Systems

The proliferation and increasing sophistication of censorship warrants continuing efforts to develop tools to evade it. Yet, designing effective mechanisms for censorship resistance ultimately depends on accurate models of the capabilities of censors, as well as how those capabilities will likely evolve. In contrast to more established disciplines within security, censorship resistance is relatively nascent, not yet having solid foundations for understanding censor capabilities or evaluating the effectiveness of evasion technologies.

The "Virtual Laboratory and Curriculum Development for Secure Mobile Computing" project at the University of Texas at Dallas (UTD) will develop a set of courses and a virtual laboratory in mobile system security with an emphasis on securing smart phones. The courses that will be developed will include topics such as Android taint analysis using existing tools or development of new tools, scalable Android security threat analysis on applications (apps), and smart phone forensics.

Modern personal computers have embraced increasingly powerful Graphics Processing Units (GPUs), hardware components that enable high performance graphics. The software that controls the programming of these GPUs in today's computers (i.e., the graphics stack) was designed to be used by applications acquired from trustworthy developers and installed directly by the user. However, web applications (i.e., applications running inside a web browser) are gaining in popularity and WebGL is a recent industry effort to provide GPU-based graphics for web applications.

A wide range of cloud services and applications operate on sensitive data such as business, personal, and governmental information. This renders security and privacy as the most critical concerns in the cloud era. The objective of this project is to question the separation approach in the design of security and reliability features of storage systems, and to investigate new, coding-based security mechanisms based on a joint-design principle. The proposed program will result in a myriad of outcomes.

The Public Key Infrastructure (PKI), along with the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, are responsible for securing Internet transactions such as banking, email, and e-commerce; they provide users with the ability to verify with whom they are communicating online, and enable encryption of those communications. While the use of the PKI is mostly automated, there is a surprising amount of human intervention in management tasks that are crucial to its proper operation.