Xinwen Zhang's Publications

Note: The papers do not represent any technical opinion of the author's current and previous employers.

Journal Articles and Book Chapters:

  1. Qi Li, Ravi Sandhu, Xinwen Zhang, and Mingwei Xu. Mandatory Content Access Control for Privacy Protection in Information Centric Networks. IEEE Transactions on Secure and Dependable Computing (TDSC) 14(5): 494-506 (2017).

  2. Yacong Gu, Qi Li, Hongtao Zhang, Purui Su, Xinwen Zhang, Dengguo Feng, Direct Resource Hijacking in Android, Internet Computing, IEEE, 20(5):46-56, 2016.

  3. Weiwen Zhang, Xinwen Zhang, and Yonggang Wen. Towards Virus Scanning as a Service in Mobile Cloud Computing: Energy-Efficient Dispatching Policy under N-Version Protection. IEEE Transactions on Emerging Topics in Computing (TETC). Accepted.

  4. Aziz Mohaisen, Hesham Mekky, Xinwen Zhang, Haiyong Xie, and Yongdae Kim. Timing Attacks on Access Privacy in Information Centric Networks and Countermeasures. IEEE Transactions on Secure and Dependable Computing (TDSC) 12(6): 675-687 (2015)

  5. Qi Li, Xinwen Zhang, Qingji Zheng, Ravi Sandhu, Xiaoming Fu. LIVE: Lightweight Integrity Verification and Content Access Control for Named Data Networking. IEEE Transactions on Information Forensics and Security (TIFS). 10(2): 308-320 (2015)

  6. Qi Li, Xinwen Zhang, Xin Zhang, and Purui Su. Invalidating Idealized BGP Security Proposals and Countermeasures. IEEE Transactions on Secure and Dependable Computing (TDSC) 12(3): 298-311 (2015).

  7. Songqing Chen, Lei Liu, Xinyuan Wang, Xinwen Zhang, and Zhao Zhang. A Host-based Approach for Unknown Fast Spreading Worm Detection and Containment. ACM Transactions on Autonomous and Adaptive Systems (TAAS). TAAS 8(4): 21 (2014).

  8. Ruoyu Wu, Xinwen Zhang, Gail-Joon Ahn, Hadi Sharifi, and Haiyong Xie. Design and Implementation of Access Control as a Service for IaaS Cloud. ASE Science Journal, Vol 1(3): 121-138 (2013).

  9. Xingze He, Xinwen Zhang, and C.-C. Jay Kuo. A Distortion-Based Approach to Privacy-Preserving Metering in Smart Grids. IEEE Access. Vol 1: 67-78, 2013. DOI

  10. Xinwen Zhang, Jean-Pierre Seifert, and Onur Aciicmez. Design and Implementation of Efficient Integrity Protection for Open Mobile Platforms. IEEE Transactions on Mobile Computing (TMC). . 13(1): 188-201 (2014). PrePrint

  11. Wenjuan Xu, Xinwen Zhang, Hongxin Hu, Gail-J. Ahn, and Jean-Pierre Seifert. Remote Attestation with Domain-based Integrity Model and Policy Analysis. IEEE Transactions on Dependable and Secure Computing (TDSC). 9(3): 429-442 (2012).

  12. Qi Li, Mingwei Xu, Jianping Wu, Xinwen Zhang, Patrick P. C. Lee, and Ke Xu. Enhancing the Trust of Internet Routing with Lightweight Route Attestation. IEEE Transactions on Information Forensics and Security (TIFS). 7(2): 691-703 (2012).

  13. Hai Jin, Ge Cheng, Deqing Zou, and Xinwen Zhang. Cherub: Fine-grained Application Protection with On-demand Virtualization. Journal of Computers & Mathematics with Applications, Elsevier, 65(9): 1326-1338 (2013).

  14. Xinwen Zhang, Anugeetha Kunjithapatham, Sangoh Jeong, and Simon Gibbs. Towards an Elastic Application Model for Augmenting the Computing Capabilities of Mobile Devices with Cloud Computing. ACM/Springer Mobile Networks and Applications (MONET) Journal, Vol. 16, Num. 3, 270-284, 2011.

  15. Min Xu, Duminda Wijesekera, and Xinwen Zhang. Runtime Administration of RBAC Profile for XACML. IEEE Transactions on Services Computing (TSC),4(4): 286-299 (2011).

  16. Jing Jin, Gail-J. Ahn, Hongxin Hu, Michael Covington, and Xinwen Zhang. Patient-centric Authorization Framework for Electronic Healthcare Services. Elsevier Journal of Computers & Security 30(2-3): 116-127 (2011).

