Publications

Kathleen Goeschel, Ph.D.

Agentic AI systems are being deployed across enterprise environments at an unprecedented pace. The authorization models governing these systems were designed for a fundamentally different world — one where behavior was deterministic, actions were bounded, and controlling what a system could do was sufficient to control the risk it posed. This paper introduces DACSA, a model that extends enforcement beyond the authorization boundary to the data layer, operating on four pillars: sensitivity classification, lineage tracking, delta inspection, and output-bound enforcement.

Kathleen Goeschel

LinkedIn

Examines the distinction between open source software security and supply chain security, arguing that the risks lie not in open source itself but in how organizations consume, integrate, and manage their software supply chains.

Kathleen Goeschel

Red Hat Customer Portal

Describes the partnership process model used at Red Hat for software supply chain security assurance, covering the end-to-end approach to securing the open source supply chain at enterprise scale.

Kathleen Goeschel

Doctoral Dissertation, Nova Southeastern University (ProQuest)

Proposed a method utilizing machine learning (SVM, decision trees, Naive Bayes) to improve detection of insecure and vulnerable software — reducing false positives in static analysis alerts through optimized feature set selection.

Kathleen Goeschel

IEEE SoutheastCon 2016, pp. 1-6

Applied data-mining techniques including support vector machines, decision trees, and Naive Bayes classifiers to reduce false positive rates in intrusion detection systems through off-line analysis of network traffic data.