Project Report

My research in this project strayed a bit from the title, but it was nonetheless fruitful. Instead of investigating our anti-phishing solution as was originally intended, we looked into methods for improving wireless security since it was an area of active interest to my own lab as well as the network security group at Tsinghua University. The specific problem we investigated was how to resolve the fundamental tension between the security of wireless access protocols and their usability. Motivated by the popularity of online social networks in recent years, we developed a secure protocol which leveraged the relationships inherent in these networks to determine whether access should be granted to a user. We additionally created an authorization language which allows people to declare their the people they trust and the permissions they should be given using the links of their own social network. For example, this allows one to grant access not only to their friends, but to to the friends of their spouse. The major challenge we addressed in this work was ensuring that private information about the social relationships of a wireless network owner and a potential user were not leaked through the course of authentication and authorization. To solve this problem, we developed an EAP extension which leveraged secure tunnels to allow authentication and authorization to be done through the online social network without disclosing credentials until authorization was granted. We additionally demonstrated that the overhead and latency due to this protocol were acceptable We believe that our solution and the protocol we developed represent a meaningful step in the direction of more usable security for people. My adviser, Dr. Jun Li, and I presented a collaborative paper with my host mentor from Tsinghua University, Dr. Haixin Duan, at the HotSocial International Workshop in Beijing in August, 2012. I would like to thank the National Science Foundation, the Ministry of Science and Technology in China, and my friends at Tsinghua University for my great experience in this program.

Agency
National Science Foundation (NSF)
Institute
Office of International and Integrative Activities (IIA)
Application #
1108546
Program Officer
Carter Kimsey
Project Start
Project End
Budget Start
2011-06-01
Budget End
2012-05-31
Support Year
Fiscal Year
2011
Total Cost
$5,700
Indirect Cost
Name
Gustafson Jason T
Department
Type
DUNS #
City
Eugene
State
OR
Country
United States
Zip Code
97402