You searched for +publisher:"University of Texas – Austin" +contributor:("Shmatikov, Vitaly").
Showing records 1 – 14 of
14 total matches.
No search limiters apply to these results.
University of Texas – Austin
1.
Jana, Suman.
Security and privacy in perceptual computing.
Degree: PhD, Computer Sciences, 2014, University of Texas – Austin
URL: http://hdl.handle.net/2152/25990 
► Perceptual, "context-aware" applications that observe their environment and interact with users via cameras and other sensors are becoming ubiquitous on personal computers, mobile phones, gaming…
(more)
▼ Perceptual, "context-aware" applications that observe their environment and interact with users via cameras and other sensors are becoming ubiquitous on personal computers, mobile phones, gaming platforms, household robots, and augmented-reality devices. This dissertation's main thesis is that perceptual applications present several new classes of security and privacy risks to both their users and the bystanders. Existing perceptual platforms are often completely inadequate for mitigating these risks. For example, we show that the augmented reality browsers, a class of popular perceptual platforms, contain numerous inherent security and privacy flaws. The key insight of this dissertation is that perceptual platforms can provide stronger security and privacy guarantees by controlling the interfaces they expose to the applications. We explore three different approaches that perceptual platforms can use to minimize the risks of perceptual computing: (i) redesigning the perceptual platform interfaces to provide a fine-grained permission system that allows least-privileged application development; (ii) leveraging existing perceptual interfaces to enforce access control on perceptual data, apply algorithmic privacy transforms to reduce the amount of sensitive content sent to the applications, and enable the users to audit/control the amount of perceptual data that reaches each application; and (iii) monitoring the applications' usage of perceptual interfaces to find anomalous high-risk cases. To demonstrate the efficacy of our approaches, first, we build a prototype perceptual platform that supports fine-grained privileges by redesigning the perceptual interfaces. We show that such a platform not only allows creation of least-privileged perceptual applications but also can improve performance by minimizing the overheads of executing multiple concurrent applications. Next, we build DARKLY, a security and privacy-aware perceptual platform that leverages existing perceptual interfaces to deploy several different security and privacy protection mechanisms: access control, algorithmic privacy transforms, and user audit. We find that DARKLY can run most existing perceptual applications with minimal changes while still providing strong security and privacy protection. Finally, We introduce peer group analysis, a new technique that detects anomalous high-risk perceptual interface usages by creating peer groups with software providing similar functionality and comparing each application's perceptual interface usages against those of its peers. We demonstrate that such peer groups can be created by leveraging information already available in software markets like textual descriptions and categories of applications, list of related applications, etc. Such automated detection of high-risk applications is essential for creating a safer perceptual ecosystem as it helps the users in identifying and installing safer applications with any desired functionality and encourages the application developers to follow the principle of least…
Advisors/Committee Members: Shmatikov, Vitaly (advisor).
Subjects/Keywords: Perceptual computing; Security and privacy; Augmented reality; Least privilege; Privacy transforms; Computer vision
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Jana, S. (2014). Security and privacy in perceptual computing. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/25990
Chicago Manual of Style (16th Edition):
Jana, Suman. “Security and privacy in perceptual computing.” 2014. Doctoral Dissertation, University of Texas – Austin. Accessed January 26, 2021.
http://hdl.handle.net/2152/25990.
MLA Handbook (7th Edition):
Jana, Suman. “Security and privacy in perceptual computing.” 2014. Web. 26 Jan 2021.
Vancouver:
Jana S. Security and privacy in perceptual computing. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2014. [cited 2021 Jan 26].
Available from: http://hdl.handle.net/2152/25990.
Council of Science Editors:
Jana S. Security and privacy in perceptual computing. [Doctoral Dissertation]. University of Texas – Austin; 2014. Available from: http://hdl.handle.net/2152/25990
2.
Narayanan, Arvind, 1981-.
Data privacy : the non-interactive setting.
