GGrantIndex
← Search

CAREER: A Holistic Context-based Approach for Security and Privacy in the Era of Ubiquitous Sensing and Computing

$499,512FY2020CSENSF

University Of Texas At San Antonio, San Antonio TX

Investigators

Abstract

The phenomenal growth of ubiquitous sensing and computing devices such as smartphones, wearables and Internet-of-Things (IoT) enable exciting new applications that significantly improve the health, wellness, security and quality of life of our citizens. Sensors and actuators on-board these devices, however, can also be exploited to infer sensitive information about users or to compromise their safety and cyber security. Continued progress in sensor hardware, cloud and software (including, machine learning) technologies have caused new threats to emerge which current access control models and protection mechanisms are unable to address. One critical shortcoming of existing protection mechanisms is that they do not work across different types of sensors, applications and autonomous devices housing these sensors and applications. As applications on these devices operate in an isolated fashion, they are generally unaware of the holistic contextual information about users, often resulting in grave privacy threats. This project develops a new approach to expose and harness user context at multiple operational levels to protect against uncoordinated and unregulated sensing and actuation in mobile and IoT applications. The project's educational agenda is to develop a well-integrated and hands-on curriculum in mobile and IoT security and through community-focused educational summer camps, courses and training initiatives expose the curriculum to a diverse set of students and practitioners with varying skill-levels and backgrounds including San Antonio, TX area high school students, teachers, soldiers and veterans The project plans to uncover new security and privacy risks in modern ubiquitous sensing and computing environments comprising of functionally heterogeneous and isolated sensors and applications and evaluate their feasibility in practical settings. To enable secure and privacy-preserving sensor access by applications, the project will design a novel framework that exposes and harnesses contextual information about users both at the device and network levels for achieving fine-grained and user-approved access control. The first design, called ConWare, will harness the exposed user context at the device level by defining user-approved access bindings between these contexts and the set of allowable sensing actions on that device within those contexts. The second design, called ConWareNet, will harness the exposed user context at the communication network level to regulate applications across an autonomous set of devices using similar user-approved bindings or policies. The project will also address the issue of preventing misuse of the exposed context and will design adaptation mechanisms for these frameworks to self-adjust in a dynamic sensing and actuation environment. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

View original record on NSF Award Search →