Jeannette M. Wing

Jeannette M. Wing
Columbia University | CU · Department of Computer Science

PhD

About

278
Publications
100,208
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
23,658
Citations
Additional affiliations
July 2017 - present
Columbia University
Position
  • Professor (Full)
July 1985 - June 2015
Carnegie Mellon University
Position
  • Professor

Publications

Publications (278)
Article
Data science is the foundation of our modern world. It underlies applications used by billions of people every day, providing new tools, forms of entertainment, economic growth, and potential solutions to difficult, complex problems. These opportunities come with significant societal consequences, raising fundamental questions about issues such as...
Article
Data science is the foundation of our modern world. It underlies applications used by billions of people every day, providing new tools, forms of entertainment, economic growth, and potential solutions to difficult, complex problems. These opportunities come with significant societal consequences, raising fundamental questions about issues such as...
Article
Data science is the foundation of our modern world. It underlies applications used by billions of people every day, providing new tools, forms of entertainment, economic growth, and potential solutions to difficult, complex problems. These opportunities come with significant societal consequences, raising fundamental questions about issues such as...
Article
Data science is the foundation of our modern world. It underlies applications used by billions of people every day, providing new tools, forms of entertainment, economic growth, and potential solutions to difficult, complex problems. These opportunities come with significant societal consequences, raising fundamental questions about issues such as...
Article
This chapter presents examples of what data science can do. For the technology-, healthcare-, and science-related examples, the authors define the problem and then sketch how to collect data, build a model, and use it to solve the problem. They start with spelling correction, followed by speech recognition. Other examples include recommendation sys...
Article
Data science is the foundation of our modern world. It underlies applications used by billions of people every day, providing new tools, forms of entertainment, economic growth, and potential solutions to difficult, complex problems. These opportunities come with significant societal consequences, raising fundamental questions about issues such as...
Article
Data science is the foundation of our modern world. It underlies applications used by billions of people every day, providing new tools, forms of entertainment, economic growth, and potential solutions to difficult, complex problems. These opportunities come with significant societal consequences, raising fundamental questions about issues such as...
Article
Data science is the foundation of our modern world. It underlies applications used by billions of people every day, providing new tools, forms of entertainment, economic growth, and potential solutions to difficult, complex problems. These opportunities come with significant societal consequences, raising fundamental questions about issues such as...
Article
This chapter pivots towards taking the view of a team building new data science applications. Their work begins when someone creates a concept for a worthwhile and plausibly achievable technique, product, or service. Goals may range from scientific pursuit to commercial gain. They may be motivated by the need to solve an existing problem or by a no...
Article
Data science is the foundation of our modern world. It underlies applications used by billions of people every day, providing new tools, forms of entertainment, economic growth, and potential solutions to difficult, complex problems. These opportunities come with significant societal consequences, raising fundamental questions about issues such as...
Article
This chapter uses the learnings from Chapter 4’s examples to create the Analysis Rubric, which consists of seven major considerations for determining data science’s applicability to a proposed application. While these considerations may not be fully understood at a project’s inception, there needs to be a belief that answers will be forthcoming pri...
Article
Data science is the foundation of our modern world. It underlies applications used by billions of people every day, providing new tools, forms of entertainment, economic growth, and potential solutions to difficult, complex problems. These opportunities come with significant societal consequences, raising fundamental questions about issues such as...
Article
This chapter introduces ethical principles that help us better use data science to achieve beneficial societal goals. As with all developing technologies, data science can give rise to unanticipated negative consequences, and it may affect our professional, personal, and political realities. These challenge our norms for how we use technology in wa...
Article
Data science is the foundation of our modern world. It underlies applications used by billions of people every day, providing new tools, forms of entertainment, economic growth, and potential solutions to difficult, complex problems. These opportunities come with significant societal consequences, raising fundamental questions about issues such as...
Article
Data science is the foundation of our modern world. It underlies applications used by billions of people every day, providing new tools, forms of entertainment, economic growth, and potential solutions to difficult, complex problems. These opportunities come with significant societal consequences, raising fundamental questions about issues such as...
