2013 Keynote Speakers
Dr. Indrajit Ray, Colorado State University
Secure and Privacy Preserving Personal Green Clouds
Users are increasingly using large cloud service providers to store sensitive personal information such as medical records or financial information. The benefits of centralizing information with cloud providers are unquestionable in terms of data completeness, failure resiliency and high availability. However, these benefits need to be weighed carefully against the security and privacy risks of centralization. There have been too many incidents of confidentiality and privacy violations with these cloud service providers to assume that they are immune to security breaches or are willing to protect user privacy. Moreover, the environmental impact of large cloud providers are also considerable. In this talk, we suggest a different approach to storing, managing and privacy preserved sharing of sensitive personal data. The proposed approach builds upon the new emerging technology of cheap ($ 20-30 range), portable (carry it in your pocket / purse) and secure devices that combine the computing power and strong, tamper-resistance of smart cards, and the storage capacity of NAND flash chips. We describe the overall architecture of such a system in the context of managing personal health records. We discuss some of the major technical challenges towards fulfilling this vision of eco-friendly secure and privacy preserving green clouds and describe a few potential solutions to those problems.
Dr. Indrajit Ray is an Associate Professor in the Computer Science Department at Colorado State University. Indrajit's main research interests are in the areas of computer security models, risk models, security protocols and architectures, trust models, privacy and the psychology of security. He has published more than 100 peer-reviewed articles in nationally and internationally well known technical journals and conferences. His research has been supported by the NSF, the US AFOSR, the AFRL and the FAA. Indrajit is on the editorial board of three journals. He has served in the past and continues to serve on different conference program committees, proposal review panels and other academic review panels. He was one of the founding members and the first Chair of the IFIP TC-11 Working Group 11.9 on Digital Forensics. He is a senior member of the IEEE and IEEE CS, and a member of ACM, ACM SIGSAC and IFIP WG 11.3.
Dr. Srihari Nelakuditi, University of South Carolina
Imperfections of Sensors Make Smartphone Users Trackable
As smartphones have emerged as the most popular devices to access various services over the Internet, ad networks have aggressively sought methods to track users through their smartphones. Existing countermeasures and regulation focus on thwarting the exchange of various device IDs and cookies. In this talk, we expose the possibility of a new threat that exploits the imperfections introduced during the manufacturing process of smartphone sensors to track users. In particular, we observe that the same type of accelerometer chips on different smartphones respond differently to the same motion stimulus. The differences in responses are subtle enough that they do not affect most of the higher level functions computed on them. Nonetheless, upon close inspection, these fingerprints emerge with consistency. Such an accelerometer fingerprint can serve as a permanent cookie, empowering an adversary to consolidate data per user, and track them over space and time. In this talk, we discuss in detail our efforts towards extraction and validation of fingerprints of smartphones, and also scrubbing of these fingerprints from sensor readings to prevent users from tracking.
Srihari Nelakuditi received his Ph.D. from University of Minnesota, Minneapolis in Computer Science and Engineering. He is currently an Associate Professor and Graduate Director at University of South Carolina. Srihari Nelakuditi is a recipient of Google Faculty Research Award in 2013 and National Science Foundation CAREER Award in 2005. His current research interests are in Internet routing, wireless networking, and mobile computing.