You are using an older browser that does not support current Web standards. Although this site is viewable in all browsers, it will look much better in a browser that supports Web standards.

Publications


Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.

A relatively complete list of publications can also be found at DBLP.

Refereed Journal Articles


[J07] Marian K. Iskander, Dave Wilkinson, Tucker Trainor, Adam J. Lee, and Panos Chrysanthis, "Balancing Performance, Accuracy, and Precision for Secure Cloud Transactions," IEEE Transactions on Parallel and Distributed Systems, in press. [PDF]

[J06] Eleanor G. Rieffel, Jacob Biehl, Adam J. Lee, and William van Melle, "Private Aggregation for Presence Streams," Future Generation Computer Systems, in press. [Link]

[J05] Jacob T. Biehl, Eleanor Rieffel, and Adam J. Lee, "When Privacy and Utility are in Harmony: Towards Better Design of Presence Technologies," Personal and Ubiquitous Computing, 17(3), March 2013. [PDF]

[J04] Mehmud Abliz, Taieb Znati, and Adam J. Lee, "Mitigating Distributed Service Flooding Attacks with Guided Tour Puzzles," International Journal on Advances in Security, 5(3 & 4), December 2012. [PDF]

[J03] Adam J. Lee, Kazuhiro Minami, and Marianne Winslett, "On the Consistency of Distributed Proofs with Hidden Subtrees," ACM Transactions on Information and System Security 13(3), July 2010. [PDF]

Note: This paper supersedes [C08], below.

[J02] Adam J. Lee and Marianne Winslett, "Enforcing Safety and Consistency Constraints in Policy-Based Authorization Systems," ACM Transactions on Information and System Security 12(2), December 2008. [PDF]

Note: This paper supersedes [C07], below.

[J01] Adam J. Lee, Marianne Winslett, Jim Basney, and Von Welch, "The Traust Authorization Service," ACM Transactions on Information and System Security 11(1):1-33, February 2008. [PDF]

Note: This paper supersedes [C05], below.

Magazine Articles and Book Chapters


[MB04] Adam J. Lee, "Credential-Based Access Control," Encyclopedia of Cryptography and Security (2nd Ed.), pages 271-272, 2011. [Link]

[MB03] Brian Wongchaowart and Adam J. Lee, "Trust Management," Encyclopedia of Cryptography and Security (2nd Ed.), pages 1320-1323, 2011. [Link]

[MB02] Adam J. Lee and Ting Yu, "Report on the Sixth ACM Workshop on Privacy in the Electronic Society (WPES 2007)," SIGMOD Record 37(1):56-58, March 2008. [PDF]

[MB01] Adam J. Lee, Kent E. Seamons, Marianne Winslett, and Ting Yu, "Automated Trust Negotiation in Open Systems," in Secure Data Management in Decentralized Systems, Ting Yu and Sushil Jajodia (Editors), Springer, Berlin, 2007. [Link]

Refereed Conference Papers


[C41] Roberto Hoyle, Srijita Das, Apu Kapadia, Adam J. Lee, and Kami Vaniea, "Was my message read?: Privacy and Signaling on Facebook Messenger," in Proceedings of the The ACM SIGCHI Conference on Human Factors in Computing Systems (CHI 2017), May 2017. [PDF]

[C40] Roberto Hoyle, Srijita Das, Apu Kapadia, Adam J. Lee, and Kami Vaniea, "Viewing the Viewers: Publishers' Desires and Viewers' Privacy Concerns in Social Networks," in Proceedings of the 20th ACM Conference on Computer-Supported Cooperative Work and Social Computing (CSCW 2017), February 2017. [PDF]

[C39] Cory Thoma, Adam J. Lee, and Alexandros Labrinidis, "PolyStream: Cryptographically Enforced Access Controls for Outsourced Data Stream Processing," in Proceedings of the 21st ACM Symposium on Access Control Models and Technologies (SACMAT 2016), June 2016. [PDF]

[C38] William C. Garrison III, Adam Shull, Adam J. Lee, and Steven Myers, "On the Practicality of Cryptographically Enforcing Dynamic Access Control Policies in the Cloud," in Proceedings of the 37th IEEE Symposium on Security and Privacy (Oakland 2016), May 2016. [PDF]

Note: An extended version of this paper can be found at arXiv.org.

