ÿþ<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <?xml version="1.0" encoding="utf-8"?> <html xmlns="http://www.w3.org/1999/xhtml" > <head> <title>Homepage Andr&eacute; van Cleeff</title> </head> <body> <h1>Homepage Andr&eacute; van Cleeff</h1> <h2>Introduction</h2> <p> <img src="Images/Andre van Cleeff.png" style="float:left;margin-right:10px;margin-bottom:20px;" alt="André van Cleeff"/> I am a researcher/PhD candidate at the Information Systems Group, working on the <a href="http://www.utwente.nl/ewi/visper/">VISPER</a> project. <br /> Previously I studied Computer Science at Leiden University and Sociology at the Erasmus University of Rotterdam. <br /> I have six years of experience in the software industry while working as a software engineer for LabWing B.V.. </p> <br style="clear:both"/> <h2>Research interests</h2> <h3>Differences between physical and digital security</h3> <p> I am interested in why and how physical and digital security differ.<br /> To answer these questions, I am performing a number of case studies on virtualization, e-voting and location-based access control.<br /> With these I hope to gather enough material to see whether it is possible <br /> (i) to make IT more physical in its behavior or <br /> (ii) to virtualize physical structures inside IT. </p> <h3>Social networking</h3> <p>Can we build a better and more secure Facebook? Conclusion: yes this can be done - but no one has an interest in doing this, except as an academic excercise. <br /> Therefore, the only thing left is to offer consumers a tool for <a href="http://eprints.eemcs.utwente.nl/18956/">security risk management</a>, which I am building at the moment. </p> <h3>Control structures and administrators</h3> <p> I am gathering evidence for the thesis that there are many advantages to having systems without administrators.<br /> Administrators are a relict of the 1960s and 1970s - decent multi-user software might be better based on checks and balances.<br /> But what do such systems look like?<br /> <a href="Documents/MA Thesis - The Inevitable Rise of the Administrators.html">The inevitable rise of the administrators</a>. My Master thesis for sociology.<br /> <a href="Documents/Telegraaf.html">Computergebruikers leven in dictatuur</a>. Article from Dutch newspaper De Telegraaf about the administrator problem.<br /> <a href="Documents/Presentation IS Seminar- 2008-01-08.html">Control structures in ICT</a>. Presentation for the Information Systems Group at 2008-01-08.</p> <h2>Teaching</h2> <p> Lecturer: <a href="http://www.kerckhoffs-institute.org/programme/optional.html#IS">Security of Information Services</a>. In 2010 we discussed SOA and cloud computing security.</p> <p>TA: <a href="http://webapps.utwente.nl/vist/en/vistservlet?node=utwente.vist.VistVakinfoResultNode&studie_jaar=2009&details=true&vak_code=233030"> Specification of Information Systems</a> </p> <h2>Publications</h2> <div class="citation_group"><h2>2012</h2> <div class="citation"> <span class="field_creators"><span class="person_name">Nunes Leal Franqueira, V.</span> and <span class="person_name">van Cleeff, A.</span> and <span class="person_name">van Eck, P.A.T.</span> and <span class="person_name">Wieringa, R.J.</span></span> (<span class="field_date_effective">2012</span>) <a href="http://eprints.eemcs.utwente.nl/19963/"><em><span class="field_title">Securing the Extended Enterprise: A Method for Analyzing External Insider Threat.</span></em></a> In: <span class="field_book_title">Strategic and Practical Approaches for Information Security Governance: Technologies and Applied Solutions.</span> <span class="field_publisher">IGI Global</span>, <span class="field_place_of_pub">Hershey, USA</span>. ISBN <span class="field_isbn_13">978-1-46660-197-0</span> </div></div><div class="citation_group"><h2>2011</h2> <div class="citation"> <span class="field_creators"><span class="person_name">van Cleeff, A.</span> and <span class="person_name">Pieters, W.</span> and <span class="person_name">Wieringa, R.J.</span> and <span class="person_name">van Tiel, F.</span></span> (<span class="field_date_effective">2011</span>) <a href="http://eprints.eemcs.utwente.nl/20549/"><em><span class="field_title">Integrated assessment and mitigation of physical and digital security threats: Case studies on virtualization.</span></em></a> <span class="field_publication">Information Security Technical Report</span>, <span class="field_volume">16</span> (<span class="field_number">3</span>). <span class="field_pagerange">pp. 1-8</span>. ISSN <span class="field_issn">1363-4127</span> </div></div><div class="citation_group"><h2>2010</h2> <div class="citation"> <span class="field_creators"><span class="person_name">van Cleeff, A.