Increase Transparency of Data
group_project
Submitted by kshilton on Wed, 01/03/2018 - 4:58pm
Mobile data are one of the fastest emerging forms of personal data. Ensuring the privacy and security of these data are critical challenges for the mobile device ecosystem. Mobile applications are easy to build and distribute, and can collect a large variety of sensitive personal data. Current approaches to protecting this data rely on security and privacy by design: encouraging developers to proactively implement security and privacy features to protect sensitive data.
group_project
Submitted by Erin Krupka on Wed, 01/03/2018 - 4:54pm
The design of social media interfaces greatly shapes how much, and when, people decide to reveal private information. For example, a designer can highlight a new system feature (e.g., your travel history displayed on a map) and show which friends are using this new addition. By making it seem as if sharing is the norm -- after all, your friends are doing it -- the designer signals to the end-user that he can and should participate and share information.
group_project
Submitted by Jeisenberg on Wed, 01/03/2018 - 4:17pm
This project provides support for a National Academies Roundtable, the Forum on Cyber Resilience. The Forum will facilitate and enhance the exchange of ideas among scientists, practitioners, and policy makers concerned with the resilience of computing and communications systems, including the Internet, critical infrastructure, and other societally important systems.
group_project
Submitted by Hong Jason on Wed, 01/03/2018 - 3:59pm
Everyday web users have little guidance in handling the growing number of privacy issues they face when they go online. Many web sites - some legitimate, some less so - have behaviors many would consider unexpected or undesirable. These include popular and well-known web sites, as well as web sites that aim to dupe customers with "free" trials. These kinds of sites often detail their behaviors in privacy policies and terms of use pages, but these policies are rarely read, hard to understand, and sometimes intentionally obfuscated with legal jargon, small text, and pale fonts.
group_project
Submitted by Matthew Jensen on Wed, 01/03/2018 - 3:50pm
Semantic attacks are efforts by others to steal valuable information by imitating electronic communications from a trustworthy source. A common example of a semantic attack is phishing where a phisher sends unsolicited messages to potential targets. When a targeted individual responds, the phisher then steals valuable information from the individual. Semantic attacks flow through established channels of communication (e.g., email, social media) and are difficult to distinguish from legitimate messages.
group_project
Submitted by William Adams on Wed, 01/03/2018 - 3:04pm
The modernized electric grid, the Smart Grid, integrates two-way communication technologies across power generation, transmission and distribution, in order to deliver electricity efficiently, securely and cost-effectively. On the monitoring and control side, it employs real-time monitoring offered by a messaging-based advanced metering infrastructure (AMI), which ensures the grid's stability and reliability, as well as the efficient implementation of demand response schemes to mitigate bursts demand.
group_project
Submitted by JessieLzh on Wed, 01/03/2018 - 1:16pm
Recent improvements in computing capabilities, data collection, and data science have enabled tremendous advances in scientific data analysis. However, the relevant data are often highly sensitive (e.g., Census records, tax records, medical records). This project addresses an emerging and critical scientific problem: Privacy concerns limit access to raw data that might reveal information about individuals. Techniques to "sanitize" such data (e.g., anonymization) could have negative impact on the quality of the scientific results that use the data.
group_project
Submitted by Sameer Patil on Wed, 01/03/2018 - 1:11pm
The explosion in data gathering has greatly exacerbated existing privacy issues in computing systems and created new ones due to the increase in the scale and the scope of available data as well as the advances in the capabilities of computational data analysis. Software professionals typically have no formal training or education on sociotechnical aspects of privacy. As a result, addressing privacy issues raised by a system is frequently an afterthought and/or a matter of compliance-check during the late phases of the system development lifecycle.
group_project
Submitted by Alex Halderman on Tue, 01/02/2018 - 10:13pm
The ability to generate random numbers -- to flip coins -- is crucial for many computing tasks, from Monte Carlo simulation to secure communications. The theory of building such subsystems to generate random numbers is well understood, but the gap between theory and practice is surprisingly wide. As built today, these subsystems are opaque and fragile. Flaws in these subsystems can compromise the security of millions of Internet hosts.
group_project
Submitted by Norman Sadeh on Tue, 01/02/2018 - 9:44pm
Natural language privacy policies have become a de facto standard to address expectations of notice and choice on the Web. Yet, there is ample evidence that users generally do not read these policies and that those who occasionally do struggle to understand what they read. Initiatives aimed at addressing this problem through the development of machine implementable standards or other solutions that require website operators to adhere to more stringent requirements have run into obstacles, with many website operators showing reluctance to commit to anything more than what they currently do.