Article
Data science is the foundation of our modern world. It underlies applications used by billions of people every day, providing new tools, forms of entertainment, economic growth, and potential solutions to difficult, complex problems. These opportunities come with significant societal consequences, raising fundamental questions about issues such as...
Article
Data science is the foundation of our modern world. It underlies applications used by billions of people every day, providing new tools, forms of entertainment, economic growth, and potential solutions to difficult, complex problems. These opportunities come with significant societal consequences, raising fundamental questions about issues such as...
Article
Data science is the foundation of our modern world. It underlies applications used by billions of people every day, providing new tools, forms of entertainment, economic growth, and potential solutions to difficult, complex problems. These opportunities come with significant societal consequences, raising fundamental questions about issues such as...
Article
Data science is the foundation of our modern world. It underlies applications used by billions of people every day, providing new tools, forms of entertainment, economic growth, and potential solutions to difficult, complex problems. These opportunities come with significant societal consequences, raising fundamental questions about issues such as...
Article
Data science is the foundation of our modern world. It underlies applications used by billions of people every day, providing new tools, forms of entertainment, economic growth, and potential solutions to difficult, complex problems. These opportunities come with significant societal consequences, raising fundamental questions about issues such as...
Article
Data science is the foundation of our modern world. It underlies applications used by billions of people every day, providing new tools, forms of entertainment, economic growth, and potential solutions to difficult, complex problems. These opportunities come with significant societal consequences, raising fundamental questions about issues such as...
Article
Data science is the foundation of our modern world. It underlies applications used by billions of people every day, providing new tools, forms of entertainment, economic growth, and potential solutions to difficult, complex problems. These opportunities come with significant societal consequences, raising fundamental questions about issues such as...
Article
Data science is the foundation of our modern world. It underlies applications used by billions of people every day, providing new tools, forms of entertainment, economic growth, and potential solutions to difficult, complex problems. These opportunities come with significant societal consequences, raising fundamental questions about issues such as...
Article
Data science is the foundation of our modern world. It underlies applications used by billions of people every day, providing new tools, forms of entertainment, economic growth, and potential solutions to difficult, complex problems. These opportunities come with significant societal consequences, raising fundamental questions about issues such as...
Book
Data science is the foundation of our modern world. It underlies applications used by billions of people every day, providing new tools, forms of entertainment, economic growth, and potential solutions to difficult, complex problems. These opportunities come with significant societal consequences, raising fundamental questions about issues such as...
Article
Full-text available
Data science is a newly‐formed and, as yet, loosely‐defined discipline that has nonetheless emerged as a critical component of successful scientific research. We seek to provide an understanding of the term “data science,” particularly as it relates to public health; to identify ways that data science methods can strengthen public health research;...
Article
Full-text available
To drive progress in the field of data science, we propose 10 challenge areas for the research community to pursue. Since data science is broad, with methods drawing from computer science, statistics, and other disciplines, and with applications appearing in all sectors, these challenge areas speak to the breadth of issues spanning science, technol...
Preprint
We initiate the study of fair classifiers that are robust to perturbations in the training distribution. Despite recent progress, the literature on fairness has largely ignored the design of fair and robust classifiers. In this work, we develop classifiers that are fair not only with respect to the training distribution, but also for a class of dis...
Preprint
The promise of AI is huge. AI systems have already achieved good enough performance to be in our streets and in our homes. However, they can be brittle and unfair. For society to reap the benefits of AI systems, society needs to be able to trust them. Inspired by decades of progress in trustworthy computing, we suggest what trustworthy properties w...
Preprint
Although data science builds on knowledge from computer science, mathematics, statistics, and other disciplines, data science is a unique field with many mysteries to unlock: challenging scientific questions and pressing questions of societal importance. This article starts with meta-questions about data science as a discipline and then elaborates...
Technical Report
Full-text available
Executive Summary Data science is a burgeoning field. As a result of recent technological advances, widespread and accelerated uptake of these technologies by many sectors, and increasing workforce demands, many data science initiatives across universities and colleges in the US and beyond are sprouting up at a rapid pace.
