Cynthia E. Irvine Department of Computer Science Naval Postgraduate School

Cynthia E. Irvine
Department of Computer Science
Naval Postgraduate School
1411 Cunningham Rd., GE-211
Code CS/Ic
Monterey, CA 93943
[email protected]
(831) 656 2461
http://
Research Interests
Computer and network security: high assurance systems, multilevel security, security
architectures, system integrity, adaptive security services, and information assurance education. I
have been involved in the development of architectures to enforce security policies since 1987. A
theme in my research is the usability of high assurance systems through the synergistic
combination of high assurance security policy enforcement mechanisms with commodity
functional mechanisms.
Education
January 1975
Case Western Reserve University
Ph.D. in Astronomy
Advisor: William P. Bidelman
NDEA Fellowship
Cleveland, OH
June 1970
Rice University
B.A. Physics
Houston, TX
Academic and Research Positions
1994 –
Naval Postgraduate School
Monterey, CA
Professor of Computer Science, 2003 –
Associate Professor of Computer Science, 2001 – 2003
Director, Cebrowski Institute for Information Superiority and Innovation, 2001 – 2003
Director, Center for Information Systems Security Studies and Research, 1996 –
Assistant Professor of Computer Science, 1994 – 2001
Instructor, Department of Computer Science, 1994.
1987 – 1994
Gemini Computers
Engineering staff
Cynthia E. Irvine
Monterey, CA
1
March 2009
1982 – 1983
Monterey Peninsula College
Astronomy Instructor
Monterey, CA.
1975 – 1981
Naval Postgraduate School
Adjunct Research Instructor, Computer Science Group, 1978 – 1981
Research Staff, Computer Science Group, 1975 – 1978
Monterey, CA
1973 – 1974
Department of Astronomy, Case Western Reserve University
Research Assistant
Cleveland, OH
1971 – 1986
Monterey Institute for Research in Astronomy
Member and Research Astronomer, 1971-1986
President, 1982-1986
Monterey, CA
1969 – 1970
Space Science Department, Rice University
Volunteer Research Assistant
Houston, TX
1967 – 1969
Bubble Chamber Group, Physics Department, SUNY Stony Brook
Junior Programmer (summers)
Cynthia E. Irvine
2
Stony Brook, NY.
March 2009
Research Activities
Books
1. Helen Armstrong and Cynthia Irvine (eds.) Security Education and Critical Infrastructures,
Kluwer Academic Publishers, Norwell, MA, 2003.
Book Chapters (Refereed)
1. Levin, T. E., Irvine, C. E., and Nguyen, T. D., “Least Privilege in Separation Kernels,” in EBusiness and Telecommunication Networks, J. Filipe and M. S. Obaidat, eds., Vol. 9,
Communications in Computer and Information Science, Springer-Verlag, 2008.
2. Levin, Timothy E., Irvine, Cynthia E., and Spyropoulou, Evdoxia, “Quality of Security Service:
Adaptive Security,” Handbook of Information Security, Volume 3, ed. H. Bidgoli, John Wiley
and Sons, Hoboken, NJ, pp. 1016-1025, 2006.
3. Irvine, Cynthia E., “Security Policy Enforcement,” Handbook of Information Security, Volume 3,
ed. H. Bidgoli, John Wiley and Sons, Hoboken, NJ, pp 1026-1040, 2006.
4. Irvine, Cynthia E., “Cybersecurity Considerations for Information Systems,” Handbook of Public
Information Systems, 2nd edition, ed. D. Garson, Marcel Dekker, Inc, New York, NY, 2005, pp.
203-218.
5. Rasmussen, Craig, Irvine, Cynthia E., Dinolt, George W., Levin, Timothy, and Burke, Karen L.,
“A Program for Education in Certification and Accreditation,” Security Education and Critical
Infrastructures, ed. C. Irvine and H. Armstrong, Kluwer Academic Publishers, Norwell, MA, pp
131-149, 2003.
6. Irvine, Cynthia E. and Levin, Timothy, “A Cautionary Note Regarding the Data Integrity
Capacity of Certain Secure Systems”, Integrity, Internal Control and Security in Information
Systems, ed. M. Gertz, E. Guldentops, L. Strous, Kluwer Academic Publishers, Norwell, MA, pp
3-25, 2002.
7. Irvine, Cynthia E., “Security Issues for Automated Information Systems,” Handbook of Public
Information Systems, ed. D. Garson, Marcel Dekker, Inc., New York, NY, pp.231-245, 2000.
8. Irvine, Cynthia E., “Astronomy and Astrophysics,” Academic American Encyclopedia, ed. S. J.
Foderaro, Arete Publishing Co., Princeton, NJ, Vol 2, p. 281, 1980.
9. Irvine, Cynthia E., “Astronomical Maps and Catalogs,” Academic American Encyclopedia, ed. S.
J. Foderaro, Arete Publishing Co., Princeton, NJ, Vol 2, p. 276, 1980.
10. Irvine, Cynthia E., “Faint Object Detection,” Academic American Encyclopedia, ed. S. J.
Foderaro, Arete Publishing Co., Princeton, NJ, Vol 8, p. 8, 1980.
11. Irvine, Cynthia E., “Infrared Astronomy,” Academic American Encyclopedia, ed. S. J. Foderaro,
Arete Publishing Co., Princeton, NJ, Vol 11, p. 175, 1980.
12. Irvine, Cynthia E., “Astronomical Photometry,” Academic American Encyclopedia, ed. S. J.
Foderaro, Arete Publishing Co., Princeton, NJ, Vol 15, p. 274, 1980.
Cynthia E. Irvine
3
March 2009
13. Irvine, Cynthia E., “X-ray Galaxies,” Academic American Encyclopedia, ed. S. J. Foderaro, Arete
Publishing Co., Princeton, NJ, Vol 20, p. 309, 1980.
Refereed Journal Papers/Cases
1. T. Levin, J. Dwoskin, G. Bhaskara, T. Nguyen, P. Clark, R. Lee, C. Irvine, and T. Benzel,
“Securing the dissemination of emergency response data with an integrated hardware-software
architecture,” in International conference on the technical and socio-economic aspects of trusted
computing (TRUST), Lecture Notes in Computer Science, University of Oxford, Springer, April
2009 to appear.
2. Huffmire, T., Brotherton, B., Sherwood, T., Kastner, R., Levin, T., Nguyen, T., and Irvine, C.,
“Managing Security in the Design of FPGA Based Embedded systems,” IEEE Design and Test of
Computers, Vol. 25, No. 6, pp. 590-598.
3. Cone, Benjamin D., Irvine, Cynthia E., Thompson, Micahel F., and Nguyen, Thuy D., “A video
game for cyber security training and awareness,” Computers and Security, Vol. 26, No. 1, pp. 6372, 2007.
4. Irvine, Cynthia and Thompson, Michael, “CyberCIEGE: The Information Assurance Training
and Awareness Video Game,” IA Newsletter, Vol. 10, No. 2, Summer 2007.
5. Irvine, Cynthia E., Thompson, Michael F., and Allen, Ken, "CyberCIEGE: Gaming for
Information Assurance, IEEE Security and Privacy, Vol. 3, No. 2, 2005, pp. 64-67.
6. Dodge, Catherine, Irvine, Cynthia E., Nguyen, Thuy D., “A Study of Initialization in Linux and
OpenBSD,” Operating Systems Review, Vol. 39, No 2, pp. 79-93.
7. Irvine, Cynthia E. and Levin, Timothy E., “A Doctoral Program with Specialization in
Information Security: A High Assurance Constructive Security Approach,” Information Security
Management, Education and Privacy, ed. Deswarte, Cuppens, Jajodia, and Wang, Kluwer
Academic Publishers, Norwell, MA, pp. 173-180, 2004.
8. Anderson, Emory A., Irvine, Cynthia E., and Schell, Roger R., “Subversion as a Threat in
Information Warfare,” Journal of Information Warfare, Vol. 3, No. 2, pp 52-65.
9. Irvine, Cynthia E., “Teaching Constructive Security”, IEEE Security and Privacy, Vol. 1, No. 6,
2003, pp 59-61.
10. Burke, Karen L, Craig W. Rasmussen, Craig W., Irvine, Cynthia E, Dinolt, George W., Levin,
Timothy E., “Certification and Accreditation,: A Program for Practitioner Education,” Journal of
Information Warfare, Vol. 2, No. 3, 2003, pp. 25-37.
11. Irvine, Cynthia E., Levin, Timothy, Wilson, Jeffrey D., Shifflett, David, and Pereira, Barbara,
“An Approach to Security Requirements Engineering for a High Assurance System,”
Requirements Engineering, Vol. 7, No. 4, 2002, pp. 192-208.
12. Irvine, Cynthia E., “The Reference Monitor Concept as a Unifying Principle in Computer
Security Education,” Bezopasnost Information Technology, Moscow, No 4, 1999, pp. 31-36.
13. Irvine, Cynthia E., “Amplifying Security Education in the Laboratory,” Bezopasnost Information
Technology, Moscow, No 4, 1999, pp.36-40.
Cynthia E. Irvine
4
March 2009
14. Irvine, Cynthia E., Chin, Shu-Kai, and Frinke, Deborah, “Integrating Security into the
Curriculum”, IEEE Computer, Vol 31, No 12, 1998, pp.25-30.
15. Irvine, Cynthia E., “Computer Security Education Challenges,” IEEE Software, Vol 14, No. 5,
September 1997, pp.110-111.
16. Volpano, Dennis, and Irvine, Cynthia E., “Secure Flow Typing,” Computers and Security, Vol
16, No.2, 1997, pp.137-144.
17. Volpano, Dennis., Smith, Geoff. and Irvine, Cynthia E., “A Sound Type System for Secure Flow
Analysis,” Journal of Computer Security, Vol 4, No. 3, 1996, pp. 1-21.
18. Irvine, Nelson J., and Irvine, Cynthia E., “Suspected Variability and Line Emission in Early-Type
Stars,” Publ. Astron. Soc. Pacific, 91, 105, 1979.
19. Irvine, Nelson J., and Irvine, Cynthia E.,” A New Optical Supernova Remnant in Centaurus,”
Astrophys, Journal Letters, 192, L111, 1974.
20. Irvine, Cynthia E., and Irvine, Nelson J.,”He II Line Profile Variations in the Wolf-Rayet Start
EZ CMa,” Publ. Astron. Soc. Pacific, 85, 506, 1973.
Non-Refereed Journal Papers/Cases
1. Irvine, Cynthia E., “Security: Where Testing Fails,” ITEA Journal, June 2000, pp.53-57.
2. Irvine, Cynthia E., “The First ACM Workshop on Education Computer Security,” ACM SIGSAC
Review, Vol. 15, No. 2, pp.3-5, 1997.
3. Irvine, Cynthia E., “V1302 Aquilae (IRC +10420),” I.A.U. Circ., No. 4286, 1986.
4. Irvine, Cynthia E., “Optical and Near Infrared Changes in IRC +10420,” Bull. Amer. Astron. Soc.,
18, 961, 1986.
5. Bidelman, William P., and Irvine, Cynthia E., “On the Identification of an Unidentified Feature in
CS Stars,” Bul. Amer. Astron. Soc., 6, 365, 1974.
