Research Projects

• see Publications by CSIS Members

• Auditing
• Authorization Model for Relational Databases
• Flexible Access Control Models and Mechanisms
• Global States and Time in Distributed Systems
• Inference and Aggregation
• Integrity and Secrecy
• Multilevel Transactions
• MLS Relational Model
• Replicated Databases
• Secure Concurrency Control
• Security in Object-Oriented Systems
• Security and the World Wide Web
• Secure Commit
• Semantics-based Transaction Processing
• Steganography and Digital Watermarking
• Survivability and Information Warfare
• Temporal Databases

Temporal Databases:

• X. S. Wang, C. Bettini, A. Brodsky, and S. Jajodia, ``Logical design for temporal databases with multiple temporal types,'' ACM Trans. on Database Systems, To appear. PS file

• C. Bettini, X. S. Wang, S. Jajodia, and J. Lin, ``Discovering temporal relationships with multiple granularities in time sequences,'' IEEE Trans. on Knowledge and Data Engineering, To appear.

• C. Bettini, X. S. Wang, and S. Jajodia, ``Temporal semantic assumptions and their use in database query evaluation,'' IEEE Trans. on Knowledge and Data Engineering, To appear. A preliminary version appeared in Proc. ACM SIGMOD Int'l. Conf. on Management of Data, San Jose, CA, May 1995, pages 257--268.

• C. Bettini, X. S. Wang, and S. Jajodia, ``Testing complex temporal relationships involving multiple granularities and its application to data mining,'' Proc. 15th ACM PODS Symp., Montreal, Canada, June 1996, pages 68-78. PS file

• C. Bettini, X. S. Wang, and S. Jajodia, ``A general framework and reasoning models for time granularity,'' Proc. 3rd Int'l. Workshop on Temporal Representation and Reasoning, Key West, FL, May 1996. PS file

• X. S. Wang, S. Jajodia, V. S. Subrahmanian, ``Temporal Modules: An Approach Toward Federated Temporal Databases,'' Information Sciences, Vol. 82, 1995, pages 103--128. A preliminary version appeared in Proc. ACM SIGMOD Int'l. Conf. on Management of Data, Washington, DC, May 1993, pages 227--236.

• G. Wiederhold, S. Jajodia, and W. Litwin, ``Integrating temporal data in a heterogeneous environment,'' in Temporal Databases, A. Tansel et al., eds., Benjamin/Cummings (1993), pages 563--579.

Semantics-based Transaction Processing:

• P. Ammann, S. Jajodia, and I. Ray, ``Applying formal methods to semantic-based decomposition of transactions,'' ACM Trans. on Database Systems, To appear. PS file

• P. Ammann, S. Jajodia, I. Ray, ``Using formal methods to reason about semantics-based decompositions of transactions,'' Proc. VLDB Conf., Zurich, Switzerland, September 1995, pages 218--227. PS file

• P. Ammann, S. Jajodia, and I. Ray, ``Ensuring atomicity of multilevel transactions,'' Proc. IEEE Symp. on Research in Security and Privacy, Oakland, Calif., May 1996, pages 74-84. PS File

• S. Jajodia, R. Mukkamala, ``Reduction in transaction conflicts using semantics-based concurrency control,'' in Performance of Concurrency Control Mechanisms in Centralized Database Systems, V. Kumar, ed., Prentice-Hall (1995), pages 387--405.

Replicated Databases:

• O. Wolfson, S. Jajodia, and Y. Huang, ``An adaptive data replication algorithm,'' ACM Trans. on Database Systems, To appear. PS file

• O. Wolfson, S. Jajodia, ``An algorithm for dynamic data allocation in distributed systems,'' Information Processing Letters, Vol. 53, No. 2, 1995, pages 113--119.

• O. Wolfson, S. Jajodia, ``Distributed algorithms for dynamic replication of data,'' Proc. 11th ACM PODS Symp., San Diego, Calif., June 1992, pages 149--163.

• S. Jajodia and D. Mutchler, ``Dynamic voting algorithms for maintaining the consistency of a replicated database,'' ACM Trans. on Database Systems, Vol. 15, No. 2, June 1990, pages 230-280.

Survivability and Information Warfare:

• P. Ammann, S. Jajodia, C. D. McCollum, and B. T. Blaustein, ``Surviving information warfare attacks on databases,'' Proc. IEEE Symp. on Research in Security and Privacy, Oakland, Calif., May 1997. PS file

Global States and Time in Distributed Systems:

• P. Ammann, S. Jajodia, and P. Frankl, ``Globally consistent event ordering in one-directional distributed environments,'' IEEE Trans. on Parallel and Distributed Systems, Vol. 7, No. 6, June 1996, pages 665-670.

• P. Ammann, S. Jajodia, and P. Mavuluri, ``On-the-fly reading of entire databases,'' IEEE Trans. on Knowledge and Data Engineering, Vol. 7, No. 5, 1995, pages 834--838.

