CT-ER : Runtime Techniques for protecting confidential data in large scale software
University Of Illinois At Chicago, Chicago IL
Investigators
Abstract
With the increasing amount of confidential information being handled by computer software, ensuring privacy of personal information is becoming a great concern. To address this concern, this project investigates mechanisms that track the use of sensitive data handled by software programs with the goal of preventing unauthorized disclosure. The technical focus is on the use of runtime mechanisms that track the use of sensitive data. There are three thrust areas investigated in this proposal (a) mechanisms for process based separation and runtime checking for enforcing confidentiality policies (b) techniques for erasing sensitive data from programs after their intended use and (c) techniques for tracking implicit information flows. The project uses novel ideas that build on the PI's prior work in language based techniques for addressing fundamental research questions in these thrust areas. To maximize impact, this project will also implement tools that will apply these techniques to large scale software applications. These tools will enable programmers and end users to retrofit programs in order to safeguard their confidential data. These tools will be distributed using the Web for the widest possible dissemination and further enhancement. With regards to education, this project aims to train both graduate and undergraduate students to perform research in the the application of language based methods for computer security and privacy.
View original record on NSF Award Search →