6. Irvine, Cynthia E., and Titter, John C., Exposure Eliminator--A Serendipitous Discovery, The
Observatory, No. 1000, 1974.
Demonstrations
1. Cynthia E. Irvine and David Shifflett, “High Assurance Multilevel Secure LAN”, system
demonstration Navy MSL/MLS Workshop, Norfolk, VA, May 2001.
2. Irvine, Cynthia E., Levin, Timothy, and Spyropoulou, Evdoxia, “Security Costing
Demonstration,” system demonstration at DARPA Quorum Program Principal Investigator
Meeting, Seattle, WA, May 2000.
Refereed Conference Accepted Papers/Published Papers
1. Irvine, C. E., Levin, T. E., Clark, P. C., and Nguyen, T. D., “A Security Architecture for
Transient Trust,” Computer Security Architecture Workshop, Fairfax, VA, October 2008.
Cynthia E. Irvine
5
March 2009
2. Shaffer, A., Auguston, M., Irvine, C. and Levin, T. “A Security Domain Model for Implementing
Trusted Subject Behaviors,” in Proceedings of the Modeling Security Workshop, Toulouse,
France, September 2008.
3. Ted Huffmire, Jonathan Valamehr, Timothy Sherwood, Ryan Kastner, Timothy Levin, Thuy D.
Nguyen, and Cynthia Irvine, “Trustworthy System Security through 3-D Integrated Hardware,”
Proceedings of the 2008 IEEE International Workshop on Hardware-Oriented Security and Trust
(HOST-2008), Anaheim, CA, June 2008.
4. Nguyen, T. D., and Irvine, C. E., “Use of Evaluation Criteria in Security Education,” in Proc. of
the Third International Conference on i-Warfare and Security, (Omaha, NB), April 2008, pp.
285-292.
5. Ong, K. L., Nguyen, T. D., and Irvine, C. E., “Implementation of a Multilevel Wiki for CrossDomain Collaboration,” in Proc of the Third International Conference on i-Warfare and Security,
(Omaha, NB), April 2008, pp. 293- 304.
6. Orwat, M., Levin, T. and C. Irvine, “An Ontological Approach to Secure MANET Management,”
in Proc. of the Third International Conference on Availability, Security, and Reliability,
(Barcelona, Spain), pp. 787-794, Mar. 2008.
7. DeLong, R., Nguyen, T. D., Irvine, C. E., and Levin, T. E., “Toward a Medium-Robustness
Separation Kernel Protection Profile,” Annual Computer Security Applications Conference,
Miami Beach, FL, December 2007, pp 40-51.
8. Levin, Timothy E., Irvine, Cynthia E., Weissman, Clark, and Nguyen, Thuy D., “Analysis of
Three Multilevel Security Architectures,” Computer Security Architecture Workshop, Fairfax,
VA, November 2007, pp. 37-46.
9. Shaffer, A., Auguston, M., Irvine, C. and Levin, T. “Toward a Security Domain Model for Static
Analysis and Verification of Information Systems.” Proceedings of the 7th OOPSLA Workshop
on Domain-Specific Modeling (DSM '07). Montreal, Canada. October 2007. pp. 160- 71.
10. Chiang, Ken, Nguyen, Thuy D., and Irvine, Cynthia E., “A Linux Implementation of Temporal
Access Controls,” Proceedings 8th IEEE Systems, Man, and Cybernetics Information Assurance
Workshop, West Point, NY, June 2007, pp. 309-316. This work was given the award of Best
Paper at the conference.
11. Irvine, Cynthia E. and Levitt, Karl, “Trusted Hardware: Can it Be Trustworthy?,” Proc. Design
Automation Conference, San Diego, CA, June 2007, pp 1-4.
12. Huffmire, Ted, Brotherton, Brett, Wang, Gang, Sherwood, Tim, Kastner, Ryan, Levin, Timothy
Nguyen, Thuy, and Irvine, Cynthia. “Moats and Drawbridges: An Isolation Primitive for
Reconfigurable Hardware Based Systems,” Proc. IEEE Symposium on Security and Privacy, May
2007, Oakland, CA. pp. 281-295.
13. Cullum, J., Irvine, C. E., Levin, T. E., “Performance Impact of Connectivity Restrictions and
Increased Vulnerability Presence on Automated Attack Graph Generation”, ICIW 2007 2nd
International Conference on i- Warfare and Security, Monterey, CA, March 2007, pp. 33-46
14. Levin, Timothy E., Irvine, Cynthia E., and Nguyen, Thuy, D., Least Privilege in Separation
Kernels, Proceedings International Conference on Security and Cryptography, Setubal, Portugal,
August 2006, pp. 355-362.
Cynthia E. Irvine
6
March 2009
15. Vernon, Richard C., Irvine, Cynthia E., and Levin, Timothy E., “Toward a Boot Odometer”,
Proceedings from the 7th IEEE Systems, Man and Cybernetics Information Assurance Workshop,
West Point, NY, June 2006.
16. Nguyen, T. D. and Irvine, C. E., “Utilizing the Common Criteria for Advanced Student Research
Projects,” 2006, in IFIP International Federation for Information Processing, Volume 201,
Security and Privacy in Dynamic Environments, eds. Fischer-Hubner, S., Rannenberg, K.,
Yngstrom, L., Lindskog, S., (Boston: Springer), pp. 317-328.
17. Cone, B. D., Thompson, M. F., Irvine, C. E. and Nguyen, T. D., “Cyber Security Training and
Awareness Through Game Play,” 2006, in IFIP International Federation for Information
Processing, Volume 201, Security and Privacy in Dynamic Environments, eds. Fischer-Hubner,
S., Rannenberg, K., Yngstrom, L., Lindskog, S., (Boston: Springer), pp. 431-436.
18. Irvine, Cynthia E., “What Might We Mean by 'Secure Code' and How Might We Teach What We
Mean?”, Proceedings Workshop on Secure Software Engineering Education and Training, Oaho,
HI, April 2006.
19. Nguyen, Thuy D., Levin, Timothy E., and Irvine, Cynthia E., “High Robustness Requirements in
a Common Criteria Protection Profile,” Proceedings of the 4th IEEE International Information
Assurance Workshop, Royal Holloway, UK, April 2006, pp. 66-75.
20. Barwinski, Mark, Irvine, Cynthia E., and Levin, Timothy E., “Empirical Study of Drive-ByDownload Spyware,” Proceedings of the International Conference on i-Warfare and Security,
Princess Anne, MD, March 2006, pp. 1-12.
21. Nguyen, Thuy D., Irvine, Cynthia E., and Kane, Douglas R., “Using Common Criteria
Methodology to Express Informal Security Requirements”, Proc. International Symposium on
Secure Software Engineering, Arlington, VA, March 2006, pp. 75-85.
22. Afinidad, Francis, Levin, Timothy, Irvine, Cynthia E., and Nguyen, Thuy D., “A Model for
Temporal Interval Authorizations,” Hawaii International Conference on System Sciences,
Software Technology Track, Information Security Education and Foundational Research, Kauai,
Hawaii, January 2006, p. 218.
23. Afinidad, Francis, Levin, Timothy, Irvine, Cynthia E., and Nguyen, Thuy D., “Foundation for a
Time Interval Access Control Model”, Mathematical Methods, Models, and Architectures for
Computer Networks Security, MMM-ACNS 2005, St. Petersburg, Russia, September 24-28, 2005,
Proceedings, Lecture Notes in Computer Science, ed. Vladimir Gorodetsky, Igor Kotenko, and
Victor Skormin, Springer-Verlag GmbH, Vol. 2685, pp 406-411, St. Petersburg, Russia,
Septebmer 24-28, 2005.
24. Clark, Paul C., Irvine, Cynthia E., Levin, Timothy E., Nguyen, Thuy D., Shifflett, David J.,
Miller, Donna, “Initial Documentation Requirements for a High Assurance System: Lessons
Learned”, Proceedings from the 6th IEEE Systems, Man and Cybernetics Information Assurance
Workshop, West Point, NY, June 2005, pp. 434-435.
25. Nguyen, Thuy D., Levin, Timothy E., and Irvine, Cynthia E., “MYSEA Testbed”, Proceedings
from the 6th IEEE Systems, Man and Cybernetics Information Assurance Workshop, West Point,
NY, June 2005, pp. 438-439.
Cynthia E. Irvine
7
March 2009
26. Irvine, Cynthia E., Thompson, Michael F., and Allen, Ken, “CyberCIEGE: An Extensible Tool
for Information Assurance Education”, Proceedings of the 9th Colloquium for Information
Systems Security Education, Atlanta, GA, June 2005, pp 130-138.
27. Nguyen, Thuy D., Levin, Timothy E., and Irvine, Cynthia E., “TCX Project: High Assurance for
Secure Embedded Systems,” Proceedings of the 11th IEEE Real-Time and Embedded Technology
and Applications Symposium, Work in Progress Session, San Francisco, CA, March 2005, pp. 2125. (Also appeared in SIGBED Review, Vol. 2, No. 2, April 2005, Special Issue on IEEE RTAS
2005 Work-in-Progress)
28. Irvine, Cynthia E., “A Common Criteria-Based Team Project for High Assurance System
Education, Success Through Information Security Knowledge,” Proc. Fourth World Conference
on Information Security Education, Moscow, Russia, May 2005, pp. 82-93.
29. Irvine, Cynthia E., Thompson, Michael F., and Allen, Ken, “CyberCIEGE (TM): An Information
Assurance Teaching Tool for Training and Awareness,” Proceedings of the 2005 FISSEA
Conference, Bethesda, MD, March 2005.
30. Irvine, Cynthia E., and Thompson, Michael F., “Expressing an Information Security Policy
Within a Security Simulation Game, in Avoiding Fear, Uncertainty and Doubt,” Proceedings of
the Sixth Workshop on Education in Computer Security, Monterey, California, July 2004, pp. 4349.
31. Irvine, Cynthia E., Levin, Timothy E., Nguyen, Thuy D., and Dinolt, George W., “The Trusted
Computing Exemplar Project,” Proceedings of the 2004 IEEE Systems Man and Cybernetics
Information Assurance Workshop, West Point, NY, June 2004, pp. 109-115.
32. Irvine, Cynthia E., Levin, Timothy E., Nguyen, Thuy D., Shifflett, David, Khosalim, Jean, Clark,
Paul C., Wong, Albert, Afinidad, Francis, Bibighaus, David, and Sears, Joseph, “Overview of a
High Assurance Architecture for Distributed Multilevel Security,” Proceedings of the 2004 IEEE
Systems Man and Cybernetics Information Assurance Workshop, West Point, NY, June 2004, pp.
38-45.
33. Falby, Naomi, Fulp, J.D., Clark, Paul C., Cote, R. Scott, Irvine, Cynthia E., Dinolt, George W.,
Levin, Timothy E., Rose, Matthew, and Shifflett, Deborah, “Information Assurance Capacity
Building: A Case Study,” Proceedings of the Colloquium on Information Systems Security
Education, pp. 31-36.
34. Falby, Naomi, Thompson, Michael F., and Irvine, Cynthia, “A Security Simulation Game
Scenario Definition Language,” Innovative Program Abstracts - Colloquium on Information
Systems Security Education, West Point, NY, June 2004.
