Tuesday, October 6th, 2009

lunch seminar:

CRCS Lunch Seminar
Date:  Monday,  November 9, 2009
Time:  11:45am – 1:15pm
Place:  Maxwell Dworkin 2nd Floor Lounge Area

Speaker:  Yorick Wilks,  Oxford Internet Institute

Title:  Internet Companions: technical and social issues

Abstract:  COMPANIONS is a concept, and the title of an EU project (http://www.companions-project.org) that aims to change the way we think about the relationships of people to computers and the Internet by developing a virtual ‘Companion’. This is intended as an agent or ‘presence’ that stays with the user for long periods of time, developing a relationship and ‘knowing’ its owners preferences and wishes. The Companion communicates with the user primarily through conversational speech. This talk describes the functionality of a Senior Companion (SC), one of two initial prototypes built in the first two years of the project. The Senior Companion provides a multimodal interface for eliciting and retrieving personal information from the elderly user through a conversation about their photographs. The Companion will, through conversation, elicit their life memories, often prompted by discussion of their photographs; the aim being that the Companion should come to know a great deal about its user, their tastes, likes, dislikes, emotional reactions etc, through long periods of conversation.

It is a further assumption that most life information will be stored on the internet (as in the Memories for Life project : http://www.memoriesforlife.org/) and  the SC is linked directly to photo inventories in Facebook,  to gain initial information about people and relationships, as well as to Wikipedia to enable it to respond about places mentioned in conversations about images. The overall aim of the SC, not yet achieved,  is to produce a coherent life narrative for its user from these materials, although its short term goals are also to assist, amuse, entertain and gain the trust of the user. The SC uses Information Extraction to get content from the speech input, rather than conventional parsing, and retains utterance content, extracted internet information and ontologies all in RDF formalism over which it does primitive reasoning about people and places. Even in its current state it raises issues about what kinds of entities people want to emphasize with and trust, once we go beyond humans, and how one can best synthesize personality and emotional rapport. If a Companion were to become the internet repository for someone’s whole life, to be a “cognitive prosthesis” for dealing with their own life’s records, what safeguards are essential, both technical and legal, concerning access to such a repository during the owner’s life and after?

Bio:  Yorick Wilks is a Professor of Artificial Intelligence at the University of Sheffield. He received his MA and PhD (1968) from Pembroke College, Cambridge. He has also taught or researched at Stanford, Edinburgh, Geneva, Essex and New Mexico State Universities. His interests are artificial intelligence and the computer processing of language, knowledge and belief, especially as applied to the future of the Internet: the Semantic Web and the possibility of Companion-like interfaces.

His recent books include: Natural language Processing and the Semantic Web (with Christopher Brewster, Now Books, 2009); Machine Translation–how far can it go (Springer, 2009); Artificial Believers (Erlbaum 1991), Electric Words (MIT, 1996) and Machine Conversations (Kluwer, 2001); and a new edited volume in 2009 from John Benjamins is: ‘Artificial Companions in Society: scientific, economic, psychological and philosophical perspectives’. He is a Research Fellow of the Centre for Policy Studies.

lunch seminar:

CRCS Lunch Seminar
Date:  Monday,  November 2, 2009
Time:  11:45am – 1:15pm
Place:  Maxwell Dworkin 2nd Floor Lounge Area

Speaker:  Jeff Vaughan, Harvard CRCS

Title: Aura: Programming with Authorization and Audit

Abstract: Standard programming models do not provide direct ways of managing secret or untrusted data. This is a problem because programmers must use ad hoc methods to ensure that secrets are not leaked and, conversely, that tainted data is not used to make critical decisions. This talk will advocate integrating cryptography and language-based analyses in order to build programming environments for declarative information security, in which high-level specifications of confidentiality and integrity constraints are automatically enforced in hostile execution environments.

I will introduce describes Aura, a family of programing languages, which integrate functional programming, access control via authorization logic, automatic audit logging, and confidentially via encryption. Aura’s programming model marries an expressive, principled way to specify security policies with a practical policy-enforcement methodology that is well-suited for auditing access grants and protecting secrets.

Aura security policies are expressed as propositions in an authorization logic. Such logics are suitable for discussing delegation, permission, and other security-relevant concepts. Aura’s (dependent) type system cleanly integrates standard data types, like integers, with proofs of authorization-logic propositions; this lets programs manipulate authorization proofs just like ordinary values. In addition, security-relevant implementation details—like the creation of audit trails or the cryptographic representation of language constructs—can be handled automatically with little or no programmer intervention.

