Carnegie Mellon University
I am a graduate student in the Department of ECE at Carnegie Mellon University. My advisor is Anupam Datta. My primary research project is to develop models, algorithms, and computer systems to support principled audits. Audits complement access control in enforcement of security and privacy policies. It is the primary tool for enforcement of policies in scenarios where security and privacy threats arise from authorized insiders. In fact, many US privacy laws (e.g., HIPAA in healthcare, GLBA in financial sector) mandate that audits be conducted to ensure that personal information of customers are disclosed and used only under explicit operational conditions laid out in the laws. However, current commercial audit tools rely on heuristics that cannot detect large classes of violations; nor do they make the best use of the limited audit budget in organizations. Thus, there is a pressing need to develop appropriate mathematical models to study the process of auditing and algorithms and computer systems to aid with auditing. The mathematical tools used in this work are related to the area of game theory and machine learning.
I am also involved in a project on generalizing constructions and proofs in symmetric key cryptography, and another project about accountability in protocols.
I got my undergrad degree from IIT, Kharagpur in 2004. There I worked with Prof T.K.Basu on Signal Processing
I worked for four years (2004 - 2008) in Trilogy India (Bangalore) as a software developer, mainly doing web-application development using Java.
My resume (02/02/13) -> PDF
J. Blocki, N. Christin, A. Datta, A. Sinha, Audit Mechanisms for Provable Risk Management and Accountable Data Governance, in Proceedings of 3rd Conference on Decision and Game Theory for Security, November 2012. [Paper]
J. Blocki, N. Christin, A. Datta, A. Sinha, Adaptive Regret Minimization in Bounded-Memory Games, Arxiv, abs/1111.2888v2, 2012. [Paper]
A. Datta, D. Sharma, A. Sinha, Provable De-anonymization of Large Datasets with Sparse Dimensions, in Proceedings of Principles of Security and Trust, 2012. [Paper]
J. Blocki, N. Christin, A. Datta, A. Sinha, Regret Minimizing Audits: A Learning-Theoretic Basis for Privacy Protection, in Proceedings of 24th IEEE Computer Security Foundations Symposium, June 2011 [Paper]
Poster and position papers
J. Blocki, N. Christin, A. Datta, A. Sinha, Regret Minimizing Audits, Poster presentation in 32nd IEEE Symposium on Security & Privacy, May 2011
J. Blocki, N. Christin, A. Datta, A. Sinha, Audit Mechanisms for Privacy Protection in Healthcare Environments, Position paper in 2nd USENIX Workshop on Health Security and Privacy (HealthSec '11)
Pushparani Bhallamudi, Scott Tilley and Arunesh Sinha, Migrating a Web-Based Application to a Service-Based System - An Experience Report, in proceedings of 11th IEEE International Symposium on Web Systems Evolution Sep 2009