[C37] Judicael B. Djoko, Brandon Jennings, and Adam J. Lee, "TPRIVEXEC: Private Execution In Virtual Memory," in Proceedings of the 6th ACM Conference on Data and Application Security and Privacy (CODASPY 2016), March 2016. [PDF]

[C36] Jacob T. Biehl, Adam J. Lee, Gerry Filby, and Matthew Cooper, "You're Where? Prove it! Towards Trusted Indoor Location Estimation of Mobile Devices," in Proceedings of the ACM International Joint Conference on Pervasive and Ubiquitous Computing (UbiComp 2015), September 2015. [PDF]

[C35] William C. Garrison III and Adam J. Lee, "Decomposing, Comparing, and Synthesizing Access Control Expressiveness Simulations," in Proceedings of the 28th IEEE Computer Security Foundations Symposium (CSF), July 2015. [PDF]

Note: An extended version of this paper can be found at arXiv.org.

[C34] Sameer Patil, Roberto Hoyle, Roman Schlegel, Apu Kapadia, and Adam J. Lee, "Interrupt Now or Inform Later?: Comparing Immediate and Delayed Privacy Feedback," in Proceedings of the International Conference on Human Factors in Computing Systems (CHI), April 2015. [PDF]

[C33] William C. Garrison III, Adam J. Lee, and Timothy L. Hinrichs, "An Actor-Based, Application-Aware Access Control Evaluation Framework," in Proceedings of the The 19th ACM Symposium on Access Control Models and Technologies (SACMAT), June 2014. [PDF]

[C32] Sameer Patil, Roman Schlegel, Apu Kapadia, and Adam J. Lee, "Reflection or Action?: How Feedback and Control Affect Location Sharing Decisions," in Proceedings of the The International Conference on Human Factors in Computing Systems (CHI), April 2014. [PDF]

[C31] William C. Garrison III, Yechen Qiao, and Adam J. Lee, "On the Suitability of Dissemination-centric Access Control Systems for Group-centric Sharing," in Proceedings of the Fourth ACM Conference on Data and Application Security and Privacy (CODASPY), March 2014. [PDF]

Note: Proofs of all theorems in this paper can be found here.

Note: Outstanding Paper Award winner at CODASPY 2014.

[C30] Nicholas L. Farnan, Adam J. Lee, Panos K. Chrysanthis, and Ting Yu, "PAQO: Preference-Aware Query Optimization for Decentralized Database Systems," in Proceedings of the 30th IEEE International Conference on Data Engineering (ICDE), April 2014. [PDF]

[C29] Timothy Hinrichs, Diego Martinoia, William C. Garrison III, Adam J. Lee, Alessandro Panebianco and Lenore Zuck, "Application-Sensitive Access Control Evaluation using Parameterized Expressiveness," in Proceedings of the 26th IEEE Computer Security Foundations Symposium (CSF), June 2013. [PDF]

[C28] Andrew K. Adams and Adam J. Lee, "Combining Social Authentication and Untrusted Clouds for Private Location Sharing," in Proceedings of the 18th ACM Symposium on Access Control Models and Technologies (SACMAT), June 2013. [PDF]

[C27] Naoki Tanaka, Marianne Winslett, Adam J. Lee, David K.Y. Yau, and Feng Bao, "Insured Access: An Approach to Ad-hoc Information Sharing for Virtual Organizations," in Proceedings of the Third ACM Conference on Data and Application Security and Privacy (CODASPY), February 2013. [PDF]

[C26] Marian K. Iskander, Adam J. Lee, and Daniel Mosse', "Confidentiality-Preserving and Fault-Tolerant In-Network Aggregation for Collaborative WSNs," in Proceedings of the 8th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), October 2012. [PDF]

[C25] Sandro Etalle, Timothy L. Hinrichs, Adam J. Lee, Daniel Trivellato, and Nicola Zannone, "Policy Administration in Tag-Based Authorization," in Proceedings of the Fifth International Symposium on Foundations & Practice of Security (FPS), October 2012. [PDF]

