XuKai Zou's Home Page

Research

Research Interests Communication networks and security, Applied cryptography, Security and reliability for Grid Computing, Wireless network security, Design & analysis of algorithms, Software engineering, Image and data compression.
Current Research Topics
- Secure Group Communication (SGC). SGC refers to a setting in which a group of members can send messages to and receive messages from group members, in a way that outsiders are unable to glean any information even when they are able to intercept the messages. Broad critical applications such as teleconferencing, multi-partner military action, and cyber forensic in critical fields such as government, military, and law enforcement practice, depend on SGC to provide confidentiality and integrity. Other typical applications that require SGC or will gain more benefits if incorporated with SGC include distance- education, tele-medicine, real-time information services, distributed interactive simulations, collaborative work, interactive games, grid computing, and the deployment of VPNs. Group Key Management (GKM) is the most important issue for SGC and the difficulty for SGC GKM comes from dynamics. The SGC GKM protocols appearing in literature are typically classified into four categories: centralized group key distribution (CGKD), decentralized group key management with relaying (DGKM), (distributed) contributory group key agreement (CGKA), and distributed group key distribution (DGKD). We have investigated SGC and GKM problems for many years and will continue to explore the problems and seek efficient and robust solutions. Some results we have achieved in this topic are:
  1. X. Zou, Y. Dai and E. Bertino A Practical and Flexible Key Management Mechanism For Trusted Collaborative Computing. IEEE INFOCOM'08, April 2008, W3.1: Network Security 2.
  2. G. Hao@, N. V. Vinodchandran, B. Ramamurthy and X. Zou, A Balanced Key Tree Approach for Dynamic Secure Group Communication, Accepted by ICCCN 2005 FOURTEENTH INTERNATIONAL CONFERENCE ON COMPUTER COMMUNICATIONS AND NETWORKS, October 17-19, 2005, CA, USA.
  3. P. Adusumilli@, X. Zou and B. Ramamurthy, DGKD: Distributed Group Key Distribution with Authentication Capability, Proceedings of the 2005 IEEE Workshop on Information Assurance (IAW), United States Military Academy, West Point, NY, 15-17 June 2005, pp. 286--293.
  4. X. Zou and A. Thukral, Key management, The Handbook of Information Security, Hossein Bidgoli, Editor-in-Chief, to be published by John Wiley \& Sons, Inc, October 2005.
  5. X. Zou, A. Thukral, and Y. Karandikar Secure Group Communication, Parallel and Distributed Computing: Evaluation, Improvement and Applications, Editors, Y. Dai, Y. Pan, and R. Raje, to be published by Nova Science Publishers, Sept., 2005.
  6. X. Zou, B. Ramamurthy and S. Magliveras, Secure Group Communication over Data Networks, Springer, ISBN: 0-387-22970-1 (The ebook ISBN: 0-387-22971-X), October 2004, pages 182 (Go to Springer for more information).
  7. X. Zou and B. Ramamurthy, A simple group Diffie-Hellman key agreement protocol without member serialization, Lecture Notes in Computer Science (LNCS), Springer-Verlag, Vol. 3314 (2004), pp. \ 725-731.
  8. X. Zou, B. Ramamurthy, and S. S. Magliveras, A GCD attack resistant CRTHACS for secure group communications, Proceedings of International Conference on Information Technology, ITCC 2004 (Poster), April 5 -7, 2004, Las Vegas, NV, USA, pp. \ 153--154.
  9. X. Zou and B. Ramamurthy, A block-free tree based group Diffie-Hellman key agreement protocol for secure group communication, Proceedings of International Conference on Parallel and Distributed Computing and Networks, Innsbruck, Austria, February 17-19, 2004, pp. \ 288--293.
  10. X. Zou, B. Ramamurthy and S. Magliveras, Efficient key management for secure group communication with bursty behavior, Proceedings of International Conference on Communication, Internet, and Information Technology, Virgin Islands, USA, November 2002, pp.\ 148--153.
