About
95
Publications
78,402
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
266
Citations
Citations since 2017
Introduction
Additional affiliations
July 2016 - March 2017
August 2015 - present
August 2014 - present
Education
January 2010 - May 2014
August 2008 - December 2009
August 2006 - May 2008
Publications
Publications (95)
The rapid advancement of technology has resulted in advanced camera capabilities coming to smaller form factors with improved energy efficiency. These improvements have led to more efficient and capable cameras on mobile devices like mobile phones, tablets, and even eyeglasses. Using these unobtrusive cameras, users can capture photographs and vide...
The rapid advancement of technology has resulted in advanced camera capabilities coming to smaller form factors with improved energy efficiency. These improvements have led to more efficient and capable cameras on mobile devices like mobile phones, tablets, and even eyeglasses. Using these unobtrusive cameras, users can capture photographs and vide...
Healthcare information systems deal with a large amount of Personally Identifiable Information related to patients like dates of birth and social security numbers, patients health information and history, and financial information like credit card details and bank accounts. Most healthcare institutions purchase information systems from commercial v...
Hardware failures occur more often than we think. Environmental hazards such as electrical fires and liquid spills are easily detected and measured. Programming errors and defective hardware components (such as hard disk spindle defects) often lead to invalid operations, and we understand how and why. However, other less predictable forms of enviro...
![Figure 1. Arbiter PUF [14].](profile/Bob-Duncan/publication/344943030/figure/fig5/AS:951730707628033@1603921691161/Arbiter-PUF-14_Q320.jpg)
![Figure 2. Algorithms to access the CPUF [17].](profile/Bob-Duncan/publication/344943030/figure/fig6/AS:951730707648514@1603921691188/Algorithms-to-access-the-CPUF-17_Q320.jpg)
The Eleventh International Conference on Cloud Computing, GRIDs, and Virtualization (CLOUD COMPUTING 2020), held on October 25 - 29, 2020, continued a series of events targeted to prospect the applications supported by the new paradigm and validate the techniques and the mechanisms. A complementary target was to identify the open issues and the cha...
Cloud computing has changed the way commonly used data is stored. Before the adoption of the cloud, most data was preserved in proprietary relational databases. Cloud services provide native storage for several complex data types including contacts, calendar events, tasks and form responses. Along with the cloud services the user is delivered mobil...
Modern operating systems employ CPU scheduling algorithms to minimize wait times for individual processes, overhead caused by switching between processes, and to complete all processes in a fair-ordered manner. Researchers have suggested several improvements to one of the most common scheduling algorithms, Round Robin, by changing the method by whi...
Operating system handles a variety of functions such as process management, resource allocation, memory management, networking, file management to name few. Out of these tasks, resource allocation is of utmost importance. The currently existing algorithms have some problems associated with them. Some of them can lead to endless waiting or starvatio...
Proceedings of the Ninth International Conference on Cloud Computing, GRIDs, and Virtualization
In this paper, we investigate the problem of providing correctness guarantees when representing transaction data in semi-structured documents in cloud-based systems. We compare traditional relational database correctness guarantees including normalization and domain constraints with our correctness guarantees for document-oriented databases. In thi...
The Eighth International Conference on Cloud Computing, GRIDs, and Virtualization (CLOUD COMPUTING 2017), held between February 19-23, 2017 in Athens, Greece, continued a series of events meant to prospect the applications supported by the cloud computing paradigm and validate the techniques and the mechanisms. A complementary target was to identif...
In this paper, we investigate the problem of development costs in Platform as-a Service (PAAS) cloud-based systems. We develop a set of tools to analyze the size of code executed to support features in the PAAS. In this research, we specifically focus on stable open source platforms to ensure as much of an equivalent offering from each platform. A...
The focus of this research work is to investigate the problem of providing partition tolerance in cloud-based applications while maintaining application data integrity. This study looks at developing a cloud application to track sales of admission tickets to a battlefield as a motivating example. Web browsers are run inside the premises of the ente...
This paper examines the process used in scheduling limited resources for blocks of time. The paper compares a complex algorithm current used to a random assignment system on scheduling equity. This research involved scheduling contracted guides with non-regular schedules to tours in advance or the day of the scheduling process. The random assignmen...
In this paper, I investigate the problem of providing guarantees for heterogeneous system integration. I propose a set of strong properties, FACD, which when held in the integration transaction will deliver correct results. The strong properties support an integration technique called CCETL (Continuous, Consistent, Extract, Translate, and Load). CC...
With an increasing population, social media is a trendy form of sharing information, which can be a massive pitfall for unwary users. With a number of users that are largely untrained in proper password creation methodologies, this influx of information can be damaging. This paper aims to describe current measures of password strength, the current...
