[ Back to EurekAlert! ] Public release date: 15-Aug-2013
[ | E-mail Share Share ]

Contact: Lisa-Joy Zgorski
lisajoy@nsf.gov
703-292-8311
National Science Foundation

NSF invests $20 million in large projects to keep the nation's cyberspace secure and trustworthy

With researchers from more than a dozen universities, 3 large 'Frontier' collaborative projects highlight efforts to tackle fundamental challenges in cybersecurity

IMAGE: Dartmouth computer scientist David Kotz leads a team that will conduct NSF-funded research in the secure use of mobile and cloud technology for health and wellness applications.

Click here for more information.

The National Science Foundation (NSF) today issued three large Frontier awards totaling nearly $20 million to support collaborative, multi-university research and education activities that will help protect the nation's vast, critical infrastructure and enable a more secure information society.

In alignment with the themes outlined in the 2011 Strategic Plan for the Federal Cybersecurity Research and Development Program, these efforts will build on NSF's long history of advancing cybersecurity. These awards are funded through NSF's interdisciplinary Secure and Trustworthy Cyberspace (SaTC) program, now in its third year.

"Cybersecurity is one of the most significant economic and national security challenges facing our nation today," said Farnam Jahanian, NSF's assistant director for computer and information science and engineering (CISE).

"NSF's investments in foundational research will transform our capacity to secure personal privacy, financial assets, and national interests. These new Frontier awards will enable innovative approaches to cybersecurity, with potential benefits to all sectors of our economy."

Frontier awards go to large, multi-institution projects that address and heighten the visibility of grand challenge research areas in science and engineering with broad economic and scientific impact.

For more than a decade, NSF has supported transformative cybersecurity research. The SaTC program has continued this commitment in the last year by supporting the interdisciplinary approaches necessary to address grand challenges in cybersecurity.

In fiscal year 2013, the program expanded to include for the first time NSF's Directorate for Education and Human Resources and the Directorate for Engineering, in addition to ongoing participation by CISE and the Mathematical and Physical Sciences, and Social, Behavioral and Economic Sciences directorates.

The three Frontier projects are part of more than 110 new cybersecurity research projects being funded in 33 states, with award amounts ranging from about $100,000 to $10 million. This award portfolio spans state-of-the-art research in a broad range of technical, social and educational areas.

IMAGE: This image shows a working session with three members of the Carnegie Mellon research team. From left to right are, Lorrie Cranor, associate professor of computer science; Noah Smith, associate...

Click here for more information.

Funded projects pursue technical solutions designed to improve the security of computer systems used in businesses, universities, governments and homes. Project teams seek to devise incentives to reduce the likelihood of cyber attacks and mitigate the negative effects that arise from them. Researchers also develop curriculum to train a 21st-century cybersecurity workforce.

Together, these SaTC awards aim to improve the resilience of software, hardware and critical infrastructure, while preserving privacy, promoting usability and ensuring trustworthiness through foundational research and prototype deployments.

Each of the following new Frontier awards features an interdisciplinary team from multiple universities working on some of the most important and technically challenging cybersecurity issues today.

Enabling trustworthy cybersystems for health and wellness

The five-year Trustworthy Health and Wellness (THaW) will be part of the research initiative on information systems and health care at Dartmouth College's Institute for Security, Technology, and Society. The interdisciplinary team includes experts from computer science, business, behavioral health, health policy and healthcare information technology. The project will tackle challenges to providing trustworthy information systems for health and wellness as the result of sensitive information and health-related tasks being increasingly pushed into mobile devices and cloud-based services.

"Our research is motivated by the rapid deployment of mobile and cloud information technologies in healthcare, both in clinical settings and at home," said lead investigator David Kotz, the Champion International Professor of Computer Science at Dartmouth. "We aim to help these technologies reach their full potential by ensuring they can protect the integrity of medical data and the privacy of patient information."

The THaW team will work to develop usable authentication and privacy tools, trustworthy control of medical devices and effective methods to detect malware, compute trust metrics and audit medical information systems and networks. In the long term, this project will help create health systems that can be trusted by individual citizens to protect their privacy and by health professionals to ensure data integrity and security. The team is also training the next generation of computer scientists by creating courses and sponsoring summer programs for undergraduate and K-12 students and by developing an exchange program for postdoctoral fellows and research students.

Rethinking security in the era of cloud computing

Comprising a multidisciplinary team of researchers from six organizations, this Frontier award will explore ways in which computer security may make significant leaps forward in a cloud computing setting.

As Mike Reiter, the Lawrence M. Slifkin Distinguished Professor of Computer Science at the University of North Carolina, explains, "The vast majority of cloud-related research in the computer security research community casts the move to cloud computing as intensifying the threats to which data and services are vulnerable. Instead, we see new opportunities for improving security of data and services by moving them to the cloud, and we plan on pursuing an aggressive research agenda to realize these opportunities."

IMAGE: Shown here in a machine room, Jay Aikat and Mike Reiter of the University of North Carolina, Chapel Hill, are members of the Project Silver team. The team will explore...

Click here for more information.

This research team will leverage the common software, hardware and management basis of cloud computing with the broad view of activity across a diversity of user services. This project will develop novel and improved solutions for unified authentication and authorization and auditing across diverse services; effective monitoring and diagnosis for security management of services, networks, datacenters and users; and pervasive encryption to, from and within the cloud. The investigators will convene "Cloud Security Horizons" summits with industry stakeholders to help shape the future of security in cloud computing.

Towards effective Web privacy notice and choice: a multi-disciplinary perspective

This Frontier project will research how to improve the usability of privacy policies. Natural language privacy policies have become a de facto standard to address expectations of notice and choice on the Web. However, there is ample evidence that users generally do not read these policies, and that those who do often struggle to understand what they mean. In effect, most Internet users are unable to make informed privacy decisions as they contemplate interacting with different websites.

"If you read privacy notices, you quickly realize that they contain a lot of boilerplate text and that people seem to often be recycling entire sentences and even larger text fragments from one another," noted Norman Sadeh, a professor in the School of Computer Science at Carnegie Mellon University and the project's lead investigator. "This project will aim to exploit these types of patterns."

Specifically, the team will develop scalable technologies to semi-automatically extract key privacy policy features from website privacy policies. It will then present these features to users in an easy-to-digest format that enables them to make more informed privacy decisions as they interact with different websites. Work in this project also involves the systematic collection and analysis of website privacy policies to identify trends and deficiencies in their wording and content--analysis that will be used to inform ongoing public policy debates. The researchers will work closely with industry stakeholders to enable the transfer and large-scale deployment of these technologies.

###

-NSF-



[ Back to EurekAlert! ] [ | E-mail Share Share ]

 


AAAS and EurekAlert! are not responsible for the accuracy of news releases posted to EurekAlert! by contributing institutions or for the use of any information through the EurekAlert! system.