Degree: PhD, Computer Sciences, 2009, University of Texas – Austin
URL: http://hdl.handle.net/2152/18424
► The Internet has enabled the collection, aggregation and analysis of personal data on a massive scale. It has also enabled the sharing of collected data…
(more)
▼ The Internet has enabled the collection, aggregation and analysis of personal data on a massive scale. It has also enabled the sharing of collected data in various ways: wholesale outsourcing of data warehousing, partnering with advertisers for targeted advertising, data publishing for exploratory research, etc. This has led to complex privacy questions related to the leakage of sensitive user data and mass harvesting of information by unscrupulous parties. These questions have information-theoretic, sociological and legal aspects and are often poorly understood. There are two fundamental paradigms for how the data is released: in the interactive setting, the data collector holds the data while third parties interact with the data collector to compute some function on the database. In the non-interactive setting, the database is somehow \sanitized" and then published. In this thesis, we conduct a thorough theoretical and empirical investigation of privacy issues involved in non-interactive data release. Both settings have been well analyzed in the academic literature, but simplicity of the non-interactive paradigm has resulted in its being used almost exclusively in actual data releases. We analyze several common applications including electronic directories, collaborative ltering and recommender systems, and social networks. Our investigation has two main foci. First, we present frameworks for privacy and anonymity in these dierent settings within which one might dene exactly when a privacy breach has occurred. Second, we use these frameworks to experimentally analyze actual large datasets and quantify privacy issues. The picture that has emerged from this research is a bleak one for noninteractivity. While a surprising level of privacy control is possible in a limited number of applications, the general sense is that protecting privacy in the non-interactive setting is not as easy as intuitively assumed in the absence of rigorous privacy denitions. While some applications can be salvaged either by moving to an interactive setting or by other means, in others a rethinking of the tradeos between utility and privacy that are currently taken for granted appears to be necessary.
Advisors/Committee Members: Shmatikov, Vitaly (advisor).
Subjects/Keywords: Internet – Security measures; Data protection; Electronic data interchange; Computer security
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Narayanan, Arvind, 1. (2009). Data privacy : the non-interactive setting. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/18424
Chicago Manual of Style (16th Edition):
Narayanan, Arvind, 1981-. “Data privacy : the non-interactive setting.” 2009. Doctoral Dissertation, University of Texas – Austin. Accessed January 26, 2021.
http://hdl.handle.net/2152/18424.
MLA Handbook (7th Edition):
Narayanan, Arvind, 1981-. “Data privacy : the non-interactive setting.” 2009. Web. 26 Jan 2021.
Vancouver:
Narayanan, Arvind 1. Data privacy : the non-interactive setting. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2009. [cited 2021 Jan 26].
Available from: http://hdl.handle.net/2152/18424.
Council of Science Editors:
Narayanan, Arvind 1. Data privacy : the non-interactive setting. [Doctoral Dissertation]. University of Texas – Austin; 2009. Available from: http://hdl.handle.net/2152/18424
University of Texas – Austin
3.
-6848-2988.
Exploiting leakage in privacy-protecting systems.
Degree: PhD, Computer science, 2016, University of Texas – Austin
URL: http://hdl.handle.net/2152/45559
► Conventional systems store data unencrypted. This allows them to easily access and manipulate their data. However, by not protecting their data, these systems are at…
(more)
▼ Conventional systems store data unencrypted. This allows them to easily access and manipulate their data. However, by not protecting their data, these systems are at a greater risk if they are compromised by a malicious hacker. More advanced systems add encryption to their data, but this causes other issues. Normal encryption often ruins the ability to run computations on data, negating many of the reasons to store the data in the first place. More recently, some systems have attempted to strike a compromise between security and functionality by using encryption that partially protects their data while still allowing certain operations to be performed. Examples of these systems include general purpose frameworks like Mylar for Web applications, as well as domain- and application-specific systems like P3 for photo storage. This dissertation examines the privacy concerns that arise when using these systems with realistic datasets and real-world usage scenarios. The first system we explore is Mylar, an extension to the popular Meteor framework. Meteor is a JavaScript-based framework for concurrently developing the client and server parts of Web apps. Mylar allows users to share and search over data while protecting against a compromised or malicious server. We expand Mylar's vague definitions of passive and active adversaries into three threat models and show that Mylar is insecure against all three models. Mylar's metadata leaks sensitive information to an adversary with one-time access to Mylar's encrypted database. Mylar provides no protection against adversaries which can monitor user access patterns, allowing them to watch for data dependent behavior corresponding to sensitive information. Finally, Mylar fails to protect against active attackers who, by nature of the system, have been given the ability to modify the database and run search over the encrypted data. We next look at set of systems designed to protect sensitive images by selectively obfuscating them. We examine a system called P3 which splits an image into two images: a secret image that contains most of the identifying information and a public image that can be distributed with less risk of leaking information. We also investigate mosaicing (often called pixelation) and blurring, two commonly used image obfuscation techniques. Examining the obfuscated images, it's obvious that all three of these systems leak information. However, it's not clear how to exploit this leakage or if doing so is even possible. The authors of P3 specifically examined P3 using a number of techniques that mimic human image recognition. We bypass the need for human recognition by making use of modern machine learning techniques. Using neural networks, we are able to classify the obfuscated image content automatically without needing human assistance or having to define image features. Finally, we conclude by proposing a number of guidelines for creating modern privacy-preserving systems. We look at problems that arise when creating a scheme on paper as well as issues that…
Advisors/Committee Members: Gouda, Mohamed G., 1947- (advisor), Shmatikov, Vitaly (advisor), Alvisi, Lorenzo (committee member), Witchel, Emmett (committee member).