</span></span> (<span class="field_date_effective">2010</span>) <a href="http://eprints.eemcs.utwente.nl/17968/"><em><span class="field_title">A Risk Management Process for Consumers.</span></em></a> <span class="field_monograph_type">Technical Report</span> <span class="field_number">TR-CTIT-10-25</span>, <span class="field_publisher">Centre for Telematics and Information Technology University of Twente</span>, <span class="field_place_of_pub">Enschede</span>. ISSN <span class="field_issn">1381-3625</span> </div> <div class="citation"> <span class="field_creators"><span class="person_name">van Cleeff, A.</span></span> (<span class="field_date_effective">2010</span>) <a href="http://eprints.eemcs.utwente.nl/18956/"><em><span class="field_title">A Risk Management Process for Consumers: The Next Step in Information Security.</span></em></a> In: <span class="field_event_title">Proceedings of the 2010 Workshop on New Security Paradigms, NSPW 2010</span>, <span class="field_event_dates">21-23 Sep 2010</span>, <span class="field_event_location">Concord, MA, USA</span>. <span class="field_pagerange">pp. 107-114</span>. <span class="field_publisher">ACM</span>. ISBN <span class="field_isbn_13">978-1-4503-0415-3</span> </div> <div class="citation"> <span class="field_creators"><span class="person_name">van Cleeff, A.</span> and <span class="person_name">Pieters, W.</span> and <span class="person_name">Wieringa, R.J.</span></span> (<span class="field_date_effective">2010</span>) <a href="http://eprints.eemcs.utwente.nl/17334/"><em><span class="field_title">ANWB-enquete niet democratisch.</span></em></a> <span class="field_publication">NRC handelsblad</span>, <span class="field_volume">40</span> (<span class="field_number">25-01-2010</span>). <span class="field_pagerange">6</span>. ISSN <span class="field_issn">0002-5259</span> </div> <div class="citation"> <span class="field_creators"><span class="person_name">van Cleeff, A.</span> and <span class="person_name">Pieters, W.</span> and <span class="person_name">Wieringa, R.J.</span></span> (<span class="field_date_effective">2010</span>) <a href="http://eprints.eemcs.utwente.nl/17793/"><em><span class="field_title">Gooi eigen servers en pc's niet weg.</span></em></a> <span class="field_publication">Best Practice Magazine</span>, <span class="field_volume">4</span> (<span class="field_number">1</span>). <span class="field_pagerange">pp. 8-10</span>. ISSN <span class="field_issn">0891-060X</span> </div> <div class="citation"> <span class="field_creators"><span class="person_name">van Cleeff, A.</span> and <span class="person_name">Pieters, W.</span> and <span class="person_name">Wieringa, R.J.</span></span> (<span class="field_date_effective">2010</span>) <a href="http://eprints.eemcs.utwente.nl/18018/"><em><span class="field_title">Zorg liever voor een overzichtelijk stembiljet.</span></em></a> <span class="field_publication">NRC handelsblad</span>, <span class="field_volume">40</span> (<span class="field_number">07-06-2010</span>). <span class="field_pagerange">pp. 6-6</span>. ISSN <span class="field_issn">0002-5259</span> </div> <div class="citation"> <span class="field_creators"><span class="person_name">van Cleeff, A.</span> and <span class="person_name">Pieters, W.</span> and <span class="person_name">Wieringa, R.J.</span></span> (<span class="field_date_effective">2010</span>) <a href="http://eprints.eemcs.utwente.nl/18957/"><em><span class="field_title">Benefits of Location-Based Access Control:A Literature Study.</span></em></a> In: <span class="field_event_title">Proceedings of the 3rd IEEE/ACM International Conference on Cyber, Physical and Social Computing (CPSCom 2010)</span>, <span class="field_event_dates">18-20 Dec, 2010</span>, <span class="field_event_location">Hangzhou, China</span>. <span class="field_pagerange">pp. 739-746</span>. <span class="field_publisher">IEEE Computer Society</span>. ISBN <span class="field_isbn_13">978-1-4244-9779-9</span> </div> <div class="citation"> <span class="field_creators"><span class="person_name">Dimkov, T.</span> and <span class="person_name">van Cleeff, A.</span> and <span class="person_name">Pieters, W.</span> and <span class="person_name">Hartel, P.H.</span></span> (<span class="field_date_effective">2010</span>) <a href="http://eprints.eemcs.utwente.nl/18719/"><em><span class="field_title">Two methodologies for physical penetration testing using social engineering.