Risk Management

Database Management Systems (DBMS) have been used to store and process data in organizations for decades. Larger organizations use a variety of databases (commercial, open-source or custom-built) for different departments. However, neither users nor Database Administrators (DBAs) know exactly where the data is stored on the system or how it is processed. Most relational databases store internal data using universal principles that can be inferred and captured.

This project seeks to understand how inaccurate messages are propagated over large-scale information networks that are consumed by the general public, how the public responds to such inaccuracy, and what content- or metadata-related characteristics/features make certain messages more error-resistant or error-prone than others. The results of the project have the potential to help build a platform that accurately identifies errors being propagated on an information network and effectively manages/controls such error propagation.

Technology advances have brought numerous benefits to people and society, but also heightened risks to privacy. This project will investigate mechanisms and build tools to help people make privacy-aware decisions in different online contexts. The outcomes will help people to better understand their own privacy preferences and behavior, and enable them to better manage their privacy on the Internet. The project will create designs that can be integrated into mobile app markets and web browsers. The results will also inform Internet standards and governmental policies on Internet privacy.

The National Science Foundation funds over seven billion dollars of research annually, nearly all of which relies heavily on information technology. The digital data produced and computing systems used by that research are subject to the same risks as other data and computing systems on the Internet. Appropriate cybersecurity is necessary both to make today's scientific discoveries possible and to ensure that the science is trustworthy. However, NSF science is often necessarily performed in open, collaborative environments that span organizational and national boundaries.

This project focuses on tackling the security and privacy of Cyber-Physical Systems (CPS) by integrating the theory and best practices from the information security community as well as practical approaches from the control theory community. The first part of the project focuses on security and protection of cyber-physical critical infrastructures such as the power grid, water distribution networks, and transportation networks against computer attacks in order to prevent disruptions that may cause loss of service, infrastructure damage or even loss of life.