Network


Latest external collaboration on country level. Dive into details by clicking on the dots.

Hotspot


Dive into the research topics where Stephen Quirolgico is active.

Publication


Featured researches published by Stephen Quirolgico.


web information systems engineering | 2004

Toward a Formal Common Information Model Ontology

Stephen Quirolgico; Pedro Assis; Andrea Westerinen; Michael E. Baskey; Ellen Jean Stokes

Self-managing systems will be highly dependent upon information acquired from disparate applications, devices, components and subsystems. To be effectively managed, such information will need to conform to a common model. One standard that provides a common model for describing disparate computer and network information is the Common Information Model (CIM). Although CIM defines the models necessary for inferring properties about distributed systems, its specification as a semi-formal ontology limits its ability to support important requirements of a self-managing distributed system including knowledge interoperability and aggregation, as well as reasoning. To support these requirements, there is a need to model, represent and share CIM as a formal ontology. In this paper, we propose a framework for constructing a CIM ontology based upon previous research that identified mappings from Unified Modeling Language (UML) constructs to ontology language constructs. We extend and apply these mappings to a UML representation of the CIM Schema in order to derive a semantically valid and consistent formal CIM ontology.


workshop on software and performance | 2004

An autonomic failure-detection algorithm

Kevin L. Mills; Scott Rose; Stephen Quirolgico; Mackenzie Britton; Ceryen Tan

Designs for distributed systems must consider the possibility that failures will arise and must adopt specific failure detection strategies. We describe and analyze a self-regulating failure-detection algorithm that bounds resource usage and failure-detection latency, while automatically reassigning resources to improve failure-detection latency as system size decreases. We apply the algorithm to (1) Jini leasing, (2) service registration in the Service Location Protocol (SLP), and (3) SLP service polling


It Professional | 2011

Vetting Mobile Apps

Stephen Quirolgico; Jeffrey M. Voas; Rick Kuhn

Billions of copies of apps for mobile devices have been purchased in recent years. With this growth, however, comes an increase in the spread of potentially dangerous security vulnerabilities. Because of an apps low cost and high proliferation, the threat of these vulnerabilities could be far greater than that of traditional computers. Thus, purchasing organizations or third-party labs should vet the apps before selling them, and consumers need to understand the risks of apps and the prospects for ensuring their security.


Journal of Systems and Software | 2007

Understanding failure response in service discovery systems

Christopher E. Dabrowski; Kevin L. Mills; Stephen Quirolgico

Service discovery systems enable distributed components to find each other without prior arrangement, to express capabilities and needs, to aggregate into useful compositions, and to detect and adapt to changes. First-generation discovery systems can be categorized based on one of three underlying architectures and on choice of behaviors for discovery, monitoring, and recovery. This paper reports a series of investigations into the robustness of designs that underlie selected service discovery systems. The paper presents a set of experimental methods for analysis of robustness in discovery systems under increasing failure intensity. These methods yield quantitative measures for effectiveness, responsiveness, and efficiency. Using these methods, we characterize robustness of alternate service discovery architectures and discuss benefits and costs of various system configurations. Overall, we find that first-generation service discovery systems can be robust under difficult failure environments. This work contributes to better understanding of failure behavior in existing discovery systems, allowing potential users to configure deployments to obtain the best achievable robustness at the least available cost. The work also contributes to design improvements for next-generation service discovery systems.


Special Publication (NIST SP) - 800-163 | 2015

Vetting the Security of Mobile Applications

Stephen Quirolgico; Jeffrey M. Voas; Tom Karygiannis; Cristoph Michael; Karen Scarfone

The purpose of this document is to help organizations (1) understand the process for vetting the security of mobile applications, (2) plan for the implementation of an app vetting process, (3) develop app security requirements, (4) understand the types of app vulnerabilities and the testing methods used to detect those vulnerabilities, and (5) determine if an app is acceptable for deployment on the organizations mobile devices.


2014 IT Professional Conference | 2014

Presentation 4. App vetting systems: Issues and challenges

Stephen Quirolgico

Summary form only given. Increasingly, attention is being paid to security vulnerabilities of mobile apps, and with good reason. Such vulnerabilities, if exploited, could be used to wreak havoc on users by stealing their information or controlling their mobile device. Given the billions of mobile apps in use today, security breaches threaten to occur on a very large scale. This presentation discusses the issues and challenges surrounding app vetting systems and provides lessons learned during the development and deployment of an app vetting system for the DARPA TransApps program.


Special Publication (NIST SP) - 500-260 | 2005

A Model-Based Analysis of First-Generation Service Discovery Systems

Christopher E. Dabrowski; Kevin L. Mills; Stephen Quirolgico


darpa information survivability conference and exposition | 2003

Improving failure responsiveness in Jini leasing

Scott Rose; Kevin Bowers; Stephen Quirolgico; Kevin L. Mills


international conference on cluster computing | 2005

Understanding Failure Response in Service Discovery Systems

Kevin L. Mills; Stephen Quirolgico; Christopher E. Dabrowski


National Institute of Standards and Technology (U.S.); Information Technology Laboratory (National Institute of Standards and Technology). Computer Security Division | 2015

ITL Bulletin: Guidance for Secure Authorization of Mobile Applications in the Corporate Environment (March 2015)

Tom Karygiannis; Stephen Quirolgico; Larry Feldman; Greg Witte

Collaboration


Dive into the Stephen Quirolgico's collaboration.

Top Co-Authors

Avatar

Kevin L. Mills

National Institute of Standards and Technology

View shared research outputs
Top Co-Authors

Avatar

Scott Rose

National Institute of Standards and Technology

View shared research outputs
Top Co-Authors

Avatar

Christopher E. Dabrowski

National Institute of Standards and Technology

View shared research outputs
Top Co-Authors

Avatar

Jeffrey M. Voas

National Institute of Standards and Technology

View shared research outputs
Top Co-Authors

Avatar

Kevin Bowers

National Institute of Standards and Technology

View shared research outputs
Top Co-Authors

Avatar
Top Co-Authors

Avatar

Mackenzie Britton

Southern Methodist University

View shared research outputs
Top Co-Authors

Avatar

Rick Kuhn

National Institute of Standards and Technology

View shared research outputs
Top Co-Authors

Avatar

Pedro Assis

Instituto Politécnico Nacional

View shared research outputs
Researchain Logo
Decentralizing Knowledge