- Secure Dynamic Conferencing (SDC). SDC refers to a scenario where any random subset of the universe can form a secure group communication (sub)group. As is evident, SDC are closely related to SGC: as an extension of SGC or equivalently, SGC as a specific case of it. Similarly, Conference Key Management (CKM) is the core issue in SDC. CKM for SDC is much harder to deal with than GKM for SGC. Some of our work in this topic are:
  1. X. Zou and Y. Karandikar A Novel Conference Key Management Solution for Secure Dynamic Conferencing, International Journal of Security and Networks, 3(1), 2008, pp. 47--53.
  2. P. Adusumilli and X. Zou, Symmetric Polynomial based Hierarchical Conference Key Management, Submitted to International Conference on Information and Communication Security (ICICS'05).
  3. P. Adusumilli@ and X. Zou, KTDCKM-SDC: A Distributed Conference Key Management Scheme for Secure Dynamic Conferencing, Proceedings of THE TENTH IEEE SYMPOSIUM ON COMPUTERS AND COMMUNICATIONS (ISCC), Cartagena, Spain, June 27-30, 2005, pp. 476--481.
  4. X. Zou, B. Ramamurthy and S. Magliveras, Secure Group Communication over Data Networks, Springer, ISBN: 0-387-22970-1 (The ebook ISBN: 0-387-22971-X), October 2004, pages 182 (Go to Springer for more information).
  5. X. Zou, S. Magliveras and B. Ramamurthy, Key Tree based Scalable Secure Dynamic Conferencing Schemes, Proceedings of International Conference on Parallel and Distributed Computing and Systems (PDCS 2004), MIT Cambridge, MA, USA, November 2004, pp. \ 61--65.
  6. X. Zou, S. Magliveras and B. Ramamurthy, A dynamic conference scheme extension with efficient burst operation, Congressus Numerantium, Vol. 158, 2002, pp.\ 83--92.
- Differential Access Control (DAC). Access control is used for checking whether a user has the right to access a certain resource and for granting or denying access as required. It is a fundamental security issue in any computer or communication system. Traditionally, access control is used for single-user privilege and has been implemented using non-cryptographic techniques. These techniques are typically classified as three categories: Discretionary access control, Mandatory access control (MAC), and Role-based access control (RBAC). In distributed collaborative environments, access control becomes harder. Access control mechanisms for collaborative environments must be dynamic, scalable, efficient, generic, and varying-granularity. There are some work proposed for extending traditional access control mechanism to collaborative environments such as extension of Access Control Matrix/Access Control List, of RBAC, of Task Based Access Control (TBAC), of Team Based Access Control (TMAC), and Spatial Access Control. All these mechanisms are non-cryptographic solutions which have some problems: 1) central entities are generally required to verify a user's access right; 2) resources (i.e., data) are stored in plain format; and 3) if resources need to be broadcast over a network, e.g., streaming media, they are not able to protect the resources. In order to solve the above problems, a new class of access control techniques, called cryptographic access control, have been proposed. The idea is that every resource is assigned a cryptographic key and and the resource is encrypted with the key. This key is also distributed to the users who are supposed to access the resource (e.g., already paid for the resource). Only if the key provided by a user matches the resource key, the resource grants the user's access, otherwise, denies the access. There are two access control models in TCC: differential access control (DAC) and hierarchical access control (HAC). In DAC, a user can (and only can) access certain resources and a resource can (and only can) be accessed by certain users (i.e, many-to-many relation). The typical applications requiring DAC are information distribution such as e-newspapers, pay-per-view broadcast TV, and newsgroups. Some of our work in this topic are:
  1. Y. Karandikar@, X. Zou and Y. Dai, An Effective Key Management Approach to Differential Access Control in Dynamic Environments, Journal of Computer Science, 2(6):542--549, 2006.
  2. Y. Karandikar@, X. Zou and Y. Dai, Secure Group Communication Based Scheme for Differential Access Control in Dynamic Environments, Accepted by The 1st IEEE Workshop on Reliability and Autonomic Management In Parallel and Distributed Systems (RAMPDS-2005), 2005.
