Privacy, theory

group_project

Visible to the public CAREER: Finding Levers for Privacy and Security by Design in Mobile Development

Submitted by kshilton on Wed, 01/03/2018 - 4:58pm

Mobile data are one of the fastest emerging forms of personal data. Ensuring the privacy and security of these data are critical challenges for the mobile device ecosystem. Mobile applications are easy to build and distribute, and can collect a large variety of sensitive personal data. Current approaches to protecting this data rely on security and privacy by design: encouraging developers to proactively implement security and privacy features to protect sensitive data.

group_project

Visible to the public EAGER: Collaborative: Design, Perception, and Action - Engineering Information Give-Away

Submitted by Erin Krupka on Wed, 01/03/2018 - 4:54pm

The design of social media interfaces greatly shapes how much, and when, people decide to reveal private information. For example, a designer can highlight a new system feature (e.g., your travel history displayed on a map) and show which friends are using this new addition. By making it seem as if sharing is the norm -- after all, your friends are doing it -- the designer signals to the end-user that he can and should participate and share information.

group_project

Visible to the public TWC: Small: Intrusion Detection and Resilience Against Attacks in Cyber and Cyber-Physical Control Systems

Submitted by Stephane Lafortune on Wed, 01/03/2018 - 3:54pm

This project develops a novel methodology for designing secure cyber and cyber-physical systems that can detect attackers and protect against malicious behavior after the system has been compromised.

group_project

Visible to the public TWC: Small: Communication under Adversarial Attacks in Complex Networks - Fundamental Limits and Secure Coding Strategies

Submitted by Joerg Kliewer on Wed, 01/03/2018 - 2:00pm

Today's world is highly dependent on the integrity of communication systems as the Internet, WiFi, or cellular networks. As networks become more pervasive, they are increasingly being used for communication and storage of critical as well as sensitive data and therefore impose more stringent demands on reliability and security, which must be maintained even under extreme settings such as partial power failures, natural disasters, or, most importantly, adversarial attacks.

group_project

Visible to the public NSFSaTC-BSF: TWC: Small: Enabling Secure and Private Cloud Computing using Coresets

Submitted by Daniela Rus on Wed, 01/03/2018 - 1:45pm

By collecting sensor data from individuals in a user community, e.g., using their smartphones, it is possible to learn the behavior of communities, for example locations, activities, and events. Similarly, using data from personal health monitoring sensors, it is possible to learn about the health risks and responses to treatments for population groups. But is it possible to use the valuable information for the greater good without disclosing information about the individuals contributing the data? What about protecting this information from improper access?

group_project

Visible to the public CAREER: Untrusted Computing Base: Detecting and Removing Malicious Hardware

Submitted by Samuel King on Wed, 01/03/2018 - 10:56am

Computer systems security is an arms race between defenders and attackers that has mainly been confined to software technologies. Increases in the complexity of hardware and the rising number of transistors per chip have created opportunities for hardware-based security threats. Among the most pernicious are malicious hardware footholds inserted at design time, which an attacker can use as the basis of a computer system attack. This project explores of the feasibility of foothold attacks and a fundamental design-time methodology for defending against them.

Outcomes Report URL: 
https://www.research.gov/research-portal/appmanager/base/desktop?_nfpb=true&_win...
group_project

Visible to the public TWC SBE: Option: Frontier: Collaborative: Towards Effective Web Privacy Notice and Choice: A Multi-Disciplinary Prospective

Submitted by Norman Sadeh on Tue, 01/02/2018 - 9:44pm

Natural language privacy policies have become a de facto standard to address expectations of notice and choice on the Web. Yet, there is ample evidence that users generally do not read these policies and that those who occasionally do struggle to understand what they read. Initiatives aimed at addressing this problem through the development of machine implementable standards or other solutions that require website operators to adhere to more stringent requirements have run into obstacles, with many website operators showing reluctance to commit to anything more than what they currently do.

group_project

Visible to the public TWC: Small: Collaborative: Practical Security Protocols via Advanced Data Structures

Submitted by Michael Goodrich on Tue, 01/02/2018 - 4:18pm

Data structures have a prominent modern computational role, due to their wide applicability, such as in database querying, web searching, and social network analysis. This project focuses on the interplay of data structures with security protocols, examining two different paradigms: the security for data structures paradigm (SD) and the data structures for security paradigm (DS).

group_project

Visible to the public TWC: Small: On Imperfect Randomness and Leakage-Resilient Cryptography

Submitted by Yevgeniy Dodis on Tue, 01/02/2018 - 4:14pm

The availability of ideal randomness is a common assumption used not only in cryptography, but in many other areas of computer science, and engineering in general. Unfortunately, in many situations this assumption is highly unrealistic, and cryptographic systems have to be built based on imperfect sources of randomness. Motivated by these considerations, this project will investigate the validity of this assumption and consider several important scenarios where secure cryptographic systems must be built based on various kinds of imperfect randomness.

Outcomes Report URL: 
https://www.research.gov/research-portal/appmanager/base/desktop?_nfpb=true&_win...