DOCSLIB.ORG

Security Analysis of Cryptographically Controlled Access to XML Documents

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Security Analysis of Cryptographically Controlled Access to XML Documents Security Analysis of Cryptographically Controlled Access to XML Documents ¤ Mart´in Abadi Bogdan Warinschi Computer Science Department Computer Science Department University of California at Santa Cruz Stanford University [email protected] [email protected] ABSTRACT ments [4, 5, 7, 8, 14, 19, 23]. This line of research has led to Some promising recent schemes for XML access control em- e±cient and elegant publication techniques that avoid data ploy encryption for implementing security policies on pub- duplication by relying on cryptography. For instance, us- lished data, avoiding data duplication. In this paper we ing those techniques, medical records may be published as study one such scheme, due to Miklau and Suciu. That XML documents, with parts encrypted in such a way that scheme was introduced with some intuitive explanations and only the appropriate users (physicians, nurses, researchers, goals, but without precise de¯nitions and guarantees for the administrators, and patients) can see their contents. use of cryptography (speci¯cally, symmetric encryption and The work of Miklau and Suciu [19] is a crisp, compelling secret sharing). We bridge this gap in the present work. We example of this line of research. They develop a policy query analyze the scheme in the context of the rigorous models language for specifying ¯ne-grained access policies on XML of modern cryptography. We obtain formal results in sim- documents and a logical model based on the concept of \pro- ple, symbolic terms close to the vocabulary of Miklau and tection". They also show how to translate consistent poli- Suciu. We also obtain more detailed computational results cies into protections, and how to implement protections by that establish security against probabilistic polynomial-time XML encryption [10]. Roughly, a protection is an XML tree adversaries. Our approach, which relates these two layers of in which nodes are guarded by positive boolean formulas fK ;K ;:::g the analysis, continues a recent thrust in security research over a set of symbols 1 2 that stand for crypto- and may be applicable to a broad class of systems that rely graphic keys. Protections have a simple and clear intended on cryptographic data protection. semantics: access to the information contained in a node is conditioned on possession of a combination of keys that sat- is¯es the formula that guards the node. For example, access 1. INTRODUCTION to a node guarded by (K1 ^ K2) _ K3 requires possessing ei- A classic method for enforcing policies on access to data ther keys K1 and K2 or key K3. (See Gi®ord's work for some is to keep all data in trusted servers and to rely on these of the roots of this approach [11].) Formally, a protection servers for mediating all requests by clients, authenticating describes a function that maps each possible set of keys to the clients and performing any necessary checks. An alter- the set of nodes that can be accessed using those keys, treat- native method, which is sometimes more attractive, consists ing the keys as symbols. On the other hand, the use of keys in publishing the data in such a way that each client can for deriving a partially encrypted document is not symbolic: see only the appropriate parts. In a naive scheme, many this process includes replacing the symbols K1;K2;::: with sanitized versions of the data would be produced, each cor- actual keys, and applying a symmetric encryption algorithm responding to a partial view suitable for distribution to a repeatedly, bottom-up, to the XML document in question. subset of the clients. This naive scheme is impractical in While Miklau and Suciu provide a thorough analysis of general. Accordingly, there has been much interest in more the translation of policies into protections, they leave a large elaborate and useful schemes for ¯ne-grained control on ac- gap between the abstract semantics of protections and the cess to published documents, particularly for XML docu- use of actual keys and encryption. The existence of this gap ¤ should not surprise us: an analogous gap existed in protocol This work was partly carried out while this author was analysis for 20 years, until recent e®orts to bridge it [1, 2, 13, a±liated with the University of California at Santa Cruz. 15, 18, 20]. Concretely, the gap means that the protection semantics leaves many problematic issues unresolved. We describe two such issues, as examples: Permission to make digital or hard copies of all or part of this work for ² Partial information: It is conceivable that even when a personal or classroom use is granted without fee provided that copies are node should be hidden according to a protection, the not made or distributed for pro£t or commercial advantage, and that copies partially encrypted document may