- Hierarchical Access Control (HAC). HAC occurs when resources (and users) have some hierarchical relation: resources are assigned levels and a user who has the access right to a resource at one level is automatically granted access to the resources which are the resource's children or descendants at lower levels. The research on cryptographic HAC solutions was initiated by Profs. Akl and Taylor in 1983 and followed by many other researchers. The idea is that every resource in the hierarchy is assigned a key. A resource's key can be used to derive the key of any of its descendants but the inverse cannot be performed. Some of our work in this topic are:
  1. X. Zou, B. Ramamurthy and S. Magliveras, Secure Group Communication over Data Networks, Springer, ISBN: 0-387-22970-1 (The ebook ISBN: 0-387-22971-X), October 2004, pages 182 (Go to Springer for more information).
  2. X. Zou, B. Ramamurthy, V. Variyam and R. K. Balachandran@, Algorithms for unified hierarchy based access control, Proceedings of International Conference on Communications, Internet, \& Information Technology (CIIT 2003), Scottsdale, AZ, USA, November 17-19, 2003, pp.\ 31--36.
  3. X. Zou, B. Ramamurthy and S. Magliveras, Chinese Remainder Theorem based hierarchical access control for secure group communications, Lecture Notes in Computer Science (LNCS), Springer-Verlag, vol. 2229 (2001), pp.\ 381--385.
  4. J.-C. Birget, X. Zou, G. Noubir and B. Ramamurthy, Hierarchy-based access control in distributed environments, Proceedings of IEEE International Conference on Communications, June 2001, Helsinki, Finland, pp.\ 229--233.
- SGC in wireless/mobile ad hoc networks (MANET). Unlike traditional mobile/wired networks, ad hoc networks do not rely on any fixed infrastructure. This makes such networks cheaper and easier to deploy. Military, emergency situations are some of the main applications of MANETs. However, due to the specific features of MANETs such as no central authority, openness, constrained computing power, limited battery energy, mobility, dynamic topology, etc, security and SGC in MANETS poses great challenges. Some of our work in this topic are:
  1. R. K. Balachandran@, B. Ramamurthy, X. Zou, and N. V. Vinodchandran, CRTDH: An Efficient Key Agreement Scheme for Secure Group Communications in Wireless Ad-Hoc Networks, Accepted by IEEE International Conference on Communication (ICC) 2005.
  2. X. Zou, A. Thukral, and B. Ramamurthy, An authenticated key management scheme for mobile ad hoc networks, Accepted by MSN'06.
  3. X. Zou, B. Ramamurthy and S. Magliveras, Secure Group Communication over Data Networks, Springer, ISBN: 0-387-22970-1 (The ebook ISBN: 0-387-22971-X), October 2004, pages 182 (Go to Springer for more information).
- Trusted Collaborative Computing (TCC) and Health/Medical Information System. Even though significant work toward TCC has been done and continues, there is a dearth of practical TCC systems and applications. The reasons for this include, but not limited to, the following: i) The existing protocols have some kind of problems in terms of efficiency, scalability, and support for dynamics and heterogeneity. ii) Due to inherent characteristics of such systems, efficient yet robust key management solutions are difficult to invent. iii) The four fundamental functions in TCC (SGC, SDC, DAC and HAC) have so far been treated independently. No systematic and uniform solution applicable to all four functions has ever been found. iv) Current network limitations and lack of tools have also hindered the development of such systems. v) There are many challenges in terms of architecture, model, construction, heterogeneity, and implementation. vi). Fault-tolerance and attack-resistance is important for TCC, however, there has been a gap in combining and applying reliability and defense technology with TCC security. We aim at building a trusted collaborative computing platform that would facilitate the development of TCC applications.
  1. X. Zou, Y. Dai and E. Bertino A Practical and Flexible Key Management Mechanism For Trusted Collaborative Computing. IEEE INFOCOM'08, April 2008, W3.1: Network Security 2.
  2. X. Zou, Y. Dai and Y. Pan, Trust and Security in Collaborative Computing, World Scientific, ISBN-13 978-981-270-368-2, ISBN-10 981-270-368-3 (Go to World Scientific for more information).
  3. X. Zou and Y. Dai, Secure Medical Data Repository and Regional Health Information Exchange Networks. In collaboration with Indiana University Medical School and VA Medical Center.