Subjects/Keywords: Security; Privacy
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
-6848-2988. (2016). Exploiting leakage in privacy-protecting systems. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/45559
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Chicago Manual of Style (16th Edition):
-6848-2988. “Exploiting leakage in privacy-protecting systems.” 2016. Doctoral Dissertation, University of Texas – Austin. Accessed January 26, 2021.
http://hdl.handle.net/2152/45559.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
MLA Handbook (7th Edition):
-6848-2988. “Exploiting leakage in privacy-protecting systems.” 2016. Web. 26 Jan 2021.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Vancouver:
-6848-2988. Exploiting leakage in privacy-protecting systems. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2016. [cited 2021 Jan 26].
Available from: http://hdl.handle.net/2152/45559.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Council of Science Editors:
-6848-2988. Exploiting leakage in privacy-protecting systems. [Doctoral Dissertation]. University of Texas – Austin; 2016. Available from: http://hdl.handle.net/2152/45559
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
University of Texas – Austin
4.
-7819-4835.
Automatic static analysis of software performance.
Degree: PhD, Computer science, 2016, University of Texas – Austin
URL: http://hdl.handle.net/2152/40279
► Performance is a critical component of software quality. Software performance can have drastic repercussions on an application, frustrating its users, breaking the functionality of its…
(more)
▼ Performance is a critical component of software quality. Software performance can have drastic repercussions on an application, frustrating its users, breaking the functionality of its components, or even rendering it defenseless against hackers. Unfortunately, unlike in the program verification domain, robust analysis techniques for software performance are almost non-existent. In this thesis we formalize important classes of performance-related bugs and security vulnerabilities, and implement novel static analysis techniques for automatically detecting them in widely used open-source applications. Our tools are able to uncover 92 performance bugs and 47 security vulnerabilities, while analyzing hundreds of thousands of lines of code and reporting a modest amount of false positives. Our work opens a new avenue for research: the development of rigorous automatic analyses for effective software performance understanding, inspired by traditional research in functional verification.
Advisors/Committee Members: Lin, Yun Calvin (advisor), Dillig, Isil (advisor), Dillig, Thomas (committee member), Lahiri, Shuvendu (committee member), Shmatikov, Vitaly (committee member).
Subjects/Keywords: Static analysis; Security; Performance; Program analysis; Denial-of-service; Privacy
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
-7819-4835. (2016). Automatic static analysis of software performance. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/40279
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Chicago Manual of Style (16th Edition):
-7819-4835. “Automatic static analysis of software performance.” 2016. Doctoral Dissertation, University of Texas – Austin. Accessed January 26, 2021.
http://hdl.handle.net/2152/40279.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
MLA Handbook (7th Edition):
-7819-4835. “Automatic static analysis of software performance.” 2016. Web. 26 Jan 2021.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Vancouver:
-7819-4835. Automatic static analysis of software performance. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2016. [cited 2021 Jan 26].
Available from: http://hdl.handle.net/2152/40279.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Council of Science Editors:
-7819-4835. Automatic static analysis of software performance. [Doctoral Dissertation]. University of Texas – Austin; 2016. Available from: http://hdl.handle.net/2152/40279
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
University of Texas – Austin
5.
-2587-3671.
On the (in)security of service APIs.
Degree: PhD, Computer science, 2015, University of Texas – Austin
URL: http://hdl.handle.net/2152/32586
► Today's systems abstract the implementation details of common services such as secure client-server communication, access to native device resources (e.g. camera), access to cloud-stored files…
(more)
▼ Today's systems abstract the implementation details of common services such as secure client-server communication, access to native device resources (e.g. camera), access to cloud-stored files and folders, etc. by exposing a set of application programming interfaces (service APIs) to applications and software packages.
In this dissertation, we analyze service APIs exposed by modern systems across all layers of the software stack and demonstrate that they are too complex for developers to understand and use correctly. Instead of providing high-level abstractions such as authorization and authentication, they provide low-level details such as callbacks, options and flags. As a result, service APIs used in security-critical software often end up being misconfigured and exposing sensitive users' data to botnet, Web and network attackers.
To demonstrate the pervasiveness of the problem, we perform the first systematic analysis of insecure usage of service APIs in modern software developed and maintained by both individual developers and large software companies.