in fact leak some bear this notice and the full citation on the £rst page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior speci£c information about the data in that node. permission and/or a fee. ² PODS 2005 June 13-15, 2005, Baltimore, Maryland. Encryption cycles: From the point of view of the ab- Copyright 2005 ACM 1-59593-062-0/05/06 ::: $5.00. stract semantics, encryption cycles (such as encrypting a key with itself) are legitimate and do not contradict Technically, we adapt and extend the approach of Abadi security. On the other hand, there are encryption algo- and Rogaway [1]. The novelties of this paper include the ap- rithms that satisfy standard cryptographic de¯nitions plication to document access control, signi¯cant di®erences of security but that leak keys when encryption cycles in basic de¯nitions motivated by this application, and the are created. treatment of secret sharing. First we provide an interme- More generally, there are many encryption methods and diate symbolic language for cryptographic expressions. We many notions of security for them (e.g., [3, 9, 12]), and it then de¯ne patterns of expressions; intuitively, a pattern is not clear which one, if any, provides adequate guaran- represents the information that an expression reveals to an tees for this application|nor is it exactly clear what those adversary. We show how to transform protections into cryp- guarantees might be. tographic expressions, and use patterns to provide an equiv- The immediate goal of this work is to bridge this gap alent semantics for protections. This equivalence is captured by reconciling the abstract semantics of protections with a in Theorem 1. Going further, we relate expressions to con- more concrete, computational treatment of security, and to crete computations on bit-strings. The most di±cult result de¯ne and establish precise security guarantees. We do not of this paper is Theorem 2. Informally, it states that pat- wish to replace the abstract semantics, which certainly has terns faithfully represent the information that expressions its place, but rather to complement it. reveal, even when expressions and patterns are implemented From a broader perspective, our goal is to develop, apply, with actual encryption schemes (not symbolically). More and promote useful concepts and tools for security anal- precisely, we associate probability distributions with an ex- ysis in the ¯eld of database theory. These concepts and pression and its pattern by mapping symbols to bit-strings tools do not pertain to statistical techniques, which have and implementing encryption with a semantically secure en- long been known in database research (e.g., [6, 22]), but cryption scheme [12], and prove that these distributions can- rather to cryptography. While sophisticated uses of cryp- not be distinguished by any probabilistic polynomial-time tology in database research may have been of modest scope, algorithm. Our main theorem, Theorem 3, reconciles the there is an obvious need for database security, and we believe abstract semantics of protections with the actual use of en- that cryptology has much to o®er. In research on crypto- cryption. We establish that if data is hidden according to graphic protocols, formal and complexity-theoretic methods a protection, then it is secret according to our de¯nition of have been successful in providing detailed models and in secrecy. enabling security proofs (sometimes automated ones). The same methods are bene¯cial for a broad class of systems that Contents require security. Each application, however, can necessitate The next section, Section 2, is mostly a review. In Sec- non-trivial, speci¯c insights and results. In the techniques tion 3 we introduce our formal language for representing that we study, partial and multiple encryptions occur in cryptographic expressions and give an alternative semantics (large, XML) data instances; we therefore depart from the to XML protections. Our main results are in Section 4: we situations most typically considered in the cryptography lit- give concrete interpretations to expressions and relate the erature, towards data management. It is this speci¯city that formal semantics of protections to a strong de¯nition of se- motivates the present paper. crecy. We conclude in Section 5. Overview of results Our analysis is directed at the core of the framework of 2. CONTROLLING ACCESS TO XML Miklau and Suciu, which aims to ensure data protection by DOCUMENTS WITH PROTECTIONS an interesting combination of encryption schemes and secret In this section we briefly recall the key aspects of the work sharing schemes [21]. As a formal counterpart to their loose, of Miklau and Suciu. We focus on protections. We describe informal concept of data secrecy, we introduce a strong, pre- the derivation of partially encrypted documents from protec- cise cryptographic de¯nition. The de¯nition goes roughly as tions in the next section. We omit the policy query language follows.
