CICI: RDP: Enforcing Security and Privacy Policies to Protect Research Data
CICI:RDP:执行安全和隐私政策以保护研究数据
基本信息
- 批准号:1920462
- 负责人:
- 金额:$ 92.45万
- 依托单位:
- 依托单位国家:美国
- 项目类别:Standard Grant
- 财政年份:2019
- 资助国家:美国
- 起止时间:2019-08-01 至 2023-05-31
- 项目状态:已结题
- 来源:
- 关键词:
项目摘要
Advances in computer systems over the past decade have laid a solid foundation for data collection at a staggering scale. Data generated from end-user devices has tremendous value to the research community. For example, mobile and Internet-of-Things devices can participate in large-scale Internet-based measurement or monitoring of patient's health conditions. While ground-breaking discovered may occur, malicious attacks or unintentional data leaks threaten the research data. Such a threat is hard to predict and difficult to recover from once it happens. Preventative and defensive measures should be taken where data is generated in order to protect private, valuable data from the attackers. Currently, there are efforts that try to regulate data management, for example, a research application might have a privacy policy that describes how the user data is being collected and protected. However, there is a disconnect between these documented policies and the implementations of a research project. In this project, the investigators propose to interpret the documented policies and enforce them in research projects, in order to protect the privacy of research data. This work can significantly reduce researchers' overhead in implementing policy-compliant code and reduce the complexity of protecting research datasets.In this project, the investigators provide a solution that protects research data using policies mandated by different regulatory entities, such as an application store and an Institutional Review Board (IRB). The system utilizes Natural Language Processing (NLP) techniques to extract security and privacy requirements from unstructured regulatory documents and translates these requirements to code that can patch a program that does not comply with the policies. The solution covers the lifetime of research data protection, from data collection to data storage, and data processing. This research has two thrusts. First, the investigators will build novel NLP techniques to extract security and privacy policies from unstructured, sparsely-labeled documents such as IRB protocols, and privacy disclosure of research applications. Second, the investigators will enforce these extracted policies in code, through context-aware program analysis to discover inconsistencies between a researcher's implementation and the extracted policies, and instrument researcher?s code to enforce compliant program behavior. The results of this work will have a transformative impact on the development of the next generation research data protection techniques, and more defensive security and privacy practices.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
过去十年计算机系统的进步为大规模的数据收集奠定了坚实的基础。最终用户设备生成的数据对研究界具有巨大的价值。例如,移动和物联网设备可以参与基于互联网的大规模测量或患者健康状况的监测。虽然可能会出现突破性的发现,但恶意攻击或无意的数据泄露会威胁到研究数据。这种威胁很难预测,一旦发生也很难恢复。应在生成数据的地方采取预防和防御措施,以保护私人、有价值的数据免受攻击者的侵害。目前,有人试图规范数据管理,例如,研究应用程序可能有隐私政策来描述如何收集和保护用户数据。然而,这些记录在案的政策与研究项目的实施之间存在脱节。在该项目中,研究人员建议解释记录的政策并在研究项目中强制执行,以保护研究数据的隐私。这项工作可以显着减少研究人员在实施符合策略的代码方面的开销,并降低保护研究数据集的复杂性。在该项目中,研究人员提供了一种解决方案,使用不同监管实体(例如应用程序商店和机构审查委员会(IRB))强制执行的策略来保护研究数据。该系统利用自然语言处理(NLP)技术从非结构化监管文档中提取安全和隐私要求,并将这些要求转换为可以修补不符合策略的程序的代码。该解决方案涵盖了研究数据保护的整个生命周期,从数据收集到数据存储和数据处理。这项研究有两个主旨。首先,研究人员将构建新颖的 NLP 技术,从非结构化、标签稀疏的文档(例如 IRB 协议)和研究应用程序的隐私披露中提取安全和隐私策略。其次,研究人员将在代码中强制执行这些提取的策略,通过上下文感知程序分析来发现研究人员的实现与提取的策略之间的不一致,并使用研究人员的代码来强制执行合规的程序行为。这项工作的成果将对下一代研究数据保护技术以及更多防御性安全和隐私实践的发展产生变革性影响。该奖项反映了 NSF 的法定使命,并通过使用基金会的智力价值和更广泛的影响审查标准进行评估,被认为值得支持。
项目成果
期刊论文数量(11)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)
Findings: PolicyQA: A Reading Comprehension Dataset for Privacy Policies
研究结果:PolicyQA:隐私政策的阅读理解数据集
- DOI:
- 发表时间:2020
- 期刊:
- 影响因子:0
- 作者:Ahmad, A.;Chi, J.;Tian, Y.;Chang, K.
- 通讯作者:Chang, K.