  4. Amandeep Thukral@ and Xukai Zou, Secure Group Instant Messaging based on Cryptographic Primitives, To appear in Lecture Notes in Computer Science (LNCS), Springer-Verlag, (2005).
Funded Projects
1. Unrestricted Gift-- Building A Secure Video Stream Framework for Dynamic and Anonymous Subscriber Groups, Cisco, $85,000, X. Zou (PI), F. Maino (Cisco Sponsor).
2. Secure group communications over wired/wireless networks, NSF, $349,990, 08/01/03 - 07/31/06, Xukai Zou, PI at IUPUI (In collaboration with Dr. B. Ramamurthy (PI) and V. Variyam (CO-PI) from University of Nebraska-Lincoln).
3. Trusted Collaborative Computing and Robust Group Key Management, Granted by IU seed fund, $75,000, 08/01/03 - 06/31/06, X. Zou (PI).
4. The 2nd IEEE Symposium on Dependable Autonomic and Secure Computing (DASC06), Indiana University-Purdue University, Indianapolis, Granted by IEEE and NASA, $15,430, 09/01/05 - 08/31/06, X. Zou (CO-PI) (with Dr. Y. Dai (PI)).
5. Seamless and Trusted Medical Information System , Department of Veterans Affairs, $156,000, 01/01/06 - 12/31/06, X. Zou (PI) with Y. Dai (CO-PI).
6. Secure and Dependable Medical Information Systems, IU RSFG grant, $30,000, 12/01/2005 - 11/31/2006, X. Zou (PI) (with Dr. Y. Dai (CO-PI)).
7. Buliding a Secure, Composable and Scalable Framework for Trusted Collaborative Computing , Purdue Research Grant, $8,000, June/01/2008 - July/31/2008, X. Zou (PI).
8. Signature Center for Bio-Computing IUPUI, $265,000, 2007-2009, X. Zou (Co-PI) (with Shiaofen Fang (PI) and others (Co-PI)).
Selected Publications
- Monographs
  1. X. Zou, Y. Dai and Y. Pan, Trust and Security in Collaborative Computing, World Scientific, ISBN-13 978-981-270-368-2, ISBN-10 981-270-368-3 (Go to World Scientific for more information).
  2. X. Zou, B. Ramamurthy and S. Magliveras, Secure Group Communication over Data Networks, Springer, ISBN: 0-387-22970-1, October 2004, pages 182 (Go to Springer for more information).
  3. X. Zou, C. Yang, H. Li and F. Liang, Intranet technologies and applications, ISBN 7-5606-0613-X, Xian Electronic Science and Technology University Publishing Press, August 1998.
- Book Chapters
  1. X. Zou, Public Key Standards: SSH (Secure Shell), The Handbook of Information Security, Hossein Bidgoli, Editor-in-Chief, to be published by John Wiley \& Sons, Inc, February 2005.
  2. X. Zou and A. Thukral@, Key management, The Handbook of Information Security, Hossein Bidgoli, Editor-in-Chief, to be published by John Wiley \& Sons, Inc, February 2005.
  3. X. Zou, A. Thukral@, and Y. Karandikar@, Security Issues and Techniques in Trusted Collaborative Computing (TCC), Parallel and Distributed Computing: Evaluation, Improvement and Applications, Editors, Y. Dai, Y. Pan, and R. Raje, Nova Science Publishers, 2006, ISBN: 1-60021-202-6, pp. 31--54.
- Journal Articles
  1. X. Zou and L. Bai, A New Class of Key Management Scheme for Access Control in Dynamic Hierarchies, International Journal of Computers and Applications, (Accepted).
  2. R. K. Balachandran@, X. Zou, B. Ramamurthy, A. Thukral@, and N.V. Vinodchandran, An Efficient and Attack-resistant Key Agreement Scheme for Secure Group Communications in Mobile Ad-Hoc Networks, Wireless Communication and Mobile Computing, (Accepted).
  3. X. Zou, Y. karandikar@, and E. Bertino, A Dynamic Key Management Solution to Access Hierarchy, International Journal of Network Management, Wiley, 17(6), Nov./Dec. 2007, pp. 437--450.
