Department of Computer Science professor Long Lu has received a grant from the U.S. Army Research Office for his latest work on web-mobile integration and security. The professor’s research aims to develop tools and techniques that will enable these integrations to be more secure, and eventually create hardware-assisted protection that will be used in situations involving high-level sensitive information.
Despite the fact that web-mobile integration is one of the most widely used and quickly growing models, there have been very few studies done on its security implications. That lack of comprehensive understanding has thus far made it very difficult to develop effective security measures for this type of integration. Mobile devices such as cell phones and tablets can get lost or tampered with relatively easily, so having sensitive information in the apps on your phone can be especially troublesome. That is where Professor Lu comes in.
“Powerful adversaries such as state-sponsored hackers can often manage to compromise operating systems...we will take a hardware-assisted approach in securing web-mobile integration against such adversaries,” explained the professor in his proposal, “Our solution will not only protect ultra-sensitive web content delivered to untrusted apps, but also creates a new scheme of running sensitive apps on untrusted OS’s.”
The grant is in the amount of $570,000. Professor Lu’s project is titled “Enabling Secure Integration of Web and Mobile: A Principled Multi-level Approach”. He will not be working alone, however. Professor Somesh Jha and his research team at the University of Wisconsin at Madison will be working closely with the Lu-lead Stony Brook team. This particular area of research is especially relevant for Lu, as he currently is a member of the National Security Institute at Stony Brook.
Long Lu received his PhD in Computer Science from Georgia Tech in 2013. Before that, he attended Shanghai Jiao Tong University in China. He is the director of the RiS3 Lab (Research in Software Systems and Security), in addition to working at the aforementioned National Security Institute. His research tends to focus on software systems and security.
By Michael Curatola