Assure Information Flows

group_project

Visible to the public TWC: Frontier: Collaborative: Rethinking Security in the Era of Cloud Computing

Submitted by reiter on Mon, 10/09/2017 - 11:29am

There are at least two key features of the move to cloud computing that introduce the opportunity for significant leaps forward in computer security for tenant services. First, a compute cloud provides a common software, hardware and management basis for rolling out cross-cutting services en masse that have resisted incremental deployment in a one-service-at-a-time fashion. Second, compute clouds offer providers a broad view of activity across an unprecedented diversity of tenant services.

group_project

Visible to the public TWC: Medium: Collaborative: Re[DP]: Realistic Data Mining Under Differential Privacy

Submitted by Michael Hay on Mon, 10/09/2017 - 10:06am

The collection and analysis of personal data about individuals has revolutionized information systems and fueled US and global economies. But privacy concerns regarding the use of such data loom large. Differential privacy has emerged as a gold standard for mathematically characterizing the privacy risks of algorithms using personal data. Yet, adoption of differentially private algorithms in industry or government agencies has been startlingly rare.

group_project

Visible to the public EAGER: Can You Trust Apps Age Recommendations? Inconsistent and Unreliable Maturity Ratings on Mobile Platforms

Submitted by Yilu Zhou on Fri, 10/06/2017 - 2:21pm

While smart phones provide an excellent way for communication, entertaining and education, they also raise many privacy and security concerns. Children are facing the risks of being exposed to inappropriate content due to mis-rated Apps. Both Android and iOS apps come with maturity ratings that examine the existence and intensity of mature themes within each app. However, each mobile platform adopts its own rating policy and rating strategy which creates inconsistency and inaccurate ratings. The maturity ratings for Android apps are purely a result of app developers' self-report.

group_project

Visible to the public CAREER: Secure OS Views for Modern Computing Platforms

Submitted by enck on Fri, 10/06/2017 - 1:58pm

The security architecture of consumer operating systems is currently undergoing a fundamental change. In platforms such as Android, iOS, and Windows 8, each application is a separate security principal that can own data. While this distinction is a vast improvement over traditional user-focused security architectures, sharing data between applications results in an unexpected loss of control of that data, potentially exposing security and privacy sensitive information.

Outcomes Report URL: 
https://www.research.gov/research-portal/appmanager/base/desktop?_nfpb=true&_win...
group_project

Visible to the public TWC: Medium: Collaborative: Re[DP]: Realistic Data Mining Under Differential Privacy

Submitted by Gerome Miklau on Thu, 08/17/2017 - 9:25pm

The collection and analysis of personal data about individuals has revolutionized information systems and fueled US and global economies. But privacy concerns regarding the use of such data loom large. Differential privacy has emerged as a gold standard for mathematically characterizing the privacy risks of algorithms using personal data. Yet, adoption of differentially private algorithms in industry or government agencies has been startlingly rare.