You would think that if anyone had mastered how to guard access to computer files, it would be the CIA, the FBI and other government intelligence agencies.

But that isn't necessarily so, says Dr. Frank Pfenning, a computer science professor at Carnegie Mellon University and Henry DeYoung's mentor.

And even though he is just starting graduate school, the research Mr. DeYoung already has done on developing programming language for computer security applications will be able to help government agencies and corporations do a better job of protecting their files, said Dr. Pfenning.

In any computer system, he said, there is a tension between wanting to protect privacy and wanting to share information, and that dilemma has only deepened for U.S. intelligence agencies as they work to share information on terrorism without letting unauthorized people see it.

Right now, he said, access to computer information at these agencies is governed almost entirely by security officers, who must decide who has permission to see which files at which times. Like any human beings, they sometimes make mistakes, Dr. Pfenning said.

When an employee leaves or is dismissed from such an agency, he said, security officers are supposed to block their computer access, "but there are many stories where people continue to have access for months and months when they're not supposed to, because everything is manually configured by these security officers, and systems get more and more complicated, and there are just many mistakes."

Elaborating on work pioneered by Dr. Pfenning and Carnegie Mellon graduate student Deepak Garg, Henry DeYoung has added the element of time to a computer logic program that can automatically control who gets access to a computer system.

When he began working on the problem, Mr. DeYoung said, he realized the logic not only had to deal with when someone issued an instruction -- say, in September 2008 -- but how long the instruction was supposed to last -- this person will have access to these files until December 2009.

At first, he thought he could just tweak the programming slightly, but then discovered that "it wasn't like I could add a single piece to the logic they had, so I designed a new logic that from a technical standpoint is different because everything is marked with a time rather than just marking certain things."

The advantage of an automated security access system, Dr. Pfenning said, is that it may avoid the mistakes humans have been making. The disadvantage is that if the programming contains just one error, it can be disastrous.

One reason Mr. DeYoung already has won awards for his work, he said, is that "he's very meticulous, which you need to be, because if the access control system is based on this logic, then the logic must be absolutely impeccable, because if you have a problem in the logic, then the whole system has been compromised."

While Mr. DeYoung's research is helping solve a real-world problem, it also has a gem-like mathematical clarity, Dr. Pfenning said.

"Henry appreciates the intrinsic beauty of designing something that is very small and very elegant and has a step to go before being put into practice."