Load more

Recommended publications
  • Computational Learning Theory: New Models and Algorithms
    Computational Learning Theory: New Models and Algorithms by Robert Hal Sloan S.M. EECS, Massachusetts Institute of Technology (1986) B.S. Mathematics, Yale University (1983) Submitted to the Department- of Electrical Engineering and Computer Science in partial fulfillment of the requirements for the degree of Doctor of Philosophy at the MASSACHUSETTS INSTITUTE OF TECHNOLOGY June 1989 @ Robert Hal Sloan, 1989. All rights reserved The author hereby grants to MIT permission to reproduce and to distribute copies of this thesis document in whole or in part. Signature of Author Department of Electrical Engineering and Computer Science May 23, 1989 Certified by Ronald L. Rivest Professor of Computer Science Thesis Supervisor Accepted by Arthur C. Smith Chairman, Departmental Committee on Graduate Students Abstract In the past several years, there has been a surge of interest in computational learning theory-the formal (as opposed to empirical) study of learning algorithms. One major cause for this interest was the model of probably approximately correct learning, or pac learning, introduced by Valiant in 1984. This thesis begins by presenting a new learning algorithm for a particular problem within that model: learning submodules of the free Z-module Zk. We prove that this algorithm achieves probable approximate correctness, and indeed, that it is within a log log factor of optimal in a related, but more stringent model of learning, on-line mistake bounded learning. We then proceed to examine the influence of noisy data on pac learning algorithms in general. Previously it has been shown that it is possible to tolerate large amounts of random classification noise, but only a very small amount of a very malicious sort of noise.
    [Show full text]
  • ITERATIVE ALGOR ITHMS for GLOBAL FLOW ANALYSIS By
    ITERATIVE ALGOR ITHMS FOR GLOBAL FLOW ANALYSIS bY Robert Endre Tarjan STAN-CS-76-547 MARCH 1976 COMPUTER SCIENCE DEPARTMENT School of Humanities and Sciences STANFORD UN IVERS ITY Iterative Algorithms for Global Flow Analysis * Robert Endre Tarjan f Computer Science Department Stanford University Stanford, California 94305 February 1976 Abstract. This paper studies iterative methods for the global flow analysis of computer programs. We define a hierarchy of global flow problem classes, each solvable by an appropriate generalization of the "node listing" method of Kennedy. We show that each of these generalized methods is optimum, among all iterative algorithms, for solving problems within its class. We give lower bounds on the time required by iterative algorithms for each of the problem classes. Keywords: computational complexity, flow graph reducibility, global flow analysis, graph theory, iterative algorithm, lower time bound, node listing. * f Research partially supported by National Science Foundation grant MM 75-22870. 1 t 1. Introduction. A problem extensively studied in recent years [2,3,5,7,8,9,12,13,14, 15,2'7,28,29,30] is that of globally analyzing cmputer programs; that is, collecting information which is distributed throughout a computer program, generally for the purpose of optimizing the program. Roughly speaking, * global flow analysis requires the determination, for each program block f , of a property known to hold on entry to the block, independent of the path taken to reach the block. * A widely used amroach to global flow analysis is to model the set of possible properties by a semi-lattice (we desire the 'lmaximumtl property for each block), to model the control structure of the program by a directed graph with one vertex for each program block, and to specify, for each branch from block to block, the function by which that branch transforms the set of properties.
    [Show full text]
  • Second International Computer Programming Education Conference
    Second International Computer Programming Education Conference ICPEC 2021, May 27–28, 2021, University of Minho, Braga, Portugal Edited by Pedro Rangel Henriques Filipe Portela Ricardo Queirós Alberto Simões OA S I c s – Vo l . 91 – ICPEC 2021 www.dagstuhl.de/oasics Editors Pedro Rangel Henriques Universidade do Minho, Portugal [email protected] Filipe Portela Universidade do Minho, Portugal [email protected] Ricardo Queirós Politécnico do Porto, Portugal [email protected] Alberto Simões Politécnico do Cávado e Ave, Portugal [email protected] ACM Classifcation 2012 Applied computing → Education ISBN 978-3-95977-194-8 Published online and open access by Schloss Dagstuhl – Leibniz-Zentrum für Informatik GmbH, Dagstuhl Publishing, Saarbrücken/Wadern, Germany. Online available at https://www.dagstuhl.de/dagpub/978-3-95977-194-8. Publication date July, 2021 Bibliographic information published by the Deutsche Nationalbibliothek The Deutsche Nationalbibliothek lists this publication in the Deutsche Nationalbibliografe; detailed bibliographic data are available in the Internet at https://portal.dnb.de. License This work is licensed under a Creative Commons Attribution 4.0 International license (CC-BY 4.0): https://creativecommons.org/licenses/by/4.0/legalcode. In brief, this license authorizes each and everybody to share (to copy, distribute and transmit) the work under the following conditions, without impairing or restricting the authors’ moral rights: Attribution: The work must be attributed to its authors. The copyright is retained by the corresponding authors. Digital Object Identifer: 10.4230/OASIcs.ICPEC.2021.0 ISBN 978-3-95977-194-8 ISSN 1868-8969 https://www.dagstuhl.de/oasics 0:iii OASIcs – OpenAccess Series in Informatics OASIcs is a series of high-quality conference proceedings across all felds in informatics.
