Division of Computing and Communication Foundations (CCF)
group_project
Submitted by Gang Tan on Tue, 08/27/2019 - 3:26pm
Attacks on software applications such as email readers and web browsers are common. These attacks can cause damages ranging from application malfunction, loss of private data, to a complete takeover of users' computers. One effective strategy for limiting the damage is to adopt the principle of least privilege in application design: the application is split into several protection domains and each domain is given only the necessary privileges to perform its task. In this design, the compromise of one domain does not directly lead to the compromise of other security-sensitive domains.
group_project
Submitted by Gang Tan on Tue, 08/27/2019 - 3:22pm
Most real software systems consist of modules developed in multiple programming languages. Different languages differ in their security assumptions and guarantees. Consequently, even if single modules are secure in some language model and with respect to some security policy, there is usually no uniform security guarantee on a whole multilingual system. This project focuses on low-overhead techniques for providing security guarantees to software systems in which type-safe languages such as Java interoperate with native code.
group_project
Submitted by Radhakrishnan Jag... on Tue, 08/27/2019 - 1:38pm
Distributed applications that require enforcement of fundamental authorization policies play an increasingly important role in internet and telecommunications infrastructure. Traditionally, controls are imposed before shared resources are accessed to ensure that authorization policies are respected. Recently, there has been great interest in the exploration of accountability mechanisms that rely on after-the-fact verification.
group_project
Submitted by Leon Osterweil on Tue, 08/27/2019 - 1:36pm
This project is developing and evaluating the application of iterative process improvement technology to assure the privacy, security, reliability, and trustworthiness of elections, which are the very cornerstone of democracy. The focus of the project is to locate mismatches between existing voting systems and the processes that are currently using them in the conduct of elections. These mismatches can result in vulnerabilities or inaccuracy in elections. This project demonstrates how to remediate such vulnerabilities through the use of iterative process improvement.
group_project
Submitted by Salim El Rouayheb on Thu, 03/14/2019 - 10:21am
The recent data revolution is driving many aspects of modern societal and economic progress. Most of this massive data is now stored in the cloud to enable easy access for a myriad of users who wish to share information including, for example, photos, videos, publications, opinions, and scientific data. Unfortunately, this has come at the expense of the user's privacy whose online activity can be used to profile him/her, making large parts of the population an easy target for discrimination and possible persecution.
group_project
Submitted by Joseph Pasquale on Mon, 05/28/2018 - 1:25pm
Longitudinal studies of network systems are very difficult to conduct when systems are large, heterogeneous, highly interconnected, and open; yet, the importance of these studies cannot be underestimated. This project focuses on an 18-month longitudinal study on server-side vulnerabilities in the campus network of the University of California at San Diego and on client-side vulnerabilities the University of California at Davis.
group_project
Submitted by Fabian Monrose on Wed, 03/14/2018 - 4:23pm
Over the last several years, Voice over IP (VoIP) has enjoyed a marked increase in popularity, particularly as a replacement of traditional telephony for international calls. Indeed, several large network providers already boast millions of subscribers. At the same time, the security and privacy implications of conducting everyday voice communications over the Internet are not yet well understood. For the most part, the current focus on VoIP security has centered around hardening the signaling protocol.
group_project
Submitted by Steven Myers on Tue, 03/13/2018 - 5:38pm
Recently, Gentry and others have established the feasibility of constructing fully homomorphic encryption schemes. Briefly, a fully homomorphic encryption (FHE) scheme is one that allows a third-party who has ciphertexts of several messages to construct---without knowing the decryption key---a new ciphertext that corresponds to an arbitrary efficiently computable function applied to the original messages. Fully homomorphic encryption has the potential to allow disparate organizations to compute basic functions on their pooled data-sets without revealing such data to each other.
group_project
Submitted by Shafrira Goldwasser on Tue, 03/13/2018 - 5:20pm
Cryptographic protocols lie at the core of sound and trustworthy solutions to protect the integrity and secrecy of data stored in private computers and remote servers; and programs executed on hand held devices and remote host computers. Such protocols are guaranteed to preserve some pre-defined security requirements in the face of malicious attacks.
group_project
Submitted by Madhusudan Partha... on Tue, 03/13/2018 - 5:15pm
Providing restrictive and secure access to resources is a challenging and socially important problem. Security analysis helps organizations gain confidence on the control they have on resources while providing access, and helps them devise and maintain policies. There is a dire need for analysis tools to