Software Tool Plugs Security Leaks
August 1, 2007Often when you make an Internet transaction, symbols on the Web page assure you that your transaction will be secure and that private information about you, such as passwords, bank account or credit card numbers, will not be intercepted by a third party.
Such assurances mean safe passage along the information highway. But is your private information secure after it enters a merchant's computer?
Not necessarily, says a University of Illinois at Chicago computer-security expert who is developing a software tool that will help keep private information from falling under prying eyes.
"There are many ways software can leak information, and often programmers are clueless about how to prevent it," said V.N. Venkatakrishnan, assistant professor of computer science and co-director of UIC's Center for Research and Instruction in Technologies for Electronic Security.
"Programmers need tools and techniques to write good code that safeguards private data," he said. "It is important to address end-user privacy concerns during software development."
The problem focuses on the massive number of computer programs written in C, the language most widely used for building systems software for applications such as mail agents, calendars and web browsers.
Building on previous research findings, Venkatakrishnan has developed a software tool to break up private, protected data-entering programs written in C, separating it from information that is open to public access, such as via an Internet link. The tool automatically identifies what Venkatakrishnan calls the program's public and private zones, monitoring the program while running, checking the information flow almost like a gatekeeper dividing attention between these two zones.
"Taken together, the public and private zones replace the original functionality of the program," he said. "It enables you to enforce different policies on these zones. For instance, the public zone is not allowed to read sensitive data, and the private zone is not allowed network access, which addresses end-user privacy concerns."
Venkatakrishnan has already developed a prototype tool and has successfully tested it on medium-scale software programs. He just received a two-year, $250,000 single-investigator grant from the National Science Foundation to create a way to scale-up the tool for use on large-scale programs, such as mail readers and Web browsers.
The tool will be easy for programmers to use, and applicable to a wide range of programs, Venkatakrishnan said. He expects to have it tested and ready for public release within two years.
"The prototype is there. It will be fairly easy for us to build on it."
Source: University of Illinois at Chicago
-
Zuckerberg's focus drives Facebook's ascent
Feb 10, 2012 |
1 / 5 (2) |
2
-
NASA showcases ‘spinoff’ technologies
Feb 09, 2012 |
4 / 5 (3) |
2
-
Governor Kasich announces 10-fold boost to Ohio's broadband network
Feb 07, 2012 |
not rated yet |
0
-
For Facebook 'Hacker Way' is way of life
Feb 05, 2012 |
3 / 5 (1) |
1
-
Status update: Facebook to go public, raise $5B
Feb 01, 2012 |
3 / 5 (1) |
0
-
Engineers build first sub-10-nm carbon nanotube transistor
Feb 01, 2012 |
4.9 / 5 (31) |
30
-
Something old, something new: Evolution and the structural divergence of duplicate genes
Jan 31, 2012 |
4.6 / 5 (7) |
1
-
The hidden nanoworld of ice crystals: Revealing the dynamic behavior of quasi-liquid layers
Jan 30, 2012 |
5 / 5 (3) |
1
-
Stock market network reveals investor clustering
Jan 27, 2012 |
3.9 / 5 (23) |
8
-
Of microchemistry and molecules: Electronic microfluidic device synthesizes biocompatible probes
Jan 26, 2012 |
5 / 5 (1) |
0
-
Synergistic relations between computer science and technology.
Feb 06, 2012
-
how do iphone gloves work?
Feb 05, 2012
-
iPhone battery over time
Jan 30, 2012
-
Best alternate Tablet to an iPad for writing math or physics equations?
Jan 26, 2012
-
Sending SMS to a website
Jan 20, 2012
-
Need help with my technical fest!
Jan 19, 2012
- More from Physics Forums - Computing & Technology
More news stories
Iran blocks email, restricts net access: reports
Iran has further restricted access to the Internet and blocked popular email services for the past few days, in a move a top lawmaker said could "cost the regime dearly," media reports said on Sunday.
1 minute ago |
not rated yet |
0
Google might launch Drive for cloud storage soon
(PhysOrg.com) -- Google's next big move, according to the Wall Street Journal, is a cloud storage service called Drive. Hardly first to the plate, Google is simply catching up to introducing its cloud reposi ...
Love a click away in Indonesia's Twitter Republic
He was a geeky kid from Yogyakarta, she a glamorous city girl in Jakarta. In a country with one of the world's most vibrant social networking scenes they fell in love on Twitter.
8 hours ago |
4 / 5 (1) |
0
Europeans protest controversial Internet pact
Tens of thousands of people marched in protests in more than a dozen European cities Saturday against a controversial anti-online piracy pact that critics say could curtail Internet freedom.
23 hours ago |
4.6 / 5 (10) |
2
Walney offshore wind farm is world's biggest (for now)
(PhysOrg.com) -- The Walney wind farm on the Irish Sea--characterized by high tides, waves and windy weather--officially opened this week. The farm is treated in the press as a very big deal as the Walney ...
Scientists discover molecular secrets of 2,000-year-old Chinese herbal remedy
For roughly two thousand years, Chinese herbalists have treated Malaria using a root extract, commonly known as Chang Shan, from a type of hydrangea that grows in Tibet and Nepal. More recent studies suggest that halofuginone, ...
New method to examine batteries -- MRI from the inside
There is an ever-increasing need for advanced batteries for portable electronics, such as phones, cameras, and music players, but also to power electric vehicles and to facilitate the distribution and storage of energy derived ...
A mitosis mystery solved: How chromosomes align perfectly in a dividing cell
Although the process of mitotic cell division has been studied intensely for more than 50 years, Whitehead Institute researchers have only now solved the mystery of how cells correctly align their chromosomes during symmetric ...
Starve a virus, feed a cure? Findings show how some cells protect themselves against HIV
A protein that protects some of our immune cells from the most common and virulent form of HIV works by starving the virus of the molecular building blocks that it needs to replicate, according to research published online ...
Researchers find extensive RNA editing in human transcriptome
In a new study published online in Nature Biotechnology, researchers from BGI, the world's largest genomics organization, reported the evidence of extensive RNA editing in a human cell line by analysis of RNA-seq data, demons ...
The proteins ensuring genome protection
Researchers from the University of Geneva (UNIGE), Switzerland, have discovered the crucial role of two proteins in developing a cell 'anti-enzyme shield'. This protection system, which operates at the level of molecular ...