Charles B. Haley

Charles B. Haley

Career Summary:

Academic (10 years): Research in security requirements engineering, argumentation, and digital forensics. Teaching undergraduate and post-graduate levels subjects including (alphabetic order): compilers, concurrent/parallel computing, database applications, electronic commerce, digital forensics, machine architectures, management information systems, operating systems, software engineering, and web/internet applications.

Professional (50 years): Managerial experience: software and hardware development, marketing product management, corporate program management, and network/security systems administration. Project areas: field service, payroll and logistics applications; large scale software configuration management systems; software development environments; network operating systems; publishing systems; telephone switches, and internet applications. Technologies: applications built with Python, Java, C++, C, Perl, and Ada; internet applications in JavaScript, Java, PHP, and Perl; software design and analysis tools in C++ & Ada.

Calibre project work

Contact Information

CV Summary

Refereed Publications

Other Publications

Program Committees & Reviews

Contact Information:

Address:	I currently live in Nottingham, UK. Send me an email for my address and telephone contact numbers.
E-Mail:	contact [at] frogfishtech [dot] com (make the obvious substitutions)

Network Attacks of my server:

SSH
Dictionary
Attacks

Many machines attack my personal server daily, doing a dictionary attack on the SSH port. A list of attacking machine IP addresses during the last 2 years sorted by IP address can be found here. NB: Because of people abusing this offer by accessing the list several times per minute amongst other things, legitimate users must ask me for access.

The link ssh_dico_attack_with_timestamps.php?days=1 returns the IP addresses with the timestamp an entry (line) was created. If the optional query string "days" exists and is numeric then only that many days of info are returned. A 'day' is 24 hours back from "now", not a calendar day. 'N' can be floating point. If "days" is missing or invalid then all available entries are returned NB: Because of people abusing this offer, legitimate users must ask me for access.

Example output:

ALL : 182.59.234.27 # 1515218428 (2018/01/06 06:00:28)
ALL : 46.246.41.37 # 1515219851 (2018/01/06 06:24:11)
ALL : 165.227.210.201 # 1515221449 (2018/01/06 06:50:49)
ALL : 59.96.24.217 # 1515222974 (2018/01/06 07:16:15)

The info after the # is the line creation date, not the last attack date, in seconds-since-epoch followed by the human-readable form in parentheses (YYYY/MM/DD hh:mm:ss).

NOTE: From time to time I clean up and reinitialize these lists.

CV Summary:

Education:		PhD, The Open University, UK
		MS & BA, The University of California at Berkeley, USA
Employment:
	2018 - present	Retired.
	2010 - 2018	Mostly retired. Auto-Entrepreneur, Frogfish Technologies, UK
	2003 - 2010	Lecturer, The Open University (OU) Milton Keynes, UK
	2008 - 2009	Professor, Asia Pacific University College of Technology & Innovation (UCTI), Kuala Lumpur, Malaysia (while on leave from the Open University)
	2001 - 2003	Professor, The European School of Economics, Paris, France
	1999 - 2003	Associate Professor (Adjunct), The American University of Paris, Paris, France
	Previous:	Sun Microsystems, Paris, France, and Milan, Italy
		Synersoft, Paris, France
		ADPgsi Employer Services, Paris, France, and Bremen, Germany
		Rational Software Corp, Santa Clara, CA, USA
		Wyse Technology, San Jose, CA,USA
		Syntrex Inc., Eatontown, NJ, USA
		Bell Telephone Laboratories, Murray Hill, NJ, USA
		Bell Northern Research, Palo Alto, CA, USA

Publications and other academic activities:

Publications:

[IEEE notice] "This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder."