Bio: Jeff Vaughan’s research lies at the intersection of computer security, programming languages, and formal methods. He is particularly interested in access control, information flow, the theory and application of dependent types, and mechanized metatheory. Jeff will be receiving his PhD from the University of Pennsylvania.

lunch seminar:

CRCS Lunch Seminar
Date:  Monday,  October 5, 2009
Time:  11:45am – 1:15pm
Place:  Maxwell Dworkin 2nd Floor Lounge Area

Speaker:  Eran Tromer, MIT

Title:  Side Channels and Vulnerabilities in Cloud Computing

Abstract:  Today’s computers typically run numerous processes of varying sensitivity and trustworthiness. The platform purports to protect these from each other, but side channels arise from lower architectural layers (such as contention for shared hardware resources), and create inadvertent cross-talk between processes. These leakages can be exploited for stealing cryptographic keys and other sensitive information.

Such cross-talk is especially grievous in the context of third-party cloud computing, a prominent technological trend. Services, such as Microsoft’s Azure and Amazon’s EC2, allow users to acquire computational capacity on demand in the form of virtual machines (VMs). Virtualization allows the service provider to maximize resource utilization by multiplexing many customer VMs across a shared physical infrastructure. However, the presence of multiple mutually-untrusting virtual machines on the same hardware makes them potentially vulnerable to the aforementioned side channels.

Using a commercial cloud service as a case study, we show that it is possible to map the internal cloud infrastructure, identify where a particular target VM is likely to reside and instantiate new VMs that are co-resident with the target on the same physical machine. We then show that co-residence allows attackers to exfiltrate information across VM boundaries by use of side channels and covert channels such as cache contention and timing variability.

We discuss potential solutions, including work-in-progress on mitigating side channels using just-in-time program transformation.

Joint works with Saman Amarasinghe, Austin Chu, Dag Arne Osvik, Thomas Ristenpart, Ron Rivest, Stephan Savage, Hovav Shacham and Adi Shamir.

Bio:  Eran Tromer is a postdoctoral associate at the MIT Computer Science and Artificial Intelligence Laboratory (CSAIL). His research focus is cryptography, information security, and the challenges raised by imperfect real-world computer systems. His research on side-channel attacks demonstrated vulnerabilities in cloud computing, cache-based attacks on AES encryption, and acoustic attacks on RSA encryption. His Ph.D. dissertation, advised by Prof. Adi Shamir, reduced the projected cost of breaking RSA keys by 6 orders of magnitude using the TWIRL hardware device, leading to revision of government standards. He presently pursues means of improving security at the levels of networks, protocols, operating systems and circuits.

lunch seminar:

CRCS Privacy and Security Lunch Seminar
Date:  Monday, September 14, 2009
Time:  11:45am – 1:15pm
Place:  Maxwell Dworkin 2nd Floor Lounge Area

Speaker:  Ariel Procaccia

Title:   f(x) marks the spot

Abstract:   Given a vector x of ideal locations reported by multiple selfish agents, we would like to select a location f(x) for a public facility; this abstract setting has many interpretations, such as locating a library in a city or a router on a communications network. We wish to design mechanisms for this problem that, at the same time, (i) satisfy game-theoretic desiderata, and (ii) approximately optimize a target function, e.g., the facility’s sum of distances to the agents’ ideal locations. I will survey recent results with respect to this problem, elaborate on their interfaces with computational social choice and algorithmic mechanism design, and position them in the context of the fresh agenda of approximate mechanism design without money. No background is required, and the presentation will endeavor to replace equations with animations.

Based on joint papers with Noga Alon, Michal Feldman, Felix Fischer, and Moshe Tennenholtz.

Bio:   Ariel Procaccia is a CRCS fellow at Harvard’s SEAS. His research interests include Computational Social Choice, Algorithmic Game Theory, and the interplay between these fields and Artificial Intelligence. He received his Ph.D. summa cum laude from the Hebrew University of Jerusalem, under the supervision of Prof. Jeffrey Rosenschein. His dissertation, entitled “Computational Voting Theory: Of the Agents, By the Agents, For the Agents”, has won the 2008 IFAAMAS Victor Lesser Distinguished Dissertation Award and Hebrew University’s Schlomiuk Prize. His work in Harvard SEAS is also supported by a Rothschild Postdoctoral Fellowship.

Watch Video

weekly lunch seminar:

CRCS Privacy and Security Lunch Seminar
Date: Wednesday, June 10, 2009
Time: 12:00pm-1:30 pm
Place:  Maxwell Dworkin 221

Speaker:  Frank Stajano, University of Cambridge

Title: Smart Civil Engineering Infrastructure

Abstract:  The goal of our project is to instrument bridges, tunnels and other large and long-lived civil engineering infrastructure items with sensors that can monitor their natural deterioration. In so doing, we develop an integrated system and discover that commercial offerings of wireless sensor networks are still geared towards research prototypes: they are currently not yet mature for deployment in practical application scenarios.

