Research in the Ph.D. program in Computation, Organizations and Society (COS) appears at the confluence of computer science and a combination of management, social science, law, and policy. Projects in COS are heavily rooted in computer science, but are a multi-disciplinary pursuit. Recent research areas include privacy technology, social networks and e-business. Student and Faculty publications are on the Publications page. There is one center and 4 labs associated with COS.
Research Centers and Labs
- Center for Computational Analysis of Social and Organizational Systems
- Mobile Commerce Lab
- e-Supply Chain Management Lab
- CMU Usable Privacy and Security (CUPS) Lab
Illustrative Key Projects:
Kathleen M. Carley's research is in the area of dynamic network analysis, social networks, and multi-agent systems. Both method development and applications are being worked on concurrently. Critical current projects are:
- Rapid Ethnographic Retrieval: Going from free form text to networks to multi-agent simulation so that the wealth of qualitative data can be rapidly assessed and reasoned about for various populations. Areas of focus: Afghanistan, Sudan, Iraq.
- Lies and Errors: Detecting, reasoning about, and modeling when and why agents act deceptively, intentionally or inadvertently, the impact of such deception on behavior, and then using such agent models to improve reasoning about strategic adaptive agents and the ways in which their behavior can be altered through education and other courses of action. Areas of application, tax paying behavior, counter-terrorism, and insurgency.
- Organizational Design and Management: Network based approaches for designing, assessing and managing organizations. Applications include, impact of mergers, brigade and battalion organization, performance of public health organizations, and performance in critical care units in hospitals.
Travis D. Breaux's research is in the area of requirements and software engineering, risk and legal compliance, accessbility, privacy, and security.
As computers and information sharing increasingly pervade our everyday lives, we need greater assurance that software can and will conform to social and personal expectations. Increasingly, it plays a role in personal freedom, whether it be through accessibility, privacy or security. To improve software quality and reliability, my research addresses the challenges to aligning laws, regulations and policies with software specifications. This includes studying:
- Formal languages to express policies and system requirements and tools to reason about conflicts, inconsistencies and ambiguities within and among policies and specifications;
- Methods to enable business analysts and software developers to analyze and refine policy into measurable system specifications that can be monitored over time; and
- Communities of practice that include diverse backgrounds, viewpoints and expertise, including law, computer science, government, industry and the public.
Lorrie Cranor does work in three areas: usable privacy and security, privacy decision making and supporting trust decisions.
Usable privacy and security: The privacy and security research community has become increasingly aware that usability problems severely impact the effectiveness of mechanisms designed to provide security and privacy in software systems. Our research employs a combination of three high-level strategies to make secure systems more usable:
- building systems that just work, without involving humans in security-critical functions;
- making secure systems intuitive and easy to use;
- teaching humans how to perform security-critical tasks.
Her second line of research is on privacy decision making: While most people claim to be very concerned about their privacy, they do not consistently take actions to protect it. Web retailers detail their information practices in their privacy policies, but most of the time this information remains invisible to consumers. Our research focuses on understanding how individuals make privacy-related decisions and in finding ways to make privacy information more usable to consumers.
Third, she does work on Supporting trust decisions: When Internet users are asked to make trust decisions, for example, decisions about whether or not provide information in response to an email that claims to have been sent by a trusted entity, they often make the wrong decision. Attackers are able to take advantage of most users' poor trust decision-making skills through a class of attacks known as semantic attacks. Our research focuses both on automating the detection of phishing and other semantic attacks, and in educating end users about how to protect themselves from these attacks.
Zico Kolter's research focuses on computational approaches to sustainable energy domains, and core challenges arising in machine learning, optimization, and control in these areas. On the application side, my interests range from improving the efficiency of generation, controlling power in smart grids, and analyzing energy consumption in homes and buildings. To attack these problems I focus on techniques from machine learning, reinforcement learning, time series prediction, approximate inference, and convex optimization, amongst others.
Some of my most recent research projects include:
- Energy disaggragation
- Wind turbine modeling and learning control
- Building energy prediction
- Reinforcement learning algorithms and theory
Jim Herbsleb's research focuses on how teams actually manage to get work done -- whether it the creation of code and a governance structure in Open Source software projects such as Eclipse, Apache, and GNOME or understanding how a distributed engineering team shares ideas and develops processes to send a robot to the moon and win the Google Lunar X-Prize -- there is currently a gap in knowledge of how teams perceive the dependencies of work and organize themselves for success. By studying the interactions at all levels of these organizations, including individuals, corporations, and foundations, he provides valuable insight into the process of performing modern complex intellectual work.
Norman Sadeh is working on three major research projects. The first is automated supply chain trading. This project involves developing technology to assist in the management and operations of companies in various types of supply chains. Examples include automated pricing algorithms, machine learning techniques for better forecasting of supply and demand, and management techniques for integrating these different technologies. Much of the research in this area centers on the Trading Agent Competition in Supply Chain Management, which was started by Norman in 2003 to encourage friendly competition amongst researchers from both academia and industry.
The second project involves developing anti-phishing technology. This involves creating better spam filters that can adapt to new types of phishing attacks more successfully than traditional ones. It also involves developing tools to help educate people who have fallen for or are at risk of falling for a phishing attack.
The third project is the PeopleFinder project. This project centers on the development of a web-based service, which allows users to share their current location with their friends and family. However, the primary goal of the PeopleFinder project is to understand not only the technology behind such a service (e.g., clients that can run on cell phones, laptops with WiFi, or PDAs), but also users attitudes towards the privacy implications if such a service were in widespread use. To this end, studies are conducted to measure the level of control users require over who gets to see their location and when.
Recent Project Areas
- Supporting Trust decisions
- Usability privacy and security
- Coordination of open source software development teams
- Vulnerabilities in terror and drug networks
- Social network extraction from texts
- Computational analysis of leadership
- Computational technology for sustainability
- Automated negotiation
- Data privacy
- Dynamic network modeling
- Dynamic network analysis
- Electronic market mechanisms
- Multi-agent systems
- Privacy-preserving data mining
- Privacy rights management
- Privacy technology (including surveillance, video, GPS)