35. Mohan, Raj, Levin, Timothy E., and Irvine, Cynthia E., “An Editor for Adaptive XML-Based
Policy Management of IPsec,” Proceedings of the 19th Computer Security Applications
Conference, Las Vegas, NV, December 2003, pp. 276-285.
36. Irvine, Cynthia E., and Thompson, Michael, “Teaching Objectives of a Simulation Game for
Computer Security,” Proceedings of Informing Science and Information Technology Joint
Conference, Pori, Finland, June 2003.
37. Xie, Geoffrey, Irvine, Cynthia E., and Levin, Timothy, “Quantifying Effect of Network Latency
and Clock Drift on Time-Driven Key Sequencing,” Proceedings of IEEE First International
Cynthia E. Irvine
8
March 2009
Workshop on Assurance in Distributed Systems and Networks, Vienna, Austria, July 2002, pp.
35-42.
38. Spyropoulou, Evdoxia, C. Agar, Christopher, Levin, Timothy E., and Irvine, Cynthia E., “IPsec
Modulation for Quality of Security Service”, Proceedings of the International Systems Security
Engineering Conference, Orlando, FL, March 2002.
39. Irvine, Cynthia E., and Levin, Timothy E., Spyropoulou, Evdoxia, and Allen, Bruce, “Security as
a Dimension of Quality of Security Service”, Proceedings of the Active Middleware Services
Workshop, August 2001, San Francisco, CA, pp 87-93.
40. Irvine, Cynthia E., and Levin, Timothy E., “Teaching Security Engineering Principles,”
Proceedings Second World Conference on Information Security Education, Perth, Australia, July
2001, pp. 113-127.
41. Kim, J.-K., Kidd, T., Siegel, H. J., Irvine, C., Levin, T., Hensgen, D. A., St. John, D., Prasanna,
V. K., Freund, R. F., and Porter, N. W., “Collective Value QoS: A Performance Measure
Framework for Distributed Heterogeneous Networks,” Proceedings of the 15th International
Parallel and Distributed Processing Symposium, San Francisco, California, April 2001, pp. 810823.
42. Irvine, Cynthia E., Levin, Timothy, Wilson, Jeffrey D., Shifflett, David, and Pereira, Barbara, “A
Case Study in Security Requirements Engineering for a High Assurance System,” Proceedings of
the 1st Symposium on Requirements Engineering for Information Security, Indianapolis, Indiana,
March 2001.
43. Irvine, Cynthia E., and Levin, Timothy, “Data Integrity Limitations in Highly Secure Systems,”
Proceedings of the International Systems Security Engineering Conference, Orlando, FL,
February 2001.
44. Sypropoulou, Evdoxia, Levin, Timothy, and Irvine, Cynthia E., “Calculating Costs for Quality of
Security Service,” Proceedings of the 16th Computer Security Applications Conference, New
Orleans, LA, December 2000, pp. 334-343.
45. Balmer, Steven R., and Irvine, Cynthia E. “Analysis of Terminal Server Architectures for Thin
Clients in a High Assurance Network,” Proceedings of the National Information Systems
Security Conference, Baltimore, MD, October 2000, pp 192-202. This paper was given the award
of “Best Paper” at the conference.
46. Irvine, Cynthia E., and Levin, Timothy, “Quality of Security Service,” Proceedings of the New
Security Paradigms Workshop, Ballycotton, Ireland September 2000, pp. 91-99. (Reprinted in the
Proceedings of the National Information Systems Security Conference, Baltimore, MD, October
2000, CD version).
47. Robin, J. Scott, and Irvine, Cynthia E., “Analysis of the Intel Pentium's Ability to Support a
Secure Virtual Machine Monitor,” Proceedings of the 9th Usenix Security Symposium, Denver,
CO, August, 2000, pp.129 - 144.
48. Irvine, Cynthia E. and Levin, Timothy, “Toward Quality of Security Service in A Resource
Management System Benefit Function,” Proceedings of the 2000 Heterogeneous Computing
Workshop, Cancun, Mexico, May 2000, pp.133-139.
Cynthia E. Irvine
9
March 2009
49. Kim, Jong-Kook, Hensgen, Deborah A., Kidd, Taylor, Siegel, Howard J., St. John, David, Irvine,
Cynthia E., Levin, Timothy, Prasanna, Viktor K., and Freund, Richard F., “A QoS Performance
Measure Framework for Distributed Heterogeneous Networks,” Proceeding of EuroMicro-PDP,
Rhodos, Greece , January 2000, pp. 18 - 27.
50. Irvine, Cynthia E., and Levin, Timothy, “Toward a Taxonomy and Costing Method for Security
Services,” Proceedings of the 15th Computer Security Applications Conference, December 1999,
pp. 183-188, Scottsdale, AZ.
51. Irvine, Cynthia E., “The Reference Monitor Concept as a Unifying Principle in Computer
Security Education,” Proceedings of the First World Conference on Information Systems Security
Education, Stockholm, Sweden, pp.27-37, June 1999.
52. Isa, H.R., Shockley, W. R., and Irvine, Cynthia E., “A Multi-threading Architecture for
Multilevel Secure Transaction Processing,” Proceedings of 1999 Symposium on Security and
Privacy , Oakland, California, pp. 166-180, May 1999.
53. Hensgen, D., Kidd, T., St. John, D., Schnaidt, M.C., Siegel, H. J., Braun, T., Maheswaran, M.,
Ali, S., Kim, J-K, Irvine, Cynthia E., Levin, Timothy, Freund, R.F., Kusso, M., Godfrey, M.,
Duman, A., Carff, P., Kidd, S., Prasanna, V., Bhat, P, Alhusaini, A., “An Overview of the
Management System for Heterogeneous Networks (MSHN),” Proceedings of the 8th Workshop
on Heterogeneous Computing Systems (HCW '99), San Juan, Puerto Rico, pp. 184-198, April
1999.
54. Xie, Geoffrey, Cowell, Cary, and Irvine Cynthia E., “LLPA: high speed link layer packet
authentication” Proceedings of Annual IEEE Gigabits Networking Workshop (GBN'99), New
York City, NY, March 1999.
55. Wright, R.E., Shifflett, D.J., and Irvine, Cynthia E., “Security for a Virtual Heterogeneous
Machine,” Proceedings of the Fourteenth Computer Security Applications Conference,
Scottsdale, AZ, pp. 167-177, December 1998.
56. Irvine, Cynthia E., Anderson, J.P., Robb, D.A., and Hackerson, J., “High Assurance Multilevel
Services for Off-The-Shelf Workstation Applications,” Proceedings of the National Information
Systems Security Conference, Crystal City, VA, pp.421-431, October 1998.
57. Irvine, Cynthia E., “Naval Postgraduate School Center for INFOSEC Studies and Research:
Teaching the Science of Computer Security,” MILCOM Proceedings (unclassified), Monterey,
California, November 1997.
58. Irvine, Cynthia E., Warren, D.F., and Clark, P.C., “The NPS CISR Graduate Program in
INFOSEC: Six Years of Experience,” Proceedings of the 20th National Information Systems
Security Conference, Baltimore, MD, pp.22-30, October 1997.
59. Currie, D. and Irvine, Cynthia E., “Surmounting the Effects of Lossy Compression on
Steganography,” Proceedings of the 19th National Information System Security Conference ,
Baltimore, pp. 194-201, Md, October 1996.
60. Irvine, Cynthia E., and Volpano, D., “A Practical Tool for Developing Trusted Applications,” in
Proceedings of the 11th Computer Security Applications Conference, New Orleans, LA, pp. 190195, December 1995.
Cynthia E. Irvine
10
March 2009
61. Irvine, Cynthia E., “A Multilevel File System for High Assurance,” Proceedings 1995 IEEE
Symposium on Security and Privacy, Oakland, CA, pp. 78-87, May 1995.
62. Schell, R.R. and Irvine, Cynthia E., “Future Roles for Balanced Assurance in Trusted Database
Management Systems,” Proceedings of the 5th RADC Database Security Workshop, October
1992.
63. Irvine, Cynthia E., Schell, R.R. and Thompson, M.F., “Using TNI Concepts for Near-Term Use
of High Assurance Database Management Systems,” Proceedings of the 4th RADC Database
Security Workshop, Little Compton, RI, April 1991.
64. Irvine, Cynthia E., Schell, R.R. and Vetter, L., “Architecture for an Embedded Secure Database
Management System,” Proceedings of the 6th Annual Computer Applications Conference,
Tucson, AZ, December 1990.
65. Irvine, Cynthia E., Acheson, T.B. and Thompson, M.F., “Building Trust into a Multilevel File
System,” Proceedings of the 13th National Computer Security Conference, October 1990,
Washington, DC.
66. Schell, R.R. and Irvine, Cynthia E., “Performance Implications for Multilevel Database Systems,”
Proceedings of the 3rd RADC Database Security Workshop, June 1990, Castile, NY.
67. Levin, Timothy, Padilla, S. and Irvine, Cynthia E., “A Formal Model for UNIX SETUID,”
Proceedings of the IEEE Conference on Security and Privacy, pp.78-83, May 1989, Oakland,
CA.
68. Irvine, Cynthia E., Thompson, M.F., Schell, R.R., Tao, T.F., Lessin, R.E., Wopat, J.R., and
BenArieh, E., “Genesis of a Secure Application: A Multilevel Secure Message Preparation
Workstation Demonstration”, Proceedings of the 4th Aerospace Security Applications
Conference, December 1988, Orlando, FL.
Invited Conference Papers
1. Irvine, Cynthia E., Shifflett, David, Clark, Paul, Levin, Timothy, and Dinolt, George, “MYSEA
Technology Demonstration,” in Proceedings DISCEX Conference, April 2003, pp. 10-12.
2. Irvine, Cynthia E., Shifflett, David, Clark, Paul, Levin, Timothy, and Dinolt, George, “Monterey
Security Enhanced Architecture Project,” in Proceedings DISCEX Conference, April 2003, pp.
176-181.
3. Irvine, Cynthia E., and Levin, Timothy, “Is Electronic Privacy Achievable?,” Proceedings of the
IEEE Symposium on Security and Privacy, Oakland, CA, May 2000, pp.76-77.
4. Irvine, Cynthia E., “Amplifying Security Education in the Laboratory,” Proceedings of the First
World Conference on Information Systems Security Education, Stockholm, Sweden, pp. 139-146,
June 1999.
5. Irvine, Cynthia E., “The Benefits of Student Research in Information Systems Security
Education,” Proceedings of the 1999 National Colloquium on Information Systems Security
Education, Palisades, NY, May 1999.
6. Irvine, Cynthia E., “Security in Innovative New Operating Systems,” Proceedings IEEE
Symposium on Security and Privacy, May 1997, pp. 202-203.
Cynthia E. Irvine
11
March 2009
7. Irvine, Cynthia E., “Goals for Computer Security Education,” Proceedings 1996 IEEE
Symposium on Security and Privacy, Oakland, CA, pp.24-25, May 1996.
Currently Submitted Papers or Papers in Progress: Journals & Conferences
1. Irvine, C. E., Multilevel Security, Handbook of Science and Technology for Homeland Security,
Wiley-Interscience. To appear.
