Small

Many applications are now being deployed on rich, distributed platforms, such as those for cloud computing and Internet of Things (IoT). Such platforms can aid developers by launching their applications dynamically to align resource use with demand in serverless platforms and by composing fine-grained components into complete applications in microservice architectures. Even with these advanced architectures, the system platforms themselves still have large trusted computing bases, where a single vulnerability may threaten the security of the entire platform.

This project explores approaches to attack and defend the lifespan of flash storage in small mobile devices. While the project focuses on smartphones, the research is applicable to any small flash-based device that allows users to install applications, including smart watches, Internet-of-Things (IoT) devices, computerized medical equipment, and computer-managed critical infrastructure. It is well understood that, over time, writing to flash storage will physically wear out the device. This problem is considered a nonissue with respect to enterprise Solid State Drives (SSDs).

Computing on personal data is critical for both personal and social good. For example, we write programs that predict early onset medical conditions and detect the spread of diseases before they become epidemics. However, such computing is fraught with privacy concerns because programs, and the hardware they run on, create a trail of clues that an attacker can observe to reconstruct personal data without ever seeing the data directly. This project will create computer systems that proactively leave no clues, i.e., no side-effects that can leak personal secrets.

Recently, Google and Apple have deployed large systems for differentially private collection and analysis of decentralized user data. These systems use a local model of privacy in which no sensitive user data is collected. This local model enjoys many implementation advantages, but does not capture the most expressive private algorithms. These more expressive private algorithms inherently require a central model of privacy, in which a trusted party agrees to collect the sensitive data and reveal only the outcome of some private algorithm.

Software has bugs, quite commonly in libraries that are created by third-party developers. Unfortunately, a bug in any library enables attackers to take control of an application. Furthermore, since popular libraries are used across thousands of applications, these libraries become a high-leverage target for attackers. This work improves the security of software by stopping bugs in one library from impacting other portions of the application. This makes it much more difficult for attackers to compromise software and harm users.