■ RESEARCH INTERESTS

My research is the area of system security, confidential computing, trusted computing, applied cryptography, and data security. 

■ EDUCATION

Sep 2003 – Jan 2009,  Institute of Software, Chinese Academy of Sciences (ISCAS),  M.S. & Ph.D in Information Security and Network Security.

Sep 1999 – Jul 2003,  Renmin University of China,  B.S in Computer Science.

■ WORK EXPERIENCE

Sep 2022 – Present, Institute of Software, Chinese Academy of Sciences (ISCAS),  Professor of Engineering

Mar 2009 – Sep 2022, Institute of Software, Chinese Academy of Sciences (ISCAS),  Assistant Researcher, Senior Engineer

■ HONORS & AWARDS

(1) Third-Class Prize, Science and Technology Progress Award, China Inspection and Testing Society(CITS), 2023. (Provincial/Ministerial-Level Award)

(2) First-Class Prize, Electric Power Technology Innovation Award, China Electricity Council (CEC), 2022. (Provincial/Ministerial-Level Award)

(3) First-Class Prize, Electronic Information Science and Technology Award, Chinese Institute of Electronics (CIE), 2010. (Provincial/Ministerial-Level Award)

■ RESEARCH PROJECTS

2025, Co-Principal Investigator, National Key R&D Program of China - Project: "Collaborative R&D on Key Technologies for Trusted Root Based on RISC-V Instruction Set Processors"(No.2024YFE0211100)

2024, Project Leader, Huawei Project: "TCM2 Trusted Cryptography Module Test and Evaluation"

2023, Co-Principal Investigator, National Key R&D Program of China - Project: "Advanced Computing and Emerging Software" Key Project: "Key Technologies and Applications for Confidential Computing and Trusted Execution Environments" (No.2022YFB4501500)

2023, Project Leader, Alibaba Innovative Research (AIR) Program - Project: "Research on Novel Confidential Computing and Trusted Execution Environment Technologies in Cloud Environments"

2021, Project Leader, Tencent R&D Project: "Blockchain Terminal Node Secure Access Support Platform"

2020, Co-Principal Investigator, National Key R&D Program of China - Project: "Joint R&D on Security Architecture and Key Technologies for IoT Based on Quantum Key Distribution" (No.2020YFE0200600)

2019, Principal Investigator, National Natural Science Foundation of China (NSFC) - Project: "Research on Trusted Systems and Software Security for IoT Devices" (NO.61872343)

2019, Project Leader, Jiangsu Electric Power Information Technology Co., Ltd. Project: "Research on Key Technologies for a Security Protection Platform Based on Active Immunity"

2018, Co-Principal Investigator, National Key R&D Program of China - Project: "Security Protection Technology for Embedded Components and Control Units in Power System Terminals" (No.2018YFB0904903)

......

■ ACADEMIC ACTIVITIES

Global Computing Consortium (GCC), Confidential Computing Special Interest Group: Vice Chair of the Steering Committee (Sep 2024 - )

OpenAnolis Community: Member of the Security Committee (2023 - )

Electronic Authentication & Trusted Computing Task Force in State Cryptography Administration:  Vice Group Leader (2020 -)

State Cryptography Administration Application Technology Overall Group: Expert Member (2020 - )

Journal of Electronics & Information Technology: Editorial Board Member (2024 - )

Trusted Computing Conferences (CTCIS, TrustCom, ICICS): Program Committee (PC) Member

■ PUBLICATIONS

● Book

Dengguo Feng, Yu Qin, Xiaobo Chu, Shijun Zhao. Trusted Computing：Principles and Applications. Walter de Gruyter Publish, German. 2017.

● Referred Journal Articles

[1] Dengguo Feng, Yu Qin*, Wei Feng, Wei Li, Ketong Shang, Hongzhan Ma. Survey of research on confidential computing. IET Commun., vol 18, 535-556. 2024.

[2] Yu Qin, Jingbin Liu, Shijun Zhao, Dengguo Feng, Wei Feng, RIPTE: Runtime Integrity Protection Based on Trusted Execution for IoT Device. Security and Communication Networks, vol. 2020, Article ID 8957641, 2020:1-14. 

[3] Dengguo Feng, Jingbin Liu, Yu Qin*, et al. Trusted Computing Theory and Technology In Innovation-driven Development. Scientia Sinica (Informationis)， 2020.

[4] Jianxiong Shao, Yu Qin*, Dengguo Feng. Formal Analysis of HMAC Authorization in the TPM2.0 Specification . IET Information Security, 2018.

[5] Wei Feng，Yu Qin, Shijun Zhao, et al. AAoT: Lightweight Attestation and Authentication of low-resource Things in IoT and CPS. Computer Networks, 2018.

