NSF Pumps $20 Million into Cybersecurity Research Projects

The National Science Foundation (NSF) has granted Frontier awards totalling nearly $20 million to three multi-university research projects that seek to develop technical solutions to improve computer security.

The Frontier awards, which are funded through NSF's interdisciplinary Secure and Trustworthy Cyberspace (SaTC) program, are intended to support collaborative research and education projects to help secure technology infrastructure and protect information.

The three projects that were granted Frontier awards are:

The "Enabling trustworthy cybersystems for health and wellness" project will look for ways to secure sensitive health-related information in an environment of mobile devices and cloud-based services. The researchers aim to develop usable authentication and privacy tools, trustworthy control of medical devices, and effective methods to detect malware, compute trust metrics, and audit medical information systems and networks. They will also create courses and sponsor summer programs for undergraduate and K-12 students and develop an exchange program for postdoctoral fellows and research students.

"Our research is motivated by the rapid deployment of mobile and cloud information technologies in healthcare, both in clinical settings and at home," said David Kotz, the Champion International Professor of Computer Science at Dartmouth, in a prepared statement. "We aim to help these technologies reach their full potential by ensuring they can protect the integrity of medical data and the privacy of patient information."

The "Rethinking security in the era of cloud computing" project will work to advance computer security in cloud computing environments. Researchers will develop new and improved solutions for unified authentication and authorization and auditing across diverse services; effective monitoring and diagnosis for security management of services, networks, data centers, and users; and pervasive encryption to, from, and within the cloud.

"The vast majority of cloud-related research in the computer security research community casts the move to cloud computing as intensifying the threats to which data and services are vulnerable," said Mike Reiter, the Lawrence M. Slifkin Distinguished Professor of Computer Science at the University of North Carolina, in a prepared statement. "Instead, we see new opportunities for improving security of data and services by moving them to the cloud, and we plan on pursuing an aggressive research agenda to realize these opportunities."

The "Towards effective Web privacy notice and choice: a multi-disciplinary perspective" project will research how to improve the usability of privacy policies. Most people don't read the privacy policies of the Web sites they use, and people who do often struggle to understand them. Researchers will develop technologies to semi-automatically extract key privacy policy features from Web site privacy policies and present the information to users in a way that helps them make more informed decisions about the Web sites they use and work with companies to support the large-scale deployment of these technologies. Researchers will also identify trends and deficiencies in the wording and content of Web site privacy policies.

"If you read privacy notices, you quickly realize that they contain a lot of boilerplate text and that people seem to often be recycling entire sentences and even larger text fragments from one another," said Norman Sadeh, a computer science professor at Carnegie Mellon University, in a prepared statement. "This project will aim to exploit these types of patterns."

About the Author

Leila Meyer is a technology writer based in British Columbia. She can be reached at [email protected].

Featured

  • Training the Next Generation of Space Cybersecurity Experts

    CT asked Scott Shackelford, Indiana University professor of law and director of the Ostrom Workshop Program on Cybersecurity and Internet Governance, about the possible emergence of space cybersecurity as a separate field that would support changing practices and foster future space cybersecurity leaders.

  • modern college building with circuit and brain motifs

    Anthropic Launches Claude for Education

    Anthropic has announced a version of its Claude AI assistant tailored for higher education institutions. Claude for Education "gives academic institutions secure, reliable AI access for their entire community," the company said, to enable colleges and universities to develop and implement AI-enabled approaches across teaching, learning, and administration.

  • AI microchip, a cybersecurity shield with a lock, a dollar coin, and a laptop with financial graphs connected by dotted lines

    Survey: Generative AI Surpasses Cybersecurity in 2025 Tech Budgets

    Global IT leaders are placing bigger bets on generative artificial intelligence than cybersecurity in 2025, according to new research by Amazon Web Services (AWS).

  • university building surrounded by icons for AI, checklists, and data governance

    Improving AI Governance for Stronger University Compliance and Innovation

    AI can generate valuable insights for higher education institutions and it can be used to enhance the teaching process itself. The caveat is that this can only be achieved when universities adopt a strategic and proactive set of data and process management policies for their use of AI.