This section highlights some of the projects which are underway at the center. This list is not exhaustive: Some projects are new and have not been disclosed, others are multifaceted containing security as just one component.

Projects

Projects exists at the center for a wide variety of different projects including authorization, authentication, certificates, cryptography, secure software, complexity of authorization systems, and formal methods of secure systems.

Projects

  • High speed crypto: Investigation and design of high speed cryptography algorithms and implementations which will make cryptography sufficiently inexpensive to be used universally. (PI: Daniel J. Bernstein)
  • kernelSec: Design and construction of an authorization system (access controls) based on authorization properties. It is being implemented in the Linux operating system kernel using Linux Security Modules. (PI: Jon A. Solworth)
  • Security Property Based Access Controls: Design and analysis of high level authorization systems based on security properties. This work involves both the modeling and analysis of such systems. (PI: Jon A. Solworth, Robert H. Sloan, and Lenore D. Zuck)
  • Secure Processors: Investigation of new processor architecture that is secure against new invasive technologies. It uses concepts of encryption and obfuscation built on contemporary technologies like high-level synthesis, System-on-Chip architecture and platform-based design. The hybrid architecture uses small to large grain ASIC and Reconfigurable (FPGA) components of varying transparency to provide a mix of performance and security. A state of the art compilation technology is used to allow the deployment of a highly customizable platform that provides both performance and black box security. The compiler will automatically generate fully integrated software binaries and RTL code to run on systems-on-a-chip (SOC) platforms consisting of integrated processors, memories and FPGAs. (PI: Prith Banerjee).
  • Anti-Spam and Phishing In an approach different from traditional anti-Spam and Phishing techniques, we propose to attack it at its source. (PI: Peter Nelson).
  • Safe mobile code execution environment: Design and construction of a safe execution environment to execute arbitrary binary untrusted code using system call interposition techniques. (P.I. V.N. Venkatakrishnan)
  • Program analysis for protecting private data: Use of compiler based program analysis techniques to analyze the flow of private information (such as credit card numbers) in C/Java programs. (P.I. V.N. Venkatakrishnan)
  • Vulnerability and countermeasures for side channel attaks Hardware implementations of (crypto) algorithms leak information via side-channels such as time consumed by the operations, power dissipated by the operators, electromagnetic radiation emitted by the device and faulty computations resulting from deliberate injection of faults into the system. Traditional cryptanalysis techniques can be combined with such side-channel attacks to uncover the secret key and/or break the implementation details of the cipher. Even a small amount of side-channel information is sufficient to break common ciphers. In this project, we propose to investigate the vulnerability due to implementation and develop effective countermeasures. (P. I. Kaijie Woo)
  • Adaptive Intrusion Detection System (P. I. Jeffrey Tsai)
Note: Projects that you can get involved with. Note that this list is not exhaustive, as many projects are not publicized until after their first paper is published.

College/Dept Links

Favorite Links