
NSF Org: |
CNS Division Of Computer and Network Systems |
Recipient: |
|
Initial Amendment Date: | August 18, 2014 |
Latest Amendment Date: | December 18, 2014 |
Award Number: | 1421824 |
Award Instrument: | Standard Grant |
Program Manager: |
Shannon Beck
CNS Division Of Computer and Network Systems CSE Directorate for Computer and Information Science and Engineering |
Start Date: | September 1, 2014 |
End Date: | November 30, 2017 (Estimated) |
Total Intended Award Amount: | $499,932.00 |
Total Awarded Amount to Date: | $512,932.00 |
Funds Obligated to Date: |
FY 2015 = $0.00 |
History of Investigator: |
|
Recipient Sponsored Research Office: |
W5510 FRANKS MELVILLE MEMORIAL LIBRARY STONY BROOK NY US 11794 (631)632-9949 |
Sponsor Congressional District: |
|
Primary Place of Performance: |
Computer Science Department Stony Brook NY US 11794-4400 |
Primary Place of
Performance Congressional District: |
|
Unique Entity Identifier (UEI): |
|
Parent UEI: |
|
NSF Program(s): |
Special Projects - CNS, Secure &Trustworthy Cyberspace |
Primary Program Source: |
01001415DB NSF RESEARCH & RELATED ACTIVIT |
Program Reference Code(s): |
|
Program Element Code(s): |
|
Award Agency Code: | 4900 |
Fund Agency Code: | 4900 |
Assistance Listing Number(s): | 47.070 |
ABSTRACT
Society's dependence on mobile technologies rapidly increases as we entrust mobile applications with more and more private information and capabilities. Existing security research follows a common threat model that treats apps as monolithic entities and only captures attack surface between apps. However, recent research reveals that app internal attacks are emerging quickly as complex entities with conflicting interests are commonly included inside a single app to allow for rich features and fast development.
This project, known as STRUCT, systematically investigates app compartmentalization as a novel and general approach to mitigating the critical yet unaddressed internal threats of apps. It applies this approach to major mobile platforms via solving four challenging and interesting research problems: (1) Deriving principles and models for designing intra-app security mechanisms; (2) Building compiler toolchains for automatically and securely compartmentalizing apps; (3) Building system-level enforcement mechanisms for open platforms; (4) Building app-level system-agnostic enforcement mechanisms for closed platforms. Solutions to these challenges together form a foundation to the design and implementation of intra-app security isolation and policy enforcement, which is currently nonexistent but in high demand.
STRUCT has its broader impact in fostering a new direction in mobile security research and education as well as increasing society's adoption of mobile technology in security-sensitive scenarios.
PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH
Note:
When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external
site maintained by the publisher. Some full text articles may not yet be available without a
charge during the embargo (administrative interval).
Some links on this page may take you to non-federal websites. Their policies may differ from
this site.
Please report errors in award information by writing to: awardsearch@nsf.gov.