[C24] Sameer Patil, Greg Norcie, Apu Kapadia, and Adam J. Lee, "Reasons, Rewards, Regrets: Privacy Considerations in Location Sharing as an Interactive Practice," in Proceedings of the Eighth Symposium on Usable Privacy and Security (SOUPS), July 2012. [PDF]

[C23] Yann Le Gall, Adam J. Lee, and Apu Kapadia, "PlexC: A Policy Language for Exposure Control," in Proceedings of the 17th ACM Symposium on Access Control Models and Technologies (SACMAT), June 2012. [PDF]

[C22] Xi Gong, Ting Yu, and Adam J. Lee, "Bounding Trust in Reputation Systems with Incomplete Information," in Proceedings of the Second ACM Conference on Data and Application Security and Privacy (CODASPY), February 2012. [PDF]

[C21] Nicholas L. Farnan, Adam J. Lee, Panos K. Chrysanthis, and Ting Yu, "Don't Reveal My Intension: Protecting User Privacy using Declarative Preferences during Distributed Query Processing," in Proceedings of the 16th European Symposium on Research in Computer Security (ESORICS), September 2011. [PDF]

Note: Extended version available as [NR06], below.

[C20] Roman Schlegel, Apu Kapadia, and Adam J. Lee, "Eyeing your Exposure: Quantifying and Controlling Information Sharing for Improved Privacy," in Proceedings of the Seventh Symposium on Usable Privacy and Security (SOUPS), July 2011. [PDF]

[C19] Eleanor Rieffel, Jacob Biehl, Bill van Melle, and Adam J. Lee, "Secured Histories for Presence Systems," in Proceedings of the International Symposium on Security in Collaboration Technologies and Systems (SECOTS), May 2011. [PDF]

Note: This paper was a CTS 2011 Outstanding Paper nominee.

[C18] Kazuhiro Minami, Nikita Borisov, Marianne Winslett, and Adam J. Lee, "Confidentiality-Preserving Proof Theories for Distributed Proof Systems," in Proceedings of the Sixth ACM Symposium on Information, Computer, and Communication Security (ASIACCS 2011), March 2011. [PDF]

[C17] Andrew K. Adams, Adam J. Lee, and Daniel Mossé, "Receipt-Mode Trust Negotiation: Efficient Authorization Through Outsourced Interactions," in Proceedings of the Sixth ACM Symposium on Information, Computer, and Communication Security (ASIACCS 2011), March 2011. [PDF]

[C16] Adam J. Lee and Ting Yu, "Towards Quantitative Analysis of Proofs of Authorization: Applications, Framework, and Techniques," in Proceedings of the 23rd IEEE Computer Security Foundations Symposium (CSF 2010), July 2010. [PDF]

[C15] Brian Wongchaowart and Adam J. Lee, "Oblivious Enforcement of Hidden Information Release Policies," in Proceedings of the Fifth ACM Symposium on Information, Computer, and Communication Security (ASIACCS 2010), April 2010. [PDF]

[C14] Adam J. Lee, Ting Yu, and Yann Le Gall, "Effective Trust Management Through a Hybrid Logical and Relational Approach," in Proceedings of the Fifth ACM Symposium on Information, Computer, and Communication Security (ASIACCS 2010), April 2010. [PDF]

[C13] Adam J. Lee and Ting Yu, "Towards a Dynamic and Composite Model of Trust," in Proceedings of the 14th ACM Symposium on Access Control Models and Technologies (SACMAT), June 2009. [PDF]

[C12] Adam J. Lee, Marianne Winslett, and Kenneth J. Perano, "TrustBuilder2: A Reconfigurable Framework for Trust Negotiation," in Proceedings of the Third IFIP WG 11.11 International Conference on Trust Management (IFIPTM 2009), June 2009. [PDF]

  • TrustBuilder2 can be downloaded here.
  • A short presentation about TrustBuilder2 is now available.
[C11] Adam J. Lee, Kazuhiro Minami, and Nikita Borisov, "Confidentiality-Preserving Distributed Proofs of Conjunctive Queries," in Proceedings of the Fourth ACM Symposium on Information, Computer, and Communication Security (ASIACCS 2009), March 2009. [PDF]

Note: Extended version available as [NR05], below.