Lionel Montrieux, Jan Jürjens, Charles B. Haley, Yijun Yu, Pierre-Yves Schobbens, and Hubert Toussaint, "Tool Support for Code Generation from a UMLsec Property," in Proc. of the 25th International Conference on Automated Software Engineering (ASE'10), Antwerp, Belgium, ACM, 20-24 September 2010, pp. 357-358. (pdf)
Thein Than Tun, Yijun Yu, Charles Haley, Bashar Nuseibeh, "Model-Based Argument Analysis for Evolving Security Requirements," in Proc. of the 2010 Fourth International Conference on Secure Software Integration and Reliability Improvement (SSIRI'10), Singapore, IEEE, 9-11 June 2010, pp. 88-97 (pdf)
Thein Than Tun, Rod Chapman, Charles Haley, Robin Laney, and Bashar Nuseibeh, "A Framework for Developing Feature-Rich Software Systems," in Proc. of the 16th Annual IEEE International Conference and Workshop on the Engineering of Computer Based Systems (ECBS'09). San Francisco, CA, USA: IEEE, 14-16 Apr 2009, pp. 206-214 (pdf)
Bashar Nuseibeh, Charles B. Haley, and Craig Foster, "Securing the Skies: In Requirements We Trust," IEEE Computer, vol. 42 no. 9 (Sep 2009), pp. 64-72. (pdf)
Charles B. Haley and Bashar Nuseibeh, "Bridging Requirements and Architecture for Systems of Systems," Proceedings of the 3rd International Symposium on Information Technology (ITSIM'08), Kuala Lumpur, Malaysia: 28 Aug 2008. (pdf)
Charles B. Haley, Robin Laney, Jonathan D. Moffett, and Bashar Nuseibeh, "Security Requirements Engineering: A Framework for Representation and Analysis," Transactions on Software Engineering (IEEE), vol. 34 no. 1 (Jan 2008), pp. 133-153. (pdf)
Charles B. Haley, Jonathan D. Moffett, Robin Laney, and Bashar Nuseibeh, "A Framework for Security Requirements Engineering," in Proceedings of the 2006 Software Engineering for Secure Systems Workshop (SESS'06), co-located with the 28th International Conference on Software Engineering (ICSE'06). Shanghai China, 20-21 May 2006, pp. 35-42. (pdf)
Victor Page, Robin Laney, Maurice Dixon, and Charles Haley, "Trust Obstacle Mitigation for Database Systems," in Proceedings of the 23rd British National Conference on Databases, BNCOD'06, vol. 4042/2006, Lecture Notes in Computer Science. Queen's University Belfast, Northern Ireland: Springer Berlin / Heidelberg, 18-20 Jul 2006, pp. 254-257. (pdf)
Charles B. Haley, Jonathan D. Moffett, Robin Laney, and Bashar Nuseibeh, "Arguing Security: Validating Security Requirements Using Structured Argumentation," in Proceedings of the Third Symposium on Requirements Engineering for Information Security (SREIS'05) held in conjunction with the 13th International Requirements Engineering Conference (RE'05). Paris, France, 29 Aug 2005 (pdf)
Charles B. Haley, Robin C. Laney, Jonathan D. Moffett, and Bashar Nuseibeh, "Using Trust Assumptions with Security Requirements," Requirements Engineering Journal, vol. 11 no. 2 (April 2006), pp. 138-151. (pdf)
Charles B. Haley, Robin C. Laney, and Bashar Nuseibeh, "Arguing Security: Validating Security Requirements Using Structured Argumentation," Department of Computing, The Open University, Milton Keynes UK, Technical Report 2005/04, 21 March 2005. (pdf)
Charles B. Haley, Robin C. Laney, Jonathan D. Moffett, and Bashar Nuseibeh, "The Effect of Trust Assumptions on the Elaboration of Security Requirements," in Proceedings of the 12th International Requirements Engineering Conference (RE'04). Kyoto Japan: IEEE Computer Society Press, 6-10 Sep 2004, pp. 102-111. (pdf)
Jonathan D. Moffett, Charles B. Haley, and Bashar Nuseibeh, "Core Security Requirements Artefacts," Department of Computing, The Open University, Milton Keynes UK, Technical Report 2004/23, June 2004. (pdf)
