Fall 2013

 
Date
Speaker
Title
1.
October 11
Dr. Attila Yavuz
ETA: Efficient and Tiny and Authentication for Heterogeneous Wireless Systems
2.
November 1
Dr. Tao Zhang
Securing Large-Scale Consumer Vehicle Networks
3.
November 15
Dr. Ashwin Machanavajjhala
Blowfish Privacy: Tuning Privacy-Utility Tradeoffs in Statistical Databases using Policies
Dr. Attila Yavuz

Dr. Attila Yavuz

October 11, 2013
Joint LERSAIS/TELCOM Seminar

Speaker: Dr. Attila Yavuz

Research Scientist, Bosch Research and Technology Center (Pittsburgh, PA)

Title

ETA: Efficient and Tiny and Authentication for Heterogeneous Wireless Systems

Time/Location

12:00pm
Information Sciences Building, Room 403

Abstract:

In this talk, we develop a new cryptographic scheme called Efficient and Tiny Authentication (ETA), which is especially suit- able for resource-constrained devices. That is, ETA does not require any expensive operation at the signer side and therefore is more computationally efficient than traditional signatures. Moreover, ETA has much smaller private key, signature and public key sizes than that of its counterparts (e.g., multiple-time and online/offline signatures, pre-computed tokens). ETA is also fully tolerant to packet loss and does not require time synchronization. All these properties make ETA an ideal choice to provide authentication and integrity for heterogeneous systems, in which resource-constrained devices produce publicly verifiable signatures that are verified by resourceful devices (e.g., gateways, laptops, high-end sensors).

Biography:

Dr. Attila A. Yavuz is a member of security and privacy research group within Robert Bosch Research and Technology Center North America. He joined Bosch in 2011, after he graduated from North Carolina State University (NCSU) with a PhD degree in Computer Science. He received a BS degree in Computer Engineering from Yildiz Technical University in 2004 and a MS degree in Computer Science from Bogazici University in 2006, both in Istanbul, Turkey.

Back to top ↑


Dr. Tao Zhang

Dr. Tao Zhang

November 1, 2013
Joint LERSAIS/TELCOM Seminar

Speaker: Dr. Tao Zhang

Chief Scientist, Cisco Systems

Title

Securing Large-Scale Consumer Vehicle Networks

Time/Location

2:00pm - 3:15pm
Information Sciences Building, Room 404

Abstract:

Vehicles are facing increasing security vulnerabilities as they become connected to the Internet and with each other. Researchers and hackers were able to modify the software on electronic control units (ECUs). They have placed unauthorized devices and software on vehicles to control a wide range of vehicle functions. More worrisome are attacks over wireless communications. Key fob signals have been hijacked to open vehicle doors and start vehicle engines even when the drivers' key fobs are far away from the car. Security keys used to protect messages from key fobs have been broken. Wireless tire pressure monitoring systems have been hacked to set bogus time pressure status. Malware can propagate onto vehicle electronic systems through multiple venues. Vehicle-to-vehicle (V2V) communications will introduce another new domain of security challenges. These vulnerabilities, unfortunately, represent only the beginning of the many more challenges that must be addressed as more communication applications are brought into vehicles.

Addressing these and future vehicle security challenges requires the solutions to meet many vehicle-specific requirements. For example, many devices on vehicles have significantly limited abilities due to cost constraints. Security operations should be highly automated and should not require driver intervention. Vehicle security threat detections must be performed with extremely low error rates to reduce the probabilities of wrongfully blaming innocent vehicles and drivers. Any security capability placed onboard vehicles must be kept up to date over the vehicles' long life cycles without causing inconvenience to vehicle owners and in ways that does not consume excessive wireless bandwidth. A solution must be highly scalable to support, for each automaker, millions of new vehicles each year, tens of millions of vehicles in operation, tens to over a hundred devices on each vehicle, and many more spare parts. This list goes on.

This paper will highlight these security challenges and discuss selected solutions.

Biography:

Dr. Tao Zhang is the Chief Scientist for Cisco Connected cars at Cisco Systems. He is a Fellow of the IEEE. For over 25 years, he has been directing research and product development in mobile and vehicular networks. He has co-authored two books "Vehicle Safety Communications: Protocols, Security, and Privacy" and "IP-Based Next Generation Wireless Networks" published in 2012 and 2004 respectively by John Wiley & Sons. He holds 33 US patents covering areas such as security, mobility management, information dissemination, and energy-conversing protocols for wireless, mobile ad-hoc, sensor, and vehicular networks. Dr. Zhang was a founding member of the Board of Directors of the Connected Vehicle Trade Association (CVTA) in the US. He is the Chair of the IEEE Communications Society Technical Committee on Vehicular Networks and Telematics Applications. He has been serving on editorial boards or as a guest editor for a number of leading technical journals. He has been serving on the industry advisory boards for several research organizations and has been an adjunct professor at multiple universities.

Back to top ↑


Dr. Ashwin Machanavajjhala

Dr. Ashwin Machanavajjhala

November 15, 2013
Joint LERSAIS/TELCOM Seminar

Speaker: Dr. Ashwin Machanavajjhala

Assistant Professor, Department of Computer Science, Duke University

Title

Blowfish Privacy: Tuning Privacy-Utility Tradeoffs in Statistical Databases using Policies

Time/Location

12:00pm - 1:00pm
Information Science Building, Room 404

Abstract:

Tremendous amounts of personal data about individuals are being collected and mined in statistical databases by industry (e.g., Web, medical) and government agencies (e.g. Census). Legal requirements and an increase in public awareness due to egregious breaches of individual privacy have made privacy in statistical databases an important field of research. Privacy definitions provide rigorous ways for trading off the privacy of individuals for the utility of the results of data analysis in such databases. Differential privacy is an important standard for privacy, and it exposes one knob 'epsilon' for tuning this tradeoff.

In this talk, I will show that differential privacy does not sufficiently capture the diversity in the privacy-utility trade-off space -- it provides insufficient utility in some applications and insufficient privacy when data are correlated. I will then describe Blowfish, a class of privacy definitions that provides a richer interface for trading-off privacy for utility. In particular, we allow data publishers to extend differential privacy using a policy, which specifies which information must be kept secret, and what constraints maybe known about the data. While the former allows increased utility by not protecting certain properties about individuals, the latter provides added protection against adversary who know correlations in the data (arising from constraints). I will formalize privacy policies, present novel algorithms that explore new points in the privacy-utility trade-off space, and briefly mention how this work is being adopted in the US Census.

Biography:

Ashwin Machanavajjhala is an Assistant Professor in the Department of Computer Science, Duke University. Previously, he was a Senior Research Scientist in the Knowledge Management group at Yahoo! Research. His primary research interests lie in data privacy, systems for massive data analytics, and statistical methods for information extraction and entity resolution. He is a recipient of the NSF CAREER award in 2013. Ashwin graduated with a Ph.D. from the Department of Computer Science, Cornell University. His thesis work on defining and enforcing privacy was awarded the 2008 ACM SIGMOD Jim Gray Dissertation Award Honorable Mention. He has also received an M.S. from Cornell University and a B.Tech in Computer Science and Engineering from the Indian Institute of Technology, Madras.

Back to top ↑