</span></em></a> In: <span class="field_event_title">Proceedings of the Annual Computer Security Applications Conference (ACSAC)</span>, <span class="field_event_dates">06-10 Dec 2010</span>, <span class="field_event_location">Austin, Texas, USA</span>. <span class="field_pagerange">pp. 399-408</span>. <span class="field_publisher">ACM</span>. ISBN <span class="field_isbn_13">978-1-4503-0133-6</span> </div> <div class="citation"> <span class="field_creators"><span class="person_name">Nunes Leal Franqueira, V.</span> and <span class="person_name">van Cleeff, A.</span> and <span class="person_name">van Eck, P.A.T.</span> and <span class="person_name">Wieringa, R.J.</span></span> (<span class="field_date_effective">2010</span>) <a href="http://eprints.eemcs.utwente.nl/16493/"><em><span class="field_title">External Insider Threat: a Real Security Challenge in Enterprise Value Webs.</span></em></a> In: <span class="field_event_title">Proceedings of the Fifth International Conference on Availability, Reliability and Security (ARES'2010)</span>, <span class="field_event_dates">15-18 February 2010</span>, <span class="field_event_location">Krakow, Poland</span>. <span class="field_pagerange">pp. 446-453</span>. <span class="field_publisher">IEEE Computer Society</span>. ISBN <span class="field_isbn_13">978-0-7695-3965-2</span> </div></div><div class="citation_group"><h2>2009</h2> <div class="citation"> <span class="field_creators"><span class="person_name">van Cleeff, A.</span> and <span class="person_name">Pieters, W.</span> and <span class="person_name">Wieringa, R.J.</span></span> (<span class="field_date_effective">2009</span>) <a href="http://eprints.eemcs.utwente.nl/15485/"><em><span class="field_title">Security Implications of Virtualization: A Literature Study.</span></em></a> <span class="field_monograph_type">Technical Report</span> <span class="field_number">TR-CTIT-09-25</span>, <span class="field_publisher">Centre for Telematics and Information Technology University of Twente</span>, <span class="field_place_of_pub">Enschede</span>. ISSN <span class="field_issn">1381-3625</span> </div> <div class="citation"> <span class="field_creators"><span class="person_name">van Cleeff, A.</span> and <span class="person_name">Pieters, W.</span> and <span class="person_name">Wieringa, R.J.</span></span> (<span class="field_date_effective">2009</span>) <a href="http://eprints.eemcs.utwente.nl/16158/"><em><span class="field_title">Security Implications of Virtualization: A Literature Study.</span></em></a> In: <span class="field_event_title">2009 IEEE International Conference on Computational Science and Engineering (CSE09), volume 3</span>, <span class="field_event_dates">29 Aug - 31 Aug</span>, <span class="field_event_location">Vancouver, BC, Canada</span>. <span class="field_pagerange">pp. 353-358</span>. <span class="field_publisher">IEEE Computer Society</span>. ISBN <span class="field_isbn_13">978-0-7695-3823-5</span> </div> <div class="citation"> <span class="field_creators"><span class="person_name">van Cleeff, A.</span> and <span class="person_name">Pieters, W.</span> and <span class="person_name">Wieringa, R.J.</span></span> (<span class="field_date_effective">2009</span>) <a href="http://eprints.eemcs.utwente.nl/17116/"><em><span class="field_title">Gooi eigen servers en pc's niet weg.</span></em></a> <span class="field_publication">TIEM, Tijdschrift voor Informatie en Management</span>, <span class="field_volume">34</span>. <span class="field_pagerange">pp. 8-9</span>. ISSN <span class="field_issn">1572-5472</span> </div> <div class="citation"> <span class="field_creators"><span class="person_name">van Cleeff, A.</span> and <span class="person_name">Wieringa, R.J.</span></span> (<span class="field_date_effective">2009</span>) <a href="http://eprints.eemcs.utwente.nl/15325/"><em><span class="field_title">Rethinking De-Perimeterisation: Problem Analysis And Solutions.</span></em></a> In: <span class="field_event_title">Proceedings of the IADIS International Conference Information Systems 2009</span>, <span class="field_event_dates">25-27 Feb 2009</span>, <span class="field_event_location">Barcelona</span>. <span class="field_pagerange">pp. 105-112</span>. <span class="field_publisher">IADIS press</span>. ISBN <span class="field_isbn_13">978-972-8924-79-9</span> </div> <div class="citation"> <span class="field_creators"><span class="person_name">Pieters, W.</span> and <span class="person_name">van Cleeff, A.</span></span> (<span class="field_date_effective">2009</span>) <a href="http://eprints.eemcs.utwente.nl/15410/"><em><span class="field_title">The Precautionary Principle in a World of Digital Dependencies.</span></em></a> <span class="field_publication">IEEE Computer</span>, <span class="field_volume">42</span> (<span class="field_number">6</span>). <span class="field_pagerange">pp. 50-56</span>. ISSN <span class="field_issn">0018-9162</span> *** ISI Impact <span class="field_impact">2,205</span> *** </div> <div class="citation"> <span class="field_creators"><span class="person_name">Pieters, W.