[C10] Adam J. Lee and Marianne Winslett, "Towards Standards-Compliant Trust Negotiation for Web Services," in Proceedings of the Joint iTrust and PST Conferences on Privacy, Trust Management, and Security (IFIPTM 2008), June 2008. [PDF]

Note: Extended version available as [NR04], below.

[C09] Adam J. Lee and Marianne Winslett, "Towards an Efficient and Language-Agnostic Compliance Checker for Trust Negotiation Systems," in Proceedings of the 3rd ACM Symposium on Information, Computer and Communications Security (ASIACCS 2008), March 2008. [PDF]

Note: Extended version available as [NR03], below.

[C08] Adam J. Lee, Kazuhiro Minami, and Marianne Winslett, "Lightweight Consistency Enforcement Schemes for Distributed Proofs with Hidden Subtrees," in Proceedings of the 12th ACM Symposium on Access Control Models and Technologies (SACMAT 2007), June 2007. [PDF]

Note: Superseded by [J03], above.

[C07] Adam J. Lee and Marianne Winslett, "Safety and Consistency in Policy-Based Authorization Systems," The 13th ACM Conference on Computer and Communications Security (CCS 2006), October/November 2006. [PDF]

Note: Superseded by [J02], above.

[C06] Mehran Ahsant, Jim Basney, Olle Mulmo, Adam J. Lee, and Lennart Johnsson, "Toward an On-Demand Restricted Delegation Mechanism for Grids," The 7th IEEE/ACM International Conference on Grid Computing (Grid 2006), September 2006. [PDF]

[C05] Adam J. Lee, Marianne Winslett, Jim Basney, and Von Welch, "Traust: A Trust Negotiation-Based Authorization Service for Open Systems," The Eleventh ACM Symposium on Access Control Models and Technologies (SACMAT 2006), June 2006. [PDF]

Note: Superseded by [J01], above.

[C04] Adam J. Lee and Marianne Winslett, "Virtual Fingerprinting as a Foundation for Reputation in Open Systems," The Fourth International Conference on Trust Management (iTrust 2006), May 2006. [PDF]

Note: Extended version available as [NR02], below.

[C03] Adam J. Lee, Gregory A. Koenig, and William Yurcik, "Cluster Security with NVisionCC: The Forseti Distributed File Integrity Checker," The Los Alamos Computer Science Institute Symposium (LACSI 2005), October 2005. [PDF]

[C02] Suvda Myagmar, Adam J. Lee, and William Yurcik, "Threat Modeling as a Basis for Security Requirements," IEEE Symposium on Requirements Engineering for Information Security (SREIS), August 2005. [PDF]

[C01] Adam J. Lee, Jodie P. Boyer, Chris Drexelius, Prasad Naldurg, Raquel L. Hill, and Roy H. Campbell, "Supporting Dynamically Changing Authorizations in Pervasive Communication Systems," Second International Conference on Security in Pervasive Computing, April 2005. [PDF]



Refereed Workshop Papers


[W15] Apu Kapadia and Adam J. Lee, "Improving Privacy through Exposure Awareness and Reactive Mechanisms," in CHI 2016 Workshop on Bridging the Gap between Privacy by Design and Privacy in Practice, May 2016. [PDF]

[W14] Cory Thoma, Alexandros Labrinidis, and Adam J. Lee, "Automated Operator Placement in Dis- tributed Data Stream Management Systems Subject to User Constraints," in Proceedings of the 9th International Workshop on Self-Managing Database Systems (SMDB), April 2014. [PDF]

[W13] William C. Garrison III, Adam J. Lee, and Timothy L. Hinrichs, "The Need for Application-Aware Access Control Evaluation," in Proceedings of the New Security Paradigms Workshop (NSPW), September 2012. [PDF]

[W12] Sameer Patil, Yann Le Gall, Adam J. Lee, and Apu Kapadia, "My Privacy Policy: Exploring End-user Specification of Freeform Location Access Rules," in Proceedings of the 2012 Workshop on Usable Security (USEC), February 2012. [PDF]

[W11] Timothy L. Hinrichs, William C. Garrison III, Adam J. Lee, Skip Saunders, and John C. Mitchell, "TBA: A Hybrid of Logic and Extensional Access Control Systems," in Proceedings of the 8th International Workshop on Formal Aspects of Security & Trust (FAST), September 2011. [PDF]

Note: Extended version available as [NR07], below.

