Search Projects: 2017

Results 1 - 10 of 902



Visible to the public TWC: Medium: Collaborative: Broker Leads for Privacy-Preserving Discovery in Health Information Exchange

Support for research on distributed data sets is challenged by stakeholder requirements limiting sharing. Researchers need early stage access to determine whether data sets are likely to contain the data they need. The Broker Leads project is developing privacy-enhancing technologies adapted to this discovery phase of data-driven research. Its approach is inspired by health information exchanges that are based on a broker system where data are held by healthcare providers and collected in distributed queries managed by the broker.


Visible to the public TWC: Small: Understanding and Mitigating the Security Hazards of Mobile Fragmentation

Mobile computing technologies are rapidly evolving and phone (and other mobile device) manufacturers are under constant pressure to offer new product models. Each manufacturer customizes operating system software for its devices and often changes this software to support its new models. Given the many manufacturers in the mobile device marketplace and the many different generations of products, there are many customized branches of mobile operating systems in use at any time.


Visible to the public TWC: Small: Secure Data-Intensive Computing on Hybrid Clouds

The ongoing effort to move data intensive computation to low-cost public clouds has been impeded by privacy concerns, as today's cloud providers offer little assurance for the protection of sensitive user data. This problem cannot be addressed by existing cryptographic techniques alone, which are often too heavyweight to manage the computation involving a large amount of data. As a result, many computing tasks have to be run on individual organizations? internal systems whenever they touch even a very small amount of sensitive information.


Visible to the public TWC: Small: Knowing Your Enemy: Understanding and Counteracting Web Malvertising

With the Internet becoming the dominant channel for marketing and promotion, online advertisements (ad for short) are also increasingly used for propagating malware, committing scams, click frauds and other illegal activities. These activities, which we call malvertising, systematically deliver malicious ad content and victimize visitors through an infrastructure, which includes malicious advertisers, ad networks, redirection servers, exploit servers and others.


Visible to the public  TWC: Small: Safeguarding Mobile Cloud Services: New Challenges and Solutions

Mobile cloud technologies have begun to rely heavily on services known as Mobile Back-end as a Service (MBaaS), including push messaging, data synchronization, and mobile identity management. Many of today's popular apps have already integrated push messaging services such as Google Cloud Messaging (GCM), Amazon Device Messaging (ADM), and third parties like Baidu, to enable the apps to receive notifications such as private messages, financial secrets or family members' locations.


Visible to the public TWC: Frontier: Collaborative: Enabling Trustworthy Cybersystems for Health and Wellness

This frontier project tackles many of the fundamental research challenges necessary to provide trustworthy information systems for health and wellness, as sensitive information and health-related tasks are increasingly pushed into mobile devices and cloud-based services.


Visible to the public CAREER: Non-Commutative Cryptography from Hard Learning Problems: Theory and Practice

The resiliency of much of the modern information technology ecosystem is predicated on the strength of the cryptographic constructions at its core. Uncovering new intractable problems suitable for cryptosystem design enhances the robustness of the overall infrastructure to breakthroughs like the development of quantum computers or unforeseen cryptanalytic advances against any specific computational problem.


Visible to the public CAREER: Centralized Authorities in Internet Security: Risk Assessment, Mitigation, and New Architectures

In response to serious vulnerabilities that plague many of the Internet's core protocols, the last two decades have seen various security infrastructures layered on top of originally insecure protocols (DNSSEC on top of the domain name system, SSL and its public key infrastructure on top of TCP, the RPKI on top of interdomain routing). The security of each is derived from centralized authorities that are trusted to provide information about cryptographic keys or identities. When authorities behave correctly, each security infrastructure protects the underlying insecure system from attack.


Visible to the public CAREER: Verifiable Outsourcing of Data Mining Computations

Spurred by developments such as cloud computing, there has been considerable interest in the data-mining-as-a-service (DMaS) paradigm in which a client outsources his/her data mining needs to a third-party service provider. However, this raises a few security concerns. One of the security concerns is that the service provider may return plausible but incorrect mining results to the client.