Non-Refereed Technical Memoranda and Working Papers
1. Clark, Paul C., Irvine, Cynthia E., Levin, Timothy E., Nguyen, Thuy D., Vidas, Timothy M.,
SecureCore Software Architecture: Trusted Path Application (TPA) Requirements, NPS-CS-07001, Naval Postgraduate School, December 2007.
2. Clark, Paul C., Irvine, Cynthia E., Levin, Timothy E., Nguyen, Thuy D., Vidas, Timothy M.,
Shifflett, David J., SecureCore Software Architecture: SecureCore Operating System (SCOS)
Functional Specification, NPS-CS-07-018, Naval Postgraduate School, December 2007.
3. Shifflett, David J., Clark, Paul C., Irvine, Cynthia E., Nguyen, Thuy D., Vidas, Timothy M., and
Levin, Timothy E., Secure Core Software Architectures: Trusted Management Layer (TML)
Kernel Extension Module Integration Guide, NPS-CS-07-022, Naval Postgraduate School,
December 2007.
4. Shifflett, David J., Clark, Paul C., Irvine, Cynthia E., Nguyen, Thuy D., Vidas, Timothy M.,
Levin, Timothy E., SecureCore Software Architecture: Trusted Management Layer (TML)
Kernel Extension Module Interface Specification, NPS-CS-07-021, Naval Postgraduate School,
December 2007.
5. Levin, T. E., Irvine, C. E., Benzel, T. V., Bhaskara, G., Clark, P. C., and Nguyen, T. D., Design
Principles and Guidelines for Security, NPS-CS-08-001, Naval Postgraduate School, November
2007.
6. Huffmire, Ted and Irvine, Cynthia. Field Programmable Gate Array Guidance for Information
Systems Security Engineers: Analysis and Recommendations, NPS Technical report NPS-CS-07009, August 2007.
7. Nguyen, Thuy D., and Levin, Timothy E., Irvine, Cynthia E., Benzel, Terry V., and Bhaskara,
Ganesha, Preliminary Security Requirements for SecureCore Hardware, NPS-CS-06-014, Naval
Postgraduate School, Monterey, California, September 2006.
8. Levin, Timothy E., Irvine, Cynthia E., and Nguyen, Thuy D., An Analysis of Three Kernel-based
Multilevel Security Architectures, NPS-CS-06-001, Naval Postgraduate School, Monterey,
California, August 2006.
9. Clark, Paul C., and Irvine, Cynthia E., Levin, Timothy E., and Nguyen, Thuy D., The GIG
Information Access Control Policy: An Interpretation, Analysis and Conceptual Design, NPS-CS06-018, Naval Postgraduate School, Monterey, California, June 2006.
10. Clark, Paul C., Irvine, Cynthia E., Levin, Timothy E., Nguyen, Thuy D., Shifflett, David J.,
Miller, Donna, Initial Documentation Requirements for a High Assurance System: Lessons
Learned, NPS-CS-06-007, Naval Postgraduate School, Monterey, California, February 2006.
Cynthia E. Irvine
12
March 2009
11. Afinidad, Francis, Irvine, Cynthia E., Nguyen, Thuy D., and Levin, Timothy E., A Time Interval
Memory Protection System, NPS-CS-06-002, Naval Postgraduate School, Monterey, California,
November 2005.
12. Benzel, Terry V., Irvine, Cynthia E., Levin, Timothy E., Bhaskara, Ganesha, Nguyen, Thuy D.,
and Clark, Paul C., “Design Principles for Security,” NPS-CS-05-010, Naval Postgraduate
School, Monterey, California, September 2005.
13. Miller, Donna, Levin, Timothy E., and Irvine, Cynthia E., A Case Study of Wireless Integration
into an Enterprise Network, Naval Postgraduate School Technical Report, NPS-CS-005-004,
Naval Postgraduate School, Monterey, CA, January 2005.
14. Irvine, Cynthia E., Nguyen, Thuy D., and Levin, Timothy E., A High Assurance Testbed for
Multilevel Interoperabiity: 2004 Developments, Naval Postgraduate School Technical Report,
NPS-CS-05-002, Naval Postgraduate School, Monterey, CA, October 2004.
15. Levin, Timothy E., Irvine, Cynthia E., and Nguyen, Thuy D., A Least Privilege Model for Static
Separation Kernels, Naval Postgraduate School Technical Report, NPS-CS-05-003, Naval
Postgraduate School, Monterey, CA, October 2004.
16. Irvine, Cynthia E., Levin, Timothy E., and Nguyen,Thuy D., Trusted Computing Exemplar: 2004
Developments, Naval Postgraduate School Technical Report, NPS-CS-05-001, Naval
Postgraduate School, Monterey, CA, October 2004.
17. Irvine, Cynthia E., Levin, Timothy E., and Dinolt, George W., “Diamond High Assurance
Security Program: Trusted Computing Exemplar,” Technical Report NPS-CS-02-004, September
2002.
18. Spyropoulou, E., Levin, T., and Irvine, C., “Demonstration of Quality of Security Service
Awareness for IPsec,” Technical Report NPS-CS-02-005, Naval Postgraduate School, Monterey,
CA, September 2002.
19. Irvine, Cynthia E., Shifflett, David, Clark Paul C., Levin, Timothy E., and Dinolt, George W.,
“MYSEA Security Architecture,” Technical Report NPS-CS-02-006, May 2002.
20. Irvine, Cynthia E., Levin, Timothy, Dinolt, George W., “A National Trusted Computing
Strategy” Technical Report NPS-CS-02-003, May 2002.
21. Spyropoulou, E., Levin, T., and Irvine, Cynthia E., “Keynote Policy Files and Conversion to
Disjunctive Normal Form for Use in IPsec,” Technical Report NPS-CS-02-001, Naval
Postgraduate School, Monterey, CA, January 2002.
22. Spyropoulou, E., Agar, C., Levin, T., and Irvine, C., “IPsec Modulation for Quality of Security
Service,” Technical Report NPS-CS-02-01, Naval Postgraduate School, Monterey, CA, January
2002.
23. Irvine, Cynthia E. and Levin, Timothy, “Data Integrity Limitations in Hybrid Security
Architectures,” NPS Technical Report NPS-CS-00-008, December 2000.
24. Irvine, Cynthia and Levin, Timothy, “The Effects of Security Choices and Limits in a
Metacomputing Environment,” NPS Technical Report NPS-CS-00-004, April 2000.
25. Irvine, Cynthia and Levin, Timothy, “An Introduction to Quality of Security Service,” NPS
Technical Report NPS-CS-00-005, April 2000.
Cynthia E. Irvine
13
March 2009
26. Irvine, Cynthia, Howard J. Seigel, Viktor Prasanna, Debra Hensgen, Levin, Timothy,
“Management System for Heterogeneous Networks Final Report, Volume I: Project Summary
and Papers,” NPS Technical Report NPS-CS-00-006, April 2000.
27. Spyropoulou, Evdoxia, Levin, Timothy, and Irvine, Cynthia, “Quality of Security Service
Costing Demonstration for the MSHN Project,” NPS Technical Report NPS-CS-00-007, April
2000.
28. Levin, Timothy, and Irvine, Cynthia E., “Quality of Security Service in A Resource Management
System Benefit Function,” NPS-CS-99-005, Naval Postgraduate School, Monterey, California
June 15, 1999.
29. Irvine, Cynthia E., and Levin, Timothy, “A Note on Mapping User-Oriented Security Policies to
Complex Mechanisms and Services,” NPS-CS-99-008, Naval Postgraduate School, Monterey,
California June 15, 1999.
30. Irvine, Cynthia E. and Levin T., “Toward a Taxonomy and Costing Method for Security
Services,” NPS-CS-99-007, Naval Postgraduate School, Monterey, California 15 June 1999.
31. Levin, Timothy, and Irvine, Cynthia E., “An Approach to Characterizing Resource Usage and
User Preferences in Benefit Functions,” NPS-CS-99-005, Naval Postgraduate School, Monterey,
California June 15, 1999.
32. Irvine, Cynthia E. and Shockley, William R., “Roundhouse: A Security Architecture for Active
Networks,” Naval Postgraduate School Technical Report, NPSCS-98-002, Naval Postgraduate
School, Monterey, California, May 1998.
33. Irvine, Cynthia E., “NPS CISR Annual Report,” June 1998.
34. Chin, Shu-Kai, Irvine, Cynthia E., and Frinke, Deborah, “An Information Security Education
Initiative for Engineering and Computer Science,” Naval Postgraduate School Technical Report,
NPSCS-97-003, Naval Postgraduate School, Monterey, California, December 1997.
35. Irvine, Cynthia E., Warren, D. F., and Stemp, R., “Teaching Computer Security at a Department
of Defense University,” NPS-CS-97-002, April 1997.
36. Irvine, Cynthia E., “NPS CISR Annual Report,” December 1996.
37. Irvine, Cynthia E., and Towle, Bradley S., “Embedded Secure Database Management System,”
RADC-TR-90-439, Rome Air Development Center, Griffiss AFB, December 1990,
38. Irvine, Cynthia E., and Acheson, Todd B., “Factors Affecting Software Ports to the GEMSOS
Environment,” Technical Note, GCI-89-03-01, July 1989.
39. Irvine, Cynthia E., and Bergez, John, “Mission to Mars: A Classroom Activities Manual,”
Monterey Institute for Research in Astronomy, 1984.
40. Irvine, Cynthia E., “Application of Acoustic Signal Processing Techniques to Seismic Data,”
Naval Postgraduate School, 1977.
Book Reviews
1. Experiencing Science, by Jeremy Bernstein for The Humanist, 1982.
Cynthia E. Irvine
14
March 2009
Other Papers and Publications
1. Irvine, Cynthia E., “The SimSecurity Information Assurance Virtual Laboratory,” extended
abstract for IEEE Symposium on Security and Privacy, Oakland, California, May 2003.
2. Irvine, Cynthia E., Levin, Timothy, Nguyen, Thuy, and Dinolt, George, “Trusted Computing
Exemplar Project,” extended abstract for IEEE Symposium on Security and Privacy, Oakland,
California, May 2003.
3. Irvine, Cynthia, and Levin, Timothy, “An Extended-OpenBSD Security Architecture: MYSEA,”
extended abstract for Secure Trusted Operating System Conference ‘02, Monterey, California,
August 2002.
4. Spyropoulou, Evdoxia, Irvine, Cynthia E., Levin, Timothy E., and Allen, Bruce, “Managing
Costs and Variability of Security Services,” extended abstract for IEEE Symposium on Security
and Privacy, Oakland, California, May 2001.
5. Irvine, Cynthia E., and Levin, Timothy E., “Overview of Quality of Security Service,” extended
abstract for IEEE Symposium on Security and Privacy, Oakland, California, May 2001.
6. VanPutte, Michael, Irvine, Cynthia E., and Hiles, John, “Distance Learning and Virtual
Laboratory for Information Assurance,” extended abstract for IEEE Symposium on Security and
Privacy, Oakland, California, May 2001.
7. Balmer, Steven, Bryer-Joyner, Susan, Eads, Bradley, Heller, Scott D., Irvine, Cynthia E. “High
Assurance Multilevel Secure Mail Service: Session Server and IMAP Server” extended abstract,
distributed as part of 5-minute talks at IEEE Symposium on Security and Privacy, Oakland,
California, May 1999.