</span> and <span class="person_name">van Cleeff, A.</span></span> (<span class="field_date_effective">2009</span>) <a href="http://eprints.eemcs.utwente.nl/15414/"><em><span class="field_title">The precautionary principle in a world of digital dependencies.</span></em></a> <span class="field_monograph_type">Technical Report</span> <span class="field_number">TR-CTIT-09-23</span>, <span class="field_publisher">Centre for Telematics and Information Technology University of Twente</span>, <span class="field_place_of_pub">Enschede</span>. ISSN <span class="field_issn">1381-3625</span> </div> <div class="citation"> <span class="field_creators"><span class="person_name">Pieters, W.</span> and <span class="person_name">van Cleeff, A.</span> and <span class="person_name">Wieringa, R.J.</span></span> (<span class="field_date_effective">2009</span>) <a href="http://eprints.eemcs.utwente.nl/15795/"><em><span class="field_title">Voor goede keuzes heb je tijd nodig.</span></em></a> <span class="field_publication">Trouw</span>, <span class="field_volume">67</span> (<span class="field_number">19855, 5 Aug 2009</span>). <span class="field_pagerange">25</span>. ISSN <span class="field_issn">not assigned</span> </div></div><div class="citation_group"><h2>2008</h2> <div class="citation"> <span class="field_creators"><span class="person_name">van Cleeff, A.</span></span> (<span class="field_date_effective">2008</span>) <a href="http://eprints.eemcs.utwente.nl/14334/"><em><span class="field_title">Future consumer mobile phone security: A case study using the data-centric security model.</span></em></a> <span class="field_publication">Information Security Technical Report</span>, <span class="field_volume">13</span> (<span class="field_number">3</span>). <span class="field_pagerange">pp. 112-117</span>. ISSN <span class="field_issn">1363-4127</span> </div> <div class="citation"> <span class="field_creators"><span class="person_name">van Cleeff, A.</span> and <span class="person_name">Wieringa, R.J.</span></span> (<span class="field_date_effective">2008</span>) <a href="http://eprints.eemcs.utwente.nl/14329/"><em><span class="field_title">De-perimeterisation as a cycle: tearing down and rebuilding security perimeters.</span></em></a> <span class="field_monograph_type">Technical Report</span> <span class="field_number">TR-CTIT-08-65</span>, <span class="field_publisher">Centre for Telematics and Information Technology University of Twente</span>, <span class="field_place_of_pub">Enschede</span>. ISSN <span class="field_issn">1381-3625</span> </div></div> <h2>General interests and links</h2> <p> <a href="http://www.google.com">Google</a>, <a href="http://maps.google.com/">Google Maps</a> and <a href="http://scholar.google.com">Google Scholar</a>. Who is not impressed by their speed and ease of use?<br/> But is there something <a href="http://www.edge.org/3rd_culture/dyson05/dyson05_index.html">sinister</a> going on, is it making us <a href="http://www.theatlantic.com/doc/200807/google">stupid</a> and are we slowly <a href="http://www.imdb.com/title/tt0387808/" title="Idiocracy">dumbing down</a>? </p> <p> <a href="http://pdf.codev2.cc/Lessig-Codev2.pdf">Code v2</a>. Updated version of "Code and Other Laws of Cyberspace" by Lawrence Lessig. Please read it.</p> <p> Some <a href="http://www.paulgraham.com/articles.html">essays</a> by Paul Graham, related to startups and the American Dream. </p> <p> <a href="http://www.amazon.com/Winner-Take-All-Politics-Washington-Richer-Turned/dp/1416588698">Winner-Take-All Politics: How Washington Made the Rich Richer</a>. <br /> Do elections still matter? Is Congress's gridlock really neutral? See also the <a href="http://www.youtube.com/watch?v=547d2Ge_j2o">interview</a> with the authors. </p> <h2>Contact information</h2> <p> Andr&eacute; van Cleeff, MSc. MA<br /> Information Systems Group<br /> Faculty of Electrical Engineering, Mathematics and Computer Science<br /> University of Twente<br /> P.O. Box 217<br /> 7500 AE Enschede<br /> The Netherlands<br /> <br /> Email: a.vancleeff&lt;at&gt;utwente.nl<br /> Web: <a href="http://wwwhome.cs.utwente.nl/~cleeffa/">http://wwwhome.cs.utwente.nl/~cleeffa/</a><br /> Phone: +31 53 489 4281<br /> Office: Building 11 "Zilverling", Level 3, Room 3006</p> <script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E")); </script> <script type="text/javascript"> var pageTracker = _gat._getTracker("UA-3485542-1"); pageTracker._initData(); pageTracker._trackPageview(); </script> </body> </html>