  4. X. Zou and Y. Karandikar@, A Novel Conference Key Management Solution for Secure Dynamic Conferencing, International Journal of Security and Networks, 3(1), 2008, pp. 47--53.
  5. O. Tilak@, R. Raje, and X. Zou, Composing Access Control Policies of Distributed Components, Journal of Autonomic and Trusted Computing (In Press).
  6. X. Zou, Y. Dai, and X. Ran@, Dual-Level Key Management for Secure Grid Communication in Dynamic and Hierarchical Groups, Future Generation of Computer Systems (Elsiver), 23(6), July 2007, pp. 776--786.
  7. Y. Dai, X. Zou, and Y. Guo@, Novel Grid Services for Data Access with High Performance, Fault Tolerance and Self-Healing, International Journal of High Performance Computing and Networking (In Press).
  8. X. Fu, W. Yu@, X. Zou, K. Strevie@, and S. Graham, On Recognizing Virtual Honeypots and Counter-measures, Journal of Autonomic and Trusted Computing (In Press).
  9. Y. Dai, Y. Pan, and X. Zou, A Hierarchical Modeling and Analysis for Grid Service Reliability, IEEE Transaction on Computers, vol. 56, no. 5, 2007, pp. 681--691.
  10. Y. Karandikar@, X. Zou and Y. Dai, An Effective Key Management Approach to Differential Access Control in Dynamic Environments, Journal of Computer Science, 2(6):542--549, 2006.
  11. Q. Wu, Hua Xu, and X. Zou, An effective method for 3D geological modeling with multi-source data integration, Computers & Geosciences, 31(1) , February 2005, pp. 35-43.
  12. X. Zou, S. Magliveras and B. Ramamurthy, A dynamic conference scheme extension with efficient burst operation, Congressus Numerantium, Vol. 158, 2002, pp.\ 83--92.
  13. X. Zou, An efficient approach to compute the edit distance and edit path for char/(Chinese character) string. Computer Research and Development, 33 (8), 1996, pp 574--581.
  14. X. Zou, An efficient edit distance and edit path computation approach. Mini-Micro Systems, 17(7), 1996, pp 72--76.
  15. X. Zou, An efficient parallel approximate approach to char/(Chinese characters) string pattern matching. Journal of Advanced Software Research, 2(2), 1995, pp 198--203.
  16. X. Zou, A fast approach to char/(Chinese characters) string pattern matching allowing errors. Journal of Advanced Software Research, 2(2), 1995, pp 147--152.
  17. X. Zou, An approach for parallel string pattern matching allowing errors. Computer Research and Development, 32(2), 1995, pp 34--38.
  18. X. Zou, An efficient parallel approximate approach to char/(Chinese characters) string pattern matching. Journal of Software, 6(8), 1995, pp 463--468.
  19. X. Zou, An optimal parallel Chinese character/char string searching approach. Journal of Chinese Information. 1, 1995.
  20. X. Zou, An efficient approach to automatic checking and correction of spelling errors in compilation. Journal of Zhengzhou University, 27(1), 1995.
  21. X. Zou and S. Wang, A fast approach to char/(Chinese characters) string pattern matching allowing errors. Journal of Software, 5(10), 1994, pp 55--59.
  22. X. Zou, An optimal parallel string searching approach. Journal of Zhengzhou University, 26(1), 1994, pp 41--45.
  23. X. Zou, An fast pattern matching approach with scaling. Journal of Zhengzhou University, 26(3), 1994,
  24. X. Zou, String searching: theory and practice. in Proceedings of the Fourth young computer scientist annual conference, China, 12, 1994.
  25. X. Zou, A fast approach to char/(Chinese character) string pattern matching. Mini-Micro Systems. 14(11), 1993, pp 49--53.
  26. X. Zou and Y. Guo, A reliable microcomputer communication approach. Journal of Zhengzhou University, 25(3), 1993, pp24--28.
  27. X. Zou, Notes on McCabe approach measuring program complexity. Henan Electronics Technology, 4(1), 1993.
  28. X. Zou, An efficient parallel approximate approach to char/Chinese character string searching, Journal of Advanced Software Research, 2(2), 1995, pp.\ 198--203.