8. Irvine, Cynthia E. and Levin, Timothy, “Security Approach for a Resource Management
System,” extended abstract distributed as part of 5-minute talks at IEEE Symposium on Security
and Privacy, Oakland, California, May 1999.
9. Irvine, Cynthia E., and Bergez, J., “An Astronomy Outreach Program for Grades 4, 5, and 6,”
Bull. Amer. Astron. Soc., 18, 1000, 1986.
10. Irvine, Nelson J., and Irvine Cynthia E., “SIRTF, Space Infrared Telescope Facility” for NASAAmes Research Center, 1985.
11. Irvine, Cynthia E., “New Observatory Rising to the Stars,” Monterey Peninsula Herald, January
1, 1984.
12. Irvine, Nelson J., and Irvine, Cynthia E., “The Oliver Observing Station: MIRA's New
Observatory,” Bull. Amer. Astron. Soc., 15, 998, 1983.
13. Irvine, Cynthia E., “Intelligent Life Beyond Earth,” MIRA Newsletter, 6, No 2, 1983.
14. Irvine, Cynthia E., “The Big Bang and Cosmic Radiation,” Monterey Peninsula Herald,
September 9, 1983.
15. Irvine, Cynthia E., “Women in the Field of Astronomy,” Monterey Peninsula Herald, June 26,
1983.
16. Irvine, Cynthia E., “Sir Arthur Eddington--Author, Scientist,” Monterey Peninsula Herald,
December 26, 1982.
Cynthia E. Irvine
15
March 2009
17. Irvine, Cynthia E., “Gregorian Calendar is 400 Years Old,” Monterey Peninsula Herald October
26, 1982.
18. Irvine, Cynthia E., “Planetary Nebulae: Tombstones in the Sky,” Monterey Peninsula Herald,
1982.
19. Irvine, Cynthia E., “Excitement Over a Lot of Nothing,” Monterey Peninsula Herald, December
27, 1981 (Interstellar Matter).
20. Irvine, Cynthia E. and Irvine, N. J., “Stars in Their Eyes,” Monterey Life, November 1981, p. 66.
21. Irvine, Cynthia E., “The 'Evil Eye' that Stars in the Heavens,” Monterey Peninsula Herald,
September 27, 1981 (Algol).
22. Irvine, Cynthia E., “Scientists View the Dark Spots in the Heavens,” Monterey Peninsula Herald,
July 5, 1981 (Interstellar Matter).
23. Irvine, Cynthia E., “Astronomer's Notebook--More on the Big Bang,” MIRA Newsletter, 4, No.
1, 7, 1981.
24. Irvine, Cynthia E., “What is MIRA Anyway? From Cleveland to Monterey,” MIRA Newsletter,
4, No. 1, 5, 1981.
25. Irvine, Cynthia E., “The Death of a Star in 1054,” Monterey Peninsula Herald, January 4, 1981
(Crab Nebula).
26. Irvine, Cynthia E., “Sunspots Spoiled Ancient Theory of 'Perfect' Sun,” Monterey Peninsula
Herald, August 31, 1980 (Maunder Minimum).
27. Irvine, Cynthia E., “Double Hubble Troubles Universe,” Monterey Peninsula Herald, April 27,
1980 (Extra-galactic distance scale).
28. Chester, Craig, Irvine, Cynthia E., Irvine, Nelson J., Merville, Al, Ross, H., and Weaver, W.B.,
“MIRA, A Status Report,” Bul. Amer. Astron. Soc., 11, 631, 1980.
29. Irvine, Cynthia E., “Changing Views on the Origin of the Universe,” Monterey Peninsula Herald,
March 30, 1980.
30. Irvine, Cynthia E., “It Wasn't Easy for February to Get that Extra Day,” Monterey Peninsula
Herald, February 3, 1980.
31. Irvine, Cynthia E., “Great Nebula is Month's Display,” Monterey Peninsula Herald, September 2,
1979 (M31, The Andromeda Galaxy).
32. Irvine, Cynthia E., “A Star called Mira,” MIRA Newsletter, Winter 1978.
Conference Presentations
1. 11 December 2003: “An Editor for Adaptive XML-Based Policy Management of IPsec”, 19th
Annual Computer Security Applications Conference, Las Vegas, Nevada.
2. 4 December 2003: “NPS Information Assurance Research Overview”, invited presentation at
DoD Information Assurance Research and Development Symposium, Alexandria, Virginia.
Cynthia E. Irvine
16
March 2009
3. 25 September 2003: “Monterey Security Architecture (MYSEA),” invited presentation at Office
of the Secretary of Defense Workshop on Multilevel Security, Alexandria, Virginia.
4. 24 September 2003: “Considering Lifecycle Subversion,” invited presentation at Office of the
Secretary of Defense Workshop on Multilevel Security, Alexandria, Virginia.
5. 17 June 2003, “Subversion” invited talk National Security Agency, Fort Meade, Maryland.
6. 6 May 2003: Invited Presentation at Federal Aviation Administration (FAA) Information
Technology (IT) Information Systems Security (ISS) Research and Development (R&D)
Workshop entitled “Current Research Supporting the FAA”.
7. 20 March 2003: “Trusted Computing Exemplar,” invited presentation at Information Assurance
Task Force Forum, Columbia, Maryland.
8. 20 August 2002: “An Extended-OpenBSD Security Architecture: MYSEA,” presented at Secure
Trusted Operating System Conference ‘02, Monterey, California.
9. 15 October 2001: Invited Presentation at SANS entitled “Naval Postgraduate School: A Success
Story in Information Assurance”.
10. 6 August 2001: “Security as a Dimension of Quality of Service in Active Service Environments”,
Third Annual International Workshop on Active Middleware Services, San Francisco, CA.
11. 12 July 2001: “Teaching Security Engineering Principles”, IFIP TC11 WG 11.8 Second World
Conference on Information Security Education, Perth, Australia.
12. 9 July 2001: “Quality of Security Service Costing and Control”, Invited talk for National Defense
University, Singapore.
13. 10 May 2001: “High Assurance Multi-level Secure LAN for Commercial PCs”, Navy MSL/MLS
Workshop, Norfolk, VA.
14. 10 October 2000: Presented panel paper at the National Information Systems Security
Conference, Baltimore, MD. Position paper title: “An Argument for Academic Research in
Information Security”.
15. 17 October 2000: Presented paper at the National Information Systems Security Conference,
Baltimore, MD. Presentation title: “Analysis of Terminal Server Architectures for Thin Clients in
a High Assurance Network”.
16. 16 October 2000: As part of a conference review panel, presented paper at the National
Information Systems Security Conference, Baltimore, MD. Position paper title: “An Argument
for Quality of Security Service”. Reprinted paper title: “Quality of Security Service”.
17. 26 September 2000: “The Naval Postgraduate School Multilevel Secure Local Area Network
Project,” presented at Workshop on Innovations in Strong Access Control, Monterey, California.
Cynthia E. Irvine
17
March 2009
18. October 1999 - May 2000: Organized and ran a debate on the technical aspects of electronic
privacy at IEEE (Institute of Electrical and Electronics Engineers) Symposium on Security and
Privacy, Oakland, California. Debate title: “Is Electronic Privacy Achievable?”
19. 15 May 2000: Organized (with Timothy Levin) and introduced panel session at IEEE (Institute
of Electrical and Electronics Engineers) Symposium on Security and Privacy, Oakland,
California. Panel Title: “Is Electronic Privacy Achievable?”
20. 9 - 10 May 2000: Presented talks at the DARPA/ITO Quorum Program principal Investigator's
meeting, Seattle, WA. Talk titles: “MSHN Security Architectures and QoSS” and “Management
System for Heterogeneous Networks: Phase I Summary”.
21. 1 May 2000: “Toward Quality of Security Service in A Resource Management System Benefit
Function,” 2000 Heterogeneous Computing Workshop, Cancun, Mexico.
22. 8 - 10 December 1999: Presented a talk at the 15th Computer Security Applications Conference,
December 1999, Scottsdale, Arizona. Talk title: “Toward a Taxonomy and Costing Method for
Security Services”.
23. 18 - 21 October 1999: Presentations for two panels at the National Information Systems Security
Conference, Crystal City, Virginia. Panel presentations: “From Evolution to Revolution: An
Educator's Perspective” and “The NPS CISR Approach to Information System Security
Education”.
24. 22 September 1999: Invited Speaker at,1999 Annual Symposium of International Testing and
Evaluation Association, Atlanta, Georgia. Talk title: “Security: Where Testing Fails”.
25. 17-19 June 1999: Invited speaker at First World Conference on Information Security Education,
Kista, Sweden. Invited talk title: “Amplifying Security Education in the Laboratory”. Talk title:
“The Reference Monitor Concept as a Unifying Principle in Computer Security Education.”.
26. 25 - 27 May 1999: Invited speaker at NCISSE (National Colloquium On Information Systems
Security Education), Palisades, New York. Talk titles: “The Government Perspective on
INFOSEC Education” and “The Benefits of Student Research in Information Systems Security
Education”.
27. January 1998 - January 1999: Organized and ran Third Workshop on Computer Security
Education, Pacific Grove, California. Responsible for setting the theme of the workshop, its
general organization and financing.
28. 9 - 11 December 1998: “Security for a Virtual Heterogeneous Machine,” Fourteenth Computer
Security Applications Conference, Scottsdale, AZ.
29. 5 - 8 October 1998: Presented a talk and participated in a panel on Information Systems Security
education at the National Information Systems Security Conference, Crystal City, Virginia. Talk
title: “High Assurance Multilevel Services for Off-The-Shelf Workstation Applications”. Panel
presentation title: “NPS CISR Graduate Program in Computer Security”.
Cynthia E. Irvine
18
March 2009
30. 6 October 1998: Presented a panel paper entitled: “Information Dominance: Questions in
Teaching,” National Information Systems Security Conference, Crystal City, Virginia.
31. 8 October 1998: Presented a panel paper entitled: “NPS CISR Graduate Program in Computer
Security,” National Information Systems Security Conference, Crystal City, Virginia.
32. 16 - 18 June 1998: Organized panel session and presented at NCISSE (National Colloquium On
Information Systems Security Education), Harrisonburg, Virginia, Panel and talk title: “Meeting
Security Requirements for Global Commerce: Can Education Help?”.
33. January 1997 - January 1998: Organized and ran Second Workshop on Computer Security
Education, Pacific Grove, California. Talk title: “Exploitation of a Covert Channel”. Responsible
for setting the theme of the workshop, its general organization and financing.
34. November 1997 Attended and presented at MILCOM, Monterey, California. Talk title: “Naval
Postgraduate School Center for INFOSEC Studies and Research: Teaching the Science of
Computer Security”.
35. 7 - 10 October 1997: “The NPS CISR Graduate Program in INFOSEC: Six Years of Experience,”
20th National Information Systems Security Conference, Baltimore, Maryland.
36. September 1996 - May 1997: Organized and presented a panel session at the IEEE Symposium
on Security and Privacy, Oakland, California. Panel title: “Security in Innovative New Operating
Systems”.
37. April 1997: Invited speaker at NCISSE (National Colloquium On Information Systems Security
Education), Baltimore, Maryland. Talk title “Graduate Education in Computer Security”.
