I am a PhD Candidate at the Department of Computer Science, University of Illinois at Urbana-Champaign. My thesis advisor is Prof. Marianne Winslett of UIUC, and my co-advisor is Prof. Radu Sion of SUNY-Stony Brook. I am a member of the DAIS Lab at UIUC, and the NSAC Lab at Stony Brook.

PhD Dissertation: Secure Provenance and Term-immutability in Storage Systems and Databases

Thesis Committee: Marianne Winslett (UIUC), Radu Sion (Stony Brook), Carl Gunter (UIUC), Nikita Borisov (UIUC), Himanshu Khurana (UIUC)

• PhD, Computer Science, UIUC: 2003-present (Expected Summer 2009)
  • Advisor: Marianne Winslett (UIUC) and Radu Sion (Stony Brook)
• MS, Computer Science, UIUC, 2005
  • Advisor: Marianne Winslett (UIUC)
  • Thesis: Synergy: A trust-aware policy-driven information dissemination framework.
    
• BS, Computer Science and Engineering, Bangladesh University of Engineering and Technology, 2003
  • Advisor: M. Kaykobad (BUET)
  • Thesis: Techniques for Calculation of Optimal Path in Locally Restorable Bandwidth Constrained Routing in MPLS Based Networks

My research interest focuses on Computer Security in general, and Storage Security in particular. For my dissertation, I am exploring how to provide integrity and confidentiality guarantees for data and its history/provenance. This work covers data stored in file systems as well as databases.

Projects:

Secure Provenance
Provenance refers to the origin, lineage, or derivation history of objects. In this project, we focus on providing security guarantees to provenance.
Publications: [TOS09] [IDAR09] [LOGIN09]  [FAST09]  [CIDR09]  [StorageSS07]

Term-Immutable Tamper-evident Database Architectures:
Publications: [IDAR09] [TLOW09] [SDM07] [Book Chapter] [MSST05] [SPIE/EI05]

Storage Breach Incident Analysis
Publications: [StorageSS06] [WESII06]

Threat Model Analysis for Storage
Publications: [StorageSS05]

Mashup Authorization and Delegation
Publications: [ACSAC08]

Building Automation Middleware (BAM)
Related publications: [CSAW07]

Trust Negotiation
Related publications: [ISI06] [MS05]

[Journal]  [Book Chapters]  [Conferences/Workshops]  [Tech Reports]  [Posters]  [Presentations]  [Misc]

Journal

1. Ragib Hasan, Radu Sion, and Marianne Winslett, "Preventing History Forgery with Secure Provenance", under review at ACM Transactions on Storage (TOS).
   
2. A. J. Kemball, R. M. Crutcher, and R. Hasan,
   "A component-based framework for radio-astronomical imaging software systems",
   Software: Practice and Experience (SP&E), John Wiley & Sons, Ltd, June 2007.

Book Chapters

1. Ragib Hasan, Marianne Winslett, Windsor Hsu, and Radu Sion,
   "Trustworthy Record Retention",
   In "The Handbook of Database Security: Applications and Trends", M. Gertz and S. Jajodia (editors), Springer Verlag 2007 [Amazon]
   
2. Dongyi Li, Will Winsborough, Ragib Hasan, and Marianne Winslett,
   "Trust Management",
   In "The Handbook of Database Security: Applications and Trends", M. Gertz and S. Jajodia (editors), Springer Verlag 2007. [Amazon]

Conference and workshops

1. Ragib Hasan,
   "Protecting the Past and Present of Data, with Applications in Secure Provenance and Regulatory Compliant Databases",
   3rd SIGMOD PhD Workshop on Innovative Database Research (IDAR), June 2009.
   
   
2. Ragib Hasan, Radu Sion, and Marianne Winslett,
   “Remembrance: The Unbearable Sentience of Being Digital",
   4th Biennial Conference on Innovative Data Systems Research CIDR 2009 (Perspectives Track) [bibtex] [pdf] [slides].
   
