CMU researchers work on Web security, access - CTTEC - Carnegie Mellon University

Monday, September 13, 2010

CMU researchers work on Web security, access

Researchers at Carnegie Mellon University say they're working to make surfing the Web safer.

A three-year, $7.1 million grant from the National Science Foundation is helping Peter Steenkiste, a professor of computer science and electrical and computer engineering, direct more than 10 researchers who will develop an Internet framework to accommodate as-yet-unknown technologies. Scientists from Boston University and the University of Wisconsin are involved.

"This is probably the most exciting project I've worked on," Steenkiste said.

Steenkiste and his colleagues are examining vital components of the Internet, such as security and communication procedures and information-technology infrastructure.

Their effort is one of four the National Science Foundation is funding, involving 30 institutions nationwide, said Victor Frost, a program director in the foundation's computer network systems division.

It's possible that ideas from each could be combined into a trustworthy network, said Ty Znati, director of the foundation's computer network systems division.

A project based at the University of California in Los Angeles concentrates on securing data no matter where it exists, rather than on securing host computers. Another, based at Rutgers University, examines improving the security and reliability of information delivered from mobile points of communication such as smart phones, rather than stationary points such as desktop computers.

The fourth, based at the University of Pennsylvania, analyzes options that increase speed, availability and security of "cloud computing" -- technology used every day to store e-mails and other data on remote servers hosted by Google and Yahoo!, for example.

"We hope to have a collaboration among the project researchers," said Darleen Fisher, a National Science Foundation project manager.

"Each of the projects will be doing prototyping: Can these ideas be implemented?" Frost said. "The projects may lay the research foundation for the development of future networks."

Steenkiste said he and his colleagues "want to find out how much trust users have in our ideas."

For example, a prototype Internet-security protocol could enable customers to confirm for themselves that a bank's website is not fraudulent, said Adrian Perrig, a Carnegie Mellon professor in electrical and computer engineering.

Such tweaks would let "a person who does not have a Ph.D. in information security to use the Internet confidentially," Perrig said. "Whatever site she visits, she will be able to know that somebody didn't tamper with the connection."

Article Courtesy of Pittsburgh Tribune-Review