Protect

The 2011 Federal Cybersecurity Research and Development Plan cites "Accelerating Transition to Practice (TTP)" as one of five strategic objectives in the Cyber Security and Information Assurance (CSIA) Program Component Area. TTP remains a strategic objective of Agencies which fund cybersecurity research, including NSF. However, the NSF cybersecurity portfolio contains only a small amount of security research that has been transitioned into operational activities.

Computing on sensitive data is a standing challenge central to several modern-world applications. Secure Function Evaluation (SFE) allows mistrusting parties to jointly compute an arbitrary function on their private inputs without revealing anything but the result. The GC@Scale project focuses on novel scalable methods for addressing SFE, which directly translate to stronger cryptography and security for myriads of tasks with sensitive data.

Computer and network security is currently challenged by the need to secure diverse network environments including clouds and data-centers, PCs and enterprise infrastructures. This diversity of environments is coupled to increased attack sophistication. Today's tools for securing network and computing infrastructures can be painstakingly composed and configured using available components, but fail to automatically learn from their environment and actively protect it.

Today's software remains vulnerable to attack. Despite decades of advances in areas ranging from testing to static analysis and verification, all large real-world software is deployed with errors. Because this software is either written in or underpinned by unsafe languages, errors often translate to security vulnerabilities. Although techniques exist that could prevent or limit the risk of exploits, high performance overhead blocks their adoption, leaving today's systems open to attack.

Security and privacy are prominent concerns in modern communications. Although cryptographic approaches have been widely studied to protect a message's content from deciphering by an eavesdropper, there are many times when hiding the very existence of the communication is critical. The hiding of communication, termed covert (private) communication, is important in many domains such as covert military operations, and removing the ability of users to be tracked in their everyday activities.