Grants

James B. D. Joshi, “A Trust-based Access Control Management Framework for Secure Information Sharing and Multimedia Workflows in Heterogeneous Environments”, NSF-CAREER (IIS), 2006, 5 years, ($416,419).

 

James B. D. Joshi, P. Krishnamurthy, D. W. Tipper, M. B. Spring, CIAG Cisco Equipment Grant Winners of Spring 2005 (~$130,000).

 

M. B. Spring, P. Krishnamurthy, D. Tipper, J. B. D. Joshi, "A Curriculum in Security Assured Information Systems," NSF Federal Cyber Service - Scholarship for Service (2004-2006), $286,000. <synopsis> <project homepage>

 

J. B. D. Joshi, "An Adaptive Framework For Security-Assured Survivable Information Systems," CRDF, University of Pittsburgh, 2004-2006, $15988.

 

M. B. Spring,  "Role Assured Publicly Accessible Information (RAPAI)," Dean's Entrepreneurial Initiatives, 2004, $25,000. <synopsis>

 

J. B. D. Joshi, P. Krishnamurthy, D. W. Tipper, M. B. Spring,  "Laboratory of Education and Research on Security Assured Information Systems (LERSAIS)," Dean's Entrepreneurial Initiatives, 2004, $12,000.

 

P. Krishnamurthy, D. W. Tipper, J. Kabara, "Survivable and Secure Wireless Information Architecture," Sponsor: National Institute of Standards (NIST) Critical Infrastructure Protection Grant 08/01 - 08/03, $432, 076. <synopsis>

 

D. Tipper and T. Dahlberg, "Design and Restoration Techniques for Fault Tolerant Wireless Access Networks," Sponsor: National Science Foundation ANIR Program 9/15/00 - 9/15/03, $300,000. Supplemented by "NSF Research Experience for Undergraduates," June 01, $12,000 for student support. <synopsis>

 

M. B. Spring, Taieb Znati, Dennis Galletta, et. al. ," E-Speak Services for E-Business, Hewlett Packard, 2000-2001. <synopsis>

 

P. Krishnamurthy, D. Tipper, J. Kabara, "ITR: Educating a Wireless Information Systems Workforce," research funded by the National Science Foundation. Link-To-Learn Information Technology Workforce Development grant, 2000, $391,204. <synopsis>

 

P. Krishnamurthy and J.F. Kabara, Security Architecture for Wireless Residential Networks, CRDF, 1999, $13,230. <synopsis>

 

D. Medhi and D. Tipper, "Self-Configuring Multi-Networks for Information Systems Survivability,? Sponsor: Defense Advanced Research Projects Agency, (DARPA) 7/1/97 - 6/30/00, $1,251,241. <synopsis>

 

D. Tipper and D. Medhi, "Network Design and Traffic Recovery Procedures for Survivable Wide Area Networks," Sponsor: National Science Foundation CCR Program 8/95 - 6/98, $274,097 for faculty and student support. Supplemented by "NSF Research Experience for Undergraduates," Fall 96, $5,000 for student support. <synopsis>

 

 A Curriculum in Security Assured Information Systems

 

The primary objective of this proposal is to develop and implement a Secruity Assured Information Systems (SAIS) track in the Information Science and Telecommunications degrees (BSIS, MSIS, MST, and PhD). This curriculum will provide a unique education in the development, design and deployment of secure information systems with an emphasis on networked information systems. The goal is to produce IT professionals with the knowledge to cope with the special security challenges posed by conventional and emerging network information systems, e.g., wireless local area networks and their applications and services. Government and industry partners will form an advisory board for the SAIS tracks.

 

 

Role Assured Publicly Accessible Information (RAPAI)

 

The School of Information Sciences has initiated a project to provide an accessible and public information system that has a high level of security based on role-based authentication. While the basic theory behind the idea is not new, the idea of making a plug and play system that could be implemented easily is worth exploring. The project has three goals:

The project builds on Weiser’s work on Ubiquitous computing at Xerox PARC. This work set out an agenda for ubiquitous computing based on a demonstration project at PARC that had communicating Tabs – employee badges, Pads – advanced laptops, and Boards large screen displays. Some web sites provide the electronic equivalent of a bulletin board or newsletter. These kinds of sites have a wide and amorphous set of contributors and users. The implementation of such a system normally faces three key problems: ease of submissions, authorization of submissions and timely presentation of the information. A very simple metric for the effectiveness of such a site in a specialized environment would be whether it obviates the need for paper equivalents. It won’t replace the traditional environment if the information is not available at a convenient time and place, if it is not easy to post information, or if the presentation is too constrained. It can also fail if management of the information is too difficult. At a basic level, one would imagine that a perfect system would dramatically reduce the need for posted paper.

The goal of this project will be to assess the information exchange needs in an organization and build a system that allows the information to be exchanged. The metric of success will be the reduction of paper equivalents. Could a flat panel display be placed where people spend time – in an elevator?, in a restroom stall?. Could access to posting events on given lists be opened up and computer mediated? Could the information be automatically “torn down” when the event is over? Could it be made easy for posters to make them “eye-catching”? Could agents gather data from outside streams and sources and repurpose it for inclusion. Thus, a screen might show current information relevant to information professionals – what happened in our field today in congress, in the labs, in business, etc. The answer is that all of these things are technically feasible, but they are frequently done in less than optimal fashion. We suggest that there are four initial targets of opportunity related to posted items: buy/sell postings, job/internship postings, event postings, and conference postings.