38. March 1997: Invited Speaker at Federal Information System Security Conference, Gaithersburg,
Maryland, Talk title: “University Education in Computer Security”.
39. January 1996 - January 1997: Organized and ran First ACM (Association for Computing
Machinery) Workshop on Computer Security Education, Monterey, California. Responsible for
setting the theme of the workshop, its general organization and financing.
40. 9 -13 December 1996: Tutorial presenter at Computer Security Applications Conference, San
Diego, California. Tutorial title: “High and Low Assurance: What are the Differences?”
41. September 1995 - May 1996: Organized and introduced panel session at IEEE (Institute of
Electrical and Electronics Engineers) Symposium on Security and Privacy, Oakland, California.
Panel Title: “Goals for Computer Security Education”.
42. 11 -15 December 1995: Presented a paper and a tutorial at Computer Security Applications
Conference, New Orleans, Louisiana. Tutorial title: “High and Low Assurance: What are the
Differences?” Paper title: “A Practical Tool for Developing Trusted Applications”
43. May 1995: “A Multilevel File System for High Assurance,” 1995 IEEE Symposium on Security
and Privacy, Oakland, California.
Cynthia E. Irvine
19
March 2009
Invited Participant or Speaker
1. Computing Research Association Grand Challenges in Information Assurance, November 2003.
2. OSD Defense Venture Catalyst Initiative (DeVenCI) Project, July 2003
3. “Enforcement of Security Policies.” Invited Speaker, ACM sponsored lecture series, Bowling
Green State University, Bowling Green, Ohio, 5 March 1998
4. “Meeting Security Requirements for Global Commerce,” Invited Speaker, University of Toledo,
Toledo, Ohio, 6 March 1998
5.
“Halley's Comet”, Invited Speaker, Monterey Bay Aquarium. Winter 1985.
Cynthia E. Irvine
20
March 2009
Educational Activities
Courses Taught
Graduate
•
•
•
•
•
•
•
•
•
Information Assurance: Introduction to Computer Security (CS3600)
Design and Analysis of Algorithms (CS3650)
Network Security (CS3690)
Distributed Systems (CS4112)
Secure Systems (CS4600)
Security Policies, Models and Formal Methods (CS4605)
Advanced Topics in Computer Security (CS4614)
Reading classes (CS4800)
Special topics classes (CS4920)
Undergraduate
•
Introduction to Astronomy
Current Students
Masters
1.
2.
3.
4.
5.
Sanders, Kyle
Roussas, Greg
Schultz, Eric
Welliver, Terrence
Wiley, Jeff
Former Students
Doctoral
1. Orwat, Mark, A Decision Framework for Enhancing Mobile Ad Hoc Network Stability and
Security, Ph.D. Dissertation, Naval Postgraduate School, Monterey, California, June 2008.
2. Afinidad, Francis, An Interval Algebra-based Temporal Access Control Protection
Architecture, PhD Dissertation, Computer Science Department, Naval Postgraduate School,
Monterey, California, June 2005.
3. VanPutte, Michael, A Computational Model and Multi-Agent Simulation for Information
Assurance, Ph.D. Dissertation, Naval Postgraduate School, Monterey, California, June 2002.
Doctoral Committee Member
1. Shaffer, Alan, An Application of Alloy to Static Analysis for Secure Information Flow and
Verification of Software Systems, Ph.D. Dissertation, Computer Science Department, Naval
Cynthia E. Irvine
21
March 2009
Postgraduate School, Monterey, California, December 2008.
2. Bibighaus, David L., Applying Doubly Labeled Transition Systems to the Refinement
Paradox, Ph.D. Dissertation, Computer Science Department, Naval Postgraduate School,
Monterey, California, September 2005.
3. Luke, Brian, PhD Dissertation, Electrical and Computer Engineering Department, Naval
Postgraduate School, Monterey, California, June 2005.
4. Wahdan, Mahmoud, New Motion Planning and Real-time Localization Methods Using
Proximity for Autonomous Mobile Robots, Ph.D. Thesis, Computer Science Department,
Naval Postgraduate School, Monterey, California, September 1996.
Masters Students, Thesis Advisor
1. Tiat Leng, TEO, Scenario Selection and Student Assessment Modules for CyberCIEGE,
Masters Thesis, Naval Postgraduate School, Monterey, California, December 2003.
2. Lack, Lindsay, Using the Bootstrap Concept to Build an Adaptable and Compact Subversion
Artifice, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2003.
3. Murray, Jessica, An Exfiltration Subversion Demonstration, Masters Thesis, Naval
Postgraduate School, Monterey, California, June 2003.
4. Rogers, David, A Framework for Dynamic Subversion, Masters Thesis, Naval Postgraduate
School, Monterey, California, June 2003.
5. Mohan, Raj, XML Based Adaptive IPsec Policy Management in a Trust Management
Context, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2002.
6. Anderson, Emory A., A Demonstration of the Subversion Threat: Facing a Critical
Responsibility in the Defense of Cyberspace, Masters Thesis, Naval Postgraduate School,
Monterey, California, March 2002.
7. Price, Patrick D., Toward an Internet Service Provider (ISP) Centric Security Approach,
Masters Thesis, Naval Postgraduate School, Monterey, California, March 2002.
8. Smith, Kevin, Linux, OpenBSD, and Talisker: A Comparative Complexity Analysis, Masters
Thesis, Naval Postgraduate School, Monterey, California, March 2002.
9. Agar, Christopher, Dynamic Parameterization of IPsec, Masters Thesis, Naval Postgraduate
School, Monterey, California, December 2001.
10. Brodhun, Carl P., Prioritization of Information Assurance (IA) Technology in a Resource
Constrained Environment, Masters Thesis, Naval Postgraduate School, Monterey, California,
September 2001.
11. Burns, Titus R., Analyzing Threads and Processes in Windows CE, Masters Thesis, Naval
Postgraduate School, Monterey, California, September 2001.
12. Glover, Mark V., Integrating a Trusted Computing Base Extension Server and Secure Session
Server into the Linux Operating System, Masters Thesis, Naval Postgraduate School,
Monterey, California, September 2001.
13. Haynes, Letitia D., Implications of User Identification Devices (UIDs) for the United States
Cynthia E. Irvine
22
March 2009
Navy, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2001.
14. Ziemba, Marcia L., Training Users for Public Key Infrastructure in the U.S. Navy: User
Roles, Responsibilities, and Training Requirements, Masters Thesis, Naval Postgraduate
School, Monterey, California, September 2001.
15. McGovern, Susan, System Requirements to Facilitate Interoperability in a Coalition
Network, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2001.
16. Pereira, Barbara A., Analyzing Input/Output Subsystem Security in Windows CE, Masters
Thesis, Naval Postgraduate School, Monterey, California, June 2001.
17. Whalen, Timothy, Human Factors in Coast Guard Computer Security - An Analysis of the
USCG's Current Awareness Level and Potential Techniques to Improve Security Program
Viability, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2001.
18. Drake, Timothy, An Application Emulator for HiPer-D, Masters Thesis, Naval Postgraduate
School, Monterey, California, March 2001
19. Karadeniz, Kadir, Analysis of Intel IA-64 Processor Support for a Secure Virtual Machine
Monitor, Masters Thesis, Naval Postgraduate School, Monterey, California, March 2001.
20. Unalmis, Bugra, Analysis of Intel IA-64 Processor Support for Secure Systems, Masters
Thesis, Naval Postgraduate School, Monterey, California, March 2001.
21. Bersack, Evelyn, Implementation of a HTTP (Web) Server on a High Assurance Multilevel
Secure Platform, Masters Thesis, Naval Postgraduate School, Monterey, California, expected
graduation date December 2000.
22. Brown, Emma, SMPT on a High Assurance Mulitlevel Server, Masters Thesis, Naval
Postgraduate School, Monterey, California, September 2000.
23. Everette, Theresa, Enhancement of Internet Message Access Protocol for User-Friendly
Multilevel Mail Management, Masters Thesis, Naval Postgraduate School, Monterey,
California, September 2000.
24. Rossetti, Richard K., A Mail File Administration Tool for a Multilevel High Assurance LAN,
Masters Thesis, Naval Postgraduate School, Monterey, California, September 2000.
25. Wilson, J. D., Trusted Networking in a Multilevel Secure Environment, Masters Thesis, Naval
Postgraduate School, Monterey, California, June 2000.
26. Polk, Kenneth, Transparently Tracking QoS Requirements to Permit Next Generation
Combat Systems to More Effectively Utilize COTS, Masters Thesis, Naval Postgraduate
School, Monterey, California, June 2000.
27. Agacayack, Cihan, Controlling Object Reuse in Clients Supported by a Trusted Computer
Base Extension, Masters Thesis, Electrical and Computer Engineering, Naval Postgraduate
School, Monterey, California, March 2000.
28. Turan, Bora, Client Bootstrap under Trusted Computing Base Extension Control, Masters
Thesis, Electrical and Computer Engineering, Naval Postgraduate School, Monterey,
California, March 2000
29. Balmer, Steven, Trusted Computing Base Extension Control System For Client Workstations,
Cynthia E. Irvine
23
March 2009
Masters Thesis, Naval Postgraduate School, Monterey, California, September 1999.
30. Morris, Dan, and Rowe, David, Public Key Infrastructure Requirements, Planning and
Implementation Issues of the Marine Corps, Masters Thesis, Naval Postgraduate School,
Monterey, California, September 1999.
31. Clark, Paul, Supporting Mandatory Access Control in an Educational Environment, Masters
Thesis, Naval Postgraduate School, Monterey, California, September 1999.
32. Robin, Scott Analyzing the Intel Pentium III Processor's Capability to Run a Secure Virtual
Machine Monitor, Masters Thesis, Naval Postgraduate School, Monterey, California,
September 1999.
33. Bryer-Joyner, Susan, and Heller, Scott D., A Protocol for Establishing a Trusted Path Over
an Untrusted Local Area Network, Masters Thesis, Naval Postgraduate School, Monterey,
California, March 1999. Navy League Award received by LT Heller upon graduation.
34. Eads, Bradley, Developing a High Assurance Multilevel Mail Server, Masters Thesis, Naval
Postgraduate School, Monterey, California, March 1999.
35. Fowler, James, Security Planning for Wireless Networks, Masters Thesis, Naval
Postgraduate School, Monterey, California, March 1999.
36. Joyner, Lee, Development of a Load-Balancing Mechanism for Parallel Firewalls, Masters
Thesis, Naval Postgraduate School, Monterey, California, March 1999. Rear Admiral Grace
Murray Hopper Award for Computer Science received upon graduation.
37. Isa, Haruna, Utilizing Hardware Features for Secure Thread Management, Masters Thesis,
Naval Postgraduate School, Monterey, California, December 1998.
38. Hackerson, Jason, Constructing a Trusted Computing Base Extension in Commercial-Off-the
Shelf Personal Computers for Multilevel Secure Local Area Networks, Masters Thesis, Naval
Postgraduate School, Monterey, California, September 1998.
39. Wright, Roger, Integrity Architecture and Security Services Demonstration for Management
System for Heterogeneous Networks, Masters Thesis, Naval Postgraduate School, Monterey,
California, June 1998.
