Science & Enterprise subscription

Affiliated Offers

NSF Awards $20 Million for Cyber Security, Privacy R&D

Jay Aikat and Mike Reiter

Jay Aikat, left, and Mike Reiter of the University of North Carolina at Chapel Hill, are among the researchers investigating better security for cloud computing (University of North Carolina, Chapel Hill)

National Science Foundation is funding new research to better secure the nation’s health information technology, simplify and improve control of security for cloud computing, and clarify an individual’s privacy on the Web. The awards, made under the agency’s Secure and Trustworthy Cyberspace program, total $20 million and are supporting three initiatives, each shared among multiple universities.

The Trustworthy Health and Wellness project is a collaboration of Dartmouth College in New Hampshire, University of Illinois at Urbana-Champaign, Johns Hopkins University in Baltimore, and University of Michigan in Ann Arbor. The project aims to develop trusted information systems with the ability to support the sensitive and vital data transacted increasingly through cloud-based services and mobile devices.

These teams plan to study authentication and privacy tools, controls over medical devices, and methods to detect malware. The research is also expected to devise metrics to calculate trustworthiness in health information technology, as well as tools for auditing medical information systems and networks.

The cloud computing initiative combines the efforts of five universities — University of North Carolina at Chapel Hill, Duke University in North Carolina, North Carolina State University, Stony Brook University in New York, and University of Wisconsin at Madison — with RSA Labs, a division of the cloud computing company EMC. The research expects to build better tools to deal with the intensified threats inherent in cloud computing and create new opportunities for cloud computing from improved security of its data and services.

The researchers in this project will investigate improving the unified authentication and authorization of cloud services, as well as better monitoring and auditing across various services. In addition, the project expects to devise better tools to diagnose security issues in the management of services, networks, data centers, and users. Another objective is to develop solutions for pervasive encryption for transactions with services outside as well as within the cloud.

A third initiative plans to devise a more meaningful Web privacy notice for individual users that combines the efforts of participants from Carnegie Mellon University in Pittsburgh, Fordham University in New York, and Stanford University in California. Most privacy policy notices on today’s Web sites, say the researchers, are largely ignored by users, and many of those who try to read the notices do not understand them.

In this project, the researchers expect to develop systems that extract privacy policy elements from the largely boilerplate text and present the policies in more understandable language, so Web site visitors can make more informed privacy decisions when interacting with those sites. The teams aim to systematically collect and analyze Web site policy statements to identify trends and deficiencies in their wording.

NSF’s Secure and Trustworthy Cyberspace program, now in its third year, came about as a result of a government-wide strategic plan in 2011 calling for more and better research and development to improve the security of U.S. information technology assets.

Read more:

*     *     *

Be Sociable, Share!

2 comments to NSF Awards $20 Million for Cyber Security, Privacy R&D