  17. Masoom Alam, Xinwen Zhang, Mohammad Nauman, Tamleek Ali, and Patrick C.K. Hung. Behavioral Attestation for Web Services Based Business Processes. Intl. Journal of Web Services Research (IJWSR) 7(3): 52-72 (2010).

  18. Ge Cheng, Hai Jin, Deqing Zou, and Xinwen Zhang. Building Dynamic and Transparent Integrity Measurement and Protection for Virtualized Platform in Cloud Computing. Journal of Concurrency and Computation: Practice and Experience, 22(13): 1893-1910 (2010).

  19. Qi Li, Xinwen Zhang, Mingwei Xu, and Jianping Wu. Towards Secure Dynamic Collaborations with Group-based RBAC Model. Elsevier Journal of Computers & Security (COSE), Vol. 28, Issue 5, July 2009: 260-275

  20. Xinwen Zhang, Masayuki Nakae, Michael J. Covington, and Ravi Sandhu. A Usage-based Authorization Framework for Collaborative Computing Systems. ACM Transactions on Information and System Security,(TISSEC), 11(1), 2008: 3:1-3:36.

  21. Zhixiong Zhang, Xinwen Zhang, and Ravi Sandhu. Towards a Scalable Role and Organization Based Access Control Model with Decentralized Security Administration. Book chapter: Handbook of Research on Social and Organizational Liabilities in Information Security, edited by M. Gupta and R. Sharman, published by IGI Global, ISBN: 978-1-60566-132-2. pp. 94-117, Nov. 2008.

  22. Ravi Sandhu, Xinwen Zhang, Kumar Ranganathan, and Michael J. Covington. Client-side Access Control Enforcement Using Trusted Computing and PEI Models. Journal of High Speed Network, Special issue on Managing Security Polices: Modeling, Verification and Configuration, 15(3): 229 - 245, 2006.

  23. Sejong Oh, Ravi Sandhu, and Xinwen Zhang. An Effective Role Administration Model Using Organization Structure. ACM Transactions on Information and System Security (TISSEC), 9(2): 113 - 137, May 2006.

  24. Xinwen Zhang, Songqing Chen, and Ravi Sandhu. Enhance Data Authenticity and Integrity in P2P Systems Using Trusted Computing. IEEE Internet Computing, Special Issue on Security for P2P/Ad Hoc Networks, 9(6): 42-49, 2005.

  25. Xinwen Zhang, Francesco Parisi-Presicce, Ravi Sandhu, and Jaehong Park. Formal Model and Policy Specification of Usage Control. ACM Transactions on Information and System Security (TISSEC), 8(4): 351�387, 2005.

  26. Yingjiu Li and Xinwen Zhang. Securing Credit Card Transactions with One-Time Payment Scheme. Journal of Electronic Commerce Research and Applications (ECRA), Elsevier, 4(4): 413-426, 2005.

Conference and Workshop Papers:

  1. Ruowen Wang, William Enck, Douglas Reeves, Xinwen Zhang, Peng Ning, Dingbang Xu, Wu Zhou, and Ahmed M. Azab. EASEAndroid: Automatic Policy Analysis and Refinement for Security Enhanced Android via Large-Scale Semi-Supervised Learning. In USENIX Security, 2015.

  2. Lei Xu, Xinwen Zhang, Xiaoxin Wu, Weidong Shi. ABSS: An Attribute-based Sanitizable Signature for Integrity of Outsourced Database with Public Cloud. In Proc. of ACM CODASPY 2015.

  3. Su Zhang, Xinwen Zhang, Assessing Attack Surface with Component-based Package Dependency, 9th International Conference on Network and System Security (NSS), 2015.

  4. Su Zhang, Xinwen Zhang, and Xinming Ou. After We Knew It: Empirical Study and Modeling of Cost-effectiveness of Exploiting Prevalent Known Vulnerabilities Across IaaS. In Proc. of the 9th ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2014.

  5. Qingji Zheng, Wei Zhu, Jiafeng Zhu, and Xinwen Zhang. Improved Anonymous Proxy Re-encryption with CCA Security. In Proc. of 9th ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2014.

  6. Qi Li, Yih-Chun Hu, and Xinwen Zhang. Even Rockets Cannot Make Pigs Fly Sustainably: Can BGP be Secured with BGPsec? In NDSS Workshop on Security of Emerging Networking Technologies (SENT), 2014.

