July 28, 2014: Congratulations to CS faculty Jon Solworth, Chris Kanich, and Dan Bernstein on new $900K NSF Computer Security grant

Congratulations to UIC CS CS Associate Professor Jon Solworth, PI, and co-PIs CS Assistant Professor Chris Kanich and CS Research Professor Dan J. Bernstein on a new NSF grant in cybersecurity entitled: TWC: Medium: A layered approach to securing web services.

The grant is for $900,000 and runs from August 2014 until July 2017.


The modern web experience is dynamic, providing users with a highly responsive interface through which to interact with the world. Today's mechanisms allow servers---even those which are controlled by an attacker---to download arbitrary programs into a user's browser. It is extraordinarily difficult to secure the web browser (and its user) against attack in this scenario. While tools and techniques are useful to analyze and restrict downloaded code, they are by their very nature incomplete. As a result, the security of web services relies on a series of ad hoc, service-provided techniques. Thus even large organizations routinely outsource too-difficult-to-secure web services.

This project will explore an alternative: A modern, dynamic web experience with a focus on safety. Rather than attempting to make arbitrary code safe, it aims to design a safe interface which is far less complex than today's browser environment. This interface will be analyzed for its security properties. It will result in a more tractable environment in which to secure web applications than exists today. Many security properties will be built in; such properties are not dependent on the server side-efforts to secure them. Thus, when using this interface, visiting web sites will pose a smaller threat to users, even from sites which are under the control of an attacker.

Copyright 2016 The Board of Trustees
of the University of Illinois.webmaster@cs.uic.edu
Helping Women Faculty Advance
Funded by NSF