Group-oriented services are envisioned to be an important class of application in the environment of wireless mesh networks. This project focuses on developing scalable, robust, and secure group communication protocols for wireless mesh networks. In particular, we will: · Build a wireless mesh test-bed for experiments and protocol validation · Develop distributed protocols for efficient group communication (multicast, broadcast) in wireless mesh networks · Investigate and develop efficient and robust group key management protocol in wireless mesh networks · Study the viability and limitations of cross-layer design as a new paradigm of building secure network services

This project determines the fundamental limits of network secrecy from a network coding perspective, and then applies this theory to improve security guarantees in peer-to-peer and wireless networks. As network coding gains prominence as an important strategy for both wired and wireless networks, the project identifies both the advantages and vulnerabilities from using network coding.

Subsequently, the effort develops a design methodology that exploits the advantages while carefully compensating for the vulnerabilities. This project analyzes networks under both outsider and insider attacks. Specifically, coding mechanisms are developed to combat an external eavesdropper. Also, a combination of cryptographic and information-theoretic tools are used to combat internal modification attacks on the network. The results are then used in two case studies: eavesdropper attacks on wireless mesh networks and pollution attacks on P2P content distribution systems.

One of the major sources of inefficiency in supply-chain management is information asymmetry; i.e., information that is available to one or more organizations in the chain (e.g., manufacturer, retailer) is not available to others. Information asymmetry is known to create inefficiencies in managing supply chains, among them under-investment in capacity, leading to shortages, misallocation of inventory and transportation, increased prices, and reduced customer service. It can also lead to increased use of premium shipping, increased penalties resulting from line shutdowns, and lost future business contracts. There are several causes of information asymmetry, among them fear that a powerful buyer or supplier will take advantage of private information, that information will leak to a competitor, etc.

The Secure Supply-Chain Collaboration (SSCC) protocols we propose will enable supply-chain partners to cooperatively achieve desired system-wide goals without revealing any private information, even though the jointly-computed decisions depend on the private information of all the parties..

This project will create new research tools in supply-chain management and foster the development of new techniques in computer science. SSCC also has the potential to profoundly impact supply-chain management practice; and, thereby, improve productivity and stimulate economic growth.

Collaborative Computing (CC) is a critical application domain within the Internet environment. A few examples of CC are multi-party computation, collaborative defense, tele-medicine and collaborative decision making. Participants in CC demand confidentiality, privacy, integrity, and controlled sharing of sensitive information. Also, CC environments involve many entities, which are dynamic, heterogeneous, distributed, and can be hostile. Currently, CC uses the Internet as the underlying infrastructure, which by design is not secure and suffers from incessant attacks ranging from eavesdropping to vulnerability exploitation. Hence, it is imperative for the success of CC to require a reliable and secure framework built on top of the Internet to remedy some of its limitations. CC, based on such an underlying framework, can be termed as Trusted Collaborative Computing (TCC). Thus, the long term objective of this research is to develop a framework that will enable TCC. This framework consists of: (1) (group-oriented) secure and anonymous communication, (2) finely-controlled data sharing and (3) secure, composable and scalable integration. The framework will effectively address the underlying challenges of secure communication and guaranteed access, anonymity, composability, interoperability, and scalability.

The core technique in the proposed TCC framework is Access Control Polynomial (ACP) which was just presented at and published in the proceedings of INFOCOM’08, one of the highest international conferences in the networking and security field. The short term yet intensive summer work is to implement and evaluate such an innovative ACP mechanism and related security modules. This work will significantly help the accomplishment of the long term objective and secure the application for external funding.