Conference Paper
I use the tagline "Data for Good" to state paronomastically how we as a community should be promoting data science, especially in training future generations of data scientists. First, we should use data science for the good of humanity and society. Data science should be used to better people's lives. Data science should be used to improve relatio...
Conference Paper
Full-text available
The explosion of interest in KDD and other Data Science/Machine Learning/AI conferences is just one of the many signs that these technologies are no longer confined to the realms of academia and a hand-full of tech companies. As our daily lives seamlessly integrate more and more data-driven applications, people's excitement is tempered by worry abo...
Technical Report
Full-text available
Cloud computing has the potential to transform both research and education in the CISE (computer and information science and engineering) community. The CISE directorate of the National Science Foundation convened a workshop on January 8-9, 2018, to bring together representatives from academia, industry, and government to discuss ways to enable CIS...
Conference Paper
Sources of uncertainty abound. Noisy sensor data. Machine learning methods. Hardware and software failures. The physical world. Human behavior. In the past, computer science handled uncertainty by abstracting it away or avoiding it. In the future, instead, computer science needs to embrace uncertainty as a first-class entity. How do we represent un...
Article
Apresenta-se aqui a tradução do trabalho intitulado “Computational Thinking”, da autora americana Jeannette Wing, professora de Ciência da Computação e chefe do Departamento de Ciência da Computação na Universidade de Carnegie Mellon, Pittsburgh, PA. O trabalho original foi publicado no número 3 da edição 49 do periódico “Communications of the ACM”...
Article
The Communications Web site, http://cacm.acm.org, features more than a dozen bloggers in the BLOG@CACM community. In each issue of Communications, we'll publish selected posts or excerpts. twitter Follow us on Twitter at http://twitter.com/blogCACM http://cacm.acm.org/blogs/blog-cacm Jeannette Wing considers the proliferation of computational th...
Article
Full-text available
An item of your personal information is inversely private if some party has access to it but you do not. We analyze the provenance of inversely private information and its rise to dominance over other kinds of personal information. In a nutshell, the inverse privacy problem is unjustified inaccessibility to you of your inversely private information...
Article
Full-text available
Information flow analysis has largely ignored the setting where the analyst has neither control over nor a complete model of the analyzed system. We formalize such limited information flow analyses and study an instance of it: detecting the usage of data by websites. We prove that these problems are ones of causal inference. Leveraging this connect...
Conference Paper
Full-text available
With the rapid increase in cloud services collecting and using user data to offer personalized experiences, ensuring that these services comply with their privacy policies has become a business imperative for building user trust. However, most compliance efforts in industry today rely on manual review processes and audits designed to safeguard user...
Article
Formal methods research has made tremendous progress since the 1980s when a proof using a theorem prover was worthy of a Ph.D. thesis and a bug in a VLSI textbook was found using a model checker. Now, with advances in theorem proving, model checking, satisfiability modulo theories (SMT) solvers, and program analysis, the engines of formal methods a...
Conference Paper
Formal methods research has made tremendous progress since the 1980s when a proof using a theorem prover was worthy of a Ph.D. thesis and a bug in a VLSI textbook was found using a model checker. Now, with advances in theorem proving, model checking, satisfiability modulo theories (SMT) solvers, and program analysis, the engines of formal methods a...
Conference Paper
Full-text available
Privacy policies in sectors as diverse as Web services, finance and healthcare often place restrictions on the purposes for which a governed entity may use personal information. Thus, automated methods for enforcing privacy policies require a semantics of purpose restrictions to determine whether a governed agent used information for a purpose. We...
Article
Full-text available
The Communications Web site, http://cacm.acm.org, features more than a dozen bloggers in the BLOG@CACM community. In each issue of Communications, we'll publish selected posts or excerpts. twitter Follow us on Twitter at http://twitter.com/blogCACM http://cacm.acm.org/blogs/blog-cacm Jeannette M. Wing considers how technology acts as a change ag...
Article
Full-text available
This paper reviews two relatively new tools for automated formal analysis of security protocols. One applies
Conference Paper
Progress in computing technology over the past 20 years has dramatically changed our lives - in our daily routine, at play, and at work. Advances in mobile devices, wireless networks, robots, sensors and actuators, software services, data analytics, cloud computing, and social media are behind the conveniences we take for granted. They also have ha...