First, we analyze the perils and pitfalls of low-level service APIs for establishing secure network channels. SSL/TLS (Secure Sockets Layer/Transport Layer Security) is currently the de facto standard for secure Internet communication; its security against active network attackers depends on properly validating server certificates at connection establishment. Unfortunately, our analysis shows that SSL/TLS APIs are often poorly understood and used. As a consequence, server certificate validation is completely broken in many security-critical applications and libraries, and thus exposes users' data to network attackers.
Second, we study the software stack employed by modern hybrid applications. Hybrid apps combine the features of Web apps and "native" apps. Like Web apps, they are implemented in platform-independent languages such as HTML5 and JavaScript. Like native apps, they have direct access to local device resources such as file system and camera. We demonstrate that the frameworks on top of which hybrid apps are developed do not properly compose the access-control policies governing the Web half and the local half of the app. The Web half runs in a browser instance, created by the framework at application initialization time, and is confined by the browser's same origin policy. The local half is governed by the access-control policy of the operating system. Unfortunately, improper composition of the two types of access-control policies at the framework layer effectively subjects the applications to "fracking" attacks—foreign-origin Web content (e.g., ads) included into hybrid apps can drill through the layers of the software stack and steal user's contacts list, text messages, photos, etc.
Third, we analyze service APIs exposed by today's Web-based application platforms. This new class of platforms provide browser-like runtime environments to support Web-based applications. Such apps run outside the traditional Web browser and enjoy direct access to…
Advisors/Committee Members: Shmatikov, Vitaly (advisor), Waters, Brent (committee member), Witchel, Emmett (committee member), Qiu, Lili (committee member), Wang, XiaoFeng (committee member).
Subjects/Keywords: Web security; Mobile security; Network protocol security; Security vulnerabilities
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
-2587-3671. (2015). On the (in)security of service APIs. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/32586
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Chicago Manual of Style (16th Edition):
-2587-3671. “On the (in)security of service APIs.” 2015. Doctoral Dissertation, University of Texas – Austin. Accessed January 26, 2021.
http://hdl.handle.net/2152/32586.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
MLA Handbook (7th Edition):
-2587-3671. “On the (in)security of service APIs.” 2015. Web. 26 Jan 2021.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Vancouver:
-2587-3671. On the (in)security of service APIs. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2015. [cited 2021 Jan 26].
Available from: http://hdl.handle.net/2152/32586.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Council of Science Editors:
-2587-3671. On the (in)security of service APIs. [Doctoral Dissertation]. University of Texas – Austin; 2015. Available from: http://hdl.handle.net/2152/32586
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
6.
-5937-3237.
A new approach to detecting failures in distributed systems.
Degree: PhD, Computer science, 2015, University of Texas – Austin
URL: http://hdl.handle.net/2152/31376
► Fault-tolerant distributed systems often handle failures in two steps: first, detect the failure and, second, take some recovery action. A common approach to detecting failures…
(more)
▼ Fault-tolerant distributed systems often handle failures in two steps: first, detect the failure and, second, take some recovery action. A common approach to detecting failures is end-to-end timeouts, but using timeouts brings problems. First, timeouts are inaccurate: just because a process is unresponsive does not mean that process has failed. Second, choosing a timeout is hard: short timeouts can exacerbate the problem of inaccuracy, and long timeouts can make the system wait unnecessarily. In fact, a good timeout value—one that balances the choice between accuracy and speed—may not even exist, owing to the variance in a system’s end-to-end delays. ƃis dissertation posits a new approach to detecting failures in distributed systems: use information about failures that is local to each component, e.g., the contents of an OS’s process table. We call such information inside information, and use it as the basis in the design and implementation of three failure reporting services for data center applications, which we call Falcon, Albatross, and Pigeon. Falcon deploys a network of software modules to gather inside information in the system, and it guarantees that it never reports a working process as crashed by sometimes terminating unresponsive components. ƃis choice helps applications by making reports of failure reliable, meaning that applications can treat them as ground truth. Unfortunately, Falcon cannot handle network failures because guaranteeing that a process has crashed requires network communication; we address this problem in Albatross and Pigeon. Instead of killing, Albatross blocks suspected processes from using the network, allowing applications to make progress during network partitions. Pigeon renounces interference altogether, and reports inside information to applications directly and with more detail to help applications make better recovery decisions. By using these services, applications can improve their recovery from failures both quantitatively and qualitatively. Quantitatively, these services reduce detection time by one to two orders of magnitude over the end-to-end timeouts commonly used by data center applications, thereby reducing the unavailability caused by failures. Qualitatively, these services provide more specific information about failures, which can reduce the logic required for recovery and can help applications better decide when recovery is not necessary.