  7. Ravishankar Ravindran, Xuan Liu, Asit Chakraborti, Xinwen Zhang, and Guoqing Wang. Towards Software Defined ICN based Edge-Cloud Services. In Proc. of IEEE CloudNet, 2013.

  8. Ruoyu Wu, Xinwen Zhang, Gail-Joon Ahn, Hadi Sharifi, and Haiyong Xie. ACaaS: Access Control as a Service for IaaS Cloud. In Proc. of the 5th ASE/IEEE International Conference on Information Privacy, Security, Risk and Trust (PASSAT), 2013. (Full version invited for Journal)

  9. Huijun Xiong, Qingji Zheng, Xinwen Zhang, and Danfeng Yao. CloudSafe: Securing Data Processing within Vulnerable Virtualization Environment in Cloud. In IEEE Conference on Communications and Network Security (IEEE-CNS), 2013.

  10. Wu Zhou, Xinwen Zhang, and Xuxian Jiang. AppInk: Watermarking Android Apps for Repackaging Deterrence. In Proc. of the 8th ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2013.

  11. Abedelaziz Mohaisen, Xinwen Zhang, Max Schuchard, Haiyong Xie, Yongdae Kim. Protecting Access Privacy of Cached Contents in Information Centric Networks. In Proc. of 8th ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2013.

  12. Ravishankar Ravindran, Trisha Biswas, Xinwen Zhang, Asit Chakraborti, and Guoqiang Wang. Information-centric Networking based Homenet. In Proc. of IFIP/IEEE International Workshop on Management of the Future Internet (ManFI), 2013 (co-located with IFIP/IEEE IM 2013).

  13. Ravishankar Ravindran, Guoqiang Wang, Xinwen Zhang, and Asit Chakraborti. Supporting Dual-Mode Forwarding in Content-Centric Network. In Proc. of the 6th IEEE International Conference on Advanced Networks and Telecommunication Systems (ANTS), 2012.

  14. Weidong Shi, Taeweon Suh, JongHyuk Lee, DongHyuk Woo, and Xinwen Zhang. Architectural Support of Multiple Hypervisors over Single Platform for Enhancing Cloud Computing Security. In Proc. of ACM International Conference on Computing Frontiers (CF'12), 2012.

  15. Lei Xu, Xiaoxin Wu, and Xinwen Zhang. CL-PRE: a Certificateless Proxy Re-Encryption Scheme for Secure Data Sharing with Public Cloud. In Proc. of the 7th ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2012.

  16. Ravishankar Ravindran, Samantha Lo, Xinwen Zhang, and Guoqiang Wang. Supporting Seamless Mobility in Named-Data Networking. In Proc. of the Fifth International Workshop on the Network of the Future (co-located with ICC'12), 2012.

  17. Yang Qin, Dijiang Huang, and Xinwen Zhang. VehiCloud: Cloud Computing Facilitating Routing In Vehicular Networks. In Proc. of the 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), 2012.

  18. Sokol Kosta, Andrius Aucinas, Pan Hui, Richard Mortier, and Xinwen Zhang. ThinkAir: Dynamic resource allocation and parallel execution in the cloud for mobile code offloading. In Proc. of IEEE INFOCOM 2012.

  19. Huijun Xiong, Xinwen Zhang, Danfeng Yao, Xiaoxin Wu, and Yonggang Wen. End-to-End Content Protection in Cloud-based Storage and Delivery Services. In Proc. of the Second ACM Conference on Data and Application Security and Privacy (CODASPY), 2012.

  20. Lei Liu, Xinwen Zhang, Guanhua Yan, and Songqing Chen. Chrome Extensions: Security Analysis and Countermeasures. In Proc. of the 19th Annual Network & Distributed System Security Symposium (NDSS), 2012.

  21. Katharine Chang, Xinwen Zhang, Guoqiang Wang, and Kang G. Shin. TGIS: Booting Trust for Secure Information Sharing in Mobile Group Collaborations. In Proc. of Third IEEE International Conference on Information Privacy, Security, Risk and Trust (PASSAT), 2011.

  22. Lei Liu, Xinwen Zhang, and Songqing Chen. Botnet with Browser Extensions. In Proc. of Third IEEE International Conference on Information Privacy, Security, Risk and Trust (PASSAT), 2011.

  23. Xinwen Zhang, Katharine Chang, Huijun Xiong, Guangyu Shi, Guoqiang Wang, Kathleen Nichols, and Yonggang Wen. Towards Name-based Trust and Security for Content-centric Network. In Second International Workshop on Security & Trust in the Future Internet (FIST'11), co-located with ICNP 2011.

