Ching Shih

Lead Member of Technical Staff

Research Interests

  • Cloud service provider security and tenant workload security
    • cloud security architecture, effective resource distribution and constraints
    • CSP integrity and VM workload integrity
    • effective E-W-N-S security control mechanisms
    • non-repudiation aspect of the hypervisor as well as workload
    • data center SDN and "traffic trombone" avoidance
  • Support and sustain layer-7 application services in the cloud
    • NFV on-demand service reshaping and tracking
    • Pseudo state-synchronization and graceful recovery to track NVF service-chain virtual sessions
  • Data-centric security, focused on storage technologies and security use cases
  • Container, Docker, and IoT/Cyber-Physical Systems security

Education and Work Experience

MS EE Penn State University, '86. 3 papers published: 8th ICPR '86, SPIE Applications of Artificial Intelligence VI Conference, '88, and International Journal on Machine Vision and Applications, '89.

Ching started his career at AT&T Bell Labs with major works in the first release of 5ESS ISDN Packet Switching, forward-looking projects related to early days of Computer-based Data Communication.  Later he worked in Labs Chief Architecture Area, inventing direct-composite/baseband video compression (presented to Cable Labs CTO as Bell Labs innovations) and DRM, set-top box communication protocol (pre-DOCSIS), entitlement LCM, cable headend data transmission systems, and backoffice OSS/BSS.  He served as system architect/engineer, H/W designer, and later elected as a CVS Ambassador.  He also worked on an early CTI store-n-forward service.

Later he led security work with AT&T Solutions Outsourcing with signature clients and design, such as IGEMS security architecture, client C2B portal & B2B e-Bonding, external vendors DMZ, multi-client private access to common services. His GCSC work was AT&T's first SAS-70 type-II audit and achieved the target. Soon he transitioned into AT&T Chief Security Organization.

In recent 15 years, his work primarily involves with AT&T Hosting Services: created architecture for service and security such as Managed Custom Hosting, the original VizGEMS architecture and made major contributions enhancing AT&T internal PCI in-scope projects' to pass the first DSS audit.

Currently he has multiple research interest in Hosting, Applications and Storage, Managed Security Service with reconfigurable fabric, AT&T Cloud Initiatives and Domain 2.0.  He also won 2009 AT&T CTO Award.