Dr. Jae H. Park, Associate Professor of Information Systems, Management, and Marketing
Michael Mercier | UAH
"No single technology can be a silver bullet making our personal information safe and secure," said Dr. Jae H. Park, Associate Professor of Information Systems, Management, and Marketing at The University of Alabama in Huntsville (UAH). "Nevertheless, with proper orchestration of technological solutions, education and real world practice, I believe we can find reasonable sweet spots that can provide good enough security and privacy while still delivering desirable services." Park, a new faculty member in the UAH College of Business Administration is an expert in the field of cybersecurity, and a pioneer in the area of Usage Control (UCON). He has been extremely progressive and is highly regarded for his seminal work on UCON models in cybersecurity research.
"In today's cyber world, we often voluntarily give up our privacy for a so-called 'free' service," Park said. "As a consumer of online services, we should diligently and proactively protect our own privacy. We as a consumer should make online service providers realize they can get more incentives by providing privacy-friendly services. For this, we will need to educate the general public for better security/privacy awareness and practice. And, we will also need highly seasoned security experts as well as security savvy entrepreneurs and software developers."
Park was born and grew up in Daegu, South Korea and attended college in Seoul. He was a student in high school when he first learned about the field of Information Systems Management (ISM). "The area was quite new and there were only a couple of universities who offered an ISM program in South Korea. Without hesitation, I decided on an ISM program of study at college," he said.
After four years of an "exciting" college experience, Park worked as a software engineer for POSDATA, Ltd., a large company developing and maintaining sales management systems. Two years later, he came to the U.S. to pursue a graduate degree in ISM at George Washington University. While there, Park learned more about the cybersecurity discipline, and reached out to world-renowned cybersecurity researcher and professor, Dr. Ravi Sandhu. Park eventually joined Sandhu's team at George Mason University (Fairfax, VA) as a PhD student and research assistant. "My first research project was funded through Lockheed Martin Management and Data Systems where I developed a family of security architectures for controlled re-dissemination of digital contents," he said.
Beginning in the mid 1990's, Park said, there was a growing commercial and government interest in secure digital content distribution technologies, which allows the distributor control on users' access to the already disseminated contents. "One very popular product is Apple's iTune service, where Apple sells protected digital music while still preventing buyers from reproducing unauthorized duplications (this process is now obsolete and we can purchase unprotected music copies as well).
"In the commercial sector, this technology has been known as 'Digital Rights Management'," Park explained. "The area of Usage Control has been coined to capture this controlled re-dissemination and usage of the digital contents that are already disseminated. I pioneered the area of usage control and developed comprehensive security models which have been well recognized and cited numerous times in the cybersecurity research community," he said.
One of Park's current research interests is "secure data provenance," which enhances usage control in a way that one can control usages based on past usage information conducted on or against the digital information. "Data provenance can allow highly dynamic and finer-grained control capability for better security and privacy. As we are entering into a Big Data world, the importance of secure data provenance has never been more critical," he said.
Before joining UAH, Park served as Associate Professor of Research in The Institute for Cyber Security at The University of Texas at San Antonio. He conducted cybersecurity research while advising and mentoring several doctoral students.
"Huntsville is similar to San Antonio in that both cities have a huge military presence and high cybersecurity awareness and activities. I believe UAH is one of the best places to conduct cybersecurity research in the country," he said. "In addition, UAH has a unique interdisciplinary Cybersecurity Program involving three colleges within the university: Business Administration, Engineering and Science. This means students can have more options and better opportunities to learn and conduct cybersecurity research from varied perspectives. I have known about UAH's firm commitment and active involvement in this area of research for quite some time."
Park noted too, that "UAH's commitment to cybersecurity research has been well acknowledged by the U.S. government and the National Security Agency and Department of Homeland Security. The two government agencies have designated UAH as a Center for Academic Excellence in Information Assurance/Cyber Defense. I believe my extensive experience in both ISM and cybersecurity can enhance UAH's existing research and education endeavors as well as students' learning experience."
Park's current research interests include secure Cloud computing, social networking/computing security and privacy, and attribute graph-based access control. In addition to these topics, another research area that he is interested in involves the concept of The Internet of Things (IoT), specifically as it pertains to UAH and ensuring a secure campus. IoT is also referred to as the Internet of Everything, and is basically the network of autonomy and control.
"The era of IoT is upon us and we need to be prepared by making upcoming IoT solutions secure and privacy-protected," said Park. "Pervasive IoT means a world where everything is connected and communicates to each other. This includes self-driving cars with mobile ad-hoc networking capability, residential smart electricity meters, refrigerators that can order your groceries, etc.," he explained. "Unlike damages that we have experienced as a consequence of a cybersecurity breaches, the security risk of IoT could be much higher as it can damage our physical world (e.g., remotely turning on a gas oven, remotely taking over control on a moving vehicle, etc.). As we see more new IoT products, we will need to work harder to minimize foreseeable and unforeseeable potential threats," he said.
This fall, Park will be teaching undergraduate and graduate "Computer Forensics" courses. He said government and industry demands on computer forensics experts have been growing significantly in recent years, because of the number of computer related crimes and illegal activities. "This course will provide students an opportunity to learn foundational knowledge and skills that are necessary for those who want to be a computer/digital forensics investigator or a cybersecurity expert. Next spring, Park will teach a Network Defense course where students can learn more about network security technologies and skills.
Park's UCON publications have been cited more than 2,000 times. He earned his BBA degree in Information Management from Dongguk University (Seoul, Korea), MS degree in Information Systems Technologies from George Washington University, and PhD in Information Systems Technology from George Mason University.