Areas of Interest/Previous Research: Network Security, Security Configuration Synthesis, Access Control Models, Formal Property Verification



Similar documents
SWASTIK K. BRAHMA PROFESSIONAL EXPERIENCE

Name : Dr. Anjan Chakravarty. Qualification : M.A (Economics), M.B.A (Marketing), Ph.D (Marketing) Designation : Assistant Professor

Curriculum Vitae Summary Employment University of Washington at Bothell Sept 2013 Present BBN Technologies June 2011 May 2013

RESUME. Name : Pinaki Mitra. Date of birth : 1 st January, 1966

Computer Scientist. Conduct research in latest computer and network security technologies for high assurance system security solutions

Dr. Shashank Srivastava. Contact. Telephone: Teaching. Courses Taught: Current Courses: Past Courses:

How To Understand And Understand The Science Of Engineering In India

Automated Firewall Analytics

Review of Computer Engineering Research CURRENT TRENDS IN SOFTWARE ENGINEERING RESEARCH

Formal Configuration Analytics for Provable & Measurable Security

Department of Computer Science & Engineering. Indian Institute of Technology Kharagpur, India

BRIEF BIO-DATA. Degree University Year Remarks PhD (Physics) Indian Institute of 2008 First Technology Delhi to

ACM Survey on PhD Production in India in Computer Science

AICTE SPONSORED SHORT TERM COURSE ON. Planning and Managing Human Resources: Tools & Techniques. (Under the Scheme of QIP, Min of HRD, Govt.

Cyber-Physical System Security of the Power Grid

Monitoring Database Management System (DBMS) Activity for Detecting Data Exfiltration by Insiders

Dr. Mohammad Amjad has obtained his B.Tech. in Computer Engineering from Aligarh Muslim University Aligarh, India in 1997 with first class.

FORMAL ANALYSIS OF SECURITY POLICY IMPLEMENTATIONS IN ENTERPRISE NETWORKS

Minimum Qualifications for appointment of Teaching faculty in University and Colleges-Engineering and Technology Discipline.

Service Component Architecture for Building Cloud Services

Course Bachelor of Information Technology majoring in Network Security or Data Infrastructure Engineering

Certifications and Standards in Academia. Dr. Jane LeClair, Chief Operating Officer National Cybersecurity Institute

Cyberspace Security Econometrics System (CSES) Portfolio. Robert K. Abercrombie Organized by FY Updated October 20, 2014

WORKSHOP ON SUPPLY CHAIN MANAGEMENT 4 th February 2015 to 8 th February 2015 at IIT Kanpur, INDIA CONDUCTED BY

National Cybersecurity Challenges and NIST. Donna F. Dodson Chief Cybersecurity Advisor ITL Associate Director for Cybersecurity

Software Engineering. Program Description. Admissions Requirements. Certificate. Master of Software Engineering. Master of Science

Curriculum Vitae of. Vicky G. Papadopoulou

ADVANCED LOCAL PREDICTORS FOR SHORT TERM ELECTRIC LOAD

Panel on Emerging Cyber Security Technologies. Robert F. Brammer, Ph.D., VP and CTO. Northrop Grumman Information Systems.

3rd International Symposium on Big Data and Cloud Computing Challenges (ISBCC-2016) March 10-11, 2016 VIT University, Chennai, India

UNIVERSITY OF ZULULAND FACULTY OF SCIENCE AND AGRICULTURE DEPARTMENT OF COMPUTER SCIENCE POSTGRADUATES

UML BASED MODELING OF ECDSA FOR SECURED AND SMART E-GOVERNANCE SYSTEM

ST ALOYSIUS COLLEGE (AUTONOMOUS)

RESUME

Dr. (CA) Sanjib Kumar Basu

Firewall Verification and Redundancy Checking are Equivalent

Ali Ebnenasir. Department of Computer Science, Michigan Technological University.

Cybersecurity Risk Assessment in Smart Grids

A Methodology for Safety Critical Software Systems Planning

A Mobility Tolerant Cluster Management Protocol with Dynamic Surrogate Cluster-heads for A Large Ad Hoc Network

Utkal University B.Sc. Physics and Education, , Regional College of Education, Utkal University, Bhubaneswar, India.

