Small

This proposal supports 12 students for their travel to attend the 16th Workshop on the Economics of Information Security (WEIS) held at the University of California San Diego, on June 26-27, 2017. WEIS is an annual event that serves as a leading forum for interdisciplinary scholarship on information security, combining expertise from the fields of computer science and electrical engineering, economics, social science, business, law, and policy.

Many big-data workloads are hosted on the cloud to facilitate sharing and low cost. Many of these workloads deal with sensitive data, e.g., electronic health records. Cloud infrastructures are vulnerable to attacks from untrusted operators with physical access to the computers. These attacks can take many forms and may compromise privacy or integrity. To guarantee the security of sensitive data and ensure the cost-effectiveness of shared cyberinfrastructure, it is vital that these attacks be thwarted while not incurring a significant penalty in terms of performance, energy, or cost.

This project will focus on the topic of Cybersecurity for Middle School Students at Museums in a joint effort between the University at Buffalo (UB) and the Tech Museum of Innovation (The Tech), San Jose. The project will span multiple disciplines ranging from computer science and information systems to forensics and law. The participants shall pay particular attention to concepts and conceptual understanding of cybersecurity.

Current cloud based systems enable distributed access to both information and computational resources. In this setting, it is imperative to have secure communication, and powerful and expensive cryptographic techniques have been proposed to address this issue. A severely limiting factor, however, is that these methods for securely accessing or processing data between participating parties can result in communication overheads when processing large amounts of data.

GameSec is a leading research conference focused on analytical models based on information, communication, optimization, decision, and control theories that are applied to diverse security topics. At the same time, the connection between theoretical models and real world security problems are emphasized to establish the important feedback loop between theory and practice. The conference helps to promote a "science of security" with a theoretical foundation that helps us understand security risk in a principled way.