Malware Family Classification via Residual Prefetch Artifacts
通过残留预取工件进行恶意软件家族分类
- DOI:10.1109/ccnc49033.2022.9700530
- 发表时间:2022
- 期刊:
- 影响因子:0
- 作者:Duby, Adam;Taylor, Teryl;Zhuang, Yanyan
- 通讯作者:Zhuang, Yanyan
Intent Classification and Slot Filling for Privacy Policies
- DOI:10.18653/v1/2021.acl-long.340
- 发表时间:2021-01
- 期刊:
- 影响因子:0
- 作者:Wasi Uddin Ahmad;Jianfeng Chi;Tu Le;Thomas B. Norton;Yuan Tian;Kai-Wei Chang
- 通讯作者:Wasi Uddin Ahmad;Jianfeng Chi;Tu Le;Thomas B. Norton;Yuan Tian;Kai-Wei Chang
OAUTHLINT: An Empirical Study on OAuth Bugs in Android Applications
- DOI:10.1109/ase.2019.00036
- 发表时间:2019-11
- 期刊:
- 影响因子:0
- 作者:Tamjid Al Rahat;Yu Feng;Yuan Tian
- 通讯作者:Tamjid Al Rahat;Yu Feng;Yuan Tian
TKPERM: Cross-platform Permission Knowledge Transfer to Detect Overprivileged Third-party Applications
- DOI:10.14722/ndss.2020.24287
- 发表时间:2020
- 期刊:
- 影响因子:0
- 作者:F. H. Shezan;Kaiming Cheng;Zhen Zhang;Yinzhi Cao;Yuan Tian
- 通讯作者:F. H. Shezan;Kaiming Cheng;Zhen Zhang;Yinzhi Cao;Yuan Tian
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
数据更新时间:{{ journalArticles.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ monograph.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ sciAawards.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ conferencePapers.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ patent.updateTime }}
Yuan Tian其他文献
Mapping the drivers of formaldehyde (HCHO) variability from 2015 to 2019 over eastern China: insights from Fourier transform infrared observation and GEOS-Chem model simulation
绘制 2015 年至 2019 年中国东部甲醛 (HCHO) 变化的驱动因素:傅里叶变换红外观测和 GEOS-Chem 模型模拟的见解
- DOI:
10.5194/acp-21-6365-2021 - 发表时间:
2021-04 - 期刊:
- 影响因子:6.3
- 作者:
Youwen Sun;Hao Yin;Cheng Liu;Lin Zhang;Yuan Cheng;Mathias Palm;Justus Notholt;Xiao Lu;Corinne Vigouroux;Bo Zheng;Wei Wang;Nicholas Jones;Changong Shan;Min Qin;Yuan Tian;Qihou Hu;Fanhao Meng;Jianguo Liu - 通讯作者:
Jianguo Liu
Phase cancellation and aperture size on broadband ultrasonic attenuation for trabecular bone assessment using a 2-D confocal synthetic array
使用二维共焦合成阵列进行骨小梁评估的宽带超声衰减的相位抵消和孔径大小
- DOI:
- 发表时间:
2011 - 期刊:
- 影响因子:0
- 作者:
Jiqi Cheng;F. Serra;Yuan Tian;Wei Lin;Yi - 通讯作者:
Yi
Abundance versus vital rates: The extent and predictors of inconsistent conclusions on avian population responses to forest loss and degradation
丰度与活力率:鸟类种群对森林丧失和退化反应的不一致结论的程度和预测因素
- DOI:
10.1016/j.biocon.2023.110353 - 发表时间:
2023 - 期刊:
- 影响因子:5.9
- 作者:
Yuan Tian;Fangyuan Hua - 通讯作者:
Fangyuan Hua
Estimating satellite phase fractional cycle biases based on Kalman filter
基于卡尔曼滤波器估计卫星相位分数周期偏差
- DOI:
10.1007/s10291-018-0749-3 - 发表时间:
2018 - 期刊:
- 影响因子:4.9
- 作者:
Guorui Xiao;Lifen Sui;Bernhard Heck;Tian Zeng;Yuan Tian - 通讯作者:
Yuan Tian
Effects of annealing constraint methods on poly(L‐lactic acid) monofilaments for application in stents annealing
退火约束方法对用于支架退火的聚(L-乳酸)单丝的影响
- DOI:
10.1002/pat.5266 - 发表时间:
2021-03 - 期刊:
- 影响因子:3.4
- 作者:
Xin Li;Yuan Tian;Jing Zhang;Jie Cheng;Gensheng Wu;Yi Zhang;Gutian Zhao;Zhonghua Ni - 通讯作者:
Zhonghua Ni
Yuan Tian的其他文献
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
{{ truncateString('Yuan Tian', 18)}}的其他基金
Collaborative Research: Frameworks: MobilityNet: A Trustworthy CI Emulation Tool for Cross-Domain Mobility Data Generation and Sharing towards Multidisciplinary Innovations
