - Present)
  • Information Assurance Technology Analysis Center, SME Member (2007 - Present)
  • ACM SIGSAC, Information Director (2002 - Present)