  24. Huijun Xiong, Xinwen Zhang, Wei Zhu, and Danfeng Yao. CloudSeal: End-to-End Content Protection in Cloud-based Storage and Delivery Services. In the 7th International ICST Conference on Security and Privacy in Communication Network (SecureComm'11), 2011. (full version in CODASPY 2012)

  25. Yajin Zhou, Xinwen Zhang, Xuxian Jiang, and Vince Freeh. Taming Information-Stealing Smartphone Applications (on Android). In the 4th International Conference on Trust and Trustworthy Computing (TRUST), Pittsburgh, PA, June 2011.

  26. Masoom Alam, Xinwen Zhang, Kamran Khan, and Gohar Ali. xDAuth: A Scalable and Lightweight Framework for Cross Domain Access Control and Delegation. In 16th ACM Symposium on Access Control Models and Technologies (SACMAT), 2011.

  27. Qi Li, Mingwei Xu, Jianping Wu, Xinwen Zhang, Patrick P.C. Lee, and Ke Xu. Enhancing the Trust of Internet Routing with Lightweight Route Attestation. In Proc. of 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2011.

  28. Taeweon Suh, Jong Beom Lim, Dong Hyuk Woo, Weidong Shi, Xinwen Zhang, and Jong Hyuk Lee. PolyHype: Towards Poly-Hypervisor Platform for Cloud Computing. In Workshop on Micro Architectural Support for Virtualization, Data Center Computing, and Clouds, 2010. (in conjunction with MICRO 2010) (full version in CF 2012).

  29. Tamleek Ali, Mohammad Nauman, and Xinwen Zhang. On Leveraging Stochastic Models for Remote Attestation. In the 2nd International Conference on Trusted Systems (INTRUST), 2010.

  30. Xinwen Zhang, Jean-Pierre Seifert, and Onur Aciicmez. SEIP: Simple and Efficient Integrity Protection for Open Mobile Platforms. In the 12th International Conference on Information and Communications Security (ICICS), 2010. (Journal Version)

  31. Guofu Xiang, Hai Jin, Deqing Zou, and Xinwen Zhang. VMDriver: A Driver-based Monitoring Mechanism for Virtualization. In the 29th IEEE Symposium on Reliable Distributed Systems (SRDS), 2010.

  32. Wenjuan Xu, Gail-Joon Ahn, Hongxin Hu, Xinwen Zhang, and Jean-Pierre Seifert. DR@FT: Efficient Remote Attestation Framework for Dynamics Systems. In the 15th European Symposium on Research in Computer Security (ESORICS), 2010.

  33. Xinwen Zhang, Won Jeon, Simon Gibbs, and Anugeetha Kunjithapatham. Elastic HTML5: Workload Offloading using Cloud-based Web Workers and Storages for Mobile Devices. In International Workshop on Mobile Computing and Clouds (MobiCloud, in conjunction with MobiCASE), 2010.

  34. Masoom Alam, Xinwen Zhang, Tamleek Ali, and Patrick C.K. Hung. MAuth: A Fine-grained and User-Centric Permission Delegation Framework for Multi-Mashup Web Services. In IEEE World Congress on Services (SERVICES), 2010.

  35. Joshua Schiffman, Xinwen Zhang, and Simon Gibbs. DAuth: Fine-grained Authorization Delegation for Distributed Web Application Consumers. In IEEE International Symposium on Policies for Distributed Systems and Networks (POLICY), 2010.

  36. Lei Liu, Xinwen Zhang, Guanhua Yan, and Songqing Chen. sePlugin: Towards Transparently Secure Plugins in Your Internet Explorers. In International Conference on Applied Cryptography and Network Security (ACNS), 2010.

  37. Xinwen Zhang, Sangoh Jeong, Simon Gibbs, and Anugeetha Kunjithapatham. Towards an Elastic Application Model for Augmenting Computing Capabilities of Mobile Platforms. In the 3rd International ICST Conference on Mobile Wireless Middleware, Operating Systems, and Applications (MOBILWARE), 2010. (Best Paper Award) (Journal Version)

  38. Dijiang Huang, Xinwen Zhang, Myong Kang, and Jim Luo. MobiCloud: Building Secure Mobile Cloud Framework for Mobile Computing and Communication. In the 5th IEEE International Symposium on Service-Oriented System Engineering (SOSE), 2010.

