I am a Ph.D. candidate in School of Information Systems at Singapore Management University (SMU). My primary research objective is to bridge the gap between academic interests on security/privacy and users’ expectation on convenience in the practical system design. I am involved in several research projects related to the analysis and design of user-centric security and privacy systems, particularly focusing on 1) usable user authentication schemes with advanced security features, 2) mobile security and privacy, and 3) privacy issues in social networks.
I am being advised by Prof. Robert H. Deng and Assoc. Prof. Yingjiu Li. Recently, I was a visiting scholar at Carnegie Mellon University (CMU) and worked with Prof. Virgil D. Gligor, CyLab, CMU.
I received a Master's degree from the Parallel Processing Institute, Fudan University, China, and a joint Bachelor's degree in Software Engineering from Fudan University, China, and University College Dublin, Ireland.
More details about me can be found in my CV and research statement. I summarized the research skills that I have learned in my legacy [Quality Research in Affordable Way]. You may find this useful.
I will join Google Switzerland GmbH.
- Human Factors in Security System Design
- Mobile Security and Privacy
- Security/Privacy Issues in Social Networks
- RFID Security
- System Security
Ph.D. Dissertation Committee Members
- Robert H. Deng, Professor of Information Systems,
Singapore Management University (Committee Chair)
- Yingjiu Li, Associate Professor of Information Systems,
Singapore Management University
- Debin Gao, Assistant Professor of Information Systems,
Singapore Management University
- Feng Bao, Director of Security and Privacy Lab,
- Designing Leakage-Resilient Password Entry on Touchscreen Mobile Devices
Qiang Yan, Jin Han, Yingjiu Li, Jianying Zhou, and Robert H. Deng. To appear in Proceedings of the 8th ACM Symposium on Information, Computer and Communications Security (AsiaCCS 2013), China, 2013. [PDF]
- Comparing Mobile Privacy Protection through Cross-Platform Applications
Jin Han, Qiang Yan, Debin Gao, Jianying Zhou, and Robert H. Deng. In Proceedings of the 20th Annual Network & Distributed System Security Symposium (NDSS 2013), USA, 2013. [PDF]
- On Limitations of Designing Leakage-Resilient Password Systems: Attacks, Principles and Usability
Qiang Yan, Jin Han, Yingjiu Li, and Robert H. Deng. In Proceedings of the 19th Annual Network & Distributed System Security Symposium (NDSS 2012), USA, 2012. (Distinguished Paper Award). [PDF]
- On Detection of Erratic Arguments
Jin Han, Qiang Yan, Debin Gao, and Robert H. Deng. In Proceedings of the 7th International ICST Conference on Security and Privacy in Communication Networks (SecureComm 2011), United Kingdom, 2011. [PDF]
- A Software-Based Root-of-Trust Primitive on Multicore Platforms
Qiang Yan, Jin Han, Yingjiu Li, Robert H. Deng, and Tieyan Li. In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2011), Hong Kong, 2011. [PDF]
- Security and Privacy Issues Caused by Mobile Apps:
Inspect the behaviors of mobile apps to identify potential security and privacy problems, and conceive the effective countermeasures to resolve these problems.
- Design Restrictions of Usable User Authentication:
Investigate the major design elements related to both technical and human factors, analyze the correlations among these design elements, and discover the inherent limitations caused by these correlations.
- Usable User Authentication with Advanced Security Features:
Explore the feasibility of designing practical user authentication that resolves hardcore challenges such as leakage-resilience with the assistance of new technology and methodology.
- Guaranteed Location Privacy for Mobile Devices:
Design effective location privacy mechanisms that can actually guarantee users' privacy objectives with minimum user effort.
I am also working on two other undisclosed projects related to security/privacy features of iOS platform and privacy issues of online social networks.
Prior to coming to SMU, I was involved in implementing and improving various systems including:
- Compiler-based acceleration for architecture simulation
- Simple OS kernel (featuring process/thread management, virtual memory, and in-memory file system)
- Simple database management system (featuring basic SQL processing and transaction)
- Simple firewall (featuring steganalysis on the image traffic)
- Web-service based information management system
- Website design and development
- 2D game demo (real-time strategy and FIFA-like football)