Develop System Design Methods
group_project
Submitted by Michael Walfish on Mon, 10/09/2017 - 1:15pm
This research addresses a fundamental problem in systems security: how can a machine specify a computation to another one and then, without executing the computation, check that the other machine carried it out correctly? Over the last several years, a new approach to this problem has emerged, based on refining cryptographic and theoretical tools, and incorporating them into built systems. However, despite exciting advances, the resulting systems are still not practical in the normal sense.
group_project
Submitted by Michael Swift on Mon, 10/09/2017 - 12:45pm
There are at least two key features of the move to cloud computing that introduce the opportunity for significant leaps forward in computer security for tenant services. First, a compute cloud provides a common software, hardware and management basis for rolling out cross-cutting services en masse that have resisted incremental deployment in a one-service-at-a-time fashion. Second, compute clouds offer providers a broad view of activity across an unprecedented diversity of tenant services.
group_project
Submitted by Michael Rosulek on Mon, 10/09/2017 - 12:42pm
Our society is becoming increasingly reliant on powerful and interconnected computing devices that store much of our personal information. These devices present an ever-growing tension between the desire for our personal information to be private, and the desire to put our personal information to good use for our own convenience. In cryptography, problems that involve requirements of useful computation and privacy are understood through the lens of secure multi-party computation (SMPC).
group_project
Submitted by reiter on Mon, 10/09/2017 - 12:29pm
There are at least two key features of the move to cloud computing that introduce the opportunity for significant leaps forward in computer security for tenant services. First, a compute cloud provides a common software, hardware and management basis for rolling out cross-cutting services en masse that have resisted incremental deployment in a one-service-at-a-time fashion. Second, compute clouds offer providers a broad view of activity across an unprecedented diversity of tenant services.
group_project
Submitted by Michael Orshansky on Mon, 10/09/2017 - 12:23pm
The widely used encryption algorithms, based both on private- and public-key cryptography, provide provable security guarantees against attacks under an abstract model of computation. In reality, physical systems leak information and the adversarial access is not completely captured by the abstractions in the standard model. Attacks that exploit a physically observable signal, such as power, timing, or electromagnetic (EM) radiation, are known as side-channel attacks. They present a formidable challenge to ensuring the security of existing cryptographic applications.
group_project
Submitted by msherr on Mon, 10/09/2017 - 10:21am
Access to publicly available information can be disrupted by various techniques, and alternative disruptive techniques continue to be developed. Understanding these alternative disruption techniques and how they affect network anonymity, privacy, and performance is paramount not only to the successful design of future technologies, but also to the security of existing networks and systems.
group_project
Submitted by Shriram Krishnamu... on Fri, 10/06/2017 - 3:18pm
Application stores use sophisticated user interfaces to help users understand the permissions sought by applications. Unfortunately, these interfaces are complex and may fail to address their goal of helping users give informed consent. As a result, users may inadvertently surrender private information or open themselves up to security attacks.
group_project
Submitted by enck on Fri, 10/06/2017 - 2:58pm
The security architecture of consumer operating systems is currently undergoing a fundamental change. In platforms such as Android, iOS, and Windows 8, each application is a separate security principal that can own data. While this distinction is a vast improvement over traditional user-focused security architectures, sharing data between applications results in an unexpected loss of control of that data, potentially exposing security and privacy sensitive information.
group_project
Submitted by Meng Yu on Fri, 10/06/2017 - 2:49pm
Cloud computing offers many benefits to users, including increased availability and flexibility of resources, and efficiency of equipment. However, privacy concerns are becoming a major barrier to users transitioning to cloud computing. The privilege design of existing cloud platforms creates great challenges in ensuring the trustworthiness of cloud by granting too much power to the cloud administrators, who could launch serious insider attacks by abusing the administrative privileges.
group_project
Submitted by Jia Limin on Thu, 08/17/2017 - 10:36pm
A defining characteristic of modern personal computing is the trend towards extensible platforms (e.g., smartphones and tablets) that run a large number of specialized applications, many of uncertain quality or provenance. The common security mechanisms available on these platforms are application isolation and permission systems. Unfortunately, it has been repeatedly shown that these mechanisms fail to prevent a range of misbehaviors, including privilege-escalation attacks and information-flow leakage.