• P. Ammann, V. Atluri, and S. Jajodia, ``The partitioned synchronization rule for planer partial orders,'' IEEE Trans. on Knowledge and Data Engineering, Vol. 7, No. 5, 1995, pages 797--809.

• P. Ammann, S. Jajodia, ``Distributed timestamp generation in planar lattice networks,'' ACM Trans. on Computer Systems, Vol. 11, No. 3, August 1993, pages 205--225.

Flexible Access Control Models and Mechanisms:

• S. Jajodia, P. Samarati, V. S. Subrahmanian, and E. Bertino, ``A Unified Framework for Enforcing Multiple Access Control Policies,'' Proc. ACM SIGMOD Int'l. Conf. on Management of Data, May 1997. PS file

• S. Jajodia, P. Samarati, V. S. Subrahmanian, ``A logical language for expressing authorizations,'' Proc. IEEE Symp. on Security and Privacy, Oakland, Calif., May 1997. PS file

• E. Bertino, S. Jajodia, and P. Samarati, ``Supporting multiple access control policies in database systems,'' Proc. IEEE Symp. on Research in Security and Privacy, Oakland, Calif., May 1996, pages 94-107.PS File

• K. S. Candan, Sushil Jajodia and V.S. Subrahmanian, ``Secure mediated databases,'' Proc. 12th Int'l. Conf. on Data Engineering, 1996, pages 28--37 . PS file

Security and World Wide Web:

• P. Samarati, E. Bertino, and S. Jajodia, ``An authorization model for a distributed hypertext system,'' IEEE Trans. on Knowledge and Data Engineering, August 1996, Vol. 8, No. 4, August 1996, pages 555--562.

Security in Object-Oriented Systems:

• P. Samarati, E. Bertino, A. Ciampichetti, and S. Jajodia, ``Information flow control in object-oriented systems,'' IEEE Trans. on Knowledge and Data Engineering, To appear.

• E. Ferrari, P. Samarati, E. Bertino, and S. Jajodia, ``Providing flexibility in information flow control for object-oriented systems,'' Proc. IEEE Symp. on Security and Privacy, Oakland, Calif., May 1997. PS file

• E. Bertino, L. V. Mancini, S. Jajodia, ``Collecting garbage in multilevel secure object stores,'' Proc. IEEE Symp. on Research in Security and Privacy, May 1994, pages 106--120.

• E. Bertino and S. Jajodia, ``Modeling multilevel entities using single level objects,'' Proc. 3rd Int'l. Conf. on Deductive and Object-Oriented Databases, Springer-Verlag Lecture Notes in Computer Science, Volume 760, December 1993, pages 415--428.

• S. Jajodia and B. Kogan, ``Integrating an object-oriented data model with multilevel security,'' Proc. IEEE Symp. on Research in Security and Privacy, Oakland, Calif., May 7-9, 1990, pages 76-85.

Authorization Model for Relational Databases:

• E. Bertino, P. Samarati, and S. Jajodia, ``An Extended Authorization Model for Relational Databases'', IEEE Transactions on Knowledge and Data Engineering, Vol. 9, No. 1, 1997, pages 85--101. PS file

• P. Samarati, P. Ammann, and S. Jajodia, ``Maintaining replicated authorizations in distributed database systems,'' Data & Knowledge Engineering, Vol. 18, No. 1, February 1996, pages 55--84.

• E. Bertino, S. Jajodia, and P. Samarati, ``A non-timestamped authorization model for relational databases,'' Proc. 3rd ACM Conf. on Computer and Communications Security New Delhi, India, March 1996, pages 169-178.

• P. Samarati, P. Ammann, S. Jajodia, ``Propagation of authorizations in distributed database systems,'' Proc. 2nd ACM Conf. on Computer & Communications Security, November 1994, pages 136--147.

Secure Concurrency Control:

• E. Bertino, S. Jajodia, L. Mancini, and I. Ray, ``Advanced transaction processing in multilevel secure file stores,'' IEEE Trans. on Knowledge and Data Engineering, To appear. PS file

• V. Atluri, S. Jajodia and E. Bertino, ``Alternative correctness criteria for concurrent execution of transactions in multilevel secure databases,'' IEEE Trans. on Knowledge and Data Engineering, Vol. 8, No. 5, October 1996, pages 839-854.

• P. Ammann, F. Jaeckle, and S. Jajodia, ``Concurrency control in a secure multi-level database via a two-snapshot algorithm,'' Jour. of Computer Security, Vol. 3, No. 2,3, 1994/1995, pages pages 87--113.

• V. Atluri, E. Bertino, S. Jajodia, ``Degrees of isolation, concurrency control protocols, and commit protocols,'' Database Security VIII: Status and Prospects, (J. Biskup et al., eds.), North-Holland, 1994, pages 259--274.

