I am a graduate student in the Department of ECE at Carnegie Mellon University. My advisor is Anupam Datta. My primary research project is to develop models, algorithms, and computer systems to support principled audits. Audits complement access control in enforcement of security and privacy policies. It is the primary tool for enforcement of policies in scenarios where security and privacy threats arise from authorized insiders. In fact, many US privacy laws (e.g., HIPAA in healthcare, GLBA in financial sector) mandate that audits be conducted to ensure that personal information of customers are disclosed and used only under explicit operational conditions laid out in the laws. However, current commercial audit tools rely on heuristics that cannot detect large classes of violations; nor do they make the best use of the limited audit budget in organizations. Thus, there is a pressing need to develop appropriate mathematical models to study the process of auditing and algorithms and computer systems to aid with auditing. The mathematical tools used in this work are related to the area of game theory and machine learning.
I am also involved in a project on generalizing constructions and proofs in symmetric key cryptography, and another project about accountability in protocols.
I got my undergrad degree from IIT, Kharagpur in 2004. There I worked with Prof T.K.Basu on Signal Processing
I worked for four years (2004 - 2008) in Trilogy India (Bangalore) as a software developer, mainly doing web-application development using Java.
My resume (10/25/13) -> PDF
J. Blocki, N. Christin, A. Datta, A. Sinha, Adaptive Regret Minimization in Bounded-Memory Games, to appear in Proceedings of 4th Conference on Decision and Game Theory for Security, November 2013. [Paper, Long Version] [Invited Paper]
A. Sinha, Y. Li, L. Bauer, What you want is not what you get: Predicting sharing policies for text-based content on Facebook, to appear in Proceedings of the 6th ACM Workshop on Security and Artificial Intelligence, November 2013. [Paper, Presentation]
J. Blocki, N. Christin, A. Datta, A. D. Procaccia, A. Sinha, Audit Games, in Proceedings of 23rd International Joint Conference on Artificial Intelligence, August 2013. [Paper, Long version, Presentation]
J. Blocki, N. Christin, A. Datta, A. Sinha, Audit Mechanisms for Provable Risk Management and Accountable Data Governance, in Proceedings of 3rd Conference on Decision and Game Theory for Security, November 2012. [Paper, Presentation]
A. Datta, D. Sharma, A. Sinha, Provable De-anonymization of Large Datasets with Sparse Dimensions, in Proceedings of Principles of Security and Trust, 2012. [Paper]
J. Blocki, N. Christin, A. Datta, A. Sinha, Audit Mechanisms for Privacy Protection in Healthcare Environments, in 2nd USENIX Workshop on Health Security and Privacy (HealthSec '11). [Position paper]
J. Blocki, N. Christin, A. Datta, A. Sinha, Regret Minimizing Audits: A Learning-Theoretic Basis for Privacy Protection, in Proceedings of 24th IEEE Computer Security Foundations Symposium, June 2011. [Paper, Presentation]
Pushparani Bhallamudi, Scott Tilley and Arunesh Sinha, Migrating a Web-Based Application to a Service-Based System - An Experience Report, in proceedings of 11th IEEE International Symposium on Web Systems Evolution Sep 2009.
J. Blocki, N. Christin, A. Datta, A. D. Procaccia, A. Sinha, Audit Games, Poster presentation at 23rd International Joint Conference on Artificial Intelligence, August 2013.
J. Blocki, N. Christin, A. Datta, A. Sinha, Regret Minimizing Audits, Poster presentation at Cylab Partners’ Conference (Carnegie Mellon University), September 2011.
J. Blocki, N. Christin, A. Datta, A. Sinha, Regret Minimizing Audits, Poster presentation at 32nd IEEE Symposium on Security & Privacy, May 2011.