Advisors/Committee Members: Alvisi, Lorenzo (advisor), Aguilera, Marcos K (committee member), Shmatikov, Vitaly (committee member), Walfish, Michael (committee member), Witchel, Emmett (committee member).
Subjects/Keywords: Computer science; Fault tolerance; Distributed systems; Failure detection
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
-5937-3237. (2015). A new approach to detecting failures in distributed systems. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/31376
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Chicago Manual of Style (16th Edition):
-5937-3237. “A new approach to detecting failures in distributed systems.” 2015. Doctoral Dissertation, University of Texas – Austin. Accessed January 26, 2021.
http://hdl.handle.net/2152/31376.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
MLA Handbook (7th Edition):
-5937-3237. “A new approach to detecting failures in distributed systems.” 2015. Web. 26 Jan 2021.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Vancouver:
-5937-3237. A new approach to detecting failures in distributed systems. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2015. [cited 2021 Jan 26].
Available from: http://hdl.handle.net/2152/31376.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Council of Science Editors:
-5937-3237. A new approach to detecting failures in distributed systems. [Doctoral Dissertation]. University of Texas – Austin; 2015. Available from: http://hdl.handle.net/2152/31376
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
7.
Goel, Deepak.
A CleanRoom approach to bring your own apps.
Degree: MSin Computer Sciences, Computer Science, 2013, University of Texas – Austin
URL: http://hdl.handle.net/2152/40995
► Today, on mobile devices such as smartphones and tablets, hundreds of thousands of software apps provide useful services to users. Users use these apps to…
(more)
▼ Today, on mobile devices such as smartphones and tablets, hundreds of thousands of software apps provide useful services to users. Users use these apps to search and browse the web, perform financial transactions, emailing, among other functions. Besides, these apps use cloud services which gives the users the flexibility to access them from anywhere and from any device. Because of the rich functionality of these apps and ease of use of mobile devices, users (employees) often want to use their devices and preferred apps at their workplace. However, these apps not only pose risk to user's private data but also to enterprise data, when users use them within an enterprise network. For one thing, these apps come from hundreds and thousands of different app publishers, where all of them may not be trustworthy. Second, apps often need user's private data such as location, contact list, photos among others and use remote cloud to carry out their operations. In the process apps may leak a user's private or enterprise confidential data to a third party. Current practices to prevent such leaks through user enabled app permissions fall short because often user does not understand these permissions. Besides, even if a company's "Bring Your Own Device" (BYOD) policies mitigate the risk of device compromise with enterprise-approved password policies, remote wipe capabilities, and OS security upgrade policies, the apps on those devices pose their own risks. This thesis presents CleanRoom, a new app platform that prevents apps from leaking the data entrusted to them. It does not rely on users to make good decisions about Privacy, and enables enterprises to allow its employees to use their own devices and bring their preferred apps to work.
Advisors/Committee Members: Dahlin, Michael (advisor), Shmatikov, Vitaly (committee member).
Subjects/Keywords: BYOA; BYOD; Differential privacy; Information flow control; Privacy preserving app; Android; App security
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Goel, D. (2013). A CleanRoom approach to bring your own apps. (Masters Thesis). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/40995
Chicago Manual of Style (16th Edition):
Goel, Deepak. “A CleanRoom approach to bring your own apps.” 2013. Masters Thesis, University of Texas – Austin. Accessed January 26, 2021.
http://hdl.handle.net/2152/40995.
MLA Handbook (7th Edition):
Goel, Deepak. “A CleanRoom approach to bring your own apps.” 2013. Web. 26 Jan 2021.
Vancouver:
Goel D. A CleanRoom approach to bring your own apps. [Internet] [Masters thesis]. University of Texas – Austin; 2013. [cited 2021 Jan 26].
Available from: http://hdl.handle.net/2152/40995.
Council of Science Editors:
Goel D. A CleanRoom approach to bring your own apps. [Masters Thesis]. University of Texas – Austin; 2013. Available from: http://hdl.handle.net/2152/40995
8.
Son, Sooel.
Toward better server-side Web security.