[W10] Marian K. Iskander, Dave W. Wilkinson, Adam J. Lee, and Panos K. Chrysanthis, "Enforcing Policy and Data Consistency of Cloud Transactions," in Proceedings of the Second International Workshop on Security and Privacy in Cloud Computing (ICDCS-SPCC), June 2011. [PDF]

[W09] Nicholas Farnan, Adam J. Lee, and Ting Yu, "Investigating Privacy-Aware Distributed Query Evaluation," in Proceedings of the Ninth ACM Workshop on Privacy in the Electronic Society (WPES 2010), October 2010. [PDF]

[W08] Kazuhiro Minami, Adam J. Lee, Marianne Winslett, and Nikita Borisov, "Secure Aggregation in a Publish-Subscribe System," in Proceedings of the Seventh ACM Workshop on Privacy in the Electronic Society (WPES 2008), October 2008. [PDF]

[W07] Adam J. Lee, Jodie P. Boyer, Lars E. Olson, and Carl A. Gunter, "Defeasible Security Policy Composition for Web Services," The 4th ACM Workshop on Formal Methods in Security Engineering (FMSE 2006) held in conjunction with The 13th ACM Conference on Computer and Communications Security (CCS 2006), November 2006. [PDF]

[W06] Adam J. Lee, Parisa Tabriz, and Nikita Borisov, "A Privacy-Preserving Interdomain Audit Framework," The 5th ACM Workshop on Privacy in the Electronic Society (WPES 2006) held in conjunction with The 13th ACM Conference on Computer and Communications Security (CCS 2006), October 2006. [PDF]

[W05] Adam J. Lee and Marianne Winslett, "Open Problems for Usable and Secure Open Systems," Usability Research Challenges for Cyberinfrastructure and Tools held in conjunction with ACM CHI 2006, April 2006. [PDF]

[W04] Ragib Hasan, Suvda Myagmar, Adam J. Lee, and William Yurcik, "Toward a Threat Model for Storage Systems," International Workshop on Storage Security and Survivability (StorageSS) in conjunction with 12th ACM Conference on Computer and Communications Security (CCS 2005) , November 11, 2005. [PDF]

[W03] Adam J. Lee, Gregory A. Koenig, Xin Meng, and William Yurcik, "Searching for Open Windows and Unlocked Doors: Port Scanning in Large-Scale Commodity Clusters," The First International Workshop on Cluster Security held in conjunction with the Fifth IEEE/ACM International Symposium on Cluster Computing and the Grid (CCGrid), May 2005. [PDF]

[W02] Gregory A. Koenig, Xin Meng, Adam J. Lee, Michael Treaster, Nadir Kiyanclar, and William Yurcik, "Cluster Security with NVisionCC: Process Monitoring by Leveraging Emergent Properties," The First International Workshop on Cluster Security held in conjunction with the Fifth IEEE/ACM International Symposium on Cluster Computing and the Grid (CCGrid), May 2005. [PDF]

[W01] Kiran Lakkaraju, William Yurcik, Adam J. Lee, Ratna Bearavolu, Yifan Li, and Xiaoxin Yin, " NVisionIP: NetFlow Visualizations of System State for Security Situational Awareness ," CCS Workshop on Visualization and Data Mining for Computer Security (VizSEC/DMSEC), October 2004. [PDF]



Refereed Work-in-Progress, Demo, and Poster Abstracts


[WDP06] Nicholas L. Farnan, Adam J. Lee, Panos K. Chrysanthis, and Ting Yu, "PAQO: A Preference-Aware Query Optimizer for PostgreSQL," The 39th International Conference on Very Large Databases (VLDB), August 2013. [PDF]

[WDP05] Nicholas L. Farnan, Adam J. Lee, Panos K. Chrysanthis, and Ting Yu, "Enabling Intensional Access Control via Preference-Aware Query Optimization," The ACM Symposium on Access Control Models and Technologies (SACMAT), June 2013. [PDF]

