Scientific Foundations

group_project

Visible to the public  STARSS: Small: Automatic Synthesis of Verifiably Secure Hardware Accelerators

Submitted by Zhiru Zhang on Wed, 10/18/2017 - 4:08pm

Specialized hardware accelerators are growing in popularity across the computing spectrum from mobile devices to datacenters. These special-purpose hardware engines promise significant improvements in computing performance and energy efficiency that are essential to all aspects of modern society. However, hardware specialization also comes with added design complexity and introduces a host of new security challenges, which have not been adequately explored.

group_project

Visible to the public TWC: Medium: Collaborative: Broker Leads for Privacy-Preserving Discovery in Health Information Exchange

Submitted by Carl Gunter on Wed, 10/18/2017 - 3:18pm

Support for research on distributed data sets is challenged by stakeholder requirements limiting sharing. Researchers need early stage access to determine whether data sets are likely to contain the data they need. The Broker Leads project is developing privacy-enhancing technologies adapted to this discovery phase of data-driven research. Its approach is inspired by health information exchanges that are based on a broker system where data are held by healthcare providers and collected in distributed queries managed by the broker.

group_project

Visible to the public CRII: SaTC: Energy Efficient Participatory Data Collection Schemes and Context-Aware Incentives for Trustworthy Crowdsensing via Mobile Social Networks

Submitted by Burak Kantarci on Wed, 10/18/2017 - 2:58pm

In a crowdsensing system, energy efficient data collection is a primary concern for mobile sensing service providers (i.e., mobile users offering sensing as a service via built-in sensors on their mobile devices) in order to maximize battery life whereas trustworthiness is a primary concern for the end users. The proposed research will simultaneously address energy-efficient data collection and context-aware incentives to both minimize power consumption and maximize data trustworthiness.

group_project

Visible to the public SBE TWC: Small: Collaborative: Privacy Protection in Social Networks: Bridging the Gap Between User Perception and Privacy Enforcement

Submitted by Bo Luo on Wed, 10/18/2017 - 1:29pm

Online social networks, such as Facebook, Twitter, and Google+, have become extremely popular. They have significantly changed our behaviors for sharing information and socializing, especially among the younger generation. However, the extreme popularity of such online social networks has become a double-edged sword -- while promoting online socialization, these systems also raise privacy issues.

group_project

Visible to the public SBE: Small: Continuous Human-User Authentication by Induced Procedural Visual-Motor Biometrics

Submitted by Yong Guan on Wed, 10/18/2017 - 11:29am

Validating a user's identity is one of the fundamental security requirements in cyberspace. Current authentication approaches require people to create and remember secret credentials such as complex passwords, or to possess special hardware authentication tokens. Both are vulnerable to being compromised, or illegally shared. Even worse, authentication is typically supported solely at the start of a session.

group_project

Visible to the public SaTC: STARSS: Collaborative: IPTrust: A Comprehensive Framework for IP Integrity Validation

Submitted by Swarup Bhunia on Wed, 10/18/2017 - 11:20am

To reduce production cost while meeting time-to-market constraints, semiconductor companies usually design hardware systems with reusable hardware modules, popularly known as Intellectual Property (IP) blocks. Growing reliance on these hardware IPs, often gathered from untrusted third-party vendors, severely affects the security and trustworthiness of the final system. The hardware IPs acquired from external sources may come with deliberate malicious implants, undocumented interfaces working as hidden backdoor, or other integrity issues.

group_project

Visible to the public SaTC: Hardware-Assisted Methods for Operating System Integrity

Submitted by Vinod Ganapathy on Wed, 10/18/2017 - 11:09am

Operating systems (OS) form the core of the trusted computing base on most computer platforms. The security of a platform therefore crucially relies on the correct and secure operation of its OS. Unfortunately, malicious software such as rootkits infect the OS by compromising the integrity of its code and data, thereby jeopardizing the security of the entire platform.

group_project

Visible to the public TWC: Medium: Collaborative: Development and Evaluation of Next Generation Homomorphic Encryption Schemes

Submitted by Berk Sunar on Tue, 10/17/2017 - 5:37pm

Fully homomorphic encryption (FHE) is a promising new technology that enables an untrusted party to efficiently compute directly on ciphertexts. For instance, with FHE a cloud server without access to the user's encrypted content can still provide text search services. An efficient FHE scheme would significantly improve the security of sensitive user data stored and processed on cloud servers. Significant progress has been made in bringing FHE proposals closer to practice.

group_project

Visible to the public TWC: Medium: Micro-Policies: A Framework for Tag-Based Security Monitors

Submitted by Benjamin Pierce on Tue, 10/17/2017 - 5:33pm

Current cybersecurity practice is inadequate to defend against the security threats faced by society. Unlike physical systems, present-day computers lack supervising safety interlocks to help prevent catastrophic failures. Worse, many exploitable vulnerabilities arise from the violation of well-understood safety and security policies that are not enforced due to perceived high performance costs. This project aims to demonstrate how language design and formal verification can leverage emerging hardware capabilities to engineer practical systems with strong security and safety guarantees.

group_project

Visible to the public TWC: Small: Collaborative: Automated Detection and Repair of Error Handling Bugs in SSL/TLS Implementations

Submitted by Baishakhi Ray on Mon, 10/16/2017 - 6:16pm

Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocols are critical to internet security. However, the software that implements SSL/TLS protocols is especially vulnerable to security flaws and the consequences can be disastrous. A large number of security flaws in SSL/TLS implementations (such as man-in-the-middle attacks, denial-of-service attacks, and buffer overflow attacks) result from incorrect error handling.