  29. X. Zou, A fast approach to char/Chinese characters text searching allowing errors, Journal of Advanced Software Research, 2(2), 1995, pp.\ 147--152.
- Refereed Conference Proceeding Papers
  1. X. Zou, Y. Dai and E. Bertino A Practical and Flexible Key Management Mechanism For Trusted Collaborative Computing. IEEE INFOCOM'08, April 2008, W3.1: Network Security 2.
  2. X. Zou, Y.S. Dai, B. Doebbeling, M. Qi@, Dependability and security in medical information system, Lecture Notes of Computer Science (LNCS), vol. 4553, pp. 316-326.
  3. Y. Wang@, B. Ramamurthy, and X. Zou, KeyRev: An Efficient Key Revocation Scheme for Wireless Sensor Networks, accepted by IEEE ICC'07, 24-27 June 2007, Glasgow, Scotland.
  4. X. Zou, A. Thukral@, and B. Ramamurthy, An Authenticated Key Agreement Protocol for Mobile Ad Hoc Networks, LNCS, Springer, Vol. 4325, pp. 509--520.
  5. X. Zou and Y. Dai, A Robust and Stateless Self-Healing Group Key Management Scheme, Proceedings of The 2006 IEEE International Conference on Communication Technology, Guilin, China, Nov. 28--30, 2006, pp. 455--459.
  6. O. Tilak@, R. Raje, and X. Zou, Composing Access Control in Distributed Systems, The 2nd IEEE International Symposium on Dependable, Autonomic, and Secure Computing (DASC), Indianapolis, IN, USA, Sept. 29 - Oct. 1, 2006, pp. 301--307.
  7. Y. Wang@, B. Ramamurthy, and X. Zou, The Performance of Elliptic Curve Based Group Diffe-Hellman Protocols for Secure Group Communication over Ad Hoc Networks, the Proceedings of IEEE ICC 2006, 11-15 June 2006, Istanbul, TURKEY, Vol.5, pp.2243 - 2248.
  8. S. Deshpande@, A. Todimala@, R. K Balachandran@, B. Ramamurthy, X. Zou, and N. V. Vinodchandran, A New Cryptographic Scheme for Securing Dynamic Conferences in Data Networks, the Proceedings of IEEE ICC 2006, 11-15 June 2006, Istanbul, TURKEY, vol. 5, pp.2310 - 2315.
  9. A. Thukral@ and X. Zou, Secure Group Instant Messaging based on Cryptographic Primitives, Lecture Notes in Computer Science (LNCS), Springer-Verlag, Vol. 3619, pp. 1002-1011, August, 2005.
  10. Y. Dai, X. Zou and Y. Guo@, Grid-Based Information System with Fault Tolerance, Self-Healing and High-Performance, the Proceedings of 10th Annual International Conference on Industrial Engineering Theory, Applications and Practice, Florida, December 4-7, 2005, pp. 455-460.
  11. G. Hao@, N. V. Vinodchandran, B. Ramamurthy and X. Zou, A Balanced Key Tree Approach for Dynamic Secure Group Communication, Proceedings of ICCCN 2005 Fourteenth International Conference on Computer Communications and Networks (ICCCN), October 17-19, 2005, CA, USA, pp.345--350.
  12. P. Adusumilli@, X. Zou and B. Ramamurthy, DGKD: Distributed Group Key Distribution with Authentication Capability, Proceedings of the 2005 IEEE Workshop on Information Assurance (IAW), United States Military Academy, West Point, NY, 15-17 June 2005, pp. 286--293.
  13. Y. Karandikar@, X. Zou and Y. Dai, Secure Group Communication Based Scheme for Differential Access Control in Dynamic Environments, The 1st IEEE Workshop on Reliability and Autonomic Management In Parallel and Distributed Systems (RAMPDS-2005), 2005, pp. 448--453.
  14. P. Adusumilli@ and X. Zou, KTDCKM-SDC: A Distributed Conference Key Management Scheme for Secure Dynamic Conferencing, Proceedings of THE TENTH IEEE SYMPOSIUM ON COMPUTERS AND COMMUNICATIONS (ISCC), Cartagena, Spain, June 27-30, 2005, pp. 476--481.