The Role of Information Technology Studies in Software Product Quality Improvement

Debasis Karmakar. Postdoctoral Scholar (October 2009 Present) UC Irvine (Department of Civil and Environmental Engineering), Irvine, CA

CLOUD PLATFORM AND THE VIRTUALISED WORLD: TAKE A LOOK

A Survey on Cloud Computing

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense

Languages Arabic and English (First language mastery) Persian (moderate comprehension) French and Spanish (took courses out of interest in languages)

Bachelor of Information Technology (Network Security)

The Masters of Science in Information Systems & Technology

Curriculum Vitae RESEARCH INTERESTS EDUCATION. SELECTED PUBLICATION Journal. Current Employment: (August, 2012 )

HA THU LE. Biography EDUCATION

NSERC Alexander Graham Bell Canada Graduate Scholarship, Funding from the Canadian federal government to support graduate studies.

Centre for Advanced Management Research in Plantation (CARP) Fellow Programme in Management: Agri-Business & Plantation Management (FPM: ABPM)

B.Sc. in Computer Engineering, School of Electrical and Computer Engineering,

National Institute of Standards and Technology Smart Grid Cybersecurity

Tailoring MBA (Software Enterprise Management) Curriculum: To Meet India s Growing IT Challenges

INTRODUCTION. IoT AND IP STRATEGIES

Model-based Testing of Automotive Systems

Xianrui Meng. MCS 138, 111 Cummington Mall Department of Computer Science Boston, MA (857)

Communication and Embedded Systems: Towards a Smart Grid. Radu Stoleru, Alex Sprintson, Narasimha Reddy, and P. R. Kumar

ABHINAV NATIONAL MONTHLY REFEREED JOURNAL OF RESEARCH IN ARTS & EDUCATION

Information Technology Degree Programs

Going beyond Conventional Software Testing: Cloud Testing

Systems on Chip Design

Information Systems and Tech (IST)

An Object Oriented Role-based Access Control Model for Secure Domain Environments

Applied and Integrated Security. C. Eckert

Library and Information Networks in India

Cloud Database Storage Model by Using Key-as-a-Service (KaaS)

Real Time Test Bed Development for Power System Operation, Control and Cyber Security

Post : Assistant Professor (Engineering and Technology) Post : Assistant Professor (Management / Business Administration)

Department of Information Systems and Cyber Security

Comparative Study of Automated testing techniques for Mobile Apps

Gerald Roth. Department of Electrical Engineering and Computer Science School of Engineering Vanderbilt University Nashville, TN

Software Testing Strategies and Techniques

BM482E Introduction to Computer Security

CAD-CAM Application in CNC Machining with Solid & Surface Modelling

Accessing Private Network via Firewall Based On Preset Threshold Value

End-to-end Secure Data Aggregation in Wireless Sensor Networks

Yampolskiy, Analysis of Cyber Infrastructure Authentication Failure Vulnerabilities to Inform Security Decisions

Efficiently Managing Firewall Conflicting Policies

Information Security Management System for Cloud Computing

RESUME. Dr. Rudra Prakash Maheshwari. Indian Institute of Technology Roorkee , India. 25th June, 1960

Center for Information. Security and Assurance (CISA) Charter. Mathematical, Computing, and Information Sciences (MCIS) Department

Review of Mobile Applications Testing with Automated Techniques

Fluvial hydraulics: sediment transport, local scour around hydraulic structures

An Agent-Based Concept for Problem Management Systems to Enhance Reliability

Transcription:

