Increase Transparency of Data
group_project
Submitted by tbenzel on Tue, 01/02/2018 - 2:54pm
This proposal provides funding for the second GREPSEC: Underrepresented Groups in Security Research workshop, which will be affiliated with the annual IEEE Symposium on Research in Security & Privacy, in May 2015, in San Jose CA. The first event, held in May 2013, attracted 50 participants, two-thirds of them students, and almost all from underrepresented groups.
group_project
Submitted by taoxie on Tue, 01/02/2018 - 12:08pm
Security policies often base access decisions on temporal context (e.g., time of day) and environmental context (e.g., geographic location). Access control policies for operating systems frequently consider execution context (e.g., user ID, program arguments). However, little has been done to incorporate user expectation context into security decision mechanisms. Text artifacts provide a source of user expectation context.
group_project
Submitted by ragibhasan on Tue, 01/02/2018 - 10:41am
Cloud computing has emerged as one of the most successful computing models in recent years. However, lack of accountability and non-compliance with data protection regulations have prevented major users such as business, healthcare, and defense organizations from utilizing clouds for sensitive data and applications. Due to the lack of information about cloud internals and the inability to perform trustworthy audits, today's clouds are often not used in regulated industries, preventing their widespread adoption.
group_project
Submitted by naumann on Thu, 12/21/2017 - 10:10am
This project is developing tools and techniques for cost-effective evaluation of the trustworthiness of mobile applications (apps). The work focuses on enterprise scenarios, in which personnel at a business or government agency use mission-related apps and access enterprise networks.
group_project
Submitted by jannel on Wed, 12/20/2017 - 5:23pm
The goal of our work is to (a) capture people's expectations and surprises in using mobile apps in a scalable manner, and to (b) summarize these perceptions in a simple format to help people make better trust decisions. Our main idea is analyzing privacy in the form of people's expectations about what an app will and won't do, focusing on where an app breaks people's expectations. We are building an App Scanner that combines automated scanning techniques with crowdsourcing.
group_project
Submitted by Lisa Singh on Wed, 12/20/2017 - 4:05pm
This research project studies a new area of research - exposure detection - that is at the intersection of data mining, security, and natural language processing. Exposure detection refers to discovering components/attributes of a user's public profile that reduce the user's privacy. To help the public understand the privacy risks of sharing certain information on the web, this research project focuses on developing efficient algorithms for modeling how an adversary learns information using incomplete and schemaless public data sources.
group_project
Submitted by enck on Wed, 12/20/2017 - 3:40pm
Mobile browsers are beginning to serve as critical enablers of modern computing. With a combination of rich features that rival their desktop counterparts and strong security mechanisms such as TLS/SSL, these mobile browsers are becoming the basis of many other mobile apps. Unfortunately, the security guarantees provided by mobile browsers and the risks associated with today?s mobile web have not been evaluated in great detail.
group_project
Submitted by Katie Dey on Wed, 12/20/2017 - 1:10pm
The proliferation and increasing sophistication of censorship warrants continuing efforts to develop tools to evade it. Yet, designing effective mechanisms for censorship resistance ultimately depends on accurate models of the capabilities of censors, as well as how those capabilities will likely evolve. In contrast to more established disciplines within security, censorship resistance is relatively nascent, not yet having solid foundations for understanding censor capabilities or evaluating the effectiveness of evasion technologies.
group_project
Submitted by RDingledine on Wed, 12/20/2017 - 12:29pm
This project develops methods to provide citizens information about technologies that obstruct, restrict, or tamper with their access to information. Internet users need an objective, independent, third-party service that helps them determine whether their Internet service provider or government is restricting access to content, specific protocols, or otherwise degrading service. Towards this goal, we are (1) monitoring attempts to block or manipulate Internet content and communications; and (2) evaluating various censorship circumvention mechanisms in real-world deployments}.
group_project
Submitted by Anupam Datta on Wed, 12/20/2017 - 10:50am
Organizations, such as hospitals, financial institutions, and universities, that collect and use personal information are required to comply with privacy regulations, such as the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA), and the Family Educational Rights and Privacy Act (FERPA). Similarly, to ensure customer trust, web services companies, such as Google, Facebook, Yahoo!, and Amazon, publish privacy policies stating what they will do with the information they keep about customers' individual behaviors.