[6] Wei Feng, Yu Qin, Dengguo Feng. Using Mobile Phones to Enhance Computing Platform Trust. Telecommunication Systems, 2017. 

[7] Dengguo Feng, Yu Qin*, Wei Feng, Jianxiong Shao. The Theory and Practice in the Evolution of Trusted Computing. Chinese Science Bulletin, Volume 59, Issue 32, pp 4173-4189, November 2014.

[8] Shijun Zhao, Li Xi, Qianying Zhang, Yu Qin, Dengguo Feng. Security analysis of SM2 key exchange protocol in TPM2. 0. Security and Communication Networks, 2014. 

[9] Qianying Zhang, Shijun Zhao， Yu Qin, and Dengguo Feng. Formal Analysis of TPM2.0 Key Management APIs. Chinese Science Bulletin, 2014. 

[10] Yu Qin, Shijun Zhao, Qianying Zhang. A Formal Analysis of TPM Commands for Compromising User Key. China Communication, 2012, 9(10):91-102. 

[11] Hao Li, Yu Qin, Qianying Zhang,Shijun Zhao. Securing the Distributions in P2P Networks with Trusted Platform Modules. International Journal of Computer Network and Information Security(IJCNIS), Volume 3, Number 2, 2011.

[12] DengGuo Feng, Yu Qin*. A Property-Based Attestation Protocol for TCM. Science China Information Sciences Vol 53, No 3: 454-464, 2010.

● Referred Conference Papers

[1] Wei Li, Wei Feng, Yu Qin*, et al. Att-SFI: Attestable software sandboxing with control flow integrity. EAI SecureComm 2025.

[2] Ketong Shang, Fang Lu, Ke Huang, Yu Qin*, Wei Feng.  Cluster Nodes Integrity Attestation and Monitoring Scheme for Confidential Computing Platform. In Proceeding of  IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), 2023. 

[3] Shijun Zhao, Qianying Zhang, Yu Qin, et al. SecTEE: A Software-based Approach to Secure Enclave Architecture Using TEE.  In Proceeding of ACM SIGSAC Conference on Computer and Communications Security(CCS 2019), 2019.

[4] Shijun Zhao, Qianying Zhang, Yu Qin, Wei Feng, et al. Minimal Kernel: An Operating System Architecture for TEE to Resist Board Level Physical Attacks. In Proceeding of the 21st International Symposium on Research in Attacks, Intrusions, and Defenses. 2019

[5] Jingbin Liu, Qin Yu*, Wei Liu, Shijun Zhao, et al. Log-Based Control Flow Attestation for Embedded Devices. In Proceeding of the 11th International Symposium on Cyberspace Safety and Security(CSS), 2019: 117-132.

[6] Yu Qin, Yingjun Zhang, Wei Feng. TICS: Trusted Industry Control System based on Hardware Security Module. In Proceedings of the 9th International Conference on Symposium on Cyberspace Safety and Security（CSS 2017）.

[7] Wei Feng, Yu Qin*, Shijun Zhao, et al. Secure Code Updates for Smart Embedded Devices based on PUFs. In Proceedings of 16th International Conference on Cryptology And Network Security (CANS 2017) , 2017.

[8] Yingjun Zhang, Yu Qin*, Dengguo Feng, et al. An efficient Trustzone-based In-application Isolation Schema for Mobile Authenticators. In Procceeding of 13th EAI International Conference on Security and Privacy in Communication Networks（SecureComm 2017）, 2017.

[9] Jianxiong Shao, Yu Qin*, Dengguo Feng. Computational Soundness Results for Stateful Applied Pi Calculus. 5th International Conference on Principles of Security and Trust (POST 2016), Held as Part of ETAPS 2016.

[10] Bo Yang, Kang Yang, Zhenfeng Zhang, Yu Qin, Dengguo Feng. AEP-M: Practical Anonymous E-Payment for Mobile Devices using ARM TrustZone and Divisible E-Cash. The 19th Information Security Conference (ISC 2016). Springer International Publishing.

[11] Jianxiong Shao, Yu Qin*, Dengguo Feng, Weijin Wang, Formal Analysis of Enhanced Authorization in the TPM 2.0, Proc. of the 10th ACM Asia Conference on Computer and Communication Security, ASIACCS 2015, 2015. 

[12] Bo Yang, Kang Yang, Yu Qin, Zhenfeng Zhang, Dengguo Feng. DAA-TZ: An Efficient DAA Scheme for Mobile Devices Using ARM TrustZone. The 8th International Conference on Trust and Trustworthy Computing (TRUST 2015). Springer International Publishing, 209-227. 