Charles B. Haley, Robin C. Laney, and Bashar Nuseibeh, "Using Problem Frames and Projections to Analyze Requirements for Distributed Systems," in Proceedings of the Tenth International Workshop on Requirements Engineering: Foundation for Software Quality (REFSQ'04) at the 16th International Conference on Advanced Information Systems Engineering (CAiSE'04), Björn Regnell, Erik Kamsties, and Vincenzo Gervasi, Eds. Riga, Latvia: Essener Informatik Beiträge, 7-8 Jun 2004, pp. 203-217 (pdf)
Charles B. Haley, Robin C. Laney, and Bashar Nuseibeh, "Extending Problem Frames Projections to Support Subproblems as Services," presented at First International Workshop on Advances and Applications of Problem Frames (IWAAPF'04) at the 26th International Conference on Software Engineering (ICSE'04), Edinburgh, Scotland, 24 May 2004. (pdf)
Charles B. Haley, Robin C. Laney, Jonathan D. Moffett, and Bashar Nuseibeh, "Picking Battles: The Impact of Trust Assumptions on the Elaboration of Security Requirements," in Proceedings of the Second International Conference on Trust Management (iTrust'04), vol. 2995, Christian Jensen, Stefan Poslad, and Theo Dimitrakos, Eds. St Anne's College, Oxford UK: Lecture Notes in Computer Science (Springer-Verlag), 29 Mar - 1 Apr 2004, pp. 347-354. (pdf)
Charles B. Haley, Robin C. Laney, and Bashar Nuseibeh, "Deriving Security Requirements from Crosscutting Threat Descriptions," in Proceedings of the Third International Conference on Aspect-Oriented Software Development (AOSD'04), Karl Lieberherr, Ed. Lancaster UK: ACM Press, 22-26 Mar 2004, pp. 112-121. ( pdf)
Charles B. Haley, Michael Jackson, Robin C. Laney & Bashar Nuseibeh. An Example Using Problem Frames: Analysis of a Lighting Control System, Department of Computing. The Open University, Technical Report 2003/18, 5 Dec 2003. (pdf)
Charles B. Haley, Robin C. Laney, Jonathan D. Moffett, and Bashar Nuseibeh, "Using Trust Assumptions in Security Requirements Engineering," in The Second Internal iTrust Workshop On Trust Management In Dynamic Open Systems. Imperial College, London UK, 15-17 Sep 2003. (pdf)
Charles B. Haley, "Using Problem Frames With Distributed Architectures: A Case for Cardinality on Interfaces," in The Second International Software Requirements to Architectures Workshop (STRAW'03) at the International Conference on Software Engineering (ICSE '03). Portland OR USA, 9 May 2003. (pdf)
Charles B. Haley and Bashar Nuseibeh, "Going On-Line on a Shoestring: An Experiment in Concurrent Development of Requirements and Architecture," in Proceedings of the SSGRR 2003w International Conference on Advances in Infrastructure for e-Business, e-Education, e-Science, e-Medicine, and Mobile Technologies on the Internet. L'Aquila Italy: Telecom Italia Learning Services, 6-11 Jan 2003. (pdf)
Neil B. Cohen, Charles B. Haley, Scott Henderson & Chak Won. "Gemini - A Reliable Local Network," In Proceedings of the Sixth Berkeley Workshop on Distributed Data Management and Computer Networks. Asilomar CA USA, 1982, pp. 1-22.
Charles B. Haley, T. M. London, J. F. Maranzano, and Dennis M. Ritchie, "Alternate Implementation Proposal for Unix/370," Bell Laboratories, Murray Hill NJ USA, Internal Technical Memorandum, 1979. (pdf)
Susan L. Graham, Charles B. Haley & William N. Joy. "Practical LR Error Recovery," In Proceedings of the SIGPLAN '79 Symposium on Compiler Construction. Denver CO USA: ACM Press, 1979, pp. 168-175. (pdf)
Charles B. Haley, "A Method for Sharing Process Stacks in a Telephone Switch," Murray Hill NJ USA, Bell Telephone Laboratories Internal Technical Memorandum, 1978.