Degree: PhD, Computer Science, 2014, University of Texas – Austin
URL: http://hdl.handle.net/2152/24821
► Server-side Web applications are constantly exposed to new threats as new technologies emerge. For instance, forced browsing attacks exploit incomplete access-control enforcement to perform security-sensitive…
(more)
▼ Server-side Web applications are constantly exposed to new threats as new technologies emerge. For instance, forced browsing attacks exploit incomplete access-control enforcement to perform security-sensitive operations (such as database writes without proper permission) by invoking unintended program entry points. SQL command injection attacks (SQLCIA) have evolved into NoSQL command injection attacks targeting the increasingly popular NoSQL databases. They may expose internal data, bypass authentication or violate security and privacy properties. Preventing such Web attacks demands defensive programming techniques that require repetitive and error-prone manual coding and auditing. This dissertation presents three methods for improving the security of server-side Web applications against forced browsing and SQL/NoSQL command injection attacks. The first method finds incomplete access-control enforcement. It statically identifies access-control logic that mediates security-sensitive operations and finds missing access-control checks without an a priori specification of an access-control policy. Second, we design, implement and evaluate a static analysis and program transformation tool that finds access-control errors of omission and produces candidate repairs. Our third method dynamically identifies SQL/NoSQL command injection attacks. It computes shadow values for tracking user-injected values and then parses a shadow value along with the original database query in tandem with its shadow value to identify whether user-injected parts serve as code. Remediating Web vulnerabilities and blocking Web attacks are essential for improving Web application security. Automated security tools help developers remediate Web vulnerabilities and block Web attacks while minimizing error-prone human factors. This dissertation describes automated tools implementing the proposed ideas and explores their applications to real-world server-side Web applications. Automated security tools are effective for identifying server-side Web application security holes and a promising direction toward better server-side Web security.
Advisors/Committee Members: Shmatikov, Vitaly (advisor), McKinley, Kathryn S. (advisor).
Subjects/Keywords: Security; Web; PHP; Static analysis; Dynamic analysis; Forced-browsing; SQL/NoSQL injection
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Son, S. (2014). Toward better server-side Web security. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/24821
Chicago Manual of Style (16th Edition):
Son, Sooel. “Toward better server-side Web security.” 2014. Doctoral Dissertation, University of Texas – Austin. Accessed January 26, 2021.
http://hdl.handle.net/2152/24821.
MLA Handbook (7th Edition):
Son, Sooel. “Toward better server-side Web security.” 2014. Web. 26 Jan 2021.
Vancouver:
Son S. Toward better server-side Web security. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2014. [cited 2021 Jan 26].
Available from: http://hdl.handle.net/2152/24821.
Council of Science Editors:
Son S. Toward better server-side Web security. [Doctoral Dissertation]. University of Texas – Austin; 2014. Available from: http://hdl.handle.net/2152/24821
University of Texas – Austin
9.
Brickell, Justin Lee.
Privacy-preserving computation for data mining.
Degree: PhD, Computer Sciences, 2009, University of Texas – Austin
URL: http://hdl.handle.net/2152/7538
► As data mining matures as a field and develops more powerful algorithms for discovering and exploiting patterns in data, the amount of data about individuals…
(more)
▼ As data mining matures as a field and develops more powerful algorithms for
discovering and exploiting patterns in data, the amount of data about individuals
that is collected and stored continues to rapidly increase. This increase
in data heightens concerns that data mining violates individual privacy. The
goal of data mining is to derive aggregate conclusions, which should not reveal
sensitive information. However, the data-mining algorithms run on databases
containing information about individuals which may be sensitive. The goal
of privacy-preserving data mining is to provide high-quality aggregate conclusions
while protecting the privacy of the constituent individuals.
The field of "privacy-preserving data mining" encompasses a wide variety
of different techniques and approaches, and considers many different threat
and trust models. Some techniques use perturbation, where noise is added (either
directly to the database that is the input to the algorithm or to the output
of queries) to obscure values of sensitive attributes; some use generalization, where identifying attributes are given less specific values; and some use cryp-
tography, where joint computations between multiple parties are performed
on encrypted data to hide inputs. Because these approaches are applied to
different scenarios with different threat models, their overall e ectiveness and
privacy properties are incomparable.
In this thesis I take a pragmatic approach to privacy-preserving data
mining and attempt to determine which techniques are suitable to real-world
problems that a data miner might wish to solve, such as evaluating and learning
decision-tree classifiers. I show that popular techniques for sanitizing
databases prior to publication either fail to provide any meaningful privacy
guarantees, or else degrade the data to the point of having only negligible
data-mining utility.
Cryptographic techniques for secure multi-party computation are a natural
alternative to sanitized data publication, and guarantee the privacy of
inputs by performing computations on encrypted data. Because of its heavy
reliance on public-key cryptography, it is conventionally thought to be too
slow to apply to real-world problems. I show that tailor-made protocols for
specific data-mining problems can be made fast enough to run on real-world
problems, and I strengthen this claim with empirical runtime analysis using
prototype implementations. I also expand the use of secure computation beyond
its traditional scope of applying a known algorithm to private inputs by
showing how it can be used to e ciently apply a private algorithm, chosen
from a specific class of algorithms, to a private input.
Advisors/Committee Members: Shmatikov, Vitaly (advisor).