协作研究:框架:MobilityNet:用于跨域移动数据生成和共享以实现多学科创新的值得信赖的 CI 仿真工具
- 批准号:
2411153 - 财政年份:2024
- 资助金额:
$ 92.45万 - 项目类别:
Standard Grant
Collaborative Research: DASS: Assessing the Relationship Between Privacy Regulations and Software Development to Improve Rulemaking and Compliance
合作研究:DASS:评估隐私法规与软件开发之间的关系以改进规则制定和合规性
- 批准号:
2317184 - 财政年份:2023
- 资助金额:
$ 92.45万 - 项目类别:
Standard Grant
Collaborative Research: SaTC: CORE: Medium: Toward safe, private, and secure home automation: from formal modeling to user evaluation
协作研究:SaTC:核心:中:迈向安全、私密和可靠的家庭自动化:从形式建模到用户评估
- 批准号:
2320903 - 财政年份:2022
- 资助金额:
$ 92.45万 - 项目类别:
Standard Grant
CICI: RDP: Enforcing Security and Privacy Policies to Protect Research Data
CICI:RDP:执行安全和隐私政策以保护研究数据
- 批准号:
2325369 - 财政年份:2022
- 资助金额:
$ 92.45万 - 项目类别:
Standard Grant
CAREER: Secure Voice-Controlled Platforms
职业:安全语音控制平台
- 批准号:
2323105 - 财政年份:2022
- 资助金额:
$ 92.45万 - 项目类别:
Continuing Grant
Collaborative Research: SaTC: CORE: Medium: Toward safe, private, and secure home automation: from formal modeling to user evaluation
协作研究:SaTC:核心:中:迈向安全、私密和可靠的家庭自动化:从形式建模到用户评估
- 批准号:
2114074 - 财政年份:2021
- 资助金额:
$ 92.45万 - 项目类别:
Standard Grant
CAREER: Secure Voice-Controlled Platforms
职业:安全语音控制平台
- 批准号:
1943100 - 财政年份:2020
- 资助金额:
$ 92.45万 - 项目类别:
Continuing Grant
CRII: SaTC: Improving the Usability and Effectiveness of Security and Privacy Settings in Mobile Apps
CRII:SaTC:提高移动应用程序中安全和隐私设置的可用性和有效性
- 批准号:
1850479 - 财政年份:2019
- 资助金额:
$ 92.45万 - 项目类别:
Standard Grant
相似国自然基金
活性肽RDP3通过抑制NLRP3炎症小体促口腔溃疡修复的作用及机制研究
- 批准号:32301054
- 批准年份:2023
- 资助金额:30.00 万元
- 项目类别:青年科学基金项目
日粮RDP水平对生长期肉牛蛋白质补偿沉积的作用机制
- 批准号:32102573
- 批准年份:2021
- 资助金额:30 万元
- 项目类别:青年科学基金项目
新型有机磷阻燃剂RDP及其副产物TPHP在水环境中的分布及水-沉积物界面行为
- 批准号:41603095
- 批准年份:2016
- 资助金额:20.0 万元
- 项目类别:青年科学基金项目
相似海外基金
CICI: RDP: Enforcing Security and Privacy Policies to Protect Research Data
CICI:RDP:执行安全和隐私政策以保护研究数据
- 批准号:
2325369 - 财政年份:2022
- 资助金额:
$ 92.45万 - 项目类别:
Standard Grant
CICI: RDP: Open Badge Researcher Credentials for Secure Access to Restricted and Sensitive Data
CICI:RDP:用于安全访问受限和敏感数据的开放徽章研究人员证书
- 批准号:
1839868 - 财政年份:2018
- 资助金额:
$ 92.45万 - 项目类别:
Standard Grant
CICI: RDP: Supporting Controlled Unclassified Information with a Campus Awareness and Risk Management Framework
CICI:RDP:通过校园意识和风险管理框架支持受控非机密信息
- 批准号:
1840043 - 财政年份:2018
- 资助金额:
$ 92.45万 - 项目类别:
Standard Grant
CICI: RDP: Open Science Chain (OSC) - A Novel Distributed Ledger-Based Framework for Protecting Integrity and Provenance of Research Data
CICI:RDP:开放科学链(OSC)——一种基于分布式账本的新型框架,用于保护研究数据的完整性和来源
- 批准号:
1840218 - 财政年份:2018
- 资助金额:
$ 92.45万 - 项目类别:
Standard Grant
CICI: RDP: SAMPRA: Scalable Analysis, Management, and Protection of Research Artifacts
CICI:RDP:SAMPRA:研究文物的可扩展分析、管理和保护
- 批准号:
1840069 - 财政年份:2018
- 资助金额:
$ 92.45万 - 项目类别:
Standard Grant
Moving the Ribosome Database Project (RDP) to a DBMS Foundation
将核糖体数据库项目 (RDP) 移至 DBMS 基金会
- 批准号:
9507552 - 财政年份:1995
- 资助金额:
$ 92.45万 - 项目类别:
Continuing Grant
Moving the Ribosome Database Project (RDP) to a DBMS Foundation
将核糖体数据库项目 (RDP) 移至 DBMS 基金会
- 批准号:
9507343 - 财政年份:1995
- 资助金额:
$ 92.45万 - 项目类别:
Continuing Grant














{{item.name}}会员