The contributions of this presentation fall into two categories: our engineering solutions to a variety of problems including sensor hardware, radio propagation, node deployment, system security and data visualization; and our insights into the problems that are still open when dealing with practical uses of wireless sensor networks. These problems must be addressed to enable widespread adoption of WSNs outside the research lab.

Bio: Frank Stajano is a tenured faculty member at the Computer Laboratory of the University of Cambridge. He is the author of _Security for Ubiquitous Computing_ (Wiley, 2002). His early results on authentication in ad-hoc networks (the Resurrecting Duckling) and on location privacy (the mix zones) are frequently cited. His research interests cover various aspects of systems security, ubiquitous computing, wireless communications and human factors and are driven by the goal of protecting the citizens of the electronic society. He has given over 30 invited or keynote talks in Europe, Asia and America. Before receiving academic tenure Dr Stajano spent almost 10 years in industry as a research scientist (Toshiba, AT&T, Oracle, Olivetti) and continues to consult for industry, which keeps his research focused on practical applications. He was elected a Toshiba Fellow in 2000. Outside computers he writes books about comics and he practices and teaches kendo (Japanese swordsmanship): his students have recently won first place in the 2009 national inter-university championship.

Watch Video

weekly lunch seminar:

CRCS Privacy and Security Lunch Seminar
Date: Wednesday, May 13, 2009
Time: 12:00pm-1:30 pm
Place: Maxwell Dworkin 2nd Floor Lounge Area

Speaker: Bradley Malin

Title: A Systems Approach to Data Privacy in the Biomedical Domain

Abstract: The healthcare community has made considerable strides in the development and deployment of information systems, with particular gains in electronic health records and cheap genome sequencing technologies. Given the recent passage of the American Recovery and Reinvestment Act of 2009, and the HITECH Act in particular, advancement and adoption of such systems is expected to grow at unprecedented rates. The quantity of patient-level data that will be generated is substantial and can enable more cost-effective care as well as support a host of secondary uses, such biomedical research and biosurveillance. At the same time, care must be taken to ensure that such records are accessed and shared without violating a patient’s privacy rights.

The construction and application of data privacy technologies in the biomedical domain is a complex endeavor and requires the resolution of often competing computational, organizational, regulatory, and scientific needs. In this talk, I will introduce how the Vanderbilt Health Information Privacy Laboratory builds and applies data privacy solutions to support various biomedical settings. Our solutions are rooted in computational formalisms, but are driven by real world requirements and, as such, draw upon various tools and techniques from a number of fields, including cryptography, databases and data mining, public policy, risk analysis, and statistics. Beyond a high-level overview, I will delve into recent research on how we are measuring and mitigating privacy risks when sharing patient-level data from electronic medical and genomic records from the Vanderbilt University Medical Center to local researchers and an emerging de-identified repository at the National Institutes of Health.

Bio: Brad Malin is an Assistant Professor of Biomedical Informatics in the School of Medicine and an Assistant Professor of Computer Science in the School of Engineering at Vanderbilt University. He is the founder and director of the Vanderbilt Health Information Privacy Laboratory (HIPLab), which focuses on basic and applied research in a number of health-related areas, including primary care and secondary sharing of patient-specific clinical and genomic data. His research has received several awards of distinction from the American and International Medical Informatics Associations and the HIPLab is currently supported by grant funding from the National Science Foundation, National Institutes of Health, and Veterans Health Administration. For the past several years, he has directed a data privacy research and consultation team for the Electronic Medical Records and Genomics (eMERGE) project, a consortium sponsored by the National Human Genome Research Institute. He has served as a program committee member and workshop chair for numerous conferences on data mining, privacy, and medical informatics. He has also edited several volumes for Springer Lecture Notes in Computer Science, a special issue for the journal Data and Knowledge Engineering, and is currently on the editorial board of the journal Transactions on Data Privacy. He received a bachelor’s in biology (2000), master’s in knowledge discovery and data mining (2002), master’s in public policy & management (2003), and a doctorate in computation, organizations & society (2006) from the School of Computer Science at Carnegie Mellon University.

His home on the web can be found at http://www.hiplab.org/people/malin

Watch Video

weekly lunch seminar:

CRCS Privacy and Security Lunch Seminar
Date: Wednesday, May 6, 2009
Time: 12:00pm-1:30 pm
Place: Maxwell Dworkin 119

Speaker: Annie Anton

Title: Designing Software Systems that Comply with Privacy Laws

Abstract: Properly protecting information is in all our best interests, but it is a complex undertaking. The fact that regulation is often written by non-technologists, introduces additional challenges and obstacles. Moreover, those who design systems that collect, store, and maintain sensitive information have an obligation to design systems holistically within this broader context of regulatory and legal compliance.