Books & Book Chapters

Charles B. Haley, Arguing Security: A Framework for Analyzing Security Requirements. Saarbrücken: VDM Verlag Dr Müller, 2008, 117 pp, ISBN 978-3-639-09440-4.
Charles B. Haley, Robin C. Laney, Jonathan D. Moffett, and Bashar Nuseibeh, "Arguing Satisfaction of Security Requirements," in Information Security and Ethics: Concepts, Methodologies, Tools, and Applications, Hamid Nemati, Ed.: Information Science Reference, 2008, pp. 3199-3221
Simon J. Buckingham Shum, Albert M. Selvin, Maarten Sierhuis, Jeff Conklin, Charles B. Haley, and Bashar Nuseibeh, "Hypermedia Support for Argumentation-Based Rationale: 15 Years on from gIBIS and QOC," in Rationale Management in Software Engineering, Allen H. Dutoit, Raymond McCall, Ivan Mistrik, and Barbara Paech, Eds.: Springer-Verlag, 2006, pp. 111-132
Charles B. Haley, Robin C. Laney, Jonathan D. Moffett, and Bashar Nuseibeh, "Arguing Satisfaction of Security Requirements," in Integrating Security and Software Engineering: Advances and Future Vision, Haralambos Mouratidis and Paolo Giorgini, Eds.: Idea Group, 2006, pp. 16-43. (pdf)

PhD Dissertation:

Charles B. Haley, "Arguing Security: A Framework for Analyzing Security Requirements," PhD Dissertation, The Open University, Milton Keynes, UK, 2007. (pdf single-sided, pdf double-sided)

Presentations and Other Publications

Charles B. Haley: "Security Requirements Engineering: what is it, and why do it?", opening keynote address presented at the Third International Conference on Advanced Computing and Communication Technologies (ICACCT), Panipat, India, 8 November 2008
Charles B. Haley: "Arguing Security: Validating Security Requirements Using Structured Argumentation" presented at The Requirements Engineering Specialist Group of the British Computer Society, 7 December 2005, "RE for Safety and Dependability".
Charles B. Haley. "Arguing Security: Security Requirements and Anti-Requirements", keynote address presented at the 19th Brazilian Symposium on Software Engineering (SBES'05), Uberlandia Brazil, 5 October 2005.
Charles B. Haley, Robin C. Laney, and Bashar Nuseibeh, "Extending Problem Frames Projections to Support Subproblems as Services," presented at First International Workshop on Advances and Applications of Problem Frames (IWAAPF'04) at the 26th International Conference on Software Engineering (ICSE'04), Edinburgh, Scotland, 24 May 2004.
Charles B. Haley. "Building a Customizable Conductor Application," Forte Forum '98, San Francisco CA USA, 1998.
William N. Joy, Susan L. Graham, Charles B. Haley, Marshall Kirk McKusick, and Peter B. Kessler, "Berkeley Pascal User's Manual Version 3.1." Berkeley CA USA: Computer Science Division, Department of Electrical Engineering and Computer Science, University of California at Berkeley, 1986. (pdf)
Charles B. Haley, "File Structures for Editing Over Local Area Networks," presented at Sixth Annual Frost & Sullivan Telecommunications Conference on Local Area Networks (1983), 1983.
Charles B. Haley & Dennis M. Ritchie. Setting Up Unix -- Seventh Edition, Bell Laboratories. Murray Hill NJ USA, 1979. (pdf)
Charles B. Haley & Dennis M. Ritchie. Regenerating System Software, Bell Laboratories. Murray Hill NJ USA, 1979. (pdf)

