10/2010 - Senior Staff Researcher, Innovation Center, Huawei Technologies, Santa Clara, CA, USA 09/2006 - 10/2010 Staff Engineer, Samsung Information Systems America (Samsung R&D Center), San Jose, CA, USA 01/2001 - 08/2006 Ph.D. Student, George Mason University, Fairfax, VA, USA (advisor: Prof. Ravi Sandhu) 05/2000 - 09/2000 Software Development Engineer, CE-Infosys, Singapore 07/1998 - 05/2000 M. Eng., Nanyang Technology University, Singapore 09/1991 - 07/1998 B. Eng & M. Eng., Huazhong University of Science and Technology, Wuhan, China
Security policies, models, architectures, and mechanisms in systems and networks Trust, identity, access control, and authorization in cloud computing Security and privacy in Internet and future Internet architecture Secure mobile platforms, services, and applications Trusted computing and high assurance systems and networks
PC co-chair: ACM STC 2012, TRUST 2012, ACM STC 2011 Panel: NSF Panel Review, 2012 Program committee: ACM CCS-SPSM 2013, ACM TrustED 2013, INTRUST 2013, CANS 2013, IEEE TrustCom 2013, Sigcomm MCC 2013, TRUST 2013, DBSec 2013, IEEE MobileCloud 2013, HASP 2012, ACM SPSM 2012, ICNC 2013, CANS 2012, InTrust 2012, TrustCom 2012, ACM SACMAT 2012, ACM WiSec 2012, DBSec 2012, ACM CODASPY 2012, ICNC 2012, INTRUST 2011, TrustCom 2011, MSIS 2011, TRUST 2011, DBSec 2011, ACM WiSec 2011, ACM CODASPY 2011, ACM STC 2010, ICCIIS 2010, CollaboreteCom 2010, ChinaCom 2010, ACM SACMAT 2010, ACM STC 2009, ChinaCom 2009, ACM SACMAT 2009, MOTHIS 2008, ACM STC 2008, IS 2008, ACM SACMAT 2008, IEEE SUTC 2008, TRUST 2008, ACM STC 2007 Journal review: IEEE TPDS, Springer JONS, Wiley SCN, IEEE Computer, IEEE TMM, IEEE TMC, IEEE IC, IEEE TSC, IEICE, ACM TISSEC, Springer JNSM, IEEE TSMC, Elsevier Computer & Security
Wu Zhou, Xinwen Zhang, and Xuxian Jiang. AppInk: Watermarking Android Apps for Repackaging Deterrence. In Proc. of the 8th ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS), 2013.
Abedelaziz Mohaisen, Xinwen Zhang, Max Schuchard, Haiyong Xie, Yongdae Kim. Protecting Access Privacy of Cached Contents in Information Centric Networks (Short Paper). In Proc. of 8th ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2013.
Lei Xu, Xiaoxin Wu, and Xinwen Zhang. CL-PRE: a Certificateless Proxy Re-Encryption Scheme for Secure Data Sharing with Public Cloud. In Proc. of the 7th ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2012.
Sokol Kosta, Andrius Aucinas, Pan Hui, Richard Mortier, and Xinwen Zhang. ThinkAir: Dynamic resource allocation and parallel execution in the cloud for mobile code offloading. In Proc. of IEEE INFOCOM 2012.
Huijun Xiong, Xinwen Zhang, Danfeng Yao, Xiaoxin Wu, and Yonggang Wen. End-to-End Content Protection in Cloud-based Storage and Delivery Services. In Proc. of the Second ACM Conference on Data and Application Security and Privacy (CODASPY), 2012.
Lei Liu, Xinwen Zhang, Guanhua Yan, and Songqing Chen. Chrome Extensions: Security Analysis and Countermeasures. In Proc. of the 19th Annual Network & Distributed System Security Symposium (NDSS), 2012.
Yajin Zhou, Xinwen Zhang, Xuxian Jiang, and Vince Freeh. Taming Information-Stealing Smartphone Applications (on Android). In the 4th International Conference on Trust and Trustworthy Computing (TRUST), Pittsburgh, PA, June 2011.
Masoom Alam, Xinwen Zhang, Kamran Khan, and Gohar Ali. xDAuth: A Scalable and Lightweight Framework for Cross Domain Access Control and Delegation. In 16th ACM Symposium on Access Control Models and Technologies (SACMAT), 2011.
Qi Li, Mingwei Xu, Jianping Wu, Xinwen Zhang, Patrick P.C. Lee, and Ke Xu. Enhancing the Trust of Internet Routing with Lightweight Route Attestation. In Proc. of 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2011.
Xinwen Zhang, Jean-Pierre Seifert, and Onur Aciicmez. SEIP: Simple and Efficient Integrity Protection for Open Mobile Platforms. In the 12th International Conference on Information and Communications Security (ICICS), 2010. (Journal Version)
Wenjuan Xu, Gail-Joon Ahn, Hongxin Hu, Xinwen Zhang, and Jean-Pierre Seifert. DR@FT: Efficient Remote Attestation Framework for Dynamics Systems. In the 15th European Symposium on Research in Computer Security (ESORICS). 2010.
Joshua Schiffman, Xinwen Zhang, and Simon Gibbs. DAuth: Fine-grained Authorization Delegation for Distributed Web Application Consumers. In IEEE International Symposium on Policies for Distributed Systems and Networks (POLICY), 2010.
Xinwen Zhang, Sangoh Jeong, Simon Gibbs, and Anugeetha Kunjithapatham. Towards an Elastic Application Model for Augmenting Computing Capabilities of Mobile Platforms. In the 3rd International ICST Conference on Mobile Wireless Middleware, Operating Systems, and Applications (MobilWare), 2010. (Best Paper Award) (Journal Version)
Mohammad Nauman, Sohail Khan, Xinwen Zhang, and Jean-Pierre Seifert. Beyond Kernel-level Integrity Measurement: Enabling Remote Attestation for the Android Platform. In the 3rd International Conference on the 3rd International Conference on Trust and Trustworthy Computing (TRUST), 2010.
