Division of Computer and Network Systems (CNS)

group_project

Visible to the public TC: Medium: Collaborative Research: User-Controllable Policy Learning

This award is funded under the American Recovery and Reinvestment Act of 2009

(Public Law 111-5).

As both corporate and consumer-oriented applications introduce new functionality and increased levels of customization and delegation, they inevitably give rise to more complex security and privacy policies. Yet, studies have repeatedly shown that both lay and expert users are not good at configuring policies, rendering the human element an important, yet often overlooked source of vulnerability.

group_project

Visible to the public TC: Large: Trustworthy Information Systems for Healthcare (TISH)

This award is funded under the American Recovery and Reinvestment Act of 2009 (Public Law 111-5).

group_project

Visible to the public TC: Medium: Collaborative Research: Novel Forensic Analysis for Crimes Involving Mobile Systems

Our project will significantly advance forensic methods of investigating mobile devices used for trafficking in digital contraband. While current methods and legislation focus heavily on logical identifiers, we will design, evaluate, and deploy new forensic techniques that focus on consistent and trackable characteristics of mobile computing. Additionally, our work will play an important role in understanding the limits of personal privacy in these settings.

group_project

Visible to the public TC: Large: Collaborative Research: 3Dsec: Trustworthy System Security through 3-D Integrated Hardware

While hardware resources for computation and data storage are now abundant, economic factors prevent specialized hardware security mechanisms from being integrated into commodity parts. System owners are caught between the need to exploit cheap, fast, commodity microprocessors and the need to ensure that critical security properties hold. This research will explore a novel way to augment commodity hardware after fabrication to enhance secure operation. The basic approach is to add a separate silicon layer, housing select security features, onto an existing integrated circuit.

group_project

Visible to the public HCC: Medium: Intelligent Agents for Protecting Users in Cyberspace

This interdisciplinary project studies the nature of the risks inherent in normal activity on the Internet, the perception of those risks, the judgment about trade-offs in behavior and the design of a personalized agent that can alert users to risky behavior and help to protect them. The key insight is that adequate security and privacy protection requires the concerted efforts of both the computer and the user.

group_project

Visible to the public SBES: Small: Developing Countermeasures to Mitigate Psychology Cyber-Attacks on Personal Identity Information

Approximately six million Americans are targets of identity theft each year. Many of the attacks on identity privacy use psychological influence strategies ("psychological attacks?) to induce individuals to provide their private information. Although people are appropriately concerned about their privacy, they often unnecessarily disclose information that could be used to their disadvantage. Our studies have shown that people?s privacy exposure behaviors may be severely affected by psychological attacks.

group_project

Visible to the public CI-ADDO-EN: Enhancing and Supporting a Community Testbed

This project will support the following development of the Seattle platform for running distributed experiments: 1) building a new virtual machine that executes native code using the Google Native Client (NaCl) sandbox and 2) providing sufficient support to ensure the testbed continues to be useable by the community.

Adding native code execution will make it easier for researchers to run legacy code on the Seattle testbed.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: New Directions in Public-Key and Identity-Based Encryption

Developments in public-key encryption (PKE) and identity-based encryption (IBE) have revolutionized the field of cryptography and secure communication in general. PKE allowed remote parties to establish secure channels in front of eavesdropping adversaries, and led to public-key directories storing parties' public-keys. The stronger primitive of IBE eliminated the need for a large public-key directory, though this comes at the cost of trusting a central private-key generation authority.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: New Directions in Public-Key and Identity-Based Encryption

Developments in public-key encryption (PKE) and identity-based encryption (IBE) have revolutionized the field of cryptography and secure communication in general. PKE allowed remote parties to establish secure channels in front of eavesdropping adversaries, and led to public-key directories storing parties' public-keys. The stronger primitive of IBE eliminated the need for a large public-key directory, though this comes at the cost of trusting a central private-key generation authority.

group_project

Visible to the public EAGER: SaTC: Early-Stage Interdisciplinary Collaboration: Knowledge Convergence and Divergence in Team Performance

Leveraging knowledge resources is one of the hallmarks of successful teams. Team members with diverse expertise and an awareness of "who knows what" perform better than teams with less diverse perspectives. Since 2013, the National Science Foundation's SaTC program has piloted groups of "high risk-high reward" EAGER projects to encourage early collaborations between computer and information scientists and behavioral, social, and economic scientists towards improving innovation and effectiveness in SaTC research.