Program Committees & Book Reviews

Software Engineering for Secure Systems (SESS’10), held in conjunction with the 32nd International Conference on Software Engineering (ICSE'10), 2 May 2010, Cape Town, South Africa.
25th Annual ACM Symposium on Applied Computing (SAC'10), Requirements Engineering Track, 22-26 March 2009, Lausanne, Switzerland
12th IBIMA Conference on Innovation and Knowledge Management (IBIMA'09b), 29-30 June 2009, Kuala Lumpur, Malaysia
Software Engineering for Secure Systems (SESS’09), held in conjunction with the 31st International Conference on Software Engineering (ICSE'09), 19 May 2009, Vancouver, Canada.
11th IBIMA Conference on Innovation and Knowledge Management (IBIMA'09a), 4-6 Jan 2009, Cairo Egypt
24th Annual ACM Symposium on Applied Computing (SAC'09), Requirements Engineering Track, 8-12 March 2009, Honolulu, Hawaii, USA
The 2008 International Conference on Computer Engineering & Systems (ICCES'08), 25-27 November 2008, Cairo Egypt.
Software Engineering for Secure Systems (SESS’08), held in conjunction with the 30th International Conference on Software Engineering (ICSE'08), 17-18 May 2008, Leipzig, Germany.
23rd Annual ACM Symposium on Applied Computing (SAC'08), Requirements Engineering Track,16-20 March 2008, Fortaleza, Ceará, Brazil
Sixth International Workshop on Requirements for High Assurance Systems (RHAS'07), held in conjunction with the 15th IEEE International Requirements Engineering Conference, October 2007, Delhi, India
Software Engineering for Secure Systems (SESS’07), held in conjunction with the 29th International Conference on Software Engineering (ICSE'07), 19-20 May 2007, Minneapolis, MN, USA.
Workshop on Early Aspects: Current Challenges and Future Directions (EA'07), held in conjunction with the 6th International Conference on Aspect-Oriented Software Development (AOSD'07). March 2007, Vancouver, BC, Canada.
Software Engineering for Secure Systems (SESS'06), 20-21 May 2006, Shanghai, China
Australian Workshop on Requirements Engineering (AWRE'05), 22-23 November 2005, Melbourne, Australia
Workshop on Early Aspects: Aspect-Oriented Requirements Engineering and Architecture Design (EA'05b), in conjunction with the ACM Conference on Object-Oriented Programming, Systems, Languages and Applications (OOPSLA), October 16, San Diego, California, USA.
Symposium on Requirements Engineering for Information Security (SREIS'05), held in conjunction with the 3th IEEE International Requirements Engineering Conference (RE'05), 29 August-2 September 2005, Paris, France
Workshop on Software Engineering for Secure Systems (SESS05) Building Trustworthy Applications, held in conjunction with the 27th International Conference on Software Engineering (ICSE'05), 15-21 May 2005, St. Louis IL, USA
Workshop on Early Aspects: Aspect-Oriented Requirements Engineering and Architecture Design (EA'05a), held in conjunction with the 4th International Conference on Aspect-Oriented Software Development (AOSD'05), 14-18 March 2005, Chicago IL, USA.
Workshop on Early Aspects: Aspect-Oriented Requirements Engineering and Architecture Design (EA'04b), held in conjunction with ACM SIGPLAN Conference on Object-Oriented Programming Systems, Languages and Applications (OOPSLA'04), 24-28 October 2004, Vancouver BC, Canada.
Workshop on Early Aspects: Aspect-Oriented Requirements Engineering and Architecture Design (EA'04a), held in conjunction with the 3rd International Conference on Aspect-Oriented Software Development (AOSD'04), 22-26 March 2004, Lancaster, UK.
Workshop on Early Aspects: Aspect-Oriented Requirements Engineering and Architecture Design (EA'03), held in conjunction with the 2nd International Conference on Aspect-Oriented Software Development (AOSD'03), 17-21 March 2003, Boston MA, USA.
Reviewer for IEEE Transactions on Software Engineering, LNCS Transactions on Aspect-Oriented Software Development, Journal of Systems & Software, Software Quality Journal, Automated Software Engineering, IEEE Software, Journal of Computer Science and Technology, EPSRC (UK), and NSERC (Canada). Delegated reviewer for REFSQ’07, FASE’05, FSE'04, ICSE'04, RE'04, RE'03.

Books reviewed before publication:

Ivar Jacobson & Pan-Wei Ng, Aspect-Oriented Software Development with Use Cases, Addison Wesley Professional, ISBN 0321268881 (Paperback), Jan 2005, 464 pages.
Siobhàn Clarke & Elisa Baniassad, Aspect-Oriented Analysis and Design: The Theme Approach, Addison Wesley Professional, ISBN 0321246748, Mar 2005, 400 pages.

Grants

Co-investigator on the 2009 EU 7th FWP "Security engineering for lifelong evolvable systems (SECURECHANGE)", (total project budget 7.06 million euro)
Co-investigator on the 2007 Royal Society Joint International Project grant “Modelbased Formal Security Analysis of Crypto-Protocol Implementations” (UK£ 10,000).
Co-investigator on the 2004 EPSRC grant “Relating problem and solution structures in feature-based software” (UK£ 120,000).

Home page for Charles B. Haley (C. B. Haley).
Page last changed: 03 July 2024