90 likes | 303 Views
Trust, Privacy, and Security. Moderator: Bharat Bhargava 1 Coordinators: Bharat Bhargava 1 , Csilla Farkas 2 , and Leszek Lilien 1 1 Purdue University and 2 University of South Carolina. Major Research Directions.
E N D
Trust, Privacy, and Security Moderator: Bharat Bhargava1 Coordinators: Bharat Bhargava1, Csilla Farkas2, and Leszek Lilien1 1 Purdue University and 2 University of South Carolina
Major Research Directions • Terminology and Formalization of Security, Privacy, and Trust for Data and Applications • Metrics for Trust, Privacy, Risk, Threats • New Challenges in Open, Pervasive, and Heterogeneous Environments • Testbeds, Experiments, Benchmarks, and Assessment • Legal and Social Issues, and Forensics
1. Terminology and Formalization of Security, Privacy, and Trust for Data and Applications • Ontologies for Security, Privacy, and Trust • Evidence, Credentials, Behavior • Personal Privacy vs. Organizational Confidentiality • Representations and Specifications • Policies • Conditions • Enforcement
2. Metrics for Trust, Privacy, Risk, Threats • Quantitative metrics like those in fault tolerance • Vulnerability analysis and threat evaluation • Metrics for trust negotiation and privacy-for-trust trade • Risk management • Economic analysis and tradeoffs and impact on community and society
3. New Challenges in Open,Pervasive, and Heterogeneous Environ’s • Foundations and common understanding • Representation, visualization • Uniform framework for multiple organizational and multiple administrative domains • Conflict resolution and negotiation • Data integration • Aggregation and inference • Data access and dissemination, and Web services • Apoptosis (clean self-destruction) and evaporation • Data protection techniques: distortion, summarization, encryption and key management, integrity validation • Limitations, incl. low power, small devices in mobile
4. Testbeds, Experiments, Benchmarks, and Assessment • Security, attack, fraud benchmarks and scenarios • Help from community • Example: IDS, attack benchmarks/scenarios • Tools for building benchmarks • Testbeds • Who builds it for public access? • Simulation models like ns2 • Validation models like TREC (info retrieval) • Forming repositories of data sets and software
5. Legal and Social Issues, and Forensics • Forensic data management (not only for cybercrimes) • Authorization models for data capture, storing and processing • Legal evaluation of cyberattacks • Collaboration with legal/social scinces experts • Legal ontologies • Legal domains (incl. jurisdiction) and interoperation • E.g., what is “trespassing” in cyberspace? • Lawful responses and legal argumentation • “Self-defense” analogies
Research Synergies • Reliability • Economics • Semantic Web • Social Sciences and Law • …