CS Students, Professor Take Top Honors at CERIAS Symposium

Writer(s): Jesica E. Hollinger

Pelin Angin, Rohit Ranchal, and Denis A. Ulybyshev earned first place at the 16th Annual CERIAS Security Symposium this March.Rohit Ranchal

The students poster, under the direction of CS Professor Bharat Bhargava, “PD3: Policy–based Distributed Data Dissemination was selected by Corporate Partners of CERIAS security center.

Other awards given at the symposium include the prestigious Diamond Award, which was given to CS PhD student, Mohammed Almeshekah, currently advised by Professor Mikhail Atallah and Professor Eugene Spafford.

Lorenzo Bossi, Syed Rafiul Hussain, and Asmaa Sallam, under the direction of CS Professor Elisa Bertino earned second place poster and Karen Marais, Navindran Davendralingam, Zhemei Fang, Cesare Guariniello, and Payuna Uday were awarded third place, under the direction of Aeronautics and Astronautics Professor Daniel Delaurentis.

The Pillar of CERIAS award was given to Sam Curry, Chief Technology and Security Officer of Arbor Networks.

Each year, the symposium examines the current state and emerging trends in information assurance and security, as well as breaking research. Topical keynotes from government and industry, and in-depth panel discussions addressing current trends and needs were highlighted during the two-day event.

Bharat’s winning research team will also be demonstrating their project at Northrop Grumman Corporation TECH-Fest on June 9-10 in Mcleans Virgina for NGC clients from government and industry.

His group will be given a booth for their three demo applications: electronic health records, UAVs sending data to each other and command/control, and a Navy scenario of detecting a boat coming to attack a ship.

Their project exemplifies an example of a successful partnership between a university and NGC. The main idea showcases an adaptable system that can give only the data to subscribers, as they need them, based on their authorization. It can dynamically change service composition to deal with attacks and allows computation and access to data over trusted and untrusted plate forms.

They are also integrating their work with W3C.org activity at MIT that specifies a secure authenticated browser at the front end, and trusted computations over encrypted data at the back end.

Abstract: PD3: Policy-based Distributed Data Dissemination

Modern distributed systems (such as composite web services, cloud solutions) comprise of a number of hosts, which collaborate, interact and share data. One of the main requirements of these systems is policy-based distributed data dissemination (PD3). In the PD3 problem, the data owner wants to share data with a set of hosts. Each host is only authorized to access a subset of data. Data owner can directly interact only with a subset of hosts and relies on these hosts to disseminate data to other hosts. In order to ensure correct delivery of appropriate data to each host, it is necessary that each host shares entire data even though the hosts are only authorized for certain subset of data. We provide a formal description of the problem and propose a data-centric approach to address PD3. The approach enables policy-based secure data dissemination and protects data throughout their lifecycle. It is independent of trusted third parties, does not require source availability and has the ability to operate in unknown environments. The approach is demonstrated through its application to composite web services.