40. Weldon, Steve, Security Issues in the JMCIS-Ashore Command and Control System, Masters
Thesis, Naval Postgraduate School, Monterey, California, September 1997.
41. Buettner, Ray, and Harris, Robert, Comparative Analysis of Commercial Off The Shelf
(COTS) Encryption Products for Use in Transmitting Sensitive But Unclassified (SBU) Data,
Masters Thesis, Naval Postgraduate School, Monterey, California, September 1997.
42. Downey, James P., and Robb, Dion, A High Assurance Label-Based Mail Service for LANs,
Masters Thesis, Naval Postgraduate School, Monterey, California, September 1997.
43. Marlett, Robert, Analysis of General Magic Telescript with Respect to Class C2
Requirements, Masters Thesis, Naval Postgraduate School, Monterey, California, September
1996.
44. Fulp, John D., A National Imagery System Security Policy, Masters Thesis, Naval
Postgraduate School, Monterey, California, March 1996.
Cynthia E. Irvine
24
March 2009
45. Bollwerk, William V., Classification of N-type Carbon Stars. Supervision of this research
was conducted in my capacity as a MIRA research astronomer on behalf of the Physics
Department, Masters Thesis, Naval Postgraduate School, Monterey, California, 1985.
Masters Students, Thesis Co-Advisor
1. Tenhunen, Thomas, Implementing an Intrusion Detection System in the MYSEA Architecture,
Masters Thesis, Naval Postgraduate School, Monterey, California, March 2008. (co-advised
with Thuy Nguyen)
2. Lavelle, Claire, A Preliminary Analysis for Porting XML-Based Chat to MYSEA , Masters
Thesis, Naval Postgraduate School, Monterey, California, March 2008. (co-advised with
Thuy Nguyen)
3. Gilkey, Craig, Proof of Concept Integration of a Single-Level Service-Oriented Architecture
into a Multi-Domain Secure Environment, Naval Postgraduate School, Monterey, California,
March 2008. (co-advised with Randy Maule)
4. Adams, Coy M. VOIP Quality Measurements in a Multilevel Secure (MLS) Environment,
Masters Thesis, Naval Postgraduate School, Monterey, California, March 2008. (co-advised
with Nelson Irvine)
5. Ong, K. L., Design and Implementation of Wiki Services in a Multilevel Secure
Environment, Masters Thesis, Naval Postgraduate School, Dec 2007. (co-advised with Thuy
D. Nguyen)
6. Portner, A. D., A Prototype of Multilevel Data Integration in the MYSEA Testbed, Masters
Thesis, Naval Postgraduate School, Sept 2007. (co-advised with Thuy D. Nguyen)
7. Carter, D. W., An OSkit-Based Implementation Of Least Privilege Separation Kernel Memory
Partitioning, Masters Thesis, Naval Postgraduate School, June 2007. (co-advised with Thuy
D. Nguyen) BibTex
8. Wiese, B., Preliminary Analysis Of A Trusted Platform Module (TPM) Initialization Process,
Masters Thesis, Naval Postgraduate School, June 2007. (co-advised with Thuy D. Nguyen)
9. Cullum, J. J., Performance Analysis Of Automated Attack Graph Generation Software,
Masters Thesis, Naval Postgraduate School, Dec 2006 (co-advised with Timothy E. Levin)
10. Chiang, Ken. H., A Prototype Implementation Of A Time Interval File Protection System
(TIFPS) In Linux, Masters Thesis, Naval Postgraduate School, Sept 2006 (co-advised with
Thuy D. Nguyen)
11. DeCloss, Daniel P., An Analysis of Specware and its Usefulness in the Verificatio of High
Assurance Systems, Masters Thesis, Naval Postgraduate School, Monterey, California, June
2006. (co-advised with Timothy Levin)
12. Bradney, Jeremiah A., Use of WebDAV to Support a Virtual File System in a Coalition
Environment, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2006.
(co-advised with Thuy D. Nguyen)
13. Cone, Benjamin D., A CyberCIEGE Campaign Fulfilling Navy Information Assurance
Training and Awareness Requirements, Masters Thesis, Naval Postgraduate School,
Cynthia E. Irvine
25
March 2009
Monterey, California, March 2006. (co-advised with Nelson J. Irvine)
14. Egan, Melissa, An Implementation of Remote Application Support in a Multilevel
Environment, Masters Thesis, Naval Postgraduate School, Monterey, California, March 2006.
(co-advised with Thuy D. Nguyen)
15. Whitehorn, Patrick, Security Requirements Elicitation for Application Platforms in
Environments Requiring High Robustness, Masters Thesis, Naval Postgraduate School,
Monterey, California, March 2006. (co-advised with Thuy D. Nguyen)
16. Estlund, Mark J., A Survey and Analysis of Access Control Architectures for XML Data,
Masters Thesis, Naval Postgraduate School, Monterey, California, March 2006. (co-advised
with Timothy Levin)
17. Chay, Chua, A CyberCIEGE Scenario Illustrating Software Integrity and Management of AirGapped Newtworks in a Military Environment, Masters Thesis, Naval Postgraduate School,
Monterey, California, December 2005. (co-advised with Paul Clark and Michael Thompson)
18. Ng, Chee Mun, A CyberCIEGE Scenario to Illustrate Classified Information Management in
Multilevel Secure Systems for Command and Control, Masters Thesis, Naval Postgraduate
School, Monterey, California, December 2005. (co-advised with Paul Clark and Michael
Thompson)
19. Ruppar, Carrie, Identity Theft Prevention in CyberCIEGE, Masters Thesis, Naval
Postgraduate School, Monterey, California, December 2005. (co-advised with Paul Clark and
Michael Thompson)
20. Tan, Nai Kwan, A Firewall Training Program Based on CyberCIEGE, Masters Thesis, Naval
Postgraduate School, Monterey, California, December 2005. (co-advised with Paul Clark and
Michael Thompson)
21. Barwinski, Mark, Taxonomy of Spyware and Empirical Study of Network Drive-By
Downloads, Masters Thesis, Naval Postgraduate School, Monterey, California, September
2005. (co-advised with Timothy Levin)
22. Bui, Sonia, Single Sign-on Solution for MYSEA Services, Masters Thesis, Naval Postgraduate
School, Monterey, California, September 2005. (co-advised with Thuy D. Nguyen)
23. Muller, David, Authentication Scenario for CyberCIEGE, Masters Thesis, Naval
Postgraduate School, Monterey, California, September 2005. (co-advised with Paul C. Clark
and Michael Thompson)
24. Vernon, Richard, A Design for Sensing the Boot Type of a Trusted Platform Module-Enabled
Computer, Masters Thesis, Naval Postgraduate School, Monterey, California, September
2005. (co-advised with Timothy E. Levin)
25. Tse, Lily, Feasibility study of VOIP Integration into the MYSEA Environment, Masters
Thesis, Naval Postgraduate School, Monterey, California, September 2005. (co-advised with
Thuy D. Nguyen)
26. Hasbrouck, Carrie, A Study of Current Policies and Procedures Affecting Multilevel Security
Technology and Implementation, Masters Thesis, Naval Postgraduate School, Monterey,
California, June 2005. (co-advised with Steve Iatrou)
Cynthia E. Irvine
26
March 2009
27. Kane, Robert, Web-Based Dissemination System for the Trusted Computing Exemplar
Project, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2005. (coadvised with Thuy D. Nguyen)
28. Lysinger, James, Multilevel Print Server Requirements for DoN Application, Masters Thesis,
Naval Postgraduate School, Monterey, California, June 2005. (co-advised with Thuy D.
Nguyen)
29. Cooper, Robert, Remote Application Support in a Multilevel Environment, Masters Thesis,
Naval Postgraduate School, Monterey, California, March 2005. (co-advised with Thuy D.
Nguyen)
30. Horn, John, IPsec-Based Dynamic Security Services for the MYSEA Environment, Masters
Thesis, Naval Postgraduate School, Monterey, California, March 2005. (co-advised with
Thuy D. Nguyen)
31. Dodge, Catherine, Recommendations for Secure Initializaiton Routines in Operating Systems,
Masters Thesis, Naval Postgraduate School, Monterey, California, December 2004. (coadvised with Thuy D. Nguyen)
32. Herbig, Christopher, Use of OpenSSH Support for Remote Login to a Multilevel Secure
System, Masters Thesis, Naval Postgraduate School, Monterey, California, December 2004.
(co-advised with Thuy D. Nguyen)
33. Fielk, Klaus W., CyberCIEGE Scenario Illustrating Integrity Risks to a Military-Like
Facility, Masters Thesis, Naval Postgraduate School, Monterey, California, September 2004.
(co-advised with Paul Clark and Michael Thompson)
34. Hart, Dennis, An Approach to Vulnerability Assessment for Navy Supervisory Control, and
Data Acquisition (SCADA) Systems, Masters Thesis, Naval Postgraduate School, Monterey,
California, September 2004. (co-advised with Karen Burke)
35. Hilchie, Allan, Trusted Path SELinux, Masters Thesis, Naval Postgraduate School, Monterey,
California, September 2004. (co-advised with David Shifflett)
36. Lamorie, Justin, A CyberCIEGE Scenario Illustrating Secrecy Issues in an Internal
Corporate Network Connected to the Internet, Masters Thesis, Naval Postgraduate School,
Monterey, California, September 2004. (co-advised with Paul Clark and Michael Thompson)
37. Sears, Joseph D., Simultaneous Connection Management and Protection in a Distributed
Multilevel Security Environment, Masters Thesis, Naval Postgraduate School, Monterey,
California, September 2004. (co-advised with Thuy D. Nguyen)
38. Sherman, Michael A., An Analysis of VPN Solutions and Best Practices for Use in
Conjunction with Cyber Attack and Defend Exercises, Masters Thesis, Naval Postgraduate
School, Monterey, California, September 2004. (co-advised with J.D. Fulp)
39. Baumgartner, Trevor J. and Phillips, Matthew D. W., Implementation of a Network Address
Translation Mechanism Over IPv6, Masters Thesis, Naval Postgraduate School, Monterey,
California, June 2004. (co-advised with Thuy D. Nguyen)
40. LaMore, Robert L. CyberCIEGE Scenario Illustrating Secrecy Issues Through Mandatory
and Discretionary Access Control Policies in a Multilevel Security Network, Masters Thesis,
Cynthia E. Irvine
27
March 2009
Naval Postgraduate School, Monterey, California, June 2004. (co-advised with Paul Clark
and Michael Thompson)
41. Meyer, Marc K. A CyberCIEGE Scenario Illustrating Multilevel Secrecy Issues in an Air
Operations Environment, Masters Thesis, Naval Postgraduate School, Monterey, California,
June 2004. (co-advised with Paul Clark and Michael Thompson)
42. Athanasopoulos, Vasileios, Design and Development of a Web-Based DoD PKI Common
Access Card (CAC) Instruction Tool, Masters Thesis, Naval Postgraduate School, Monterey,
California, March 2004. (co-advised with J.D. Fulp)
43. Gross, Michael E., Configuration Management Evaluation Guidance for High Robustness
Systems, Masters Thesis, Naval Postgraduate School, Monterey, California, March 2004. (coadvised with Timothy E. Levin)
44. Guild, R. James, Design and Analysis of a Model Reconfigurable Cyber-Exercise Laboratory
(RCEL) for Information Assurance Education, Masters Thesis, Naval Postgraduate School,
Monterey, California, March 2004. (co-advised with J.D. Fulp)
45. Johns, Kenneth W. Toward Managing and Automating CyberCIEGE Scenario Definition
File Creation, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2004.
