Adapt

Cloud computing offers many benefits to users, including increased availability and flexibility of resources, and efficiency of equipment. However, privacy concerns are becoming a major barrier to users transitioning to cloud computing. The privilege design of existing cloud platforms creates great challenges in ensuring the trustworthiness of cloud by granting too much power to the cloud administrators, who could launch serious insider attacks by abusing the administrative privileges.

The "Virtual Laboratory and Curriculum Development for Secure Mobile Computing" project at the University of Texas at Dallas (UTD) will develop a set of courses and a virtual laboratory in mobile system security with an emphasis on securing smart phones. The courses that will be developed will include topics such as Android taint analysis using existing tools or development of new tools, scalable Android security threat analysis on applications (apps), and smart phone forensics.

Living in an age when services are often rated, people are increasingly depending on reputation of sellers or products/apps when making purchases online. This puts pressure on people to gain and maintain a high reputation by offering reliable and high-quality services and/or products, which benefits the society at large. Unfortunately, due to extremely high competition in e-commerce or app stores, recently reputation manipulation related services have quickly developed into a sizable business, which is termed Reputation-Escalation-as-a-Service (REaaS).

Increasing cyber security depends on our ability to guarantee that the system will provide the expected functionality under normal circumstances as well as if the system is perturbed by some random events or security threats. Providing such guarantee is often complicated due to several factors such as changes in system requirements caused by user demands, exposure to a new threat model that was not considered (or not relevant) in the original design, or identifying bugs or vulnerabilities during a system life cycle.

While the mathematical study of cryptography has yielded a rich theory, and while the use of cryptography has become quite widespread, there is unfortunately still a significant gap between the theory and practice of cryptography. The goal of this project is to bridge this gap. The emphasis will be on the design and analysis of fundamental cryptographic primitives, such as hash functions and block ciphers, as well as other primitives derived from them, that are practical and yet theoretically sound. Indeed, hash functions and block ciphers are used in almost any cryptographic application.