    [Show full text]
  • A Auxiliary Definitions
    A Auxiliary Definitions This appendix contains auxiliary definitions omitted from the main text. Variables fun lvars :: com ⇒ vname set where lvars SKIP = {} lvars (x ::= e)={x} lvars (c1;; c2)=lvars c1 ∪ lvars c2 lvars (IF b THEN c1 ELSE c2)=lvars c1 ∪ lvars c2 lvars (WHILE b DO c)=lvars c fun rvars :: com ⇒ vname set where rvars SKIP = {} rvars (x ::= e)=vars e rvars (c1;; c2)=rvars c1 ∪ rvars c2 rvars (IF b THEN c1 ELSE c2)=vars b ∪ rvars c1 ∪ rvars c2 rvars (WHILE b DO c)=vars b ∪ rvars c definition vars :: com ⇒ vname set where vars c = lvars c ∪ rvars c Abstract Interpretation fun strip :: aacom⇒ com where strip (SKIP {P})=SKIP strip (x ::= e {P})=x ::= e © Springer International Publishing Switzerland 2014 281 T. Nipkow and G. Klein, Concrete Semantics, DOI 10.1007/978-3-319-10542-0 282 A Auxiliary Definitions strip (C 1;;C 2)=strip C 1;; strip C 2 strip (IF b THEN {P 1} C 1 ELSE {P 2} C 2 {P})= IF b THEN strip C 1 ELSE strip C 2 strip ({I } WHILE b DO {P} C {Q})=WHILE b DO strip C fun annos :: aacom⇒ a list where annos (SKIP {P})=[P] annos (x ::= e {P})=[P] annos (C 1;;C 2)=annos C 1 @ annos C 2 annos (IF b THEN {P 1} C 1 ELSE {P 2} C 2 {Q})= P 1 # annos C 1 @ P 2 # annos C 2 @ [Q] annos ({I } WHILE b DO {P} C {Q})=I # P # annos C @ [Q] fun asize :: com ⇒ nat where asize SKIP = 1 asize (x ::= e)=1 asize (C 1;;C 2)=asize C 1 + asize C 2 asize (IF b THEN C 1 ELSE C 2)=asize C 1 + asize C 2 + 3 asize (WHILE b DO C )=asize C + 3 definition shift :: (nat ⇒ a) ⇒ nat ⇒ nat ⇒ a where shift f n =(λp.
    [Show full text]
  • Statement on the Selection of Jeffrey Ullman for a Turing Award
    Statement on the Selection of Jeffrey Ullman for a Turing Award An Open Letter to Committee of the ACM A.M. Turing Award and ACM: Date: 04/16/2021 Professor Jeffrey D. Ullman of Stanford University has been chosen to receive the 2020 ACM A.M. Turing Award, generally regarded as the highest distinction in computing. While we agree that the technical and educational contributions of Professor Ullman could meet the bar for a “Nobel Prize of Computing”, we condemn the selection as one that directly goes against the Diversity and Inclusion (D & I) values that the Computer Science community, and the Association for Computing Machinery (ACM) in particular, aim to uphold. While we recognize Professor Ullman’s freedom of speech and freedom to hold and express his political views, we are concerned by his sustained discriminatory behavior against students and by ACM bestowing upon such a person an award named after Alan Turing, someone who suffered much discrimination in his tragic life [1]. ACM defines its mission as follows: “ACM is a global scientific and educational organization dedicated to advancing the art, science, engineering, and application of computing, serving both professional and public interests by fostering the open exchange of information and by promoting the highest professional and ethical standards.” Furthermore, ACM explicitly defines “Diversity and Inclusion” as one of its four core values [2]. We assert, based on documented evidence, that not only has Professor Ullman willfully violated the “highest professional and ethical standards” that ACM has the mission to uphold, but also that he has demonstrated a pattern of actively turning against the values of D & I for decades.
