【活动预告】错综复杂的互联网——云服务和点对点通讯下的新兴Web安全和隐私问题

报告题目:错综复杂的互联网——云服务和点对点通讯下的新兴Web安全和隐私问题

The emerging security and privacy issues in the tangled web

演讲人:贾瑶琪,新加坡国立大学博士生

时间:2017年310号(周五)10:00 am -12:00 am

地点:清华大学信息技术大楼(FIT)3-225

内容摘要:

在当前的数字时代,万维网逐渐成为我们日常生活的重要组成部分。随着云服务和点对点技术的流行,以及它们与互联网的紧密结合,新的安全和隐私问题出现在错综复杂的互联网中。本报告首先介绍云服务如何影响浏览器中互联网与本地系统的隔离,从而导致攻击者可以在用户的系统中下载和安装程序。之后,分析浏览器的点对点通信导致的用户的隐私泄露,并提出基于洋葱路由和oblivious RAM的保护方案。

World Wide Web gradually becomes an essential part of our daily life in the digital age. With the advent of cloud services and peer-to-peer techniques and their close integration with the web, new security and privacy issues are emerging in the tangled web. In this talk, I first illustrate how cloud services affect the web/local boundary provided by browsers, and then present the privacy leakage in the P2P web overlays as well as the solutions using onion-routing and oblivious RAM.

演讲简介:

贾瑶琪是新加坡国立大学的博士生,师从梁振凯和Prateek Saxena教授。他的研究兴趣在浏览器/互联网安全和隐私保护。他的研究成果发表在CCS, USENIX Security, PETS, RAID, ESORICS等安全会议上,并获得W2SP和ICECCS Best Paper Award。他的研究工作帮助多家业界公司改进产品(如Google 和Apple),并被媒体报道(如DailyDot和Gizmodo)。

Yaoqi Jia is a fifth year Ph.D student in School of Computing at the National University of Singapore. He is advised by LIANG Zhenkai and Prateek Saxena. Before coming to NUS, He obtained his B.S. degree in Computer Science from HUST. His home page is at http://www.comp.nus.edu.sg/~jiayaoqi/.

His research interests span the areas of web security/privacy, network security and applied cryptography. Presently, He is exploring solutions to secure the web infrastructure from two perspectives — networking and system, e.g., addressing privacy issues in web overlays using distributed ORAM/onion routing and identifying new attacks/vulnerabilities in web browsers.His research work has been published in CCS, USENIX Security, PETS, RAID, ESORICS etc. He has received the Best Paper Award in W2SP (2014) and ICECCS (2014). His work got acknowledged by various vendors including Google and Apple (CVE-2014-7948 for Chrome and CVE-2015-5907 for Safari), as well as received attention from the media including Dailydot, Gizmodo and Techspot.

联系人: 段海新, duanhx@tsinghua.edu.cn   清华大学网络科学与网络空间研究院

Bookmark the permalink.

Comments are closed.