Dr. Padmalochan Bera Assistant Professor, School of Electrical Science and Computer Engineering Indian Institute of Technology Bhubaneswar Orissa 751 013 Tel: +91-6742306307(O), +91-8658578918 (M) Email: plb@iitbbs.ac.in; Qualification: PhD (Doctor of Philosophy, 2011) O in Indian Institute of Technology, Kharagpur. O Thesis:Formal Analysis of Security Policy Implementations in Enterprise Networks. O Supervisor(s): Dr. S. K. Ghosh and Dr. PallabDasgupta, IIT Kharagpur. ME (Masters in Engineering, 2006) O in Computer Science in Engineering from West Bengal University of Technology, Kolkata, India. O Specialization: Embedded Systems, Distributed Systems O Marks: 74.5% BE (Bachelor in Engineering, 2001) O in Computer Science in Engineering from Jadavpur University, Kolkata, India. O Specialization: Databases, Graph Theory, Operating Systems, Data Structure and Algorithms O Marks: 71.9% H. Sc (10+2, 1995) O in Science from Ramkrishna Mission Vidyamandir Belure Math, Howrah, India. O Marks: 83.5% Secondary (10, 1993) O in Science from Ramkrishna Mission Vidyabhawan, Midnapore, India. O Marks: 85% Current Research Area: Network Security Automation, Cyber Physical Systems Security, Software Security Testing, Internet of Things, Formal Modeling and Optimization. Areas of Interest/Previous Research: Network Security, Security Configuration Synthesis, Access Control Models, Formal Property Verification Page 1 of 6

Work Experiences: Working as Assistant Professor in School of Electrical Sciences, Indian Institute of Technology Bhubaneswar, India from September 2013 to till date. Worked as a Senior Research Scientist in Infosys Labs (Software Test Automation and Optimization Group), Bangalore, India from July 2012 to till date. Worked as a Researcher at General Motors India Science Lab (Control Software Validation Group), Bangalore, India from September 2011 to June 2012. Worked as a Post-Doctoral Research Associate in CyberDNA Research Center, University of North Carolina at Charlotte, NC, USA from October 2010 to September 2011 Worked as a Senior Research Fellow in a Research Project titled Design &Development of Models and Tools for Vulnerability Assessment of Embedded Systems sponsored by Ministry of Defense, New Delhi in Indian Institute of Technology Kharagpur, India from July 2007 to September 2010. Research Projects (at Infosys Labs): Quantification of Preventive Maintenance Metric for Enterprise Software Test Case Generation and Optimization for System of Systems Testing Fault Injection based Software Security Testing in Cloud Infrastructure Research Projects (at General Motors, India Science Lab): Modern Technology Cars consist of a large number of Electronic Control Units (ECU) which are automatically managed by different embedded control software. These software essentially take inputs from different sensors at different time and accordingly triggers necessary actions to ensure consistent functionality and higher security and safety in different scenarios. My research at General Motors India Science Lab was focused on developing methodologies for automatic verification and validation of these control software in integration based on several safety-critical requirements and functional invariants/constraints. I was leading the following projects: RemoteGen: Requirement based Test Case Generation for Automotive Control software End Applications: CSAV 2 Features (Supercruise, ACC) Modeling and Optimization of AUTOSAR based Control Design Model based Software Integration Testing Previous Research (PhD and Post-Doc): The major area of my research is Network Security and Formal Methods. I have more than 4 years of applied research experience in this domain. My work essentially focused on formal (mathematical) modeling of largescale network configurations and verifying different safety and security constraints in the configuration model. The major challenges in this verification problem lies in (i) modeling distributed network configurations in a scalable manner; (ii) correct and conflict-free representations of security constraints or policies based on various standards and organizational requirements; and (iii) providing automated and proof-based methodology to ensure the satisfaction of the security constraints in the network configuration. Page 2 of 6