    [Show full text]
  • Assembling a Prehistory for Formal Methods: a Personal View Thomas Haigh [email protected]
    Assembling A Prehistory for Formal Methods: A Personal View Thomas Haigh [email protected] University of Wisconsin—Milwaukee & Siegen University www.tomandmaria.com This is a preprint copy. Please quote and cite the final version, which will appear in a special issue of Formal Aspects of Computing devoted to historical work. Thanks to Cliff Jones and the anonymous reviewers for their encouragement and feedback on earlier drafts of this paper. Preprint Draft Haigh – Assembling a History for Formal Methods 2 Although I was pleased to be asked to contribute something to this volume I have a confession to make: I have never studied the history of formal methods. So this is not going to be a history of formal methods as much as a reflection on how such a story might be written. My plan is to triangulate from my personal experiences as a computer science student a quarter century ago, my Ph.D. training as a historian of science and technology, and my subsequent career researching and writing about various aspects of the history of computing. The fact that, despite a general familiarity with the literature on the history of computing, I don’t have a better grasp of the history of formal methods tells us a lot about the need for this special issue. Most of the history is so far locked up in the heads of participants, which is not a convenient place for the rest of us to find it. Stories written by participants or people with a personal connection to the events described are not usually the last word on historical events, but they are a vital starting point.
    [Show full text]
  • Appendix B: Annotated Bibliography
    Appendix B: Annotated Bibliography There are a wide variety of texts available for those who are interested in learning more about assem- bly language or other topics this text covers. The following is a partial list of texts that may be of interest to you. Many of these texts are now out of print. Please consult your local library if you cannot find a particu- lar text at a bookstore. Microprocessor Programming for Computer Hobbyists Neill Graham TAB books ISBN 0-8306-6952-3 1977 This book provides a gentle introduction to data structures for computer hobbyists. Although it uses the PL/M programming language, many of the concepts apply directly to assembly language programs. IBM Assembler Language and Programming Peter Able Prentice-Hall ISBN 0-13-448143-7 1987 A college text book on assembly language. Contains good sections on DOS and disk formats for earlier versions of DOS. MS-DOS Developer’s Guide John Angermeyer and Keven Jaeger Howard W. Sams & Co. ISBN 0-672-22409-7 An excellent reference book on programming MS-DOS. Compilers: Principles, Techniques, and Tools Alfred Aho, Ravi Sethi, and Jeffrey Ullman Addison Wesley ISBN 0-201-10088-6 1986 The standard text on compiler design and implementation. Contains lots of material on pattern matching and other related subjects. C Programmer’s Guide to Serial Communications Joe Campbell Howard W. Sams & Co. ISBN 0-672-22584-0 An indispensible guide to serial communications. Although written specifically for C programmers, the material applies equally well to assembly language programmers. The MS-DOS Encyclopedia Ray Duncan, General Editor & various authors Microsoft Press ISBN 1-55615-049-0 An excellent description of MS-DOS programming.
    [Show full text]
  • The Halting Problem and Security's Language-Theoretic Approach
    Computability Pre-press (2021) 1–18; The final publication is available at IOS Press through http://dx.doi.org/10.3233/COM-180217 1 IOS Press 1 1 2 2 3 The Halting Problem and Security’s Language-Theoretic Approach: 3 4 4 5 Praise and Criticism from a Technical Historian 5 6 6 ∗ 7 Edgar G. Daylight 7 8 School of Media and Information, Siegen University, Herrengarten 3, 57072 Siegen, 8 9 Germany 9 10 [email protected] 10 11 11 12 Abstract. The term ‘Halting Problem’ arguably refers to computer science’s most celebrated impossibility result and to the 12 core notion underlying the language-theoretic approach to security. Computer professionals often ignore the Halting Problem 13 13 however. In retrospect, this is not too surprising given that several advocates of computability theory implicitly follow Christopher 14 14 Strachey’s alleged 1965 proof of his Halting Problem (which is about executable — i.e., hackable — programs) rather than Martin 15 Davis’s correct 1958 version or his 1994 account (each of which is solely about mathematical objects). For the sake of conceptual 15 16 clarity, particularly for researchers pursuing a coherent science of cybersecurity, I will scrutinize Strachey’s 1965 line of reasoning 16 17 — which is widespread today — both from a charitable, historical angle and from a critical, engineering perspective. 17 18 18 19 Keywords: undecidability, halting problem, security, computability theory, Internet of Things 19 20 20 21 1. Introduction 21 22 Wireless networks, sensors, and software are transforming our societies into an Internet of Things. We are start- 22 23 ing to use Internet-connected drones, self-driving cars, and pacemakers designed to facilitate long-distance patient 23 24 monitoring by doctors.