Automation of information extraction from eligibility criteria will provide a breakthrough in effective utilization of information for patient search in clinical databases. A majority of eligibility criteria contain temporal information associated with medical conditions and events. This project creates a novel natural language processing (NLP) pip...
In this paper we investigate the problem of manual survey completion for the purposes of market validation. This study resides in the application domain of business market validation as a motivating example. The amount of data which can be output for market validation can be drastically increased through the process of automation. Through the use o...
In this paper, we investigate the problem of providing highly available, decentralized, dynamic path selection in high performance computing networking. We look at a use case for dynamic path selection that better utilizes bandwidth available in the network. The network architecture we propose is a partial mesh grid whereby each host is directly co...
In his talk, Olmsted will investigate the problem of developing secure development of cloudbased enterprise applications. Consistency, availability, and durability are investigated for web service (WS) transactions. He proposes an approach that matches the availability of the popular lazy replica update propagation method while increasing durabilit...
In this paper, we investigate the value of Payment Card Industry Data Security Standard (PCI DSS) by examining popular implementations of hosted payment processing solutions. First, we will dive into Card Connect, a registered ISO of Wells Fargo Bank, and see how their client-side-dependent model allows for trivial manipulation. Then we look at Car...
The Payment Card Industry Data Security Standard (PCI-DSS, or simply PCI) governs the many security standards associated with payment card transactions. Point of sale systems in today's brick-and-mortar storefronts fall woefully short of these standards at every step of the work flow. They commonly use outdated desktop computers and store card data...
Cloud services can be consumed using web service calls through the APIs provided by the cloud provider. Although using a fine-grained web-service request allows better flexibility of services, this approach will require service consumers to make multiple service requests to the cloud. The cloud will end up receiving a significantly higher number of...
In the development of a new software solution, users and developers spend the majority of their effort on modeling the functional requirements. The Non-Functional Requirements (NFR) are treated as a second class requirement, ignored until the end of the development cycle. They are often hidden, overshadowed and therefore, frequently neglected or fo...
Social media has a tremendous impact on current culture and trends. It has revolutionized the way in which people communicate with one another. Malicious entities exploit the vulnerabilities brought upon by the availability of personal data content on these networks. Openly sharing personal information online can make a user vulnerable to threats s...
An application running on an android mobile platform may sometimes crash in the midst of its lifecycle without the user triggering an explicit close action. This is due to memory leaks in the system which are introduced due to insufficient memory handling mechanisms. Memory leaks are not easily identified by testing the application. There are a few...
Functional Requirements are the primary focus of software development projects for both end users and developers. The Non-Functional Requirements (NFR) are treated as a secondary class requirement, ignored until the end of the development cycle. They are often hidden, overshadowed and therefore, frequently neglected or forgotten. NFRs are sometimes...
In this paper, we investigate the problem of representing transaction data in PAAS cloud-based systems. We compare traditional database normalization techniques with our denormalized approach. In this research, we specifically focus on transactional data that is not attached to a specific customer. The absence of the relationship in the customer ob...
The Seventh International Conference on Cloud Computing, GRIDs, and Virtualization (CLOUD COMPUTING 2016), held between March 20-24, 2016 in Rome, Italy, continued a series of events targeted to prospect the applications supported by the new paradigm and validate the techniques and the mechanisms. A complementary target was to identify the open iss...
In this paper we look at solutions for notifying patients and medical professionals in the event of a pacemaker failure. Many people depend on pacemakers to regulate their heartbeat. Pacemaker failures can lead to hospital visits or death, making pacemaker failure detection an issue for people with these devices. HeartSync uses an iPhone to simulat...
In his talk, Dr. Olmsted will investigate the problem of developing secure development of cloud-based enterprise applications. Consistency, availability, and durability are investigated for web service (WS) transactions. He proposes an approach that matches the availability of the popular lazy replica update propagation method while increasing dura...
In his talk, Dr. Olmsted will investigate the problem of developing secure development of cloud-based enterprise applications. Consistency, availability, and durability are investigated for web service (WS) transactions. He proposes an approach that matches the availability of the popular lazy replica update propagation method while increasing dura...
In this talk, I investigate the problem of developing secure development of cloud-based enterprise applications. Consistency, availability, and durability are investigated for web service transactions. I propose an approach that matches the availability of the popular lazy replica update propagation method while increasing durability and consistenc...
There are numerous concerns on an enterprise network. Especially one populated by uncontrollable users and devices. The network this paper focuses on is the network of an academic higher education institution. This paper will concentrate on a case study of how to facilitate the formation of an on-campus cybersecurity student-run club. In our case,...
In this paper I investigate the problem of providing application domain security constraints to distributed systems will maintaining high availability. This study uses the application domain of business loyalty incentives as a motivating example. The loyalty incentives are earned through electronic point and currency programs while the modeled syst...
