Collaborative

group_project

Visible to the public TC: Small: Collaborative Research: Securing Multilingual Software Systems

Most real software systems consist of modules developed in multiple programming languages. Different languages differ in their security assumptions and guarantees. Consequently, even if single modules are secure in some language model and with respect to some security policy, there is usually no uniform security guarantee on a whole multilingual system. This project focuses on low-overhead techniques for providing security guarantees to software systems in which type-safe languages such as Java interoperate with native code.

group_project

Visible to the public TC: Medium: Collaborative Research: User-Controllable Policy Learning

This award is funded under the American Recovery and Reinvestment Act of 2009

(Public Law 111-5).

As both corporate and consumer-oriented applications introduce new functionality and increased levels of customization and delegation, they inevitably give rise to more complex security and privacy policies. Yet, studies have repeatedly shown that both lay and expert users are not good at configuring policies, rendering the human element an important, yet often overlooked source of vulnerability.

group_project

Visible to the public TC:Medium:Collaborative Research: Technological Support for Improving Election Processes

This project is developing and evaluating the application of iterative process improvement technology to assure the privacy, security, reliability, and trustworthiness of elections, which are the very cornerstone of democracy. The focus of the project is to locate mismatches between existing voting systems and the processes that are currently using them in the conduct of elections. These mismatches can result in vulnerabilities or inaccuracy in elections. This project demonstrates how to remediate such vulnerabilities through the use of iterative process improvement.

group_project

Visible to the public TC: Medium: Collaborative Research: Novel Forensic Analysis for Crimes Involving Mobile Systems

Our project will significantly advance forensic methods of investigating mobile devices used for trafficking in digital contraband. While current methods and legislation focus heavily on logical identifiers, we will design, evaluate, and deploy new forensic techniques that focus on consistent and trackable characteristics of mobile computing. Additionally, our work will play an important role in understanding the limits of personal privacy in these settings.

group_project

Visible to the public TC: Large: Collaborative Research: 3Dsec: Trustworthy System Security through 3-D Integrated Hardware

While hardware resources for computation and data storage are now abundant, economic factors prevent specialized hardware security mechanisms from being integrated into commodity parts. System owners are caught between the need to exploit cheap, fast, commodity microprocessors and the need to ensure that critical security properties hold. This research will explore a novel way to augment commodity hardware after fabrication to enhance secure operation. The basic approach is to add a separate silicon layer, housing select security features, onto an existing integrated circuit.

group_project

Visible to the public Collaborative Project: CI-TEAM Implementation Project: A Digital Forensics Cyberinfrastructure Workforce Training Initiative for America's Veterans

This proposal offers to teams Mississippi State University?s (MSU) Southeast Region Regional Forensics Training Center and its Center for Critical Infrastructure Protection with collaborators at Auburn University and Tuskegee University to provide tactical level occupational training to America?s veterans by collaborating with the U.S. Department of Veterans Affairs (VA) and offering no-cost training at or near VA hospitals.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: New Directions in Public-Key and Identity-Based Encryption

Developments in public-key encryption (PKE) and identity-based encryption (IBE) have revolutionized the field of cryptography and secure communication in general. PKE allowed remote parties to establish secure channels in front of eavesdropping adversaries, and led to public-key directories storing parties' public-keys. The stronger primitive of IBE eliminated the need for a large public-key directory, though this comes at the cost of trusting a central private-key generation authority.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: New Directions in Public-Key and Identity-Based Encryption

Developments in public-key encryption (PKE) and identity-based encryption (IBE) have revolutionized the field of cryptography and secure communication in general. PKE allowed remote parties to establish secure channels in front of eavesdropping adversaries, and led to public-key directories storing parties' public-keys. The stronger primitive of IBE eliminated the need for a large public-key directory, though this comes at the cost of trusting a central private-key generation authority.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: User-Centered Deployment of Differential Privacy

Differential privacy (DP) has been accepted as the de facto standard for data privacy in the research community and beyond. Both companies and government agencies are trying to deploy DP technologies. Broader deployments of DP technology, however, face challenges. This project aims to understand the needs of different stakeholders in data privacy, and to develop algorithms and software to enable broader deployment of private data sharing.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: User-Centered Deployment of Differential Privacy

Differential privacy (DP) has been accepted as the de facto standard for data privacy in the research community and beyond. Both companies and government agencies are trying to deploy DP technologies. Broader deployments of DP technology, however, face challenges. This project aims to understand the needs of different stakeholders in data privacy, and to develop algorithms and software to enable broader deployment of private data sharing.