CAREER: Security for handheld devices and the web environment

职业：手持设备和网络环境的安全

• 批准号: 9984259
• 负责人: Dan Boneh
• 金额: $ 22.5万
• 依托单位: Stanford University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2000
• 资助国家: 美国
• 起止时间: 2000-02-01 至 2004-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=9984259&HistoricalAwards=false
• 关键词: CAREER; Security; handheld; devices; web

The work conducted in this project focuses on both research and education in computer security. The research effort is geared towards providing security on the Internet. In particular, the research focuses on providing security for web servers and wireless handheld devices. The education effort is aimed at increasing awareness of computer security and training computer security experts at both the undergraduate and Ph.D. levels. The research conducted in this project covers the following topics: Security for handheld devices. Handheld devices (e.g. cell phones, PalmPilots, pagers, digital cameras, etc.) are a fast growing market with clear security concerns. The project studies how security solutions apply in a low power, wireless, handheld environment. For example, the investigators are studying how to use a low power wireless handheld for E-commerce; how to perform encryption and authentication on a low power handheld; and other related questions. New cryptographic techniques. New cryptographic techniques are required for new Internet applications. In this project the investigators are designing new cryptographic techniques for authenticating streamed audio and streamed video and techniques for preserving user anonymity. In addition, the investigators are studying new cryptographic systems for providing improved security guarantees for digital signatures and encryption. The goal is to develop efficient systems for both handhelds and smartcards. Scalable web server security. Security operations, such as SSL, are typically a performance bottleneck when used on a heavily loaded web server. As the web continues to grow it will become essential to improve SSL's performance on the server. The project studies methods for improving SSL's server performance using two techniques: batching and offline preprocessing. The investigators are also developing mechanisms to protect a web site's content integrity. This work ensures that hackers cannot break into a web site and install their own content.

在这个项目中进行的工作侧重于计算机安全的研究和教育。这项研究工作的目的是提供互联网上的安全。特别是，研究重点是为Web服务器和无线手持设备提供安全性。教育工作的目的是提高计算机安全意识，并在本科和博士阶段培训计算机安全专家。程度.该项目进行的研究涵盖以下主题： 手持设备的安全性。手持设备（如手机、PalmPilots、寻呼机、数码相机等）是一个快速 不断增长的市场，明确的安全问题。该项目研究如何在低功耗、无线、手持环境中应用安全解决方案。例如，研究人员正在研究如何使用低功耗无线手持设备进行电子商务;如何在低功耗手持设备上执行加密和身份验证;以及其他相关问题。 新的密码技术。新的因特网应用需要新的密码技术。在这个项目中，研究人员正在设计新的加密技术来验证流媒体音频和流媒体视频，以及保护用户匿名的技术。此外，调查人员正在研究新的密码系统，为数字签名和加密提供更好的安全保障。目标是为手持设备和智能卡开发高效的系统。 可扩展的Web服务器安全性。安全操作（如SSL）在负载沉重的Web服务器上使用时通常是性能瓶颈。随着网络的不断发展，提高SSL在服务器上的性能将变得至关重要。该项目研究了使用两种技术提高SSL服务器性能的方法：SSL和离线预处理。调查人员还在开发保护网站内容完整性的机制。这项工作确保黑客无法闯入网站并安装自己的内容。