Privacy, applied

group_project

Visible to the public  TWC: Small: Collaborative: Practical Security Protocols via Advanced Data Structures

Data structures have a prominent modern computational role, due to their wide applicability, such as in database querying, web searching, and social network analysis. This project focuses on the interplay of data structures with security protocols, examining two different paradigms: the security for data structures paradigm (SD) and the data structures for security paradigm (DS).

group_project

Visible to the public  TWC: Small: Empowering Anonymity

An anonymous credential system allows a user to prove that he/she is authorized without revealing his/her identity, and, further, to obtain additional credentials without revealing additional information. In a traditional anonymous credential system, when demonstrating possession of a credential, it is necessary to reveal its issuer.

group_project

Visible to the public EDU: Collaborative: When Cyber Security Meets Physical World: A Multimedia-based Virtual Classroom for Cyber-Physical Systems Security Education to Serve City / Rural Colleges

This project establishes a multimedia-based virtual classroom with a virtual lab teaching assistant for the education of cyber physical system (CPS) security. Such a virtual classroom helps college students in resource-limited rural areas to learn the latest CPS security knowledge via an on-line peer-to-peer learning environment with other students from larger schools.

group_project

Visible to the public TWC: Medium: Collaborative: DIORE: Digital Insertion and Observation Resistant Execution

Cloud computing allows users to delegate data and computation to cloud providers, at the cost of giving up physical control of their computing infrastructure. An attacker with physical access to the computing platform can perform various physical attacks, referred to as digital insertion and observation attacks, which include probing memory buses, tampering with memory, and cold-boot style attacks. While memory encryption can prevent direct leakage of data under digital observation, memory access patterns to even encrypted data may leak sensitive information.

group_project

Visible to the public TWC: Medium: Collaborative: Capturing People's Expectations of Privacy with Mobile Apps by Combining Automated Scanning and Crowdsourcing Techniques

The goal of our work is to (a) capture people's expectations and surprises in using mobile apps in a scalable manner, and to (b) summarize these perceptions in a simple format to help people make better trust decisions. Our main idea is analyzing privacy in the form of people's expectations about what an app will and won't do, focusing on where an app breaks people's expectations. We are building an App Scanner that combines automated scanning techniques with crowdsourcing.

group_project

Visible to the public TWC: Medium: Collaborative: Capturing People's Expectations of Privacy with Mobile Apps by Combining Automated Scanning and Crowdsourcing Techniques

The goal of our work is to (a) capture people's expectations and surprises in using mobile apps in a scalable manner, and to (b) summarize these perceptions in a simple format to help people make better trust decisions. Our main idea is analyzing privacy in the form of people's expectations about what an app will and won't do, focusing on where an app breaks people's expectations. We are building an App Scanner that combines automated scanning techniques with crowdsourcing.

group_project

Visible to the public TWC TTP: Small: Security, Privacy, and Trust for Systems of Coordinating Medical Devices

To lower costs and improve outcomes in current medical practice we need integrated interoperable medical systems to provide machine-assisted care, interaction detection, and improved alarm accuracy, to name just a few uses. This project is developing both the theory and practice to ensure the safety of next-generation medical devices by allowing secure coordination and composition, in facilities as small as a local doctor's office or as large as a multi-campus hospital.

group_project

Visible to the public TWC: Small: Assessing Online Information Exposure Using Web Footprints

This research project studies a new area of research - exposure detection - that is at the intersection of data mining, security, and natural language processing. Exposure detection refers to discovering components/attributes of a user's public profile that reduce the user's privacy. To help the public understand the privacy risks of sharing certain information on the web, this research project focuses on developing efficient algorithms for modeling how an adversary learns information using incomplete and schemaless public data sources.

group_project

Visible to the public TWC: Small: Collaborative: Characterizing the Security Limitations of Accessing the Mobile Web

Mobile browsers are beginning to serve as critical enablers of modern computing. With a combination of rich features that rival their desktop counterparts and strong security mechanisms such as TLS/SSL, these mobile browsers are becoming the basis of many other mobile apps. Unfortunately, the security guarantees provided by mobile browsers and the risks associated with today?s mobile web have not been evaluated in great detail.

group_project

Visible to the public TWC: Small: Collaborative: Towards Agile and Privacy-Preserving Cloud Computing

Cloud computing offers many benefits to users, including increased availability and flexibility of resources, and efficiency of equipment. However, privacy concerns are becoming a major barrier to users transitioning to cloud computing. The privilege design of existing cloud platforms creates great challenges in ensuring the trustworthiness of cloud by granting too much power to the cloud administrators, who could launch serious insider attacks by abusing the administrative privileges.