• P. Ammann, S. Jajodia, ``An efficient multiversion algorithm for secure servicing of transaction reads,'' Proc. 2nd ACM Conf. on Computer & Communications Security, November 1994, pages 118--125.

• S. Jajodia, B. Kogan, and R. Sandhu, ``A multilevel-secure object-oriented data model,'' in Readings in Object-Oriented Systems and Applications, D. Rine, ed., IEEE Computer Society Press (1995), pages 206--215.

• P. Ammann, S. Jajodia, ``Planer lattice security structures for multilevel replicated databases,'' Database Security VII: Status and Prospects, (T. F. Keefe and C. E. Landwehr, eds.), North-Holland, 1994, pages 125--134.

• V. Atluri, E. Bertino, S. Jajodia, ``Achieving stricter correctness requirements in multilevel secure databases,'' Jour. of Computer Security, Vol. 2, No. 4, 1993, pages 311--351.

Secure Commit:

• I. Ray, E. Bertino, S. Jajodia, and L. Mancini, ``An advanced commit protocol for MLS distributed database systems,'' Proc. 3rd ACM Conf. on Computer and Communications Security New Delhi, India, March 1996, pages 119--128. PS file

• S. Jajodia, C. D. McCollum, and B. T. Blaustein, ``Integrating concurrency control and commit algorithms in distributed multilevel secure databases,'' in Database Security VII: Status and Prospects, (T. F. Keefe and C. E. Landwehr, eds.), North-Holland, 1994, 109--121.

Multilevel Transactions:

• K. P. Smith, B. T. Blaustein, S. Jajodia, and L. Notargiacomo, ``Correctness criteria for multilevel transactions,'' IEEE Trans. on Knowledge and Data Engineering, Vol. 8, No. 1, February 1996, pages 32--45.

• P. Ammann, S. Jajodia, and I. Ray, ``Ensuring atomicity of multilevel transactions,'' Proc. IEEE Symp. on Research in Security and Privacy, Oakland, Calif., May 1996, pages 74-84. PS File

• B. T. Blaustein, S. Jajodia, C. D. McCollum and L. Notargiacomo, ``A model of atomicity for multilevel transactions,'' Proc. IEEE Symp. on Research in Security and Privacy, Oakland, Calif., May 1993, pages 120--134.

MLS Relational Model:

• S. Jajodia and R. Sandhu, ``Toward a multilevel secure relational data model,'' in Information Security: An Integrated Collection of Essays, M. Abrams et al., eds., IEEE Computer Society Press (1995), pages 460--492.

• S. Jajodia, R. Sandhu, and B. T. Blaustein, ``Solutions to the polyinstantiation problem,'' in Information Security: An Integrated Collection of Essays, M. Abrams et al., eds., IEEE Computer Society Press (1995), pages 493--529.

• S. Jajodia and R. Sandhu, ``Toward a multilevel secure relational data model,'' Proc. ACM SIGMOD Int'l. Conf. on Management of Data, Denver, Colorado, May 29-31, 1991, pages 50-59.

Inference and Aggregation:

• D. G. Marks, A. Motro, S. Jajodia, ``Enhancing the controlled disclosure of sensitive information,'' Proc. European Symp. on Research in Computer Security, Rome, Italy, September, 1996.

• A. Motro, D. Marks, S. Jajodia, ``Aggregation in Relational Databases: Controlled Disclosure of Sensitive Information,'' Springer-Verlag LNCS, Vol. 875, 1994, pages 431--445.

• S. Jajodia and C. Meadows, ``Inference problems in multilevel secure database management systems,'' in Information Security: An Integrated Collection of Essays, M. Abrams et al., eds., IEEE Computer Society Press (1995), pages 570--584.

Integrity and Secrecy:

• C. Meadows and S. Jajodia, ``Integrity in multilevel secure database management systems,'' in Information Security: An Integrated Collection of Essays, M. Abrams et al., eds., IEEE Computer Society Press (1995), pages 530--541.

• R. Sandhu and S. Jajodia, ``Integrity mechanisms in database management systems,'' in Information Security: An Integrated Collection of Essays, M. Abrams et al., eds., IEEE Computer Society Press (1995), pages 617--634.

Auditing:

• S. Jajodia, S. Gadia, and G. Bhargava, ``Logical design of audit information in relational databases,'' in Information Security: An Integrated Collection of Essays, M. Abrams et al., eds., IEEE Computer Society Press (1995), pages 585--595.

Steganography and Digital Watermarking:

• N. Johnson and S. Jajodia, ``Exploring Steganography: Seeing the Unseen,'' IEEE Computer, February 1998, pp 26-34. PDF File (2.3 MB). This paper is an work in progress and update to ``Steganography'' by Neil F. Johnson.

• N. Johnson and S. Jajodia, ``Steganalysis of Images Created using Current Steganography Software,'' Information Hiding Workshop, Portland, Oregon, USA, April 1998. HTML File.