Browse

The Design and Use of Digital Identities

Principal Investigator(s): Elisa Bertino; Mikhail Atallah; Eugene Spafford; Howard Sypher

Digital identity management (DIM) has emerged as a critical foundation for supporting successful interactions in today’s globally interconnected society. It is crucial not only for the conduct of business and government but also for a large and growing body of electronic or online social interactions. In its broadest sense, identity management encompasses definitions and life-cycle management for digital identities and profiles, and the environments for exchanging and validating such information, including anonymous and pseudonymous representations. The project addresses a wide variety of digital identity needs by developing required Flexible, Multiple and Dependable Digital Identity (FMDDI) technology, based on a sound underlying set of definitions and principles. The FMDDI technology developed in the project will support multiple forms of identity, including nyms, partial identities, and a variety of user properties, credentials, and roles. Relevant research trusts in the project include: identity schemes and representation formats; use of ontology and issues related to identity interoperability; anonymity, dependability, accountability, and forensic-friendly identification schemes; psychological and social aspects related to the use of digital identities.

The StreamShield Project

Principal Investigator(s): Elisa Bertino

The goal of our research in the StreamShield project is to investigate security and privacy constraints on both data and queries in the context of data stream management systems (DSMS). Unlike in traditional DBMSs where access control policies are persistently stored on the server and tend to remain stable, in streaming applications the contexts and with them the access control policies on the real-time data may rapidly change. We propose a novel “stream-centric” approach, where security restrictions are not persistently stored on the server, but rather streamed together with the data. The data provider access control policies are expressed via security constraints called “data security punctuations” (or short, dsps). Server-side policies are specified by administrators in the form of “continuous policy queries” which emit query security constraints called “query security punctuations” (or short, qsps). The advantages of our model include flexibility, dynamicity and speed of enforcement as both data and query security punctuations are embedded inside data streams. Administrators can specify complex context-aware authorization policy queries. At run-time, continuous policy queries are evaluated, authorizations are produced and the engine can enforce any context-aware policy automatically. Moreover, DSMSs can adapt to not only data-related but also security-related selectivities, which helps reduce the waste of resources, when few subjects have access to data.

The Use of HDTV for In Vehicle Cameras

Principal Investigator(s): Steve Elliott;Ed Delp

Towards Trustworthy Peer-To-Peer Overlay Networks

Principal Investigator(s): Sanjay Rao; Cristina Nita-Rotaru

This project seeks to create trustworthy peer-to-peer overlay systems through fundamental advances to the state-of-the-art in the design of Internet-scale, overlay networks for performance-demanding applications in the presence of adversaries. Design limitations in popular peer-to-peer systems today may be exploited to cause large-scale denial of service attacks on nodes not even part of the overlay system. Further, adversaries may control the overlay construction to create a crippling impact on application performance. To tackle this, the project will (i) Design robust and attacker resilient adaptation protocols contributing to an emerging science of trustworthy adaptability that defines a new shift in building distributed systems; (ii) Obtain fundamental insights into the interplay between the design of group management algorithms and their vulnerability to being exploited to launch distributed denial of service attacks on the Internet; (iii) Explore the interactions between peer-to-peer design, resulting traffic characteristics, and implications for distinguishing normal peer-to-peer traffic patterns from anomalous ones; and (iv) Design mechanisms for reliable, scalable and adversary-resilient key dissemination to help ensure confidentiality and integrity of application-specific data.

The project will demonstrate and validate the novel proposed mechanisms in the context of mature and widely deployed peer-to-peer systems. Peer-to-peer video broadcasting will be used to promote online education in the Lafayette area, and to broadcast a security-related seminar series. The project will benefit the design of large-scale testbeds such as GENI. The PIs will communicate with developers of popular peer-to-peer systems to alert them to critical design vulnerabilities in their systems.