Subjects/Keywords: Data mining; Privacy preservation; Sanitized data; Cryptographic techniques
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Brickell, J. L. (2009). Privacy-preserving computation for data mining. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/7538
Chicago Manual of Style (16th Edition):
Brickell, Justin Lee. “Privacy-preserving computation for data mining.” 2009. Doctoral Dissertation, University of Texas – Austin. Accessed January 26, 2021.
http://hdl.handle.net/2152/7538.
MLA Handbook (7th Edition):
Brickell, Justin Lee. “Privacy-preserving computation for data mining.” 2009. Web. 26 Jan 2021.
Vancouver:
Brickell JL. Privacy-preserving computation for data mining. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2009. [cited 2021 Jan 26].
Available from: http://hdl.handle.net/2152/7538.
Council of Science Editors:
Brickell JL. Privacy-preserving computation for data mining. [Doctoral Dissertation]. University of Texas – Austin; 2009. Available from: http://hdl.handle.net/2152/7538
10.
Porter, Donald E.
Operating system transactions.
Degree: PhD, Computer Sciences, 2010, University of Texas – Austin
URL: http://hdl.handle.net/2152/ETD-UT-2010-12-2488
► Applications must be able to synchronize accesses to operating system (OS) resources in order to ensure correctness in the face of concurrency and system failures.…
(more)
▼ Applications must be able to synchronize accesses to operating system (OS)
resources in order to ensure correctness in the face of concurrency
and system failures. This thesis proposes system transactions,
with which the programmer
specifies atomic updates to heterogeneous system resources and the OS
guarantees atomicity, consistency, isolation, and durability (ACID).
This thesis provides a model for system transactions as a concurrency control mechanism.
System transactions efficiently and cleanly solve long-standing
concurrency problems that are difficult to address with other
techniques.
For example, malicious users can exploit
race conditions between distinct system calls in privileged applications,
gaining administrative access to a system.
Programmers can eliminate these vulnerabilities by eliminating these
race conditions with system transactions.
Similarly, failed software installations can leave a system unusable.
System transactions can roll back an unsuccessful software installation
without disturbing concurrent, independent updates to the file system.
This thesis describes the design and implementation of TxOS,
a variant of Linux 2.6.22 that implements
system transactions. The thesis contributes new implementation
techniques that yield fast, serializable transactions
with strong isolation and fairness between system transactions and
non-transactional activity.
Using system transactions,
programmers can build
applications with better performance or stronger correctness guarantees
from simpler code. For instance, wrapping an installation of
OpenSSH in a system transaction guarantees that a failed installation
will be rolled back completely. These atomicity properties are
provided by the OS, requiring no modification to the installer itself
and adding only 10% performance overhead. The prototype implementation of system transactions also
minimizes non-transactional overheads. For instance, a non-transactional
compilation of Linux incurs negligible (less than 2%) overhead on TxOS.
Finally, this thesis describes a new lock-free linked list algorithm,
called OLF, for optimistic, lock-free lists.
OLF addresses key limitations of prior algorithms, which
sacrifice functionality for performance.
Prior lock-free list algorithms can
safely insert or delete
a single item, but cannot atomically compose multiple operations
(e.g., atomically move an item between two lists).
OLF provides
both arbitrary composition of list operations as well as performance scalability
close to previous lock-free list designs.
OLF also removes previous requirements for dynamic memory allocation and garbage collection
of list nodes, making it suitable for low-level system software, such as the Linux kernel.
We replace lists
in the Linux kernel's directory cache with OLF lists, which
currently requires a coarse-grained
lock to ensure invariants across multiple lists.
OLF lists in the Linux kernel improve performance of a filesystem metadata microbenchmark
…
Advisors/Committee Members: Witchel, Emmett (advisor), Alvisi, Lorenzo (committee member), McKinley, Kathryn S. (committee member), Shmatikov, Vitaly (committee member), Swift, Michael (committee member).
Subjects/Keywords: Transactions; Operating systems; Concurrency; TxOS; Race conditions; Transactional memory; Lock-free data structures; System transactions; Linked list algorithms; Lock-free algorithm; Lock-free lists
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Porter, D. E. (2010). Operating system transactions. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/ETD-UT-2010-12-2488
Chicago Manual of Style (16th Edition):
Porter, Donald E. “Operating system transactions.” 2010. Doctoral Dissertation, University of Texas – Austin. Accessed January 26, 2021.
http://hdl.handle.net/2152/ETD-UT-2010-12-2488.
MLA Handbook (7th Edition):
Porter, Donald E. “Operating system transactions.” 2010. Web. 26 Jan 2021.