Article
Full-text available
Privacy policies often place restrictions on the purposes for which a governed entity may use personal information. For example, regulations, such as the Health Insurance Portability and Accountability Act (HIPAA), require that hospital employees use medical information for only certain purposes, such as treatment, but not for others, such as gossi...
Article
The Communications Web site, http://cacm.acm.org, features more than a dozen bloggers in the BLOG@CACM community. In each issue of Communications, we'll publish selected posts or excerpts. twitter Follow us on Twitter at http://twitter.com/blogCACM http://cacm.acm.org/blogs/blog-cacm Jeannette M. Wing discusses her PCAST presentation about the i...
Chapter
Full-text available
Practical software security metrics and measurements are essential for secure software development. In this chapter, we introduce the measure of a software system’s attack surface as an indicator of the system’s security. The larger the attack surface, the more insecure the system. We formalize the notion of a system’s attack surface using an I/O a...
Article
Full-text available
The Communications Web site, http://cacm.acm.org, features more than a dozen bloggers in the BLOG@CACM community. In each issue of Communications , we'll publish selected posts or excerpts. twitter Follow us on Twitter at http://twitter.com/blogCACM http://cacm.acm.org/blogs/blog-cacm Jeannette M. Wing discusses peer review and its importance in te...
Article
Full-text available
Measurement of software security is a long-standing challenge to the research community. At the same time, practical security metrics and measurements are essential for secure software development. Hence, the need for metrics is more pressing now due to a growing demand for secure software. In this paper, we propose using a software system's attack...
Conference Paper
Full-text available
We argue that a general theory of trust in networks of humans and computers must be build on both a theory of behavioral trust and a theory of computational trust. This argument is motivated by increased participation of people in social networking, crowdsourcing, human computation, and socio-economic protocols, e.g., protocols modeled by trust and...
Article
Full-text available
Privacy policies often place requirements on the purposes for which a governed entity may use personal information. For example, regulations, such as HIPAA, require that hospital employees use medical information for only certain purposes, such as treatment. Thus, using formal or automated methods for enforcing privacy policies requires a semantics...
Conference Paper
Crowds are a given. Two decades ago the Linux operating system was launched through the open source efforts of thousands of Internet-connected volunteer programmers worldwide. Just last summer, through an invented on-the-fly peer review process, theoretical computer scientists used wikis and blogs to examine the purported proof in the negative of t...
Article
The Communications Web site, http://cacm.acm.org, features more than a dozen bloggers in the BLOG@CACM community. In each issue of Communications , we'll publish selected posts or excerpts. twitter Follow us on Twitter at http://twitter.com/blogCACM Jeannette M. Wing shares useful suggestions for department heads. Daniel Reed discusses the importan...
Article
The Communications Web site, http://cacm.acm.org, features more than a dozen bloggers in the BLOG@CACM community. In each issue of Communications , we'll publish excerpts from selected posts. Follow us on Twitter at http://twitter.com/blogCACM Jeannette M. Wing writes about the negative effects of deadline-driven research and Mark Guzdial discusses...
Conference Paper
Full-text available
Abstract Privacy means something different to everyone. Against a vast and rich canvas of diverse types of
Article
Agile development deemphasizes long-term planning in favor of short-term adaptiveness. This is a strength in a rapidly changing development environment. However, this short-term focus creates a temptation to neglect best practices that are essential ...
Article
Jeannette M. Wing, a professor at Carnegie Mellon University, Daniel Reed, vice president of the extreme computing group at Microsoft Research, and Mark Guzdial, a professor at the Georgia Institute of Technology, present their views on the role of information and communication technology (ICT), high performance computing (HPC) and role of women in...
Conference Paper
Full-text available
Software vendors are increasingly concerned about mitigating the security risk of their software. Code quality improvement is a traditional approach to mitigate security risk; measuring and reducing the attack surface of software is a complementary approach. In this paper, we apply a method for measuring attack surfaces to enterprise software writ...