Towards Virtual Distributed Environments

Principal Investigator(s): Dongyan Xu

Despite the rapid growth of distributed shared infrastructures such as PlanetLab and the Grid, a gap exists between the current practice and their full potential. Especially, many users wish to obtain their “own space” with full privilege in a shared infrastructure to run arbitrary distributed applications. This research introduces the concept of “virtual distributed environments” (VDEs) as a new sharing paradigm for distributed infrastructures. Based on virtualization technologies, VDEs are autonomic, mutually isolated entities, providing individual users with privileged, customized, and confined distributed environments. To realize this vision, the following new research challenges are being addressed: (1) distributed environment virtualization and logistics, (2) shepherded self-adaptation of virtual distributed environments, and (3) trusted monitoring and logging of virtual distributed environments. Solutions to these challenges are evaluated in a number of real-world application scenarios, including computer system emulation for education, e-Science service for the nanotechnology research community, and virtual playgrounds for Internet worm observation, investigation, and defense. In particular, the research and education activities of this work are closely related. Leveraging the research results, an education platform is being developed for distributed and network systems emulation. It provides students with hands-on system experience that would otherwise require expensive, dedicated equipment. This research will open the door to new opportunities for application/service deployment and distributed system experimentation. The realization of VDE will encourage public use of the emerging cyberinfrastructure by accommodating a wide range of science and engineering activities including education and research portals, virtual collaboratories, and cyber-defense testing grounds.

Training Knowledge & Skills for the Networked Battlefield

Principal Investigator(s): Bob Proctor

Transparency and Legal Compliance in Software Systems

Principal Investigator(s): Eugene Spafford
This project, involving collaboration between North Carolina State University and Purdue University, addresses the design of Healthcare information systems. Such systems are becoming ubiquitous and thus increasingly subject to attack, misuse and abuse. Specifications and designs of these systems often neglect security and privacy concerns. Moreover, regulations such as HIPAA (Health Insurance Portability and Accountability Act) as well as security and privacy policies are difficult for users to understand and complex for software engineers to use as guides when designing and implementing systems. This project defines mechanisms that are needed to help analysts disambiguate regulations so that they may be clearly specified as software requirements. In addition, regulations are increasingly requiring organizations to comply with the law and account for their actions. Individuals responsible for ensuring compliance and accountability currently lack sufficient guidance and support to manage their legal obligations within relevant information systems. Software controls are needed to provide assurances that business processes adhere to specific requirements, especially those derived from government regulations.

To address these challenges, the proposed work takes a holistic view of the design of transparent and legally compliant software systems. Key research questions that are addressed include:
-How should system requirements be specified so they may be realized in design and implementation to ensure legal and regulatory compliance?
-Given that software designs need to satisfy multiple stakeholders (organizations, law/policy makers, government agencies, public citizens, etc.) having contradictory, inconsistent and difficult to understand objectives, how can the design process of these systems be improved to lead to convergence and satisfaction of these requirements in a transparent and auditable fashion?

This project articulates a requirements management framework that enables executives, business managers, software developers and auditors to distribute legal obligations across business units and/or personnel with different roles and technical capabilities. This framework improves accountability by integrating traceability throughout the policy and requirements lifecycle. The broader impacts of this project are expected to be far reaching as law and regulations govern the collection, use, transfer and removal of information from software systems in many spheres of society.

Vulnerability Analysis and Threat Assessment/Avoidance

Principal Investigator(s): Bharat Bhargava

Existing vulnerabilities are a serious threat to computer systems and organizations. Research in security is needed to identify vulnerabilities in systems, evaluate the threat, and devise mechanisms that avoid them. Formalizing vulnerability, building quantitative models of threat, and experimental studies are needed to discover and evaluate solutions for dealing with threats to life and economy. This will result in algorithms, observations based on experiments, and infrastructure that can deal with expected and unexpected attacks in an adaptable and graceful manner. It will lead towards guidelines for building secure systems and databases. The research will build upon results in failure identification, fault-tolerance and reliability/safety. Vulnerabilities will be reduced by keeping an attacker uncertain and unaware about the latest version of databases/software and routing information that are in operation. This research will contribute to fundamental principles and policies for providing homeland security in information systems and applications in nuclear waste shipping, e-commerce, and disaster management. A better understanding of vulnerabilities in a variety of institutions such as schools, government agencies, air space and airports, and industrial plants will be explored. We will contribute to the outreach program of CERIAS security center at Purdue through preparation of education material and organizing workshops.