才子の良辰

今天收到了系里小米的邮件，告知我通过了了Phd candidacy exam, 正式成为Phd Candidate。算是在美国生活的一个Milestone吧。纪念一下。

ps: 考完candidacy之后去了加州玩了一趟，这两天事情比较多，游记日后再补。

Today I officially become a Ph.D. candidate at the College of Information Sciences and Technology, the Pennsylvania State University. LOL

今天终于正式把candidacy的paper定稿了。记得以前看到句话，完了，也完了。自知定题不好，写的时候也是拖三拉四，到最后一个礼拜实在是没时间再修改题目，只能将错就错。预感到答辩的时候会被批得很惨。

我就是个矛盾的人。其实就算没pass又怎样呢？当年还满怀憧憬地说，要不我就故意fail吧。哪怕是现在，我还是倾向于拿到master回国。可是我就是这么个好强的人，我不喜欢让别人来拒绝我，哪怕是我不想读Phd了，我也希望能pass这个考试，然后带着强者的姿态离开。

罢了，既然现状已无法改变，就要对自己的行为负责。无论pass还是fail,都要平静的接受这个结果。

Version 0.1, created after meeting with Prof. McGill on May 8th. Better be done before mid of June. The list is not in formal reference format. Books

1. Against the Gods
2. The Black Swan
3. The Failure of Risk Management
4. Risk Intelligence

Papers

1. Kaplan and Garrick, "On the Quantitative Definition of Risk."  Risk Analysis, Vol. 1, No. 1.
2. Haimes, Y. Y. "Total Risk Management"
3. Giovanni, "What is Security"
4. Giovanni, "Is Security Utilitarian"
5. Giovanni, "Risk and Security, Are They Compatible Concepts?"
6. Giovanni, "The Management of Security, How Robust Is the Justification Process"
7. Qualitative Risk Assessment, the book chapter
8. How useful is quantitative risk assessment
9. Kaplan, S., and Garrick, B. J. (1981). “On the Quantitative Definition of Risk.” Risk
   Analysis, Vol. 1, No. 1, pp. 11-27.
10. The decision guidance paper
11. Pate-Cornell, E., and Guikema, S. (2002). “Probabilistic Modeling of Terrorist Threats: A
    Systems Analysis Approach to Setting Priorities Among Countermeasures.”
    Military Operations Research, Vol. 7, No. 4, pp. 5-23.
12. Frank Knight, Risk, Uncertainty and Profit
13. Giovanni, Defining Security
14. The politics of security
15. McGill, W. L., and Ayyub, B. M. (2007b). “The Meaning of Vulnerability in the Context
    of Critical Infrastructure Protection.” in Jackson, E. ed. Critical Infrastructure
    Protection: Elements of Risk. George Mason University Critical Infrastructure
    Protection Program.
16. Executive Guide: Information Security Management: Learning From Leading Organizations. (GAO/AIMD-98-68, May 1998)
17. Information Security Risk Assessment: Practices of Leading Organizations. GAO/AIMD-00-33
18. CERT report
19. Windoes of vulnerability, a case study analysis.
20. Guidelines  for automatic data processing physical security and risk management
21. Guideline for the analysis of local area network security
22. NIST, risk management guide draft
23. AS/NZS 4360:1999 Risk Management
24. Information Security is Information RIsk Management
25. Wash-1400

26.  

Thanks to Dr. Mary Beth Rosson and Dr.John Yen  for giving us the opportunity to ask questions about the Ph.D. candidacy exam. The notes from the meeting are attached.

Length

• Better use 1.5 or doube space for commitee members to write comments.
• 20 pages are the minimum. 10k ~ 20k words are ideal. But it all depends on the topic.
• 30 ~ 50 references.

Criteria

• In depth, interdisciplinary, evidence of integration.
• Synthesis, a good way is to present own creative elements. The simplest approach is to use tables. For design research, could show design ideas.
• Research implication.

“Reuse” of Sources

• Try to rephrase instead of simply put quotes.
• Could use ‘Turnitin’ to check whether there is a risk of plagiraism.

Role of the Advisor and Committee Members

• For candidacy exam, commitee members do not involve much during preparation of the exam. However, better to talk them before about the contents otherwise they might suprise you by asking tough questions.
• Advisor could give suggestions on the organization of the paper and evaluate the value of literature.

Miscellaneous Suggestions

• Understand the issue first before deciding the organization.
• Title, abstract, reference, table of content are read first by reviewers.
• Motivation of the paper is important.
• Pay attention to the recency of the reference. Stress why ‘old’ reference still matters.
• Visual expression is good  (e.g. figures).
• Good structure is to address own point first and cite literature to support it.
• Could address the scope first in order to avoid tough questions during presentation that cannot be answered.

Reminder

• The exam will be held during 08/13/2009 – 08/21/2009.
• The presentation might be 20 minutes. Will be decided later.