Person:
Lee,
Wenke
Lee,
Wenke
Permanent Link
Associated Organization(s)
Organizational Unit
ORCID
ArchiveSpace Name Record
Publication Search Results
Now showing
1 - 4 of 4
-
ItemCybersecurity Demo Day 2018 Introduction(Georgia Institute of Technology, 2018-04-12) Lee, WenkeVetted and coached to enter the marketplace, students presented ideas for commercialization before venture capitalists, industry leaders, and the public at the Institute for Information Security & Privacy's Cybersecurity Demo Day Finale. This year's prize pool included generous support from partners of the Institute for Information Security & Privacy, Create-X Startup LAUNCH, the National Science Foundation Innovation Corps (I-Corps) program at VentureLab, ATDC, and Speakeasy.
-
ItemMimesis Aegis: A Mimicry Privacy Shield(Georgia Institute of Technology, 2014-07) Lau, Billy ; Chung, Simon ; Song, Chengyu ; Jang, Yeongjin ; Lee, Wenke ; Boldyreva, AlexandraUsers are increasingly storing, accessing, and exchanging data through public cloud services such as those provided by Google, Facebook, Apple, and Microsoft. Although users may want to have faith in cloud providers to provide good security protection, the Snowden expos´e is the latest reminder of the reality we live in: the confidentiality of any data in public clouds can be violated, and consequently, while the providers may not be “doing evil”, we can not and should not trust them with data confidentiality. To better protect the privacy of user data stored on the cloud, in this paper we propose a privacy-preserving system called Mimesis Aegis (M-Aegis) that is suitable for mobile platforms. M-Aegis is a new approach to user data privacy that not only provides isolation but also preserves user experience, through the creation of a conceptual layer called Layer 7.5 (L-7.5), which is interposed between the application (Layer 7) and the user (Layer 8). This approach allows M-Aegis to implement a true endto- end encryption of user data with three goals in mind: 1) complete data and logic isolation from untrusted entities; 2) the preservation of original user experience with target apps; and 3) applicable to a large number of apps and resilient to updates.
-
ItemLeveraging Forensic Tools for Virtual Machine Introspection(Georgia Institute of Technology, 2011) Dolan-Gavitt, Brendan ; Payne, Bryan ; Lee, WenkeVirtual machine introspection (VMI) has formed the basis of a number of novel approaches to security in recent years. Although the isolation provided by a virtualized environment provides improved security, software that makes use of VMI must overcome the semantic gap, reconstructing high-level state information from low-level data sources such as physical memory. The digital forensics community has likewise grappled with semantic gap problems in the field of forensic memory analysis (FMA), which seeks to extract forensically relevant information from dumps of physical memory. In this paper, we will show that work done by the forensic community is directly applicable to the VMI problem, and that by providing an interface between the two worlds, the difficulty of developing new virtualization security solutions can be significantly reduced.
-
ItemI Own, I Provide, I Decide: Generalized User-Centric Access Control Framework for Web Applications(Georgia Institute of Technology, 2010) Singh, Kapil ; Erete, Ikpeme ; Lee, WenkeWith the rapid growth of Web 2.0 technologies, users are contributing more and more content on the Internet, in the form of user profiles, blogs, reviews, etc. With this increased sharing comes a pressing need for access control policies and mechanisms to protect the users’ privacy. Access control has remained largely centralized and under the control of the web applications hosted on their servers. Moreover, most web applications either provide no or very primitive and limited access control. We argue that the owner of any piece of data on the web should be able to decide how to control access to this data. This argument should hold not only for the web applications contributing data, but also for the contributing users. In other words, users should be able to choose their own access control models to control the sharing of their data independent of the underlying applications of their data. In this work, we present a novel framework, called xAccess, for providing generic access control that empowers users to control how they want their data to be accessed. Such a control could be in the form of user-defined access categories, or in the form of new access control models built on top of our framework. On one hand, xAccess enables individual users to use a single unified access control across multiple web applications; and on the other hand, it allows an application to support different access control models deployed by its users with a single model abstraction. We demonstrate the viability of our design by means of a platform prototype. The usability of the platform is further evaluated by developing sample applications using the xAccess APIs. Our results show that our model incurs minimum overhead in enforcing the generic access control and requires negligible changes to the application code for deployment.