[13] Bo Yang, Yu Qin, Yingjun Zhang, Weijin Wang, Dengguo Feng. TMSUI: A Trust Management Scheme of USB Storage Devices for Industrial Control Systems. The 17th International Conference on Information and Communications Security (ICICS 2015). Springer International Publishing, 152-168.

[14] Shijun Zhao, Qianying Zhang, Yu Qin and Dengguo Feng. Universally Composable secure TNC protocol based on IF-T binding to TLS. NSS 2014. 

[15] Li Xi, Dengguo Feng, Yu Qin, Feng Wei, Jianxiong Shao, Bo Yang. Direct Anonymous Attestation in Practice: Implementation and Efficient Revocation.PST 2014. 

[16] Qianying Zhang, Shijun Zhao, Yu Qin, Dengguo Feng. Improving the security of the HMQV protocol using tamper-proof hardware. SecureComm 2014. 

[17] Shijun Zhao, Qianying Zhang, Yu Qin and Dengguo Feng, Universally Composable secure TNC protocol based on IF-T binding to TLS. NSS 2014, LNCS, Volume 8792, pp 110-123, 2014. 

[18] Shijun Zhao, Qianying Zhang,Guangyao Hu, Yu Qin, Dengguo Feng. Providing Root of Trust for ARM TrustZone using On-Chip SRAM. TrustED 2014, ACM, Pages 25-36, 2014.

[19] Bo Yang, Dengguo Feng, Yu Qin. A Lightweight Anonymous M-shopping Scheme Based on DAA for Trusted Mobile Platform. TrustCom 2014, IEEE. 

[20] Weijin Wang,Yu Qin,Dengguo Feng. Automated Proof for Authorization Protocols of TPM 2.0 in computational model. ISPEC 2014, LNCS, Volume 8434, pp 144-158, 2014.

[21] Weijin Wang, Dengguo Feng, Yu Qin, Jianxiong Shao, Li Xi, Xiaobo Chu. ExBLACR: Extending BLACR System. ACISP 2014, LNCS, Volume 8544, pp 397-412, 2014.

[22] Li Xi, Yu Qin and Dengguo Feng. Formal analysis of ECC-based Direct Anonymous Attestation schemes in Applied Pi Calculus. In Proceeding of the 16th Information Security Conference (ISC 2013), Nov, 2013.

[23] Wei Feng, Dengguo Feng, Ge Wei, Yu Qin. TEEM: A User-Oriented Trusted Mobile Device for Multi-platform Security Applications. 6th International Conference on Trust & Trustworthy Computing. 2013. 

[24] Wei Feng, Yu Qin, Dengguo Feng, Ge Wei, Lihui Xue, and Dexian Chang. Mobile Trusted Agent (MTA): Build User-Based Trust for General-Purpose Computer Platform. 7th International Conference on Network and System Security. 2013. 

[25] Jianxiong Shao, Dengguo Feng, and Yu Qin. Type-Based Analysis of Protected Storage in the TPM. In the Procceeding of the 15th International Conference on Information and Communications Security (ICICS 2013). Nov, 2013. 

[26] Wei Feng, Dengguo Feng, Ge Wei, Yu Qin etc al. TEEM: A User-Oriented Trusted Mobile Device for Multi-platform Security Applications. In Proceedings of Trust and Trustworthy Computing - 6th International Conference(TRUST 2013), June 17-19, 2013. 

[27] Wei Feng, Yu Qin, Dengguo Feng, Ge Wei, etc al. Mobile Trusted Agent(MTA):Build user-based trust for general-purpose computer platform. In the 7th International Conference on Network and System Security (NSS 2013), 2013. 

[28] Yu Qin, Xiaobo Chu, Dengguo Feng, Wei Feng. DAA Protocol Analysis and Verification. In Proceedings of the Third International Conference on Trusted Systems (INTRUST 2011). Nov, 2011.

[29] Yu Qin, Dexian Chang, Shijun Zhao, Qianying Zhang. A property-based attestation scheme with the variable privacy. In Proceedings of the 6th International Conference on Frontier of Computer Science and Technology (FCST-11), Nov, 2011

[30] Wei Feng, Yu Qin, Aimin Yu, DengGuo Feng. A DRTM-based Method for Trusted Network Connection. In Proceedings of the 10th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom’11), Nov, 2011. 

[31] Yu Qin, DengGuo Feng, Zhen Xu. An anonymous property-based attestation protocol from bilinear maps. In Proceedings of the 8th IEEE/IFIP International Symposium on Trusted Computing and Communications(TrustCom’09). 2009.

[32] Xiaobo Chu, Yu Qin, Dengguo Feng. An Efficient PBA Protocol Based on Elliptic Curves. In 3rd IEEE International Conference on Communication Software and Networks (ICCSN 2011). May 27, 2011.