  15. R. K. Balachandran@, B. Ramamurthy, X. Zou, and N. V. Vinodchandran, CRTDH: An Efficient Key Agreement Scheme for Secure Group Communications in Wireless Ad-Hoc Networks, Proceedings of IEEE International Conference on Communication (ICC) 2005, pp. 1123--1127.
  16. X. Zou and B. Ramamurthy, A simple group Diffie-Hellman key agreement protocol without member serialization, Lecture Notes in Computer Science (LNCS), Springer-Verlag, Vol. 3314, pp. 725-731, December 2004.
  17. X. Zou, S. Magliveras and B. Ramamurthy, Key Tree based Scalable Secure Dynamic Conferencing Schemes, Proceedings of International Conference on Parallel and Distributed Computing and Systems (PDCS 2004), MIT Cambridge, MA, USA, November 2004, pp. 61--65.
  18. X. Zou, B. Ramamurthy, and S. S. Magliveras, A GCD attack resistant CRTHACS for secure group communications, Proceedings of International Conference on Information Technology, ITCC 2004 (Poster), April 5 -7, 2004, Las Vegas, NV, USA, pp. 153--154.
  19. X. Zou and B. Ramamurthy, A block-free tree based group Diffie-Hellman key agreement protocol for secure group communication, Proceedings of International Conference on Parallel and Distributed Computing and Networks, Innsbruck, Austria, February 17-19, 2004, pp. 288--293.
  20. X. Zou, B. Ramamurthy, V. Variyam and R. K. Balachandran@, Algorithms for unied hierarchy based access control, Proceedings of International Conference on Communications, Internet, & Information Technology (CIIT 2003), Scottsdale, AZ, USA, November 17-19, 2003, pp. 31--36.
  21. X. Zou, B. Ramamurthy and S. Magliveras, Efficient key management for secure group communication with bursty behavior, Proceedings of International Conference on Communication, Internet, and Information Technology, Virgin Islands, USA, November 2002, pp. 148--153.
  22. X. Zou, B. Ramamurthy and S. Magliveras, Chinese Remainder Theorem based hierarchical access control for secure group communications, Lecture Notes in Computer Science (LNCS), Springer-Verlag, vol. 2229 (2001), pp. 381--385.
  Patent
  - Flexible Management Of Security For Multi-User Environments, June 2008, Sponsored by IU, International PCT Patent Application#: US2008006027.
  Teaching
  CSCI 580, Design and Analysis of Algorithms (Spring 2008)
  CSCI 436, Principles of Computer Networks (Fall 2007)
  CSCI 590, Cryptography and Network Security (Fall 2008)
  
  Professional Services
  - Serve on the editorial boards, program chair, and technical program committee in a number of international journals and Conferences.
  - Be a reviewer for numerous international journals and conferences.
  Honors and Awards
  - Unrestricted Gift-- Building A Secure Video Stream Framework for Dynamic and Anonymous Subscriber Groups, Cisco, $85,000.
  - Trustees Teaching Award of IUPUI.
  - Featured by IUPUI news IUPUI Computer Scientists Develop Revolutionary Medical Information System
  Trusted Electronics and Grid Obfuscation (TEGO) Research and Education Center
  TEGO stands for Trusted Electronics and Grid Obfuscation and means Shield in Latin. TEGO protects the system/network/information not only from outside malicious attacks but also from inside bugs/faults. The purpose of TEGO is actually to build trusted collaborative computing environments and applications which are highly secure and dependable by combining Security and Reliability using secure group communication and grid computing technologies.
  The TEGO Center will be a cross-disciplinary and cross-institute research and education center, dedicated to fundamental and application research and higher education for the purpose of building a trusted and collaborative computing environment. More specifically, this topic covers the emerging fields of Cyber Security, Dependability, Grid computing, Autonomic computing, Database, and their applications in Medical Information and Health Care Systems, Tele-medicine, Bioinformatics and Biomedical Engineering. Our missions are:
  - Research innovations: developing cutting-edge technologies for trusted computing in terms of security, attack-resistance, reliability. fault-tolerance, grid systems, and autonomic computing which are able to make various collaborative environments and applications in critical fields that require highly trusted computing environment.