The short-term goal of this project is to capture, display, and manage important information streams for the SIS constituents and visitors. The project will look to extend the surface capability to underlying problems of information management in a distributed environment. That is, we will examine issues of authentication and access in a distributed environment to allow maximum access to all users, but with appropriate controls and audits. We will look at the issues of information management and coordination – e.g. collaborative filtering students who are interested in course schedules are also interested in book costs or archiving and provenance – the information should be kept on file for x months before it is disposed of, or it should be filed in this location for historical research purposes.

 

 

Survivable and Secure Wireless Information Architecture

 

Wireless networks are inherently vulnerable and their increased deployment makes security a big problem. In this project, we are investigating a security architecture for hybrid wireless networks that include both wide and local area components. The resource limitation of wireless devices makes energy efficiency important and another aspect of this project is evaluating the energy consumption of different security protocols and looking at the tradeoffs between energy and security.

 

 

 

Design and Restoration Techniques for Fault Tolerant Wireless Access Networks

 

The objective of this project is to develop a comprehensive treatment of survivability for wireless access networks. One thrust is survivable network design and analysis. This includes identifying metrics that are useful for quantifying mobile network performance during normal and abnormal operating modes and determining a methodology for estimating the metrics. Given appropriate metrics, wireless access network topology design and capacity allocation algorithms which incorporate survivability strategies are being developed. This includes the cell-site architecture and the topology of the network interconnecting the cells to the fixed infrastructure. A second thrust is development of traffic restoration algorithms which aim at making the best use of available network resources after a failure. This work concentrates on the design and analysis of priority based traffic restoration techniques to provide users service continuity while minimizing network congestion. A multi-layer approach involving a coordinated strategy among network layers is being developed.

 

 

 

E-Speak Services for E-Business
 

Students with technology skills and business acumen are in high demand and the need for these students will continue to increase over the years to come. The University of Pittsburgh will develop a secure environment, based on Hewlett-Packard's e"speak, where students can study and experiment with programming and network technology basics along with marketing and other business. The project will involve Katz Graduate School of Business(KGSB),Information Science and Telecommunications(IST), and Computer Science(CS).The project will impact courses available to 1400 full and part time graduate students (900KGSB, 400DIST, and 100CS) and 475 undergraduate students (225 CS and 250 IS).The project focuses on the development of secure frameworks based on e"speak which will allow students in courses to complete meaningful components of larger systems within the scope of a course or independent study. The courses selected include those within the departments that already address systems design. The success of the initiative will be measured in terms of the number of functioning modules developed by students. In addition, the project will endeavor to shape student contribution to research projects currently underway or planned for the departments.

 

 

ITR: Educating a Wireless Information Systems Workforce

 

The primary objective of this project is to develop and implement a wireless information systems degree track that provides a unique education in the development, design, and deployment of wireless information systems with an emphasis on emerging wireless data technology. The goal is to produce information technology (IT) professionals with the knowledge to address the special challenges (e.g. user mobility, adverse communications channels, limited battery life) posed by emerging wireless information systems. A secondary objective is to develop innovative instructional methods and tools using wireless devices in the classroom and laboratory that extend through K-16 education. The research and coursework associated with this educational track are needed to help meet the explosive demand for IT professionals from wireless service providers, wireless equipment manufacturers, applications developers using wireless systems, and wireless information systems users.
 

 

Security Architecture for Wireless Residential Networks

 

The installation rate of residential networks is expected to accelerate in the next few years with wireless networking being by far the technology of choice due to attractive features such as ease of use. A wide variety of traditional computing devices and embedded Internet appliances will be networked in homes. However, due to the broadcast nature of these networks and the heterogeneity of devices on these networks, new security problems will arise since the different types of devices have different security requirements and capabilities. The objective of this project is to explore security issues related to wireless residential networks, and develop architectural solutions based on a classification of security services, containment and algorithm agility that will be suitable for wireless residential networks.

 

 

Self-Configuring Multi-Networks for Information Systems Survivability

 

A major attack can significantly reduce the capability to deliver services in large-scale networked information systems. In this project, we plan to address the survivability of large scale heterogeneous information systems which consists various services provided over multiple interconnected networks with different technologies. The communications network portions of such systems are referred to as multi-networks. We specifically address the issue of survivability due to physical attacks that destroy links and nodes in multi-networks. The end goals is to support critical services in the face of a major attack by making optimum use of network resources while minimizing network congestion. This is an area which is little studied, especially for large scale heterogeneous systems.
 

 

Network Design and Traffic Recovery Procedures for Survivable Wide Area Networks

 

This research project in communication protocols focuses on the study of formal modeling of communication protocols which spans the areas of protocol specification, verification, testing and performance. Goals of the project are to provide a unification of the formulation techniques across all of these areas from specification to testing and to add the capability of studying performance within the same kind of formulation. Currently the approaches used to formally specify a protocol are different from those used to verify the logical correctness of a protocol. There is also a gap between the verification formulations and the conformance test generation formulations. The research studies in this project are aimed at closing these two gaps and thereby providing a more integrated approach to the design of communication protocols from specification to verification to testing. In addition, the studies aim to allow one to investigate the performance of the protocol at an early stage of the design, again using the same formulation techniques as in specification and verification.