Develop Approaches

As mobile and network technologies proliferate, so does society's awareness of the vulnerability of private data within cyberspace. Protecting private information becomes specially important, since researchers estimate that 87% of Americans can be identified by name and address, if their zip code, gender, and birthday are known to intruders. The goal of this proposal will be to develop a new set of verification tools, algorithms, and interfaces that enable secure, effective and unobtrusive management of users' private information.

When data is outsourced at a cloud storage provider, data owners lose control over the integrity of their data and must trust the storage provider unconditionally. Coupled with numerous data loss incidents, this prevents organizations from assessing the risk posed by outsourcing data to untrusted clouds, making cloud storage unsuitable for applications that require long-term security and reliability guarantees. This project establishes a practical remote data checking (RDC) framework as a mechanism to provide long-term integrity and reliability for remotely stored data.

Cyber-physical systems (CPSs) operate nearly all of society's critical infrastructures (e.g., energy, transportation and medicine). In performing mission critical functions, CPSs exhibit hybrid (both discrete and continuous) behavior as they use digital technology to control and monitor physical processes. CPS security analysis is particularly challenging because an attacker can make use of a wide variety of vulnerabilities in the digital elements of the system (e.g., the network), the physical elements of the system, or some combination.

As society becomes more dependent on cyber infrastructure, the security of networks and information technologies has become a growing concern. Individuals, businesses, and governmental organizations are now common victims of cyber-attacks that seek to steal private data, gain remote control over remote systems, and cause harm to networks and systems through other malicious means. Additionally, critical infrastructures such as smart power grids and communication networks are facing an increasing number of cyber-based threats.

Computing on sensitive data is a standing challenge central to several modern-world applications. Secure Function Evaluation (SFE) allows mistrusting parties to jointly compute an arbitrary function on their private inputs without revealing anything but the result. The GC@Scale project focuses on novel scalable methods for addressing SFE, which directly translate to stronger cryptography and security for myriads of tasks with sensitive data.