   
3. Ragib Hasan, Radu Sion, and Marianne Winslett,
   "The Case of the Fake Picasso: Preventing History Forgery with Secure Provenance",
   Proceedings of the 7th USENIX Conference on File and Storage Technologies (FAST 2009), (acceptance 23/102=22.5%) [bibtex] [pdf]
   
   
4. Ragib Hasan, Rakesh Bobba, and Himanshu Khurana,
   Analyzing NASPINet Dataflows,
   IEEE Power System Conference and Expo (PSCE), Seattle, Washington, March 15-19, 2009. [pdf]
   
   
5. Ragib Hasan, Richard Conlan, Brian Slesinsky, Nandu Ramani, and Marianne Winslett,
   Please Permit Me: Stateless Delegated Authorization in Mashups, [pdf] [bibtex] [slides]
   Annual Computer Security Applications Conference (ACSAC), Anaheim, CA, December 2008. (acceptance 42/173=24.2%)
   
   
6. Jodie P. Boyer, Lars E. Olson, Ragib Hasan, Nikita Borisov, Carl A. Gunter, and David Raila,
   Improving Multi-Tier Security Using Redundant Authentication,
   First Computer Security Architecture Workshop (CSAW), in conjunction with ACM CCS, Alexandria, VA, November 2007.
   
   
7. Ragib Hasan, Radu Sion, and Marianne Winslett,
   "Introducing Secure Provenance: Problems and Challenges'',
   Workshop on Storage Security and Survivability (StorageSS 2007), in conjunction with ACM CCS 2007, Alexandria, VA, October 2007.
   
   
8. Ragib Hasan, Marianne Winslett, and Radu Sion,
   "Requirements of Secure Storage Systems for Health-care Records",
   4th VLDB Workshop on Secure Data Management (SDM), in conjunction with 33rd International Conference on Very Large Data Bases (VLDB), University of Vienna, Austria, September 2007. [pdf] [bibtex] [ slides]
   
   
9. Ragib Hasan and William Yurcik,
   "Beyond Media Hype: Empirical Analysis of Disclosed Privacy Breaches 2005-2006 and a DataSet/Database Foundation for Future Work",
   Workshop on the Economics of Securing the Information Infrastructure, October 23-24, 2006
   
   
10. William Yurcik and Ragib Hasan,
    "Toward One Strong National Breach Disclosure Law - Justification and Requirements",
    Workshop on the Economics of Securing the Information Infrastructure, October 23-24, 2006
    
    
11. Ragib Hasan and William Yurcik,
    "A Statistical Analysis of Disclosed Storage Security Breaches",
    International Workshop on Storage Security and Survivability (StorageSS) in conjunction with 12th ACM Conference on Computer and Communications Security (CCS 2006) , October, 2006. [slides]
    
    
12. Ragib Hasan, Marianne Winslett,
    "Synergy: A Trust-aware, Policy-driven Information Dissemination Framework",
    IEEE International Conference on Intelligence and Security Informatics (ISI 2006), San Diego, USA, May 23-24, 2006. [bibtex] [slides]
    
    
13. Ragib Hasan, Suvda Myagmar, Adam J. Lee, and William Yurcik,
    "Toward a Threat Model for Storage Systems ,"
    International Workshop on Storage Security and Survivability (StorageSS) in conjunction with 12th ACM Conference on Computer and Communications Security (CCS 2005) , November 11, 2005 .
    
    
14. Ragib Hasan, William Yurcik, and Suvda Myagmar,
    "The Evolution of Storage Service Providers: Techniques and Challenges to Outsourcing Storage ,"
    International Workshop on Storage Security and Survivability (StorageSS) in conjunction with 12th ACM Conference on Computer and Communications Security (CCS 2005) , November 11, 2005. [slides]
    
    
15. Ragib Hasan, Zahid Anwar, William Yurcik, Roy Campbell,
    "A Survey of Peer-to-Peer Storage Techniques for Distributed File Systems",
    IEEE International Conference on Information Technology (ITCC), Las Vegas, NV, April 2005 [bibtex]
    
    
16. Joseph Tucek, Paul Stanton, Elizabeth Haubert, Ragib Hasan, Larry Brumbaugh, and William Yurcik
    "Trade-offs in Protecting Storage: A Meta-Data Comparison of Cryptographic, Backup/Versioning, Immutable/Tamper-Proof, and Redundant Storage Solutions ,"
    22nd IEEE - 13th NASA Goddard Conference on Mass Storage Systems and Technologies (MSST) , Monterey CA USA, April 2005.
    
    
17. Ragib Hasan, Joseph Tucek, Paul Stanton, William Yurcik, Larry Brumbaugh, Jeff Rosendale, and Roelof Boonstra,
    "The Techniques and Challenges of Immutable Storage for Applications in Multimedia,"
    IS&T/SPIE International Symposium Electronic Imaging / Storage and Retrieval Methods and Applications for Multimedia (EI121) , San Jose CA USA, January 2005.
    

