CAREER

The implementation of a secure cipher within the embedded electronics of a smart-card can have a large number of weak points, which are unrelated to the cryptographic strength of that cipher. Side-channel information leaks may disclose internal secrets through the cipher's power consumption, execution time, and other physical implementation effects. Affecting hardware as well as software, these leaks show that a secure embedded system is no stronger than its weakest link.

Accurate detection of Internet worms in their early stages remains an unsolved problem. One could scan Internet traffic for worm signatures or suspicious byte patterns, but worm signatures are often useless for unknown worms that exploit new software vulnerabilities, and suspicious byte patters are problematic because worms can carry virtually arbitrary payloads. Processing and analyzing traffic payloads is also expensive. These limitations have motivated investigations into the behaviors that self-propagating worms may display.

How can a group of agents achieve a goal despite efforts by some of the agents to prevent this? This important question cuts across many disciplines including political science, economics, mathematics and computer science. In this proposal, we are exploring this question by focusing on the following problem. A set of n agents wants to compute the value of a function, f, of n inputs, where each agent holds a unique input of f. Our goal is to create a distributed algorithm that ensures that each agent learns the output of f.

This research is developing a framework for better managing IP networks using an intent-based network management approach to address the performance and robustness issues associated with managing complex IP networks. The goal is to automatically generate needed network configurations by requiring only high-level objectives as input while also ensuring network-level objectives such as performance and reliability. The research develops design principles applicable to managing both current and future networks and provides insight into designing networks for manageability.

This grant supports an investigation of formal models, algorithms, methods, tools, and infrastructure that build upon the information flow guarantees of security-typed languages to achieve high assurance software systems. The information flow guarantees of security-typed languages provide a practical avenue to achieving system security by producing proofs of an implementation's compliance with a specified policy.