Professional Information

Education

Ph.D., Carnegie Mellon University, School of Computer Science, June 1995.
Thesis: Compiler Directed Architecture Dependent Communication Optimizations
Advisor: Thomas Gross

B.S. with highest honors, University of Illinois, Computer Science, December 1988.

More details of my educational background.

Certifications

Certified Information System Auditor (CISA) as of March 2008.

My paper trail

• S. Hinrichs and P. Naldurg, "Attack-based Domain Transition Analysis", In Proceedings of the 2nd SE Linux Symposium, March 2006.
• S. Hinrichs, "Integrating Changes to a Hierarchical Policy Model", In Proceedings of 9th IFIP/IEEE International Symposium on Integrated Network Management, IEEE, Nice, France, May, 2005.
• J. Qian, S. Hinrichs, K. Nahrstedt, ACLA: A Framework for Access Control List (ACL) Analysis and Optimization. In Proc. of Communications and Multimedia Security, 2001.
• S. Hinrichs, Policy-Based Management: Bridging the Gap. In Proc. of the 15th Annual Security Applications Conference, IEEE, Phoenix, AZ, December, 1999.
• S. Hinrchs, Connection resource management for compiler-generated communication. Concurrency - Practice and Experience, vol. 9, no. 2, February, 1997, pp. 85-112.
• S. Hinrichs, "Synchronization Elimination in the Deposit Model". In Proc. of the 1996 International Conference on Parallel Processing, vol. 3, pp. 87-94.
• S. Hinrichs, Simplifying connection-based communication. IEEE Parallel and Distributed Technology, vol. 3, no. 1, Spring, 1995, pp. 25-36.
• T. Stricker, J. Stichnoth, D. O'Hallaron, S. Hinrichs, and T. Gross. Decoupling Synchronization and Data Transfer in Message Passing Systems of Parallel Computers. In Proc. of the 9th International Conference on Supercomputing, ACM, Barcelona, Spain, July, 1995. pp 1-10.
• T. Gross, A. Hasegawa, S. Hinrichs, D. O'Hallaron, and T. Stricker. Communication Styles for Parallel Systems. IEEE Computer, vol.27, no. 12, December, 1994, pp. 34-44.
• S. Hinrichs, C. Kosak, D. O'Hallaron, T. Stricker, and R. Take. In Proc. of SPAA '94, ACM, June 1994, pp. 310-319.
• S. Hinrichs and T. Gross, Utilizing new communication features in compilation for private-memory machines, Fifth Annual Workshop on Languages and Compilers for Parallel Computing, New Haven, Connecticut, Aug 1992.
• T. Gross and S. Hinrichs, Debugging a parallel program: Capturing inter-processor communication in an iWarp torus, Proc. Supercomputer Debugging Workshop '92, Dallas, October, 239-276.
• S. Hinrichs. Programmed Communication Service Tool Chain User's Guide. Carnegie Mellon University, release 2.8 edition, 1991. Now part of Intel RTS 3.0.

Work Experience

Principle: Network Geographics May 2006 to present
Design and implement algorithms to correlate network security configurations with intented policy.

Lecturer: Department of Computer Science UIUC January 2005 to present
Developed Security Laboratory. Alternate teaching Security Lab and Information Assurance.

Assistant Research Professor: Information Trust Institute January 2005 to October 2005
Organizing research and education initiatives. Still collaborate with ITI researchers although I'm no longer directly employed by ITI.

System Architect: Cisco Systems, Inc. July 1997 to December 2004
Lead design and development effort for Firewall MC, a multi-device security management product targeting Cisco security appliances. Developed policy-oriented workflow. Designed policy inheritance hierarchy. Created library to support efficient manipulation of access control lists. Worked with customers to improve the product over multiple releases.
One of the prime architects of Cisco Secure Policy Manager (CSPM), an innovative security policy tool, which uses topology information to map high level security policy to the specific CLI of the underlying security enforcement points (PIX and Routers). Design and develop policy compiler, abstract firewall, NAT, and IPSec models.
Member of the Centri Firewall team. Brought to market after the acquisition. Added support for user-oriented policies. Added H.323 proxy.
More details on my time at Cisco.

Software Engineer: Global Internet Software Group. August 1995 to June 1997
Member of team that developed Centri Firewall. Designed and developed one of the first kernel level Windows NT firewalls. Designed and developed OODB persistence layer and application proxy kernel. Implemented Java VM to support extensible proxies in the kernel.
Performed Windows NT Security study for the government to determine the feasibility of moving Windows NT from C2 to B level security.
Contract work for Future Source. Developed prototype trading station software on Windows NT. Created the OODB persistence layer.
More details on my time at the startup.

Research Assistant: Carnegie Mellon University. September 1989 to June 1995
Developed the PCS tool chain for managing connections and composing programs for iWarp, a systolic parallel machine. Augmented with a communication monitoring tool. Created a communication optimization phase for the FX parallel compiler targeting iWarp and Intel Paragon machines.

Intern: Intel. Summer 1991
Productized the PCS tool chain for iWarp.

Testing Engineer: Addamax Inc. 1989
Developed verification tests for Unix B1 multi-level security extensions.

Research Programmer: University of Illinois. 1986 to 1988
Created a prototype graph editor and Scheme shell.

Intern: IBM T.J. Watson Research Center. Summers 1987 and 1988
Worked on RPDE, a program development environment