ninghui_li.jpg Prof. Ninghui Li joined Purdue in August 2003 as an assistant professor in Computer Sciences. His research interests are in computer security and applied cryptography, e.g., security and privacy in distributed systems, networks, databases, and electronic commerce, with a focus on access control.

One focus of Prof. Li's work is on trust management, which is an approach to access control in decentralized, open, and distributed systems. In trust management, access control decisions are based on policy statements that encode trust and delegation relationships among parties. He has designed, together with Profs. John Mitchell and Will Winsborough, a family of Role-Based Trust Management Languages. RT combines the strengths of role-based access control (RBAC) and previous trust-management systems. He also developed goal-directed algorithms to do efficient distributed credential chain discovery, logic-based semantic foundations for security policy languages, and algorithms and computational complexity characterization for analyzing security properties such as safety and availability when policies may change.

Professor Li is a co-PI of a recently-funded mid-size ITR project titled "Automated Trust Negotiation in Open Systems". Automated Trust Negotiation (ATN) is an approach to regulate the exchange of sensitive credentials by using access-control policies. He has been working with Profs. Will Winsborough and Kent Seamons on ATN, using the RT family of trust-management languages. Together with Prof. Will Winsborough, he developed the Trust Target Graph protocol for ATN.

Professor Li has also been working on applied cryptography. Together with Profs. Dan Boneh and Wenliang Du, he introduced a cryptographic primitive called oblivious signature-based envelope (OSBE). OSBE enables the sender to send an encrypted message to the receiver such that the receiver can decrypt if and only if it possesses the signature on a predetermined message, yet the sender does not learn whether the receiver has the signature or not. OSBE can be used in Automated Trust Negotiation to break cyclic policy interdependency and can be applied to other privacy sensitive scenarios. We developed an efficient and provably secure OSBE protocol for credentials signed using RSA signatures and built one-round OSBE for Rabin and BLS signatures from recent constructions for identity-based encryption.

Professor Li received a Ph.D. in Computer Science from New York University in September 2000. Before joining Purdue, he was a research associate at Computer Science Department, Stanford University. He has served on the Program Committees of IEEE Computer Security Foundations Workshop and International Conference on Trust Management, and has reviewed papers for a number of international journals.