  39. Mohammad Nauman, Sohail Khan, Xinwen Zhang, and Jean-Pierre Seifert. Beyond Kernel-level Integrity Measurement: Enabling Remote Attestation for the Android Platform. In the 3rd International Conference on Trust and Trustworthy Computing (TRUST), 2010.

  40. Liang Xie, Xinwen Zhang, Jean-Pierre Seifert, and Sencun Zhu. pBMDS: A Behavior-based Malware Detection System for Cellphone Devices . In ACM Conference on Wireless Network Security (WiSec), March 22-24, 2010, Hoboken, NJ, USA. (Best Paper Nominated)

  41. Mohammad Nauman, Sohail Khan, Masoom Alam, and Xinwen Zhang. Apex: Extending Android Permission Model and Enforcement with User-defined Runtime Constraints (short paper, Full Version). In ACM Symposium on Information, Computer and Communications Security (ASIACCS), April 13-16, 2010, Beijing, China.

  42. Simon Gibbs, Anugeetha Kunjithapatham, Sangoh Jeong, and Xinwen Zhang. Enabling Elastic Mobile Devices via Cloud Computing. In Samsung Tech. Conference, 2009. (Best Paper Award)

  43. Xinwen Zhang, Joshua Schiffman, Simon Gibbs, Anugeetha Kunjithapa, and Sangoh Jeong. Securing Elastic Applications on Mobile Devices for Cloud Computing. In the 1st ACM Cloud Computing Security Workshop (CCSW), Chicago, IL, USA, 13 November 2009.

  44. Basel Katt, Xinwen Zhang, and Michael Hafner. Building Stateful Reference Monitor with Colored Petri Nets. In the 5th International Conference on Collaborative Computing (CollaborateCom), Crystal City, Washington D.C., USA, November 11-14, 2009.

  45. Basel Katt, Xinwen Zhang, and Michael Hafner. A Usage Control Policy Specification with Petri Nets. In CollaborateCom Workshop on Trusted Collaboration (TrustCol), Crystal City, Washington DC, USA, 2009.

  46. Lie Liu, Xinwen Zhang, Guanhua Yan, and Songqing Chen. Exploitation and Threat Analysis of Open Mobile Devices. In ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS), Princeton, New Jersey, USA, October 19-20, 2009.

  47. Basel Katt, Xinwen Zhang, and Michael Hafner. Towards a Usage Control Policy Specification with Petri Nets. In the International Symposium on Information Security (IS'09), Vilamoura, Algarve-Portugal, Nov 02 - 03, 2009.

  48. Ge Cheng, Hai Jin, Deqing Zou, Xinwen Zhang, Min Li, Chen Yu, and Guofu Xiang. Building Dynamic Integrity Protection for Multiple Independent Authorities in Virtualization-based Infrastructure. In the 10th IEEE/ACM International Conference on Grid Computing (Grid'09), Banff, Alberta, Canada, October 13 - 15, 2009.

  49. Lei Liu, Guanhua Yan, Xinwen Zhang, and Songqing Chen. VirusMeter: Preventing Your Cellphone from Spies. In the 12th International Symposium On Recent Advances In Intrusion Detection (RAID'09), Saint-Malo, Brittany, France, September 23-25, 2009.

  50. Liang Xie, Xinwen Zhang, Ashwin Chaugule, Trent Jaeger, and Sencun Zhu. Designing System-level Defenses against Cellphone Malware. In the 28th International Symposium on Reliable Distributed Systems (SRDS'09), Niagara Falls, New York, USA; September 27-30, 2009.

  51. Min Xu, Duminda Wijesekera, Xinwen Zhang, and Deshan Cooray. Towards Session-aware RBAC Administration and Enforcement with XACML. In IEEE International Symposium on Policies for Distributed Systems and Networks (POLICY), Imperial College London, UK, 20-22 July 2009.

  52. Masoom Alam, Mohammad Nauman, Xinwen Zhang, Tamleek Ali, and Patrick C.K. Hung. Behavioral Attestation for Business Processes (BA4BP). In the 7th IEEE International Conference on Web Services (ICWS), Los Angeles, CA, USA, July 6-10, 2009.

  53. Xinwen Zhang, Onur Aciicmez, and Jean-Pierre Seifert. Building Efficient Integrity Measurement and Attestation for Mobile Phone Platforms. In the First International Conference on Security and Privacy in Mobile Information and Communication Systems (MobiSec), 2009.

  54. Wenjuan Xu, Xinwen Zhang, and Gail-Joon Ahn. Towards System Integrity Protection with Graph-Based Policy Analysis. In the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec'09), Montreal, Canada, July 12-15, 2009.