(co-advised with Paul Clark and Michael Thompson)
46. Phan, Kandy Q., Design and Implementation of NFS for a Multilevel Secure System, Masters
Thesis, Naval Postgraduate School, Monterey, California, September 2004. (co-advised with
David Shifflett)
47. Schoberg, Paul, Secure Ground-Based Remote Recording and Archiving of Aircraft “Black
Box” Data, Masters Thesis, Naval Postgraduate School, Monterey, California, June 2003.
48. Bailey, Carmen F., Analysis of Security Solutions in Large Enterprises, Masters Thesis,
Naval Postgraduate School, Monterey, California, June 2003. (co-advised with Paul C. Clark)
49. Carrillo, Cassandra M., Continuous Biometric Authentication for Authorized Aircraft
Personnel: A Proposed Design, Masters Thesis, Naval Postgraduate School, Monterey,
California, June 2003. (co-advised with Timothy Levin)
50. O’Neal, Matthew, A Design Comparison Between IPv4 and IPv6 in the Context of MYSEA,
and Implementation of an IPv6 MYSEA Prototype, Masters Thesis, Naval Postgraduate
School, Monterey, California, June 2003. (co-advised with Thuy D. Nguyen)
51. Senter, Jasper W., and Thornton, Cayetano S., Information Technology (IT) Ethics: Training
and Awareness Materials for the Department of the Navy, Masters Thesis, Naval
Postgraduate School, Monterey, California, June 2001. (co-advised with Floyd Brock)
52. Brock, Jerome, Multiple Session Management for the Linux Operating System, Masters
Thesis, Naval Postgraduate School, Monterey, California, September 2001. (co-advised with
Paul C. Clark)
53. Stocks, Alan R., Requirements for the Deployment of Public Key Infrastructure (PKI) in the
USMC Tactical Environment, Masters Thesis, Naval Postgraduate School, Monterey,
California, June 2000. (co-advised with Daniel F. Warren)
54. Bartram, Scott, Supporting a Trusted Path for the Linux Operating System, Masters Thesis,
Cynthia E. Irvine
28
March 2009
Naval Postgraduate School, Monterey, California, June 2000. (co-advised with Paul C. Clark)
55. Darroca, Gregorio G., A Flow-Based Security Protocol for Fast IP Tag Switching, Masters
Thesis, Naval Postgraduate School, Monterey, California, September 1998 (co-advised with
Geoff Xie).
56. English, John, Security Analysis for a Management System for Heterogeneous Networks
(MSHN), Masters Thesis, Naval Postgraduate School, Monterey, California, September 1997
(co-advised with Taylor Kidd).
57. Umentum, Bart, Using Web Technology to Disseminate INFOSEC Lectures, Masters Thesis,
Naval Postgraduate School, Monterey, California, September 1997 (co-advised with Dennis
Volpano).
58. Hester, James W., and Moormann, Richard C., Innovative Teaching Techniques and the Role
of Web Programming in Education, Masters Thesis, Naval Postgraduate School, Monterey,
California, March 1997. (co-advised with Dennis Volpano)
59. Lucas, Julie, Ensuring a C2 Level of Trust and Interoperability in a Networked Windows NT
Environment, Masters Thesis, Naval Postgraduate School, Monterey, California, September
1996. (co-advised with Gus Lott).
60. Heaton, Lee A., Radiant Mercury: An Assessment of the Issues, Masters Thesis, Naval
Postgraduate School, Monterey, California, September 1996. (co-advised with Carl Jones).
61. Campbell, Hannelore and Currie, Daniel L. III, Implementation and Efficiency of
Steganographic Techniques in Bitmapped Images and Embedded Data Survivability Against
Lossy Compression Schemes, Masters Thesis, Naval Postgraduate School, Monterey,
California, March 1996. Rear Admiral Grace Murray Hopper Award for Computer Science
received by LT Campbell upon graduation. (co-advised with Hal Fredericksen).
62. Wootten, David, A Graphic User Interface for Rapid Integration of Steganography Software,
Masters Thesis, Naval Postgraduate School, Monterey, California, March 1996. (co-advised
with Michael Zyda).
63. DeJong, Ronald, A Study of Covert Channels in a Trusted System, Masters Thesis, Naval
Postgraduate School, Monterey, California, March 1995. (co-advised with Timothy
Shimeall).
64. Muschalek, Keith, Mandatory Security Policy Enforcement in Commercial Off The Shelf
Database Management System Software: A Comparative Analysis of Informix OnLine/Secure and Trusted Oracle, Masters Thesis, Naval Postgraduate School, Monterey,
California, September 1994 (co-advised with Thomas Wu).
65. Weatherford, Mark T., Interpretative Analysis of the Joint Maritime Command Information
System (JIMCIS) Sensitive Compartmented Information (SCI) Local Area Network (LAN)
Security Requirements, Masters Thesis, Naval Postgraduate School, Monterey, California,
September 1994 (co-advised with Carl Jones).
Masters Students, Thesis Second Reader
1. Hensley, Katrina, and Ludden, Fredrick, ATM Security Via Stargate Solution, Masters Thesis,
Naval Postgraduate School, Monterey, California, September 1999 (advisor Geoff Xie).
Cynthia E. Irvine
29
March 2009
2. Ioannis Kondoulis, A Protocol for Building a Network Access Controlller (NAC) for “IP
Over ATM”, Masters Thesis, Naval Postgraduate School, Monterey, California, September
1998 (advisor Geoff Xie).
Visitors
Scientists
•
William H Murray, Independent, 2005-2007
•
Clark Weissman, Independent, 1998
•
William R. Shockley, Independent, 1996
Ph.D. Students
•
Janne Hagen, Norwegian Defence Research Establishment (FFI), Kjeller, Norway,
2008-2009
Cynthia E. Irvine
30
March 2009
Service Activities
National Organizations
Honors
•
•
•
•
•
Navy Information Assurance Award, October 2001.
Best Paper Award, National Information Systems Security Conference, October 2000
Who's Who in Frontier Science and Technology, 1984
Outstanding Young Women of America, Nominated by Provost, Naval Postgraduate
School, 1980
Outstanding Young Women of America, Nominated by Provost, Naval Postgraduate
School, 1977
Committees, Boards
•
•
•
•
•
•
•
•
•
January 2008 – present: Chair, IEEE Computer Society Technical Committee on Security
and Privacy
January 2006 – 2007: Vice Chair, IEEE Computer Society Technical Committee on
Security and Privacy
Steering Committee, National Cyber Defense Initiative, 2007-present
Directorate Review Committee, Pacific Northwest National Laboratories, 2005 – 2007
Senior Advisory Board, Association of Old Crows, 2002 – 2004
Member, INFOSEC Science and Technology Study Group, appointed by Dr. Frank
Fernandez, Director, DARPA, 1999-2000
Annual Computer Security Applications Conference Invited Essay Committee, January
2000 – 2001
Chair, Sub-committee on Academic Affairs, IEEE Technical Committee on Security and
Privacy, 1999 - present.
Secretary, ACM Special Interest Group on Security and Audit Control
Regional Organizations
Honors
•
•
Naval Postgraduate School award for Outstanding Research Achievement, Computer
Science Department, from Provost, Naval Postgraduate School, 1998
Naval Postgraduate School award for Outstanding Research Achievement, Information
Warfare Academic Group, from Provost, Naval Postgraduate School, 1997
Journal Organizations
Editorial
• Co-Editor, Security Education Section, IEEE Security and Privacy Magazine, 2008present
Conference and Workshop Organizations
Workshop Organizer
Cynthia E. Irvine
31
March 2009
•
•
•
•
•
•
•
•
General Chair, National Cyber Defense Initiative Workshop, Monterey, CA, 3-7
December 2007
Co-Chair, National Science Foundation Invitational Workshop on Cybersecurity
Workforce Needs Assessment and Educational Innovation, August 2003.
General Chair and Program Committee Chair, Third World Conference on Information
Security Education, Monterey, California, 26-28 June 2003.
General Chair, Fifth Workshop on Education in Computer Security, Monterey,
California, 23-25 June 2003.
Co-Chair, Workshop on Computer Misuse and Anomaly Detection (CMAD), Monterey,
CA, 12-14 November 1996 (with Karl Levitt)
Chair, Workshop on Education in Computer Security, Monterey, CA, 1999.
Chair, Workshop on Education in Computer Security, Monterey, CA, 1998.
Chair, Workshop on Education in Computer Security, Monterey, CA, 1997.
Program Committee
•
•
•
•
•
•
•
ACEIS 2009
ESSOS 2009
SECRYPT 2006, 2008, 2009
Computer Security Applications Conference, December 2008.
ICIW 2008
Computer Security Applications Conference, Miami, FL, December 2007.
Tutorial Committee, Computer Security Applications Conference, May 1998 – Dec 2003
•
International Joint Conference on e-Business and Telecommunications, Barcelona, Spain,
August 2007.
Information Assurance Workshop, West Point, NY, June 2007.
Infrastructure Security, Brighton, United Kingdom, October 2002
Requirements for High Assurance Systems, Monterey, California, 9 September 2003.
Network and Distributed Systems Symposium, San Diego, CA, February 2000
IEEE Symposium on Security and Privacy, May 1996 - May 1999
IEEE High Assurance Systems Engineering Symposium
•
•
•
•
•
•
University-wide Service
University
•
•
•
•
•
Institutional Advancement, Director Search Committee, 2007
PhD committee, National Security Institute, NPS, 2007-2008
National Security Institute, Organizing Committee, 2007
Director, Cebrowski Institute, NPS, 2001 – 2003
Director, Center for Information Systems Security Studies and Research, NPS, 1996 –
present
School
• Dean Search Committee, NPS, 2007
• Dean Search Committee, NPS, 2003
• Dean Search Committee, NPS, 2002
Department
Cynthia E. Irvine
32
March 2009
•
•
•
•
•
Chair, Computer Security Track, NPS, 1995 – present
Department Chair Search Committee, 2008
Curriculum Committee (Chair), NPS, 2003 – present
Faculty Search Committee, 2008 – present
Lab Committee, 2002
Refereeing and Reviewing
Journals
•
•
•
•
•
IEEE Computer
IEEE Security and Privacy
IEEE Transactions on Computing
Journal of Computer Security
The Computer Journal
Conferences
•
•
•
National Computer Security Conference
Annual Security Applications Conference
Network and Distributed Security Symposium
Grant Proposals
•
National Science Foundation
Books
•
John Wiley and Sons
Other
•
Participant, OSD Defense Venture Catalyst Initiative (DeVenCI) Project, July 2003
Other Professional Activities
Consultant
• Consultant, Computer Security Associates, 1995 – 1996
• NASA Ames, Moffett Field, California, 1985
Member
•
•
•
Cynthia E. Irvine
ACM
IEEE (Senior Member)
Astronomical Society of the Pacific (Life Member)
33
March 2009