Liang Xie, Xinwen Zhang, Jean-Pierre Seifert, and Sencun Zhu. pBMDS: A Behavior-based Malware Detection System for Cellphone Devices . In ACM Conference on Wireless Network Security (WiSec), March 22-24, 2010, Hoboken, NJ, USA. (Best Paper Nominated)
Mohammad Nauman, Sohail Khan, Masoom Alam, and Xinwen Zhang. Apex: Extending Android Permission Model and Enforcement with User-defined Runtime Constraints (short paper, Full Version). In ACM Symposium on Information, Computer and Communications Security (ASIACCS), April 13-16, 2010, Beijing, China.
Xinwen Zhang, Joshua Schiffman, Simon Gibbs, Anugeetha Kunjithapa, Sangoh Jeong. Securing Elastic Applications on Mobile Devices for Cloud Computing. In ACM Cloud Computing Security Workshop (CCSW), Chicago, IL, USA, 13 November 2009.
Lie Liu, Xinwen Zhang, Guanhua Yan, and Songqing Chen. Exploitation and Threat Analysis of Open Mobile Devices. In ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS), Princeton, New Jersey, USA, October 19-20, 2009.
Lei Liu, Guanhua Yan, Xinwen Zhang, and Songqing Chen. VirusMeter: Preventing Your Cellphone from Spies. In the 12th International Symposium On Recent Advances In Intrusion Detection (RAID'09), Saint-Malo, Brittany, France, September 23-25, 2009.
Liang Xie, Xinwen Zhang, Ashwin Chaugule, Trent Jaeger, and Sencun Zhu. Designing System-level Defenses against Cellphone Malware. In the 28th International Symposium on Reliable Distributed Systems (SRDS'09), Niagara Falls, New York, USA; September 27-30, 2009.
Masoom Alam, Mohammad Nauman, Xinwen Zhang, Tamleek Ali, and Patrick C.K. Hung. Behavioral Attestation forBusiness Processes (BA4BP). In the 7th IEEE International Conference on Web Services (ICWS), Los Angeles, CA, USA, July 6-10, 2009.
Xinwen Zhang, Onur Aciicmez, and Jean-Pierre Seifert. Building Efficient Integrity Measurement and Attestation for Mobile Phone Platforms. In the First International Conference on Security and Privacy in Mobile Information and Communication Systems (MobiSec), 2009.
Jing Jin, Hongxin Hu, Gail-Joon Ahn, Michael J. Covington, and Xinwen Zhang. Patient-centric Authorization Framework for Sharing Electronic Health Records. In the 14th ACM Symposium on Access Control Models and Technologies (SACMAT), Stresa, Italy, 2009.
Xinwen Zhang, Onur Aciicmez, and Jean-Pierre Seifert. Architecturing Trusted Mobile Platforms via Secure Kernel. In ACM CCS Workshop on Scalable Trusted Computing (STC), 2007: 7-14. (in conjunction with CCS'07)
Xinwen Zhang, Onur Aciicmez, Simon J. Gibbs, Anugeetha Kunjithapatham, Sangoh Jeong, Doreen Cheng. Execution allocation cost assessment for computing systems and environments. US Patent Number: 8239538.
Xinwen Zhang, Jean-Pierre Seifert. Method and system for enforcing trusted computing policies in a hypervisor security module architecture. US Patent number: 8220029.
Onur Aciicmez, Xinwen Zhang, Jean-Pierre Seifert. Secure multicast content delivery. US Patent number: 8218772.
Xinwen Zhang, Jean-Pierre Seifert, Onur Aciicmez. Authentication, identity, and service management for computing and communication systems. US Patent number: 8201232.
Xinwen Zhang, Jean-Pierre Seifert, Onur Aciicmez, Qingwei Ma. Securing CPU affinity in multiprocessor architectures. US Patent number: 8136153.
Onur Aciicmez, Xinwen Zhang, Jean-Pierre Seifert. Security-enhanced storage devices using media location factor in encryption of hidden and non-hidden partitions. US Patent Number: 8112634.
Xinwen Zhang, Wenjuan Xu, Onur Aciicmez, Jean-Pierre Seifert. Secure inter-process communication for safer computing environments and systems. US Patent Number: 8108519.
Onur Aciicmez, Jean-Pierre Seifert, Qingwei Ma, Xinwen Zhang. Method and system for securing instruction caches using substantially random instruction mapping scheme. US US Patent number: 8055848.
Xinwen Zhang, Jean-Pierre Seifert, Masoom Alam. Method and system for extending SELinux policy models and their enforcement. US Patent number: 8051459.
Onur Aciicmez, Jean-Pierre Seifert, Qingwei Ma, Xinwen Zhang. Method and system for securing instruction caches using cache line locking. US Patent number: 8019946.
Onur Aciicmez, Jean-Pierre Seifert, Xinwen Zhang. Changing the order of public key cryptographic computations. US Patent number: 7974409.
Onur Aciicmez, Jean-Pierre Seifert, Xinwen Zhang. Altering the size of windows in public key cryptographic computations. US Patent number: 7936871.
Onur Aciicmez, Jean-Pierre Seifert, Qingwei Ma, Xinwen Zhang. Enhancing the security of public key cryptosystem implementations. US Patent number: 7903814.
Onur Aciicmez, Jean-Pierre Seifert, Xinwen Zhang, Afshin Latifi. Integrating hashing and decompression of compressed data for safe computing. US Patent Number: 7847710.