[WDP04] Sameer Patil, Greg Norcie, Apu Kapadia, and Adam J. Lee, "Check out where I am!: Location-Sharing Motivations, Preferences, and Practices," The ACM SIGCHI Conference on Human Factors in Computing Systems, Extended Abstracts (CHI-EA), May 2012. [PDF]

[WDP03] Xi Gong, Ting Yu, and Adam J. Lee, "Poster: On Trust Evaluation with Missing Information in Reputation Systems," The ACM Conference on Computer and Communications Security (CCS), October 2011. [PDF]

[WDP02] Marian Kamal Iskander, Adam J. Lee, and Daniel Mosse', "Privacy and Robustness for Data Aggregation in Wireless Sensor Networks," The ACM Conference on Computer and Communications Security (CCS), October 2010. [PDF]

[WDP01] Adam J. Lee, Marianne Winslett, Jim Basney, and Von Welch, "Traust: A Trust Negotiation Based Authorization Service," Demonstration Short Paper, The Fourth International Conference on Trust Management (iTrust 2006), May 2006. [PDF]



Theses


[T02] Adam J. Lee. "Towards Practical and Secure Decentralized Attribute-Based Authorization Systems," Ph.D. Dissertation, University of Illinois at Urbana-Champaign Department of Computer Science Technical Report No. UIUCDCS-R-2008-2985, July 2008. [PDF]

[T01] Adam J. Lee. "Traust: A Trust Negotiation Based Authorization Service for Open Systems." Master's Thesis, University of Illinois at Urbana-Champaign, August 2005.


Other Non-Refereed Publications


[NR08] William C. Garrison III, Adam J. Lee, and Timothy L. Hinrichs, "The Design and Demonstration of an Actor-Based, Application-Aware Access Control Evaluation Framework," Technical Report arXiv:1302.1134, February 2013. [PDF]

[NR07] Timothy L. Hinrichs, William C. Garrison III, Adam J. Lee, Skip Saunders, and John C. Mitchell, "TBA: A Hybrid of Logic and Extensional Access Control Systems (Extended Version)," University of Pittsburgh Department of Computer Science Technical Report No. TR-11-182, October 2011. [PDF]

Note: This is an extended version of [W11].

[NR06] Nicholas L. Farnan, Adam J. Lee, Panos K. Chrysanthis, and Ting Yu, "Don't Reveal My Intension: Protecting User Privacy using Declarative Preferences during Distributed Query Processing (Extended Version)," University of Pittsburgh Department of Computer Science Technical Report No. TR-11-179, October 2011. [PDF]

Note: This is an extended version of [C21].

[NR05] Adam J. Lee, Kazuhiro Minami, and Nikita Borisov , "Confidentiality-Preserving Distributed Proofs of Conjunctive Queries (Extended Version)," University of Pittsburgh Department of Computer Science Technical Report No. TR-08-161, December 2008. [PDF]

Note: This is an extended version of [C11].

[NR04] Adam J. Lee and Marianne Winslett, "Towards Standards-Compliant Trust Negotiation for Web Services (Extended Version)," University of Illinois at Urbana-Champaign Department of Computer Science Technical Report No. UIUCDCS-R-2008-2944, March 2008. [PDF]

Note: This is an extended version of [C10].

[NR03] Adam J. Lee and Marianne Winslett, "Towards an Efficient and Language-Agnostic Compliance Checker for Trust Negotiation Systems," University of Illinois at Urbana-Champaign Department of Computer Science Technical Report No. UIUCDCS-R-2007-2903, October 2007. [PDF]

Note: This is an extended version of [C09].

[NR02] Adam J. Lee and Marianne Winslett, "Virtual Fingerprinting as a Foundation for Reputation in Open Systems," University of Illinois at Urbana-Champaign Department of Computer Science Technical Report No. UIUCDCS-R-2006-2691, February 2006. [PDF]

Note: This is an extended version of [C04].

[NR01] William Yurcik, Adam J. Lee, Gregory A. Koenig, Nadir Kiyanclar, Dmitry Mogilevsky, and Michael Treaster, " Cluster Security Research Challenges ," NSF Infrastructure Experience 2005, NSF/CISE/CNS Cluster Computing Infrastructure Experience Workshop, Siebel Center for Computing Science, University of Illinois at Urbana-Champaign, July 27, 2005. [PDF]


Top