In this paper we investigate the problem of providing web service interception hooks while maintaining consistency, high availability and durability for Web Service transactions. We consider ways of adding runtime configurable interception hooks for after release customization while guaranteeing the correctness of the entire transaction. We study i...
Grade calculation in historical educational environments depends on a grade journal that is only visible to the instructor. In modern educational environments, this journal has been replaced by more transparency in the form of a computerized learning management system. Unfortunately, there are not correctness guarantees for the students and the fac...
In this paper, I investigate the problem of providing ACID guarantees for continuous data integration. I proposed an integration technique called CCETL (Continuous, Consistent, Extract, Translate and Load). CCETL consumes UML class diagrams to identify transactional membership of the data elements that makeup the integration. CCETL transforms the h...
In this paper we investigate the problem of providing consistency, availability and durability for Web Service transactions. We consider enforcement of integrity constraints in a way that increases the availability while guaranteeing the correctness specified in the constraint. We study hierarchical constraints that offer an opportunity for optimiz...
In this paper we investigate the problem of providing consistency, availability and durability for web service transactions. We propose an approach that matches the availability of the popular lazy replica update propagation method while increases the durability and consistency. Our replica update propagation method is called the Buddy System, whic...
In this paper we investigate the problem of providing consistency, availability and durability for Web Service transactions. We consider enforcement of integrity constraints in a way that increases availability while guaranteeing the correctness specified in the constraint. We study hierarchical constraints that offer an opportunity for optimizatio...
In this paper we investigate the problem of providing consistency, availability and durability for Web Service-transactions. We consider each transaction as a black box, with only the corresponding metadata, expressed as UML specifications, as transaction semantics. We refer to these WS transactions as coarse-grained WS-transactions. We propose an...
In this paper we investigate the problem of providing consistency, availability and durability for Web Service-transactions. We consider each transaction as a black box, with only the corresponding metadata, expressed as UML specifications, as transaction semantics. We refer to these WS transactions as coarse-grained WS-transactions. We propose an...
Our project is a scalable community-driven spectroscopic annotation system for the field of metabolomics, which is the study of the of the identifying products left behind by the process of metabolism. This project is a Google-based laboratory information management system or gLIMS. This system combines the intuitive Google Drive interface and stor...
In this paper we investigate the problem of provid-ing durability for Web Service transactions in the pres-ence of system failures. We show that the popular lazy replica update propagation method is vulnerable to loss of transactional updates in the presence of hardware failures. We propose an extension to the lazy update propagation approach to re...
In this paper we investigate the problem of providing consistency, availability and durability for Web Service transactions that consume anonymous and attribute based resources. We show that the availability of the popular lazy replica update propagation method can be achieved while increasing it's durability and consistency. Our approach is based...
Questions
Questions (3)
I am chairing a special session at The Eleventh International Conference on Emerging Security Information, Systems, and Technologies (SECURWARE 2017). The special session will focus on Secure Software Development (SSD). The conference will take place in Rome from September 10th to the 14th.
Secure software development is the process involving people and practices that ensure application Confidentiality, Integrity, Availability, Non-Repudiation, and Authentication (CIANA). Secure software is the result of a security aware software development processes, where CIANA is established when an application is first developed. Current Secure Software Development LifeCycles (SSDLC) are just old Software Development LifeCycles (SDLC) with a security training pre-pended before the traditional development steps, and an incident response process appended to the end of the lifecycle. To solve application cyber-security issues, one needs to develop the models, tools, architectures, and algorithms that support CIANA on the first day of a development project.
SECURWARE is a terrific cyber-security conference and community to become associated with. Please let me know if you have colleagues or students who would be interested in submitting. Because this is a special session, I can take submission up until August 2nd. The late submission date makes it an ideal place for the dissemination of the results from your Summer research projects
I am chairing a special session at The Eleventh International Conference on Emerging Security Information, Systems, and Technologies (SECUREWAR 2017). The special session will focus on Secure Software Development (SSD). The conference will take place in Rome from September 10th to the 14th.
Secure software development is the process involving people and practices that ensure application Confidentiality, Integrity, Availability, Non-Repudiation, and Authentication (CIANA). Secure software is the result of a security aware software development processes, where CIANA is established when an application is first developed. Current Secure Software Development LifeCycles (SSDLC) are just old Software Development LifeCycles (SDLC) with a security training prepended before the traditional development steps, and an incident response process appended to the end of the lifecycle. To solve application cyber-security issues, one needs to develop the models, tools, architectures, and algorithms that support CIANA on the first day of a development project.
Secureware is a terrific cyber-security conference and community to become associated with. Please let me know if you have colleagues or students who would be interested in submitting. Because this is a special session, I can take submission up until August 2nd. The late submission date makes it an ideal place for the dissemination of the results from your Summer research projects
PKI guarantees that a machine is who it says it is through 3 party system? What about processes on the same machine. I want to validate that a signed or encrypted message came from a specific process.