There are questions that should be asked when developing new requirements for information systems. For example ….. How do we build systems to handle data that must be kept secure and private when relevant regulations tie your hands? When building a system that maintains health or financial records for a large number of people, what do we need to do to protect the information against theft and abuse, keep the information private, AND at the same time, satisfy all governing privacy laws and restrictions? Moreover, how do we know that we’ve satisfied those laws? How do we monitor for compliance while ensuring that we’re monitoring the right things? And, how do you accomplish all this in a way that can be expressed clearly to end-users and legislators (or auditors) so they can be confident you are doing the right things?

We’ve been working on technologies to make these tasks simpler, and in some senses, automatic. In this talk, I will describe some of the research that we have been conducting to address these problems. I will also discuss the results of a survey involving 975 Internet users in which we compared various ways to represent privacy management information to online healthcare consumers. The results of this work and our other studies pose interesting ethical questions for industry and society at large, and help illustrate the complexity of the problems.

Bio: Dr. Annie I. Antón is a Professor of Computer Science in the College of Engineering at the North Carolina State University. She received her Ph.D. in Computer Science from the College of Computing at the Georgia Institute of Technology. Dr. Antón joined the computer science department at NC State in 1998. From 2005-2006 she was a visiting faculty (sabbatical) scholar at Purdue University’s CERIAS.

She was awarded an NSF CAREER Award in 2000, named a CRA Digital Government Fellow in 2002, nominated and selected for the 2004-2005 IDA/DARPA Defense Science Study Group, and received the CSO (Chief Security Officer) Magazine “Woman of Influence in the Public Sector” award at the 2005 Executive Women’s Forum. This July she was named one of the most influential women in technology and government by The Political Voices of Women blog. In 2006 she was honored with an award for “Most Influential Paper of ICRE 1996” at RE’06 for her 1996 paper entitled “Goal-Based Requirements Analysis”. She is a former associate editor of IEEE Transactions on Software Engineering, and currently the cognitive issues area editor for the Requirements Engineering Journal and a member of the International Board of Referees for Computers & Security. Antón is a member of the International Association of Privacy Professionals, a senior member of the IEEE as well as a member of the ACM U.S. Public Policy Executive Committee and co-chair of the USACM Privacy Sub-committee.

Antón currently serves on various boards: the NSF Computer & Information Science & Engineering Directorate Advisory Council, the DHS Data Privacy and Integrity Advisory Committee, the CRA Board of Directors, an Intel Corporation Advisory Board, the Distinguished External Advisory Board for the TRUST Research Center, the Advisory Board for the Electronic Privacy Information Center in Washington, DC, and the Georgia Tech Alumni Association Board of Trustees. She is a former member of the Microsoft Research University Relations Faculty Advisory Board, the CRA-W, and the Georgia Tech Advisory Board (GTAB). Dr. Antón is director of ThePrivacyPlace.Org (http://theprivacyplace.org). Her URL is: http://www.csc.ncsu.edu/faculty/anton/.

Watch Video

weekly lunch seminar:

CRCS Privacy and Security Lunch Seminar
Date: Wednesday, April 29, 2009
Time: 12:00pm-1:30 pm
Place: Maxwell Dworkin 119

Speaker: Guy Rothblum

Title: On the Complexity of Differentially Private Data Release: Efficient Algorithms and Hardness Results

Abstract: We consider private data analysis in the setting in which a trusted and trustworthy curator, having obtained a data set containing sensitive information, releases to the public a “sanitization” of the data set. The goal is for the sanitization to both protect the privacy of the individual contributors of data and offer aggregate statistical utility to a data analyst.

In a remarkable recent result, Blum et al. [STOC '08] showed that it is theoretically possible (in exponential time) to generate a synthetic data-set that allows rich statistical analysis, while ensuring a strong privacy guarantee known as differential privacy.

We investigate the possibility of *efficiently* achieving rich statistical data analysis that protects the privacy of individuals. The main result we will present is the first efficient mechanism that achieves rich general privacy-preserving data analysis by answering large sets of predicate counting queries. We will also show strong lower bounds based on standard cryptographic hardness assumptions.

Joint work with Cynthia Dwork, Moni Naor, Omer Reingold and Salil Vadhan.

Bio: Guy Rothblum is a Ph.D. candidate at MIT. His research focuses on foundational cryptography. Recently he is especially interested in studying methods for protecting individual’s privacy, for reliably delegating computations and for obfuscation and software protection.

Watch Video