  - High-impact applications: developing trusted and mission-critical applications such as secure and dependable health/medical information systems through cross-disciplinary collaborations that can lead to significant social and scientific impacts. Help efficiently solve some complicated computational tasks in Bioinformatics and Medical Data analysis.
  - Education: conducting undergraduate/graduate education and professional training in the areas of information/CYBER security, system dependability, communication networks, and grid/distributed computing systems, Autonomic Computing, Bio-Medical, and Bioinformatics. In particular, the TEGO center will engage in education for minority communities such as and African Americans and Women, and further outreach to high school students through the way of Summer College.
  Information and communication technologies along with society's drive for collaboration in the modern world make collaborative computing and its applications possible and even necessary. One typical collaborative computing example is digitized health/medical information systems in which physicians, nurses, researchers, health insurance personnel, etc. share patients information based on certain policies and access privileges and perform diagnosis and surgery collaboratively. President Bush has been calling for digitizing patients records for most Americans within ten years since April 2004. Another indication for collaborative computing is the recent wave for Collaborative Virtual IT World (from ACM article "Coming Soon...a Single, Global, Collaborative Virtual IT World (Phew!)" http://www.acm.org/technews/current/homepage.html#item9). Trust in this environment will eventually determine its success and popularity due to people's desire for privacy and integrity, like what is called "trust is the currency of the participation age," (http://www.acm.org/technews/current/homepage.html#item9). The current Internet is by design not trust-oriented. Security patches and enhancement mechanisms result in more security vulnerabilities. Compared to the two-party interaction model (i.e., the client-server service model), group-oriented environments involve a large number of users and shared resources and are complex, dynamic, distributed, and heterogeneous, including even hostile elements. Systems experience failures due to faults and attacks from hostile entities including CYBER terrorists. More seriously, there are dangerous attacks from malicious internal members. Consequently, establishing trust among multiple entities in this environment is extremely difficult (much harder than establishing mutual trust between two entities) and is destined to become a grand challenge of the new century. Taking advantages of our unique combination and concentration of expertise, the TEGO center aims to establish an inter-disciplinary and cross-institutional research group on exploration and building of large-scale trusted collaborative information and networks systems and practice and promotion of distance education.
  The Unique Features of the TEGO center:
  1. it is group-oriented (collaborative) and based on secure group communication and grid computing technologies.
  2. it integrates security, attack-resistance, and reliability all together to provide trusted services.
  3. it is not only inter-disciplinary but also cross-institutional to benefit not only Computer Science but also many other disciplines such as Medical research and practice, Bioinformatics and Biomedical Engineering.
  4. it focuses on critical applications which require high security and dependability. A typical example is health/medical information systems for which President call to implement within ten years.
  5. it supports distant collaborative research activities and distance education practice.
  (Thanks for your interest in and looking at the TEGO center. The formal domain name and website for it will be available soon.)
  
  Education:
  PHD, Dec., 2000, Computer Science, GPA: 4.0/4.0    University of Nebraska-Lincoln PhD Thesis: Secure group communication and hierarchical access control. Advisors: Prof. Spyros Magliveras and Prof. Byrav Ramamurthy.
  M.S, June, 1986, Computer Science, GPA: 4.0/4.0    Huazhong University of Science and Technology
  B.S, July, 1983, Computer Science, GPA: 4.0/4.0    Zhengzhou University
  
  Contact:
  Department of Computer and Information Science
  School of Science, Purdue University at IUPUI
  723 W. Michigan St., SL280, Indianapolis, IN 46202
  Email: xkzou {at} cs {.} iupui {.} edu
  Tel: (317) 278-8576
  Fax: (317) 274-9742
  Please visit my previous home page or my CV for more information

Research

Patent

Teaching

Professional Services

Honors and Awards

Trusted Electronics and Grid Obfuscation (TEGO) Research and Education Center

Education:

Contact: