CORE

Current user-facing computer systems apply a "notice and consent" approach to managing user privacy: the user is presented with a privacy notice and then must consent to its terms. Decades of prior research show that this approach is unmanageable: policies are vague, ambiguous, and often include legal terms that make them very difficult to understand, if they are even read at all.

In the increasingly digitally connected world, data security and privacy have emerged as key challenges, from a personal to a national level. Encryption is at the heart of securing data and when mathematically secure encryption primitives are implemented in physical hardware, they exhibit vulnerability to smart attackers due to unintentional leakage of physical signals during encryption process.

Systems like Amazon's Alexa, Google Home and Apple's Siri allow users to issue voice commands and pose questions to personal digital assistants. Since these systems often have access to sensitive data and can perform tasks with serious impact (e.g., spend money to make a purchase), attacks against them could have significant consequences. Unfortunately, recent research has shown that attacks against such voice-based interfaces are feasible.

With more prominent data breaches and cybersecurity incidents, cyber insecurity is becoming a serious problem for every individual and the society. Such security incidents are partially due to the lack of relevant governmental polices and the insufficient security protection by organizations managing information assets. The investigators will design an independent Trans-Pacific cybersecurity evaluation institution that measures and reports organizations' security weaknesses. The proposed institution aims at effectively motivating organizations to achieve a desirable level of cybersecurity.

Today's networks, such as the Internet, cellular networks, and the Internet of Things, provide ubiquitous wired or wireless connections over large areas. Secure and reliable operations are among the most important objectives in these networks. Network tomography has become a promising framework for accurate monitoring of network operation status, which is vital to ensure an efficient and reliable network environment.