IONA

Paolina Centonze, PhD

Research & Publications

Publications

  • William May, Paolina Centonze. Combining Static and Dynamic Analysis Permission for Android. 2013 Master's Level Graduate Research Conference. The College of Brockport, State University of New York, April, 2013.
  • Karthik Sourirajan, Paolina Centonze, Mary Helander, and Kaan Katircioglu. Carbon Management in Assembly Manufacturing Logistics. IBM Journal on Research and Development, Yorktown Heights, NY, Volume 53, Number 3, 2009.
  • Anshul Sheopuri, Jose Gomes, Sai Zeng, Paolina Centonze, and Ioana Boier-Martin. A Heuristic to Enable Auditing Decisions in Travel and Entertainment Expense Management. In Poster Proceedings of the Third Annual Machine Learning Symposium. The New York Academy of Sciences, New York, NY, October 2008.
  • Paolina Centonze. An Algebra for Access Control. Ph.D. Dissertation. New York University (NYU) Polytechnic Institute, Department of Mathematics, Brooklyn, NY, May 2008.
  • Paolina Centonze, Robert J. Flynn, and Marco Pistoia. Combining Static and Dynamic Analysis for Automatic Identification of Precise Access-Control Policies. In Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC 2007), Miami Beach, FL, December 2007.
  • Paolina Centonze, Gleb Naumovich, Stephen J. Fink, and Marco Pistoia. Role-Based Access Control Consistency Validation. In Proceedings of the ACM SIGSOFT International Symposium on Software Testing and Analysis(ISSTA 2006), Portland, ME, July 2006 (IBM Research PIC Key Conference).
  • Gleb Naumovich and Paolina Centonze. Static Analysis of Role-Based Access Control in J2EE Applications. ACM SIGSOFT Software Engineering Notes, 29(5):1-10, September 2004. Also in Proceedings of the Workshop on Testing, Analysis and Verification of Web Services (TAV-WEB 2004), co-located with ISSTA 2004, Boston, MA, July 2004.
  • Paolina Centonze. Static Analysis for J2EE Role-Based Access Control Policy Validation. Master of Science degree research thesis. NYU-Poly, Brooklyn, NY, May 2005.
  • Paolina Centonze, Marco Pistoia and Lawrence Koved. Extracting Security Role Requirements From Enterprise Applications. Security and Privacy Technology Conference, IBM T.J. Watson Research Center, Hawthorne, NY, May 2004.
  • Paolina Centonze, Gleb Naumovich, Stephen J. Fink, and Marco Pistoia. Role-Based Access Control Consistency Validation. BM Research Report, RC23876 (W0602-110), Yorktown Heights, NY, February 2006.

Patents

Granted Patents
  • Ryan Berg, Paolina Centonze, Marco Pistoia, and Omer Tripp. Static Analysis for Verification of Software Program Access to Secure Resources for Computer Systems. Granted as Patent No. 8,381,242 by the United States Patent and Trademark Office, February 2013.
  • Mondher Ben-Hamida, Chad Boucher, Paolina Centonze, Mary E. Helander, Kaan Katircioglu, and Karthik Sourirajan. A Carbon Management Method and System for Sourcing and Logistics. Granted as Patent No. 8,346,595 by the United States Patent and Trademark Office, January 2013.
  • Paolina Centonze and Marco Pistoia. System and Method for the Automatic Identification of Subject-Executed Code and Subject-Granted Access Rights. Granted as Patent No. 8,332,939 by the United States Patent and Trademark Office, December 2012.
  • Paolina Centonze and Marco Pistoia. System and Method for the Automatic Evaluation of Existing Security Policies and Automatic Creation of New Security Policies. Granted as Patent No. 8,230,477 by the United States Patent and Trademark Office, July 2012.
  • Paolina Centonze and Marco Pistoia. System and Method for the Automatic Verification of Privilege-Asserting and Subject-executed Code. Granted as Patent No. 8,006,233 by the United States Patent and Trademark Office, August 2011.
Filed Patents
  • Paolina Centonze, Peter Malkin, and Marco Pistoia. System and Method of Optimized Unchanged-object Management. Filed at the United States Patent and Trademark Office, September 2010.
  • Paolina Centonze, Mohammed Mostafa, Marco Pistoia, and Takaaki Tateishi. System, Method and Apparatus for Automatic Optimization of String Allocations in a Computer Program. Filed at the United States Patent and Trademark Office, December 2009.
  • Paolina Centonze, Yinnon Haviv, Roee Hay, Marco Pistoia, Adi Sharabani, and Omer Tripp. System, Method, and Apparatus for Simultaneous Definition and Enforcement of Access-Control and Integrity Policies. Filed at the United States Patent and Trademark Office, December 2009.
  • Ioana Boier-Martin, Paolina Centonze, José Gomes, Anshul Sheopuri, and Sai Zeng. Apparatus, System, Method, and Computer Program Product for Analysis of Fraud in Transaction Data. Filed at the United States Patent and Trademark Office, November 2006.
  • Paolina Centonze, José Gomes, and Marco Pistoia. Method and System for Run-time Identification of Software Authorization Requirements and Validation of Static Authorization Analysis. Filed at the United States Patent and Trademark Office, May 2006.
  • Laurent Balmelli, Ioana Boier-Martin, Paolina Centonze, José Gomes, Man-Mohan Sing, and Sai Zeng. Method and System for the Creation of Service Clients. Filed at the United States Patent and Trademark Office, May 2006.
  • Paolina Centonze, Lawrence Koved and Marco Pistoia. System, Apparatus, and Method for Identifying Authorization Requirements in Component-Based Systems. Filed at the United States Patent and Trademark Office, May 2004.