Jinsheng Xu

Predicting the performance of synchronous discrete event simulation

We develop a model to predict the performance of synchronous discrete event simulation. Our model considers the two most important factors for the performance of synchronous simulation: load balancing and communication. The effect of load balancing in a synchronous simulation is computed using probability distribution models. We derive a formula that computes the cost of synchronous simulation by combining a communication model called LogGP and computation granularity. Even though the formula is simple, it is effective in capturing the most important factors for the synchronous simulation. The formula helps us to predict the maximum speed up achievable by synchronous simulation. In order to examine the prediction model, we have simulated several large ISCAS logic circuits and a simple PCS network simulation on an SGI Origin 2000 and Terascale Computing System (TCS) at the Pittsburgh Supercomputing Center. The results of the experiment show that our performance model accurately predicts the performance of synchronous simulation. The performance model developed is used to analyze the effect of several factors that may improve the performance of synchronous simulation. The factors include problem size, load balancing, granularity, communication overhead, and partitioning.

Teaching a web security course to practice information assurance

This paper presents a hybrid teaching approach, a new Web Security course as well as how to use the hybrid approach to teach the Web Security course to practice information assurance. The hybrid teaching approach contains three key issues that are keeping the lecture materials up-to-date, assigning former research projects as comprehensive team projects, and connecting classroom knowledge with real world web applications. We have applied this approach to the teaching a Web Security course and achieved excellent results. Our experience exhibits that integrating education, research and web applications into the Web Security course to practice information assurance are essential for a sound security education. Using this approach instructors connect knowledge in the classroom to real world applications, attract students to the security area, and train students to become information assurance professionals.

A Study on Community Formation in Collaborative Tagging Systems

Current collaborative tagging systems do not allow community members to easily view available data related to their communities. In this paper, we present our study on community formation centered around common interests, utilizing data from del.icio.us. We propose an approach to clustering tags and users based on their similarity. We also report some practical results related to implicit grouping of tags and users.

Developing an interdisciplinary Health Informatics Security and privacy program

Health informatics is one of the nations largest growing industries. To protect health information systems, it is extremely important for health informatics professionals to be well educated and trained in information assurance, and to understand the many concerns of security, privacy, integrity and reliability. To meet this demand, we are creating a new, interdisciplinary curriculum model of Bachelor of Science in Computer Science (BSCS) concentration in Health Informatics Security and Privacy (HISP) at North Carolina Agriculture and Technical State University (NC A&T). To establish this BSCS concentration in HISP, we developed a new course on health information systems in the Department of Computer Science, a new course on Mathematics for Health Informatics in the Department of Mathematics, and modified an existing course in the Department of Management to include topics on business practices relating to health information technology. We also developed three course modules on health informatics security and privacy and are integrating these course modules into the existing information assurance courses in the Department of Computer Science. This paper describes the new curriculum, the new courses, and the three course modules we have developed.

An overhead reducing technique for Time Warp

In this paper, we introduce a technique to reduce the number of state savings and the event queue size of Time Warp. By reducing the state saving and the sizes of event queues, we can decrease the overhead and the maximum memory requirement in Time Warp. We exploit the look-ahead technique to get a lower bound time stamp of the next event and to determine if an event is safe to be executed. No State saving is carried out when the event execution is safe. This lower bound can be used to discard saved states even though the time stamps are greater than the global virtual time (GVT). We prove that the proposed technique is correct under both aggressive and lazy cancellation schemes. This technique can be implemented with minimal additional overhead. Benchmark results on logic simulation show that the mechanism can reduce the number of state savings and memory size requirements significantly.

Integrating Mobile Computing and Security into a Computer Science Curriculum (Abstract Only)

The poster describes our project of integrating mobile computing and security into the Computer Science program at North Carolina A&T State University. Twelve (12) course modules in mobile computing and security are being developed and integrated into existing Computer Science courses such as computer programming, software development, operating systems, and information assurance courses. Each course module includes learning objectives, a tutorial, presentation slides, hands-on labs and/or case studies, test questions, etc. The course module material we develop and our teaching experiences will be beneficial to computer science educators who are considering including mobile computing and mobile security into their curricula.

A Survey of Security Standards Applicable to Health Information Systems

The information maintained by Health Information Systems (HIS) is often faced with security threats from a wide range of sources. Some governments regulations require healthcare organizations and custodians of personal health information to take practical steps to address the security and privacy needs of personal health information. Standards help to ensure an adequate level of security is attained, resources are used efficiently and the best security practices are adopted. In this paper, the authors survey security standards applicable to healthcare industry including Control OBjective for Information and related Technology (COBIT), ISO/IEC 27002:2005, ISO/IEC 27001:2005, NIST Special Publication 800-53, ISO 27799:2008, HITRUST Common Security Framework (CSF), ISO 17090:2008, ISO/TS 25237:2008, etc. This survey informs the audience currently available standards that can guide the implementation of information security programs in healthcare organizations, and provides a starting point for IT management in healthcare organizations to select a standard suitable for their organizations.

A Survey of U.S. Laws for Health Information Security & Privacy

As healthcare organizations and their business associates operate in an increasingly complex technological world, there exist security threats and attacks which render individually identifiable health information vulnerable. In United States, a number of laws exist to ensure that healthcare providers take practical measures to address the security and privacy needs of health information. This paper provides a survey of U.S. laws related to health information security and privacy, which include Health Insurance Portability and Accountability Act (HIPAA),Gramm-Leach-Bliley Act, Sarbanes-Oxley Act of 2002, Patient Safety and Quality Improvement Act of 2005, and Health Information Technology for Economic and Clinical Health (HITECH).The history and background of the laws, highlights of what the laws require, and the challenges organizations face in complying with the laws are discussed.

Predicting the performance of synchronous discrete event simulation systems

In this paper we propose a model to predict the performance of synchronous discrete event simulation. The model considers parameters including the number of active objects per cycle, event execution granularity and communication cost. We, derive a single formula that predicts the performance of synchronous simulation. We have benchmarked several VHDL circuits on SGI Origin 2000. The benchmark results show that the prediction model explains more than 90% of parallel simulation execution time. We also measure the effect of computation granularity over performance. The benchmark results show that although higher granularity can have better speedup because of dominance of computation over communication, the computational granularity cannot overshadow the inherent synchronization cost. This model can be used to predict the speed-up expected for synchronous simulation, and to decide whether it is worthwhile to use synchronous simulation before actually implementing it.

Assessing the Effectiveness of Experiential-Learning-Based Teaching Tools in Cybersecurity Courses (Abstract Only)

The poster describes our project of Assessing the Effectiveness of Experiential-Learning-Based Teaching Tools in Cybersecurity Courses. We are assessing the effectiveness of experiential-learning-based teaching tools for 10 cybersecurity topics in five cybersecurity courses. For each topic, two teaching methods are selected: the control group teaching method, and the experimental group teaching method. The two teaching methods are compared to answer one of the two research questions: (1) Is using an experiential-learning-based teaching tool more effective in improving student learning than the traditional teaching method without using the teaching tool? (2) Is one experiential-learning-based teaching tool more effective than another experiential-learning-based teaching tool? We will assess the effectiveness of the teaching methods via three measures: (1) improvement in student learning outcomes, (2) improvement in student motivation in learning the topic, and (3) improvement in the student experience such as student enjoyment, satisfaction, and perceived difficulty in learning the topic. The knowledge gained from this research can be used by cybersecurity educators at other institutions to use effective teaching tools to improve cybersecurity education practices, which has the potential to increase the number of students well-prepared for entering cybersecurity careers.