Dr. Dae-young (Leroy) Kim

Ph.D. , Information Systems, 2023

Dr. Kim was advised by Dr. Karuna Joshi from 2019-2023. His research interests lie in Health Informatics, Health IT standards, and Cloud Computing Security. He worked on the Trusted Compliance Enforcement (TRUCE) and the  Delegated Access Control using ABE project, looking at techniques for trusted and secure data exchange of large datasets.

He is currently a Postdoc researcher in the Center for Translational Research at Children’s National Hospital.

PublicationsGoogle Scholar 

  1. D. L. Kim, N. Alodadi, Z. Chen, K. P. Joshi, A. Crainiceanu, and D. Needham, “MATS: A Multi-aspect and Adaptive Trust-based Situation-aware Access Control Framework for Federated Data-as-a-Service Systems“, IEEE International Services Computing Conference (SCC) 2022 in IEEE World Congress on Services 2022, July 2022
  2. D. L. Kim, L. Elluri, and K. P. Joshi, “Trusted Compliance Enforcement Framework for Sharing Health Big Data“, IEEE BigData 2021 4th Special Session on HealthCare Data, December 2021.
  3. D. L. Kim and K. P. Joshi, “A Semantically Rich Knowledge Graph to Automate HIPAA Regulations for Cloud Health IT Services,”7th IEEE International Conference on Big Data Security on Cloud (BigDataSecurity 2021), May 2021.

Dae-young successfully defended his Ph.D. Thesis on July 20, 2023.

Title: Trusted Compliance Enforcement Framework for Large Volume and High Velocity Data

Committee: Dr. Karuna P Joshi (Chair), Dr. Zhiyuan Chen, Dr.  Vandana Janeja, Dr.  Shimei Pan, Dr.  Sanjay Purshottam, Dr. Tim Finin


Organizations are increasingly sharing large volumes of datasets with each other to better manage their services. These datasets often contain sensitive Personally Identifiable Information (PII) about individuals, like those pertaining to their health, finance, or cybersecurity. Protecting PII data has become increasingly important in today’s digital age, and several regulations have been formulated to ensure the secure exchange and management of sensitive personal data. However, at times some of these regulations are at loggerheads with each other, like the Health Insurance Portability and Accountability Act (HIPAA)  and Cures Act; and this adds complexity to the already challenging task of Data compliance. As public concern regarding sensitive data breaches grows, finding solutions that streamline compliance processes and enhance individual privacy is crucial.

We have developed a novel TRUsted Compliance Enforcement (TRUCE) framework for secure data exchange at high volume and high velocity, which aims to automate compliance procedures and enhance trusted data management within organizations. This framework, developed using approaches from AI/Knowledge representation and Semantic Web technologies, includes a trust management method that incorporates static ground truth, represented by regulations such as HIPAA, and dynamic ground truth, defined by an organization’s policies. The effectiveness of the TRUCE Framework is validated through real-world use cases, including health data exchange and maritime Search and Rescue (SAR) missions.  Our methods serve to streamline compliance efforts and ensure adherence to privacy regulations and can be used by organizations to manage compliance of large velocity data exchange at real time.

Dae-young successfully defended his Ph.D. Proposal in October 2021.

Proposal: Trusted Compliance Enforcement Framework for Large Volume and High Velocity Healthcare Data
Committee: Dr. Karuna P Joshi (Chair), Dr. Zhiyuan Chen, Dr.  Vandana Janeja, Dr.  Shimei Pan, Dr.  Sanjay Purshottam, Dr. Tim Finin
Abstract: COVID pandemic management via contact tracing and vaccine distribution has resulted in a large volume and high velocity of Health-related data being collected and exchanged among various healthcare providers, regulatory and government agencies, and people. This unprecedented sharing of sensitive health-related Big Data has raised technical challenges of ensuring robust data exchange while adhering to security and privacy regulations. There must be trust between organizations to catalyze health data exchange. Healthcare organizations need to be confident that the counter entities are authentic and they provide trustworthy health information. We have developed a semantically rich and trusted Compliance Enforcement Framework for sharing large velocity Health datasets.  This framework, built using Semantic Web technologies, defines a Trust Score for each participant in the data exchange process and includes ontologies combined with policy reasoners that ensure data access complies with health regulations, like Health Insurance Portability and Accountability Act (HIPAA). It includes access control delegation through HIPAA, organizations’ policies, and trust levels between organizations. We have validated our framework by applying it to the Centers for Disease Control and Prevention (CDC) Contact Tracing Use case by exchanging over 1 million synthetic contact tracing records.  Furthermore, we explore how our framework can reduce information blocking and contribute to the trusted exchange framework proposed by the Cures Act. We believe our research can facilitate real-time secure data exchange between organizations, leading to high-quality healthcare and patient rights enhancement.