Article
Full-text available
Traditional model checking produces one counterexample to illustrate a violation of a property by a model of the system. Some applications benefit from having all counterexamples, not just one. We call this set of counterexamples a scenario graph. In this chapter we present two different algorithms for producing scenario graphs and explain how scen...
Conference Paper
Full-text available
Programs should keep sensitive information, such as medical records, confidential. We present a static analysis that extracts from a program's source code a sound approximation of the most restrictive conditional confidentiality policy that the program obeys. To formalize conditional confidentiality policies, we present a modified definition of non...
Article
Full-text available
Computational thinking will influence everyone in every field of endeavour. This vision poses a new educational challenge for our society, especially for our children. In thinking about computing, we need to be attuned to the three drivers of our field: science, technology and society. Accelerating technological advances and monumental societal dem...
Conference Paper
Full-text available
Summary form only given. My vision for the 21st Century: computational thinking will be a fundamental skill used by everyone in the world. To reading, writing, and arithmetic, let's add computational thinking to every child's analytical ability. Computational thinking has already influenced other disciplines, from the sciences to the arts. The new...
Article
Full-text available
Even if they seem unanswerable, just trying to answer them will advance the field's scientific foundations and help engineer the systems we can only imagine.
Article
Full-text available
Abstract Software vendors such as SAP are increasingly concerned about mitigating the security risk of their
Conference Paper
Security vulnerabilities are increasingly due to software. While we focus much of our attention today on code-level vulnerabilities, such as buffer overflows, we should be paying more attention to design-level vulnerabilities. Independently designed and implemented components may individually behave properly, but when put together, unanticipated in...
Conference Paper
Full-text available
The title of this talk comes from a little book that I bought years ago, compiled by S.M. Scott. It includes fictional stories and quotations about teaching, reminiscences by former pupils about their teachers, etc. The title of the book is what caught ...
Article
Full-text available
Practical software security measurements and metrics are critical to the improvement of software security. We propose a metric to determine whether one software system is more secure than another similar system with respect to their attack surface. We use a system’s attack surface measurement as an indicator of the system’s security; the larger the...
Conference Paper
Full-text available
A majority of attacks on computer systems result from a combination of vulnerabilities exploited by an intruder to break into the system. An Attack Graph is a general formalism used to model security vulnerabilities of a system and all possible sequences of exploits which an intruder can use to achieve a specific goal. Attack Graphs can be con- str...
Article
Full-text available
It represents a universally applicable attitude and skill set everyone, not just computer scientists, would be eager to learn and use.
Article
Full-text available
Various aspects of computational thinking, which builds on the power and limits of computing processes, whether they are executed by a human or by a machine, are discussed. Computational methods and models are helping to solve problems, design systems, and understand human behavior, by drawing on concepts fundamental to computer science (CS). Compu...
Article
Full-text available
Conference Paper
Full-text available
Software consumers often need to choose between dierent software that provide the same functionality. Today, se- curity is a quality that many consumers, especially system administrators, care about and will use in choosing one soft- ware system over another. An attack surface metric is a security metric for comparing the relative security of simi-...
Conference Paper
Attack graphs represent the ways in which an adversary can exploit vulnerabilities to break into a system. System administrators analyze these attack graphs to understand where their system's weaknesses lie and to help decide which security measures will be effective to deploy. In practice, attack graphs are produced manually by Red Teams. Construc...
Conference Paper
Full-text available
Clashing security policies leads to vulnerabilities. Violating security policies leads to vulnerabilities. A system today operates in the context of a multitude of security policies, often one per application, one per process, one per user. The more security policies that have to be simultaneously satisfied, the more likely the possibility of a cla...
Chapter
Full-text available
We propose a metric for determining whether one version of a system is more secure than another with respcct to a fixed set of dimensions. Rather than count bugs at the code level or count vulnerability reports at the system level, we count a system's attack opportunities. We use this count as an indication of the system's “attackability,” likeliho...
Article
Full-text available
1 Context Clashing security policies leads to vulnerabilities. Violating security policies leads to vulnerabilities. A system today operates in the context of a multitude of security poli-cies, often one per application, one per process, one per user. The more security policies that have to be simultaneously satisfied, the more likely the possibili...