    [Show full text]
  • Prof. Jeffrey Ullman
    The Lynne and William Frankel Center for Computer Science Department of Computer Science Ben Gurion University of the Negev Tel: 080808-08 ---64280326428032 Fax : 080808-08 ---64280216428021 [email protected] DDiissttiinngguuiisshheedd LLeeccttuurreerr SSeerriieess PPrrooff.. JJeeffffrreeyy UUllllmmaann Stanford W. Ascherman Professor of Computer Science (Emeritus) CClluusstteerr--BBaasseedd CCoommppuuttaattiioonn ooff RReellaattiioonnaall JJooiinnss The prevalence of large racks of interconnected processor nodes forces us to take another look at how to exploit parallelism when taking the join of large relations. Sometimes, there is a gain in total cost to be had by distributing pieces of each relation to several different nodes and computing the join of several large relations at once. The optimization problem is to pick the degree of replication of each relation, under the constraint that the total number of compute- nodes is fixed. We set up this problem as a nonlinear optimization and show that there is always a solution (which must be approximated by rounding to the nearest integers). For some of the most common types of join -- star joins and chain joins -- we give closed-form solutions to the optimization problem. Finally, we point out that the join algorithm we propose can be implemented using features already present in Hadoop, the open-source implementation of map- reduce. Jeffrey D. Ullman is currently the Stanford W. Ascherman Professor of Computer Science (Emeritus) at Stanford University, as well as CEO of the Gradiance Corporation. He received a Bachelor of Science degree in Engineering Mathematics from Columbia University and his Ph.D. in Electrical Engineering from Princeton University. Previously he worked at Bell Labs for several years and then as a professor at Princeton University.
    [Show full text]
  • 1999 Annual Report
    1999 ANNUAL REPORT ALFRED P. SLOAN FOUNDATION 1 CONTENTS 1999 Grants and Activities Science and Technology 5 Fellowships 5 Sloan Research Fellowships 5 Doctoral Dissertation Fellowships 9 Direct Support of Research 11 Neuroscience 11 Computational Molecular Biology 11 Astrophysics 13 Limits to Knowledge 14 Marine Science 14 Other Science 15 Science and Technology Policy 16 History of Science and Technology 17 Standard of Living and Economic Performance 18 Industries 18 Industry Centers 18 Industry Studies 19 Human Resources/Jobs/Income 20 Globalization 21 Business Organizations 21 Nonprofit Sectors 24 Universities 24 Assessment of Government Performance 26 Dual-Career Middle-Class Working Families 28 Centers on Working Families 28 Ethnographies of Everyday Life 29 Alternate Workplace Structures 30 Family-Centered Public Policy 31 Public Understanding of Working Families 32 General 33 Education and Careers in Science and Technology 34 Scientific and Technical Careers 34 Information about Careers 34 Retention 35 Professional Master’s Degrees 35 Learning Outside the Classroom 36 Human Resources 42 Education for Minorities and Women 43 Minorities 43 Women’s Programs 45 2 Public Understanding of Science and Technology 46 Books 46 Sloan Technology Book Series 48 Public Television 49 Commercial Television and Films 51 Theater 52 Public Policy 52 Selected National Issues and Civic Program 54 Selected National Issues 54 Civic Program 55 Additional Grants 59 1999 Financial Report Financial Review 61 Auditors’ Report 62 Balance Sheets 63 Statements of Activities 64 Statements of Cash Flows 65 Notes to Financial Statements 66 Schedules of Management and Investment Expenses 69 3 1999 GRANTS AND ACTIVITIES 4 SCIENCE AND TECHNOLOGY FELLOWSHIPS Sloan Research Fellowships $3,500,000 The Sloan Research Fellowship Program aims to stimulate fundamental research by young scholars with outstanding promise to contribute significantly to the advancement of knowledge.