Tech Reports and others

1. Ragib Hasan, Radu Sion, and Marianne Winslett
   Secure Provenance: Protecting the Genealogy of Bits,
   In USENIX ;login: magazine, June 2009 issue.
   
2. Ragib Hasan, Marianne Winslett, and Soumyadeb Mitra
   Efficient Audit-based Compliance for Relational Data Retention,
   UIUC Dept. of Computer Science Tech Report, UIUCDCS-R-2009-3044, March 2009
   
   
3. Ragib Hasan, Rakesh Bobba and Himanshu Khurana,
   Modeling NASPInet Data Flows,
   North American SynchroPhasor Initiative Working Group Meeting, October 16-17, 2008, Charlotte, NC.
   
   
4. William Yurcik, Cristina Abad, Ragib Hasan, Moazzam Saleem, and Shyama Sridharan,
   "UCLog+ : A Security Data Management System for Correlating Alerts, Incidents, and Raw data From Remote Logs"
   ACM Computing Research Repository (CoRR) Technical Report cs.CR/0607111 , July 2006.

Talks and Presentations
(excluding conference talks)

1. Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealogy of Bits with Secure Provenance
   CERIAS Security Seminar, Purdue University, September 2, 2009.
   
2. Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealogy of Bits with Secure Provenance
   Yahoo!-UIUC DAIS Seminar, May 5, 2009.
   
3. The Case of the Fake Picasso: Preventing History Forgery with Secure Provenance
   UIUC Trust and Security Seminar Series (TSS), February 11, 2009.
   
4. Secure Provenance for Digital Objects,
   UIUC CS 591/ Stony Brook University SB 690 guest lecture, February 12, 2008.
   
5. Context Based Automated Attribute Generation in Ubiquitous Systems ,
   2nd Midwest Security Workshop, September 30, 2006.
   
6. Breaking the Chip: Vulnerabilities of Cryptographic Processors and Smart Cards,
   CS 563 Class lecture, Spring 2006.

Older publications

1. Pradipta P. Mitra, Ragib Hasan, M. Kaykobad,
   "A Linear Time Algorithm for Single Source Shortest Path Problem",
   Proc. of the International Conference on Computer and Information Technology, Dhaka, Bangladesh, December 2000.
   
   
2. Pradipta P. Mitra, Ragib Hasan, M. Kaykobad,
   "On Linear Time Algorithm for Single Source Shortest Path Problem",
   Proc. of the International Conference on Computer and Information Technology, Dhaka, Bangladesh, 2001.
   
   
3. Ragib Hasan, Meetesh Barua, Pradipta P. Mitra , Jalal Uddin Mahmud and Saidur Rahman,
   "Design of a Graph Drawing and Visualization System “,
   Proceedings of the 5th International Conference on Computer and Information Technology (ICCIT), Dec 27-28 2002, East West University, Dhaka, Bangladesh, www.ewubd.edu/iccit2002/ ISBN : 984-32-0450-6, pp-41-46

Posters

1. Ragib Hasan, Radu Sion, and Marianne Winslett,
   SPROV: A Library for Secure Provenance,
   USENIX Annual Technical Conference, June 17, 2009.
   
   
2. Ragib Hasan and Marianne Winslett,
   "Synergy: A Policy-driven Information Sharing Infrastructure",
   ResCUE All Hands Meeting , Irvine, California, January 9, 2006.
   
   
3. Ragib Hasan and Marianne Winslett,
   "Synergy: A Policy-driven Information Sharing Infrastructure",
   ITI Workshop on Dependability and Security, Urbana, Illinois, December 6, 2005.
   
   
4. Ragib Hasan and Marianne Winslett,
   "VisiRESCUE: Situational Awareness for Emergency Response",
   RESCUE Site Visit, University of California-Irvine, June 3, 2005.

USENIX Annual Technical Conference 2009 Student Travel Grant

SIGMOD 2009 Student Grant

USENIX FAST 2009 Student Grant

CIDR Graduate Student Scholarship

Invited Speaker at 3rd Johurul Hoque-Al-Muti Shorfuddin Memorial Science Lectures, 2007

Chancellor Award for the top ranked student among all departments, BUET, 2003

Sharfuddin Gold Medal, for the top ranked student in the Computer Science and Engineering Department, BUET, 2003

Deans List, 1998-2002

National Champion, General Knowledge competition, Bangladesh, 1992

[PDF] [html] [Text] , last updated July 2009