[PAST EVENT] Protecting User Security and Privacy in Emerging Platforms

February 22, 2017
8am - 9am
McGlothlin-Street Hall, Room 020
251 Jamestown Rd
Williamsburg, VA 23185Map this location


The evolution of apps on new platforms such as mobile, web and the Internet of Things are bringing more functionality and convenience for people; however, these new platforms also expose users to security and privacy risks. For example, mobile devices use sensors and other context information to provide richer functionality, but these features may violate users? security and privacy. Researchers and developers are spending much effort to protect the users, but unauthorized information leakage is still rampant, especially when new features or new techniques are introduced. To resolve these problems, I work on changing the way platform designers think about designing secure systems, educating the developers about the system implementations, and creating technological solutions to facilitate better security decision-making.

In this talk, I?ll present two of my example projects in the thrusts of (1) Identify and understand new threats, as well as (2) design and implement secure and privacy preserving systems. In the first example project, I work on defending against new privacy threats in web. I did a security analysis for HTML5 design and identify issues that break the foundation of browser security policy. Our proposed solutions have been adopted by browser vendors. In the second example project, I build secure and privacy preserving systems for Internet of Things. I performed program analysis to discover problems of current permission systems in third-party apps on Internet of Things. With the insights from the program analysis, I propose principles and implement a privacy preserving system to share least privilege information to third-party apps without affecting their functionality. In general, I hope to bring the low-level privacy enhancements to the users through thorough design, efficient implementation, and usable interface.


Yuan Tian is a Ph.D candidate at Carnegie Mellon University. Her research interests involve security and privacy and its interactions with computer system, machine learning, and human-computer interaction. Her current research focuses on developing new technologies for protecting user privacy, particularly in the areas of mobile systems and Internet of Things. Her work has been adopted by platform designers and application developers (such as Chrome, Firefox, and iOS) and has been incorporated into security and computing curricula at Universities such as Stanford, Saarland University, and UIC. She was awarded as Rising Stars in EECS 2016 and Black Hat Future Female Leaders in Cyber Security 2015. She was a recipient of IBM Fellowship and CMU Dean?s Fellowship. She interned at Microsoft Research, Facebook, and Samsung Research.


Xu Liu 757-221-7739