My PhD thesis is on Formal Analysis of Security Policy Implementations in Enterprise Networks. It primarily concentrates on formalizing organizational security policy and distributed ACL implementations in an enterprise network and verifying whether the implementation conforms to the policy under static and dynamic topology environments. Through this research, I have developed a Formal Integrated Network Security Analysis Tool, namely, FINSAT, for systematic analysis of security policy implementations in enterprise networks. The tool allows users/network administrators querying about various service access paths in the networks with different security constraints towards hardening the security perimeter over the networks. I have also worked on policy based security management in wireless networks (WLAN) supported by spatiotemporal role based access control models (STRBAC). I was actively involved in the following research activities throughout my PhD and Post-Doc tenure: Formal Verification of Access Control Models in IP Networks Fault Tolerant Policy based Security Implementations in IP Networks Formal Analysis of Security Threats in Smart-Grid Networks Lead Research Projects (at UNC, Charlotte, USA): SmartAnalyzer: Framework for Analyzing Threats in Smart Grid Network Infrastructure sponsored by Duke Energy Systems, USA. ConfigLego: An Imperative approach of Security Configuration Analysis in Enterprise Networks sponsored by NSF, USA. ConfigSlider: Synthesizing Optimal and Usable Network Security Configuration using Constraint Satisfaction Checking sponsored by NSF, USA Programming Skills and Verification/Testing Tools used Modeling and Test Tools: Simulink/Stateflow, Reactis, SDV toolset (Mathworks) SAT/BDD based verification Tools: zchaff, minisat, Cudd Model Checking Tools: SPIN, Z3 (SMT based), NuSMV, Bounded Model Checker Declarative Logic Programming: Prolog, Alloy Programming Languages: C, Java, C++ Hardware Programming Language: VHDL, Verilog, systemc Research Publications: Journals: Soumya Maity, Padmalochan Bera, S. K. Ghosh, Ehab Al-Shaer, FINSAT: Formal Query based Network Security Configuration Analysis. In IET Networks, February 2014 (To appear). M. Ashiqur Rahaman, Ehab Al-Shaer, P. Bera, A Noninvasive Threat Analyzer for Advanced Metering Infrastructure in Smart Grid In IEEE Transaction on Smart Gridvol 4(1), pp. 273-287, March 2013 Page 3 of 6

P. Bera, Pallab Dasgupta, S. K. Ghosh, Policy based Security Analysis in Enterprise Networks- A formalapproach, In IEEE Transaction on Network and Service Management (IEEE TNSM), vol. 7(4), pp. 231-243, December 2010. P. Bera, Pallab Dasgupta, S. K. Ghosh, Integrated Security Analysis Framework for an Enterprise Network-A Formal Approach, In IET Information Security Journal, vol. 4(4), pp. 283-300, December 2010. P. Bera, S. K. Ghosh and Pallab Dasgupta, A WLAN Security Management Framework based on Formal Spatio-Temporal RBAC Model, Journal of Security and Communication Networks, Wiley InterScience, vol 4(9), pp. 981-993, August 2011. P. Bera, Pallab Dasgupta, S. K. Ghosh, Formal Analysis of Security Policy Implementations in EnterpriseNetworks. International Journal of Computer Network and Communications (IJCNC), Vol. 1(2), pp. 56-73, July 2009. Selected Conferences: S. Majhi, P. Bera, S. Kumar, E. Al-Shaer, M. Satpathy, Synthesizing Optimal Network Security Configurations in Enterprise Networks a formal approach. In 9 th IET System Safety and Cyber Security Conference, Manchester, UK, October 2014 (Accepted) P. Bera and S. K. Ghosh, A Query Driven Security Testing Framework for Enterprise Network, In IEEE SECTEST with IEEE ICST Conference, Luxembourg, March 2013 M. Ashiqur Rahaman, P. Bera and E. Al-Shaer, A Non-invasive Security Threat Analyzer for AMI Smart Grid, IEEE INFOCOM 2012, pp. 2255-2263, Florida, USA, March 2012 P. Bera and A. Pasala, A Framework for optimizing effort in Testing System-of-Systems, In IEEE ICSEM 2012, December 12-15 2012, Mysore, India Saeed Al-Haj, P. Bera and Ehab Al-Shaer, Build andtest Your Own Network Configuration, 7th International ICST Conference on Security and Privacy in Communication Networks (SecureComm 2011), London, UK, September 2011 P. Bera, SoumyaMaity, S. K. Ghosh and Pallab Dasgupta, Generating Policy based Security Implementations in Enterprise Networks. In ACM SafeConfig Workshop, ACM CCS 2010, Chicago, USA, October 2010. P. Bera, Pallab Dasgupta, S. K. Ghosh, A Spatio-temporal Role-based Access Control Model for Wireless LAN Security Policy Management, In 4th International Conference on Information Systems, Technologyand Management (ICISTM-10), LNCS, Springer pp 76-88, Bangkok, March 2010. P. Bera, Soumya Maity, S. K. Ghosh and Pallab Dasgupta, A Query based Formal Security Analysis Framework for Enterprise LAN, In 10 th IEEE International Conference on Computer and InformationTechnology 2010 (CIT 2010), Bradford, UK, pp. 407-414, IEEE Computer Society, June 2010 Page 4 of 6

