Visible to the public CAREER: Secure OS Views for Modern Computing Platforms

The security architecture of consumer operating systems is currently undergoing a fundamental change. In platforms such as Android, iOS, and Windows 8, each application is a separate security principal that can own data. While this distinction is a vast improvement over traditional user-focused security architectures, sharing data between applications results in an unexpected loss of control of that data, potentially exposing security and privacy sensitive information.


Visible to the public TWC: Small: Collaborative: Towards Agile and Privacy-Preserving Cloud Computing

Cloud computing offers many benefits to users, including increased availability and flexibility of resources, and efficiency of equipment. However, privacy concerns are becoming a major barrier to users transitioning to cloud computing. The privilege design of existing cloud platforms creates great challenges in ensuring the trustworthiness of cloud by granting too much power to the cloud administrators, who could launch serious insider attacks by abusing the administrative privileges.


Visible to the public TWC: Small: Provably Enforcing Practical Multi-Layer Policies in Today's Extensible Software Platforms

A defining characteristic of modern personal computing is the trend towards extensible platforms (e.g., smartphones and tablets) that run a large number of specialized applications, many of uncertain quality or provenance. The common security mechanisms available on these platforms are application isolation and permission systems. Unfortunately, it has been repeatedly shown that these mechanisms fail to prevent a range of misbehaviors, including privilege-escalation attacks and information-flow leakage.