  55. Jing Jin, Hongxin Hu, Gail-Joon Ahn, Michael J. Covington, and Xinwen Zhang. Patient-centric Authorization Framework for Sharing Electronic Health Records. In the 14th ACM Symposium on Access Control Models and Technologies (SACMAT), Stresa, Italy, 2009.

  56. Mohammad Nauman, Masoom Alam, Xinwen Zhang, and Tamleek Ali. Remote Attestation of Attribute Updates and Information Flows in a UCON System. In the 2nd International Conference on Trusted Computing (TRUST), Oxford, UK, 2009: 63-80

  57. Onur Aciicmez, Jean-Pierre Seifert, and Xinwen Zhang. A Secure DVB Set-top Box via Trusting Computing Technologies. In IEEE Consumer Communications and Networking Conference (CCNC), 2009.

  58. Jing Jin, Gail-Joon Ahn, Michael J. Covington, and Xinwen Zhang. Toward an Access Control Model for Sharing Composite Electronic Health Records. In the 4th International Conference on Collaborative Computing (CollaborateCom), Orlando, FL, USA, November 13-16, 2008.

  59. Qi Li, Xinwen Zhang, Jean-Pierre Seifert, and Hulin Zhong. Secure Mobile Payment via Trusted Computing. In the 3rd Asia-Pacific Trusted Infrastructure Technology Conference (APTC), IEEE, 2008: 98-112

  60. Masoom Alam and Xinwen Zhang. Behavioral Attestation for Web Services. In ACM CCS Workshop on Secure Web Services (SWS), Fairfax, Virginia, USA, 2008: 21-28.

  61. Xinwen Zhang, Jean-Pierre Seifert, and Ravi Sandhu. Trusted Policy Enforcement for Distributed Usage Control. In IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC), Taichung, Taiwan, 2008: 10 - 18.

  62. Gail-J Ahn, Wenjuan Xu, and Xinwen Zhang. Systematic Policy Analysis for High-assurance Services in SELinux. In the 9th IEEE Workshop on Policies for Distributed Systems and Networks (POLICY), Palisades, NY, USA, 2008: 3-10.

  63. Masoom Alam, Xinwen Zhang, and Jean-Pierre Seifert. Model-based Behavioral Attestation. In the 13th ACM Symposium on Access Control Models and Technologies (SACMAT), Estes Park, Colorado, USA, 2008: 175-184.

  64. Basel Katt, Xinwen Zhang, Ruth Breu, Michael Hafner, and Jean-Pierre Seifert. A General Obligation Model and Continuity-Enhanced Policy Enforcement Engine for Usage Control. In the 13th ACM Symposium on Access Control Models and Technologies (SACMAT), Estes Park, Colorado, USA, 2008: 123-132.

  65. Qi Li, Mingwei Xu, and Xinwen Zhang. Towards a Group-based RBAC Model and Decentralized User-Role Administration. In the 2nd IEEE International Workshop on Cooperative Distributed Systems (CDS'08, in conjunction with ICDCS'08), Beijing, China, 2008: 441 - 446.

  66. Qi Li, Mingwei Xu, and Xinwen Zhang. Access Control in Group Communication Systems. In IEEE Symposium on Computers and Communications (ISCC'08), Marrakech, Morocco, July 6 - 9, 2008: 380 - 385.

  67. Masoom Alam, Qi Li, Jean-Pierre Seifert, and Xinwen Zhang. Usage Control Platformalization via Trustworthy SELinux (short paper). In the Proceedings of ACM Symposium on Information, Computer, and Communication Security (ASIACCS), Tokyo, Japan, March 18-20, 2008: 245-248.

  68. Xinwen Zhang, Dongyu Liu, Songqing Chen, Zhao Zhang, and Ravi Sandhu. Towards Digital Rights Protection in BitTorrent-like P2P Systems. In the 15th SPIE/ACM Multimedia Computing and Networking (MMCN), San Jose, CA USA, January 30-31, 2008.

  69. Onur Aciicmez, Latifi Afshin, Jean-Pierre Seifert, and Xinwen Zhang. A Trusted Mobile Phone Prototype. In the 5th IEEE Consumer Communications and Networking Conference (CCNC), Las Vegas, Nevada, USA, Jan. 10-12, 2008: 1208-1209.