P. Bera, Pallab Dasgupta, S. K. Ghosh, Formal Verification of Security Policy Implementations inenterprise Networks, In International Conference on Information Systems and Security (ICISS 2009), LNCS 5905, pp. 117-131, Kolkata, India, December 2009. P. Bera, Pallab Dasgupta, S. K. Ghosh, Fault Analysis of Security Implementations in EnterpriseNetworks, In IEEE International Conference on Network and Communication Systems (NetCom 2009),DOI: 10.1109/Netcom.2009.82, pp. 240-245, Chennai, India, December 2009. Book Chapter: E. Al-Shaer, S.K.Ghosh, P. Bera, Formal Analysis of Policy based Security Configurations in Enterprise Network, In Handbook on Securing Cyber-Physical Critical Infrastructure, ISBN: 9780124158153, Morgan Kaufmann Publication, USA, June 2012 Technology Patents (filed): 4294/CHE/2013: A. Pasala, P. Bera, Tom Nedumgad. Methods, Systems and Computer Readable Media for Quantifying Bug Detection Efficiency of bug prediction technique, 1330/CHE/2014: P. Bera, A. Pasala. Method and System for Generating Stateflow Models from Software Requirements Professional Activities (Seminars, Workshops & Courses): Attended IBM Faculty Residency Program on Cyber-Security at IBM Bangalore, India during June 4-6 2014. INSTEP Award for Thought and Leadership 2012-13 and 2013-14, Infosys Technologies Ltd., Bangalore Postdoctoral Fellow, CyberDNA Research Center, University of North Carolina Charlotte, USA ACM Travel Award for presenting paper in ACM Safeconfig, CCS 2010 Delivered Talk on Security and Safety Challenges in Smart Grid Advanced Metering Infrastructure in IEEE CSS Symposium on Cyber Physical Systems at IISC Bangalore, India during November 2-3 2012. Delivered Lectures on Cyber Security Challenges and Scope of Formal Methods under Advanced Network Security Course in University of North Carolina Charlotte, USA, Fall Semester 2011 Delivered Lecture on Formal Analysis of Security Configurations in Enterprise Networks at CyberDNA Research Seminar in University of North Carolina at Charlotte, USA, March 18 2011 Presented papers in conferences: ICISS 2009, IACC 2009, NetCom 2009, 1CISTM 2010, ICDCN 2010 (Poster), Safeconfig ACM CCS 2010, IEEE INFOCOM 2012, IEEE SECTEST 2013 Page 5 of 6

Attended Microsoft Research (MSRI) summer school on Programming Languages, Analysis and Verification in IISC, Bangalore during 16-28 June 2008. Attended 3 week UGC Refresher s Course on Natural Language Processing in Jadavpur University, Kolkata during November 25-December 16, 2003. National Scholarship for results in Secondary Examination National Scholarship for results in Higher Secondary Examination References: Dr. S. K. Ghosh, Associate Professor, School of Information Technology, IIT Kharagpur- 721302, India. Phone No: 91-3222-282332, Fax: 91-3222-255303, Email: skg@iitkgp.ac.in. Dr. Pallab Dasgupta, Professor, Dept of Computer Sc&Engg, IIT Kharagpur-721302, India. Phone No: 91-3222-283470, Fax: 91-3222-255303, Email: pallab@cse.iitkgp.ernet.in. Dr. S Ramesh, Technical Fellow, General Motors, India Science Lab, Tech Center, Warren, MI, USA, Tel.: 1-248-534-0440, Email: ramesh.s@gm.com. Dr. Ehab Al-Shaer, Professor& Director CyberDNA Research Center, University of North Carolina Charlotte, NC 28223, USA, Tel: 1-704-687-8663, Email: ealshaer@uncc.edu. Dr. Indranil Sengupta, Professor, Dept of Computer Sc&Engg, IIT Kharagpur-721302, India. Phone No: 91-3222-283496, Fax: 91-3222-277190, Email: isg@iitkgp.ac.in Page 6 of 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information