    [Show full text]
  • Computer Science: Reflections On
    http://www.nap.edu/catalog/11106.html We ship printed books within 1 business day; personal PDFs are available immediately. Computer Science: Reflections on the Field, Reflections from the Field Committee on the Fundamentals of Computer Science: Challenges and Opportunities, National Research Council ISBN: 0-309-54529-3, 208 pages, 6 x 9, (2004) This PDF is available from the National Academies Press at: http://www.nap.edu/catalog/11106.html Visit the National Academies Press online, the authoritative source for all books from the National Academy of Sciences, the National Academy of Engineering, the Institute of Medicine, and the National Research Council: • Download hundreds of free books in PDF • Read thousands of books online for free • Explore our innovative research tools – try the “Research Dashboard” now! • Sign up to be notified when new books are published • Purchase printed books and selected PDF files Thank you for downloading this PDF. If you have comments, questions or just want more information about the books published by the National Academies Press, you may contact our customer service department toll- free at 888-624-8373, visit us online, or send an email to [email protected]. This book plus thousands more are available at http://www.nap.edu. Copyright © National Academy of Sciences. All rights reserved. Unless otherwise indicated, all materials in this PDF File are copyrighted by the National Academy of Sciences. Distribution, posting, or copying is strictly prohibited without written permission of the National Academies Press. Request reprint permission for this book. Computer Science: Reflections on the Field, Reflections from the Field http://www.nap.edu/catalog/11106.html Computer Science Reflections on the Field, Reflections from the Field Committee on the Fundamentals of Computer Science: Challenges and Opportunities Computer Science and Telecommunications Board THE NATIONAL ACADEMIES PRESS Washington, D.C.
    [Show full text]
  • Anish Das Sarma
    Anish Das Sarma Basic Information Home Internet Nationality 5600 Stevens Creek Blvd., #205 [email protected] Indian citizen Cupertino, CA 95014 http://i.stanford.edu/∼anishds U.S. Permanent Resident Cell: (650) 704 7735 Background Co-Founder and CTO, ClearList Inc. May 2013-Present Senior Research Scientist, Google Research May 2011-May 2013 Research Scientist, Yahoo! Research August 2009-May 2011 Stanford University M.S. in Computer Science March 2006 Ph.D. in Computer Science, Advisor: Prof. Jennifer Widom January 2010 Indian Institute of Technology (IIT) Bombay B.Tech. in Computer Science and Engineering May 2004 Cumalative Performance Index: 9.80/10.0 Honors • Three best-of-conference paper awards (VLDB 2006, SIGMOD 2008, SIGMOD 2012) • Winner of Yahoo! Hackday Search Innovations Award, 2010 • Microsoft Graduate Fellowship, 2007-2009. • Stanford University School of Engineering Fellowship, 2004-05. • IIT-Bombay Dr. Shankar Dayal Sharma Gold Medal, 2004. Professional Activities • Thesis Committees: Robert Ikeda (Stanford University). • Associate Editor: ACM SIGMOD Record. • Chair: Co-chair ACM SIGSPATIAL GIS 2012 Workshop on SoLoMo Data in the Cloud (SDC). • NSF Panel: Served on NSF panel for faculty grant reviewing. • Program Committees: ICDE 2014 (industrial), WSDM 2014 IEEE Big Data 2013, WWW 2013, GIS 2013 (posters co-chair), SSDBM 2013, SIGMOD 2013 (research/industrial), CIDR 2013, VLDB 2013, SIGSPATIAL GIS 2012, CIKM 2012 (research+poster), SUM 2012, WebDB 2012, IIWeb 2012, SIGMOD 2012, WSDM 2012, VLDB 2012, WWW 2012, ICDE 2012, VLDS 2012, WebDB 2011, CIKM 2011, MUD 2011,VLDB 2011 (industrial track), WWW 2011, VLDB 2011, ICDE 2011, ICDE 2011 Demo, EDBT 2011, SUM 2011, CIKM 2010, SUM 2010, WebDB 2010, MUD 2010 and 2009, MOUND 2010, NTII 2010.
    [Show full text]