  70. Xinwen Zhang, Qi Li, Jean-Pierre Seifert, and Mingwei Xu. Flexible Authorization with Decentralized Access Control Model for Grid Computing. In the 10th IEEE High Assurance Systems Engineering Symposium (HASE), Dallas, Texas, Nov 14-16, 2007: 156-165.

  71. Masoom Alam, Xinwen Zhang, and Jean-Pierre Seifert. A Model-Driven Framework for Trusted Computing based Systems. In the 11th IEEE Enterprise Distributed Object Computing Conference (EDOC), Annapolis, MD, USA, Oct. 15-19, 2007: 75-86.

  72. Berthold Agreiter, Masoom Alam, Ruth Breu, Michael Hafner, Alex Pretschner, Jean-Pierre Seifert, and Xinwen Zhang. A Technical Architecture for Enforcing Usage Control Requirements in Service-Oriented Architectures. In ACM CCS Workshop on Secure Web Services (SWS), 2007: 18-25. (in conjunction with CCS'07)

  73. Xinwen Zhang, Onur Aciicmez, and Jean-Pierre Seifert. Architecturing Trusted Mobile Platforms via Secure Kernel. In ACM CCS Workshop on Scalable Trusted Computing (STC), 2007: 7-14. (in conjunction with CCS'07)

  74. Berthold Agreiter, Masoom Alam, Michael Hafner, Jean-Pierre Seifert, and Xinwen Zhang. Model Driven Configuration of Secure Operating Systems for Mobile Applications in Healthcare. In ACM Workshop on Model-Based Trustworthy Health Information Systems, 2007. (in conjunction with ACM MODELS'07)

  75. Min Xu, Xuxian Jiang, Ravi Sandhu, and Xinwen Zhang. Towards a VMM-based Usage Control Framework for OS Kernel Integrity Protection. In the Proceedings of 12th ACM symposium on access control models and technologies (SACMAT), Sophia, France, June 20-22, 2007: 71-80.

  76. Baoxian Zhao, Ravi Sandhu, and Xinwen Zhang. Towards A Times-Based Usage Control Model. In the 21st Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Redondo Beach, CA, USA, July 8-11, 2007: 227-242.

  77. Xinwen Zhang, Songqing Chen, Michael J. Covington, and Ravi Sandhu. SecureBus: Towards Transparent Application-level Trusted Computing with Mandatory Access Control. In the Proceedings of ACM Symposium on Information, Computer, and Communication Security (ASIACCS), Singapore, 2007: 117-126.

  78. Songqing Chen, Xinyuan Wang, Lei Liu, Xinwen Zhang, and Zhao Zhang. WormTerminator: An Effective Containment of Unknown and Polymorphic Fast Spreading Worms. In the proceedings of ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS), San Jose, California, USA, December 3-5, 2006: 173-182.

  79. Zhixiong Zhang, Xinwen Zhang, and Ravi Sandhu. ROBAC: Scalable Role and Organization Based Access Control Models. In the Proceedings of Workshop on Trusted Collaboration (TrustCol), Atlanta, Georgia, USA, November 17, 2006.

  80. Qi Li, Xinwen Zhang, Sihan Qing, and Mingwei Xu. Supporting Ad-hoc Collaboration with Group-based RBAC Model. In the Proceedings of the 2nd International Conference on Collaborative Computing (CollaborateCom), Atlanta, Georgia, USA, November 17-20, 2006.

  81. Xinwen Zhang, Francesco Parisi-Presicce, and Ravi Sandhu. Towards Remote Security Enforcement for Runtime Protection of Mobile Code Using Trusted Computing. In the Proceedings of the 1st International Workshop on Security (IWSEC), LNCS 4266, Kyoto, Japan, 2006: 179-195.

  82. Xinwen Zhang, Masayuki Nakae, Michael J. Covington, and Ravi Sandhu. A Usage-based Authorization Framework for Collaborative Computing Systems. In the Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT), Lake Tahoe, California, USA, June 7-9, 2006: 180-189.

  83. Ravi Sandhu, Kumar Ranganathan, and Xinwen Zhang. Secure Information Sharing Enabled by Trusted Computing and PEI Models. In the Proceedings of ACM Symposium on Information, Computer, and Communication Security (ASIACCS), Taipei, Taiwan, 2006: 2-12. (invited talk)

  84. Xinwen Zhang, Ravi Sandhu, and Francesco Parisi-Presicce. Safety Analysis of Usage Control Authorization Models. In the Proceedings of ACM Symposium on Information, Computer, and Communication Security (ASIACCS), Taipei, Taiwan, 2006: 243 - 254.

