Access control

group_project

Visible to the public EDU: Collaborative: Integrating Embedded Systems Security into Computer Engineering and Science Curricula

Submitted by Ning Weng on Tue, 10/10/2017 - 11:42am

With the advancement of technologies, networked devices become ubiquitous in the society. Such devices are not limited to traditional computers and smart phones, but are increasingly extended to cover a wide variety of embedded systems (ES), such as sensors monitoring bridges, electronics controlling the operation of automobiles and industrial equipment, home medicine devices that are constantly reporting patient health information to doctors.

group_project

Visible to the public TWC: Frontier: Collaborative: Rethinking Security in the Era of Cloud Computing

Submitted by Michael Swift on Mon, 10/09/2017 - 11:45am

There are at least two key features of the move to cloud computing that introduce the opportunity for significant leaps forward in computer security for tenant services. First, a compute cloud provides a common software, hardware and management basis for rolling out cross-cutting services en masse that have resisted incremental deployment in a one-service-at-a-time fashion. Second, compute clouds offer providers a broad view of activity across an unprecedented diversity of tenant services.

group_project

Visible to the public TWC: Frontier: Collaborative: Rethinking Security in the Era of Cloud Computing

Submitted by reiter on Mon, 10/09/2017 - 11:29am

There are at least two key features of the move to cloud computing that introduce the opportunity for significant leaps forward in computer security for tenant services. First, a compute cloud provides a common software, hardware and management basis for rolling out cross-cutting services en masse that have resisted incremental deployment in a one-service-at-a-time fashion. Second, compute clouds offer providers a broad view of activity across an unprecedented diversity of tenant services.

group_project

Visible to the public CAREER: Secure OS Views for Modern Computing Platforms

Submitted by enck on Fri, 10/06/2017 - 1:58pm

The security architecture of consumer operating systems is currently undergoing a fundamental change. In platforms such as Android, iOS, and Windows 8, each application is a separate security principal that can own data. While this distinction is a vast improvement over traditional user-focused security architectures, sharing data between applications results in an unexpected loss of control of that data, potentially exposing security and privacy sensitive information.

Outcomes Report URL: 
https://www.research.gov/research-portal/appmanager/base/desktop?_nfpb=true&_win...
group_project

Visible to the public TWC: Small: Collaborative: Towards Agile and Privacy-Preserving Cloud Computing

Submitted by Meng Yu on Fri, 10/06/2017 - 1:49pm

Cloud computing offers many benefits to users, including increased availability and flexibility of resources, and efficiency of equipment. However, privacy concerns are becoming a major barrier to users transitioning to cloud computing. The privilege design of existing cloud platforms creates great challenges in ensuring the trustworthiness of cloud by granting too much power to the cloud administrators, who could launch serious insider attacks by abusing the administrative privileges.

group_project

Visible to the public TWC: Small: Provably Enforcing Practical Multi-Layer Policies in Today's Extensible Software Platforms

Submitted by Jia Limin on Thu, 08/17/2017 - 9:36pm

A defining characteristic of modern personal computing is the trend towards extensible platforms (e.g., smartphones and tablets) that run a large number of specialized applications, many of uncertain quality or provenance. The common security mechanisms available on these platforms are application isolation and permission systems. Unfortunately, it has been repeatedly shown that these mechanisms fail to prevent a range of misbehaviors, including privilege-escalation attacks and information-flow leakage.