  85. Masayuki Nakae, Xinwen Zhang, and Ravi Sandhu. A General Design Towards Secure Ad-Hoc Collaboration. In the Proceedings of ACM Symposium on Information, Computer, and Communication Security (ASIACCS), Taipei, Taiwan, 2006: 358 - 358. (short paper)

  86. Ravi Sandhu and Xinwen Zhang. Peer-to-Peer Access Control Architecture Using Trusted Computing Technology. In the 10th ACM Symposium on Access Control Models and Technologies (SACMAT), Stockholm, Sweden, June 1-3, 2005: 147-158.

  87. Xinwen Zhang, Yingjiu Li, and Divya Nalla. An Attribute-Based Access Matrix Model (Full Version). In the 20th ACM Symposium on Applied Computing (SAC), Track on Computer Security, Santa Fe, New Mexico, USA, March 13-17, 2005: 359-363.

  88. Jaehong Park, Xinwen Zhang, and Ravi Sandhu. Attribute Mutability in Usage Control. In Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Sitges, Catalonia, Spain, July 25-28, 2004: 15-29.

  89. Xinwen Zhang, Jaehong Park, Francesco Parisi-Presicce, and Ravi Sandhu. A Logical Specification for Usage Control. In the 9th ACM Symposium on Access Control Models and Technologies (SACMAT), New York, June 2-4, 2004: 1-10.

  90. Yingjiu Li and Xinwen Zhang. A Security-Enhanced One-Time Payment Scheme for Credit Card. In the 14th International Workshop on Research Issues on Data Engineering (RIDE), Boston, USA (in conjunction with ICDE'04), March 28-29, 2004: 40-47.

  91. Xinwen Zhang, Jaehong Park, and Ravi Sandhu. Schema based XML Security: RBAC Approach. In the 17th IFIP 11.3 Working Conference on Data and Application Security, Estes Park, Colorado, U.S.A. August 4-6, 2003: 330-343.

  92. Xinwen Zhang, Sejong Oh, and Ravi Sandhu. PBDM: A Flexible Delegation Model in RBAC. In the 8th ACM Symposium on Access Control Models and Technologies (SACMAT), Como, Italy, June 2-3, 2003: 149-157.

Posters and Demos:

  1. Trisha Biswas, Asit Chakraborti, Ravishankar Ravindran, Xinwen Zhang, and Guoqiang Wang. Contextualized Information-Centric Home Network. Demo In ACM SIGCOMM 2013.

  2. Abedelaziz Mohaisen, Xinwen Zhang, Max Schuchard, Haiyong Xie, and Yongdae Kim. POSTER: Protecting Access Privacy of Cached Contents in Information Centric Networks. in ACM Conference on Computer and Communication Security (CCS), 2012.

  3. Xinwen Zhang et al. Name-based service publishing and discovery in content-centric network (Demo). Emerging Networks Consortium (ENC) at PARC, Spring Summit, 2012.

  4. Xiaoxin Wu, Lei Xu, and Xinwen Zhang. A Certificateless Proxy Re-Encryption Scheme for Cloud-based Data Sharing (Poster). In ACM Conference on Computer and Communication Security (CCS), 2011.

  5. Xinwen Zhang et al. Secure Mobile Virtual Group (Demo). CCNx Community Meeting (CCNxCon), 2011.

  6. Xinwen Zhang et al. Name-based trust and security for information-centric network (Demo). CCNx Community Meeting (CCNxCon), 2011.

  7. Wenjuan Xu, Gail-joon ahn, Hongxin Hu, Xinwen Zhang, and Jean-Pierre Seifert. Building Dynamic Remote Attestation Framework (Poster). In ACM Conference on Computer and Communications Security (CCS), 2009.

  8. Simon Gibbs, Anugeetha Kunjithapatham, Sangoh Jeong, and Xinwen Zhang. Enabling Elastic Mobile Devices via Cloud Computing (Demo). In IEEE Consumer Communications and Networking Conference (CCNC), 2010.

Technical Reports:

  1. Qingji Zheng and Xinwen Zhang. Multiparty Cloud Computation. arXiv:1206.371.

  2. Sokol Kosta, Andrius Aucinas, Pan Hui, Richard Mortier, and Xinwen Zhang. Unleashing the Power of Mobile Cloud Computing using ThinkAir. arXiv:1105.3232.

IETF Drafts:

  1. Xinwen Zhang, Ravishankar Ravindran, Haiyong Xie, and Guoqiang Wang. PID: A Generic Naming Schema for Information-centric Network.