Vancouver:
Porter DE. Operating system transactions. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2010. [cited 2021 Jan 26].
Available from: http://hdl.handle.net/2152/ETD-UT-2010-12-2488.
Council of Science Editors:
Porter DE. Operating system transactions. [Doctoral Dissertation]. University of Texas – Austin; 2010. Available from: http://hdl.handle.net/2152/ETD-UT-2010-12-2488
11.
-5508-4043.
Platform-level protection for interacting mobile apps.
Degree: PhD, Computer science, 2016, University of Texas – Austin
URL: http://hdl.handle.net/2152/43721
► In a modern mobile platform, apps are mutually distrustful, but they share the same device and frequently interact with each other. This dissertation shows how…
(more)
▼ In a modern mobile platform, apps are mutually distrustful, but they share the same device and frequently interact with each other. This dissertation shows how existing platforms, like Android and iOS, often fail to support important data protection scenarios, and describes two systems to improve platform-level security.
First, many data leaks in existing platforms are due to the lack of information flow control for inter-app data exchanges. For example, a document viewer that opens an attachment from an email client often further discloses the attachment to other apps or to the network. To prevent such leaks, we need strict information flow confinement, but a challenge to enforce such confinement in existing platforms is the potential disruptions to confined apps. We present Maxoid, a system that uses context-aware custom views of apps' storage state to make information flow enforcement backward compatible.
Second, apps' abstraction of data has diverged from platforms' abstraction of data. Modern mobile apps heavily rely on structured data, and relational databases have become the hub for apps' internal data management. However, in existing platforms, protection mechanisms are coarse-grained and have no visibility to the structures of apps' data. In these platforms, access control is a mixture of coarse-grained mechanisms and many ad hoc user-level checks, making data protection unprincipled and error-prone. We present Earp, a new mobile platform that combines simple object-level permissions and capability relationships among objects to naturally protect structured data for mobile apps. It achieves a uniform abstraction for storing, sharing and efficiently protecting structured data, for both storage and inter-app services.
Advisors/Committee Members: Witchel, Emmett (advisor), Alvisi, Lorenzo (committee member), Geambasu, Roxana (committee member), Pingali, Keshav (committee member), Shmatikov, Vitaly (committee member).
Subjects/Keywords: Operating systems; Mobile platforms; Security; Confinement
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
-5508-4043. (2016). Platform-level protection for interacting mobile apps. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/43721
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Chicago Manual of Style (16th Edition):
-5508-4043. “Platform-level protection for interacting mobile apps.” 2016. Doctoral Dissertation, University of Texas – Austin. Accessed January 26, 2021.
http://hdl.handle.net/2152/43721.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
MLA Handbook (7th Edition):
-5508-4043. “Platform-level protection for interacting mobile apps.” 2016. Web. 26 Jan 2021.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Vancouver:
-5508-4043. Platform-level protection for interacting mobile apps. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2016. [cited 2021 Jan 26].
Available from: http://hdl.handle.net/2152/43721.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Council of Science Editors:
-5508-4043. Platform-level protection for interacting mobile apps. [Doctoral Dissertation]. University of Texas – Austin; 2016. Available from: http://hdl.handle.net/2152/43721
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
12.
Lewko, Allison Bishop.
Functional encryption : new proof techniques and advancing capabilities.
Degree: PhD, Computer Sciences, 2012, University of Texas – Austin
URL: http://hdl.handle.net/2152/ETD-UT-2012-05-5374
► We develop the dual system encryption methodology to provide fully secure functional encryption systems. We introduce new proof techniques and explore their applications, resulting in…
(more)
▼ We develop the dual system encryption methodology to provide fully secure functional encryption systems. We introduce new proof techniques and explore their applications, resulting in systems that advance the state of the art in terms of functionality, security, and efficiency. Our approach constructs versatile tools for adapting the dual system encryption methodology to new functionalities and efficiency goals. As particular demonstrations of our techniques, we obtain fully secure ciphertext-policy attribute-based encryption systems in the single authority and decentralized settings. Our work has provided the first fully secure attribute-based encryption schemes as well as the first decentralized schemes achieving desired levels of flexibility.
Advisors/Committee Members: Waters, Brent R., 1978- (advisor), Zuckerman, David (committee member), Klivans, Adam (committee member), Sahai, Amit (committee member), Shmatikov, Vitaly (committee member), Boneh, Dan (committee member).
Subjects/Keywords: Cryptography; Functional encryption
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Lewko, A. B. (2012). Functional encryption : new proof techniques and advancing capabilities. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/ETD-UT-2012-05-5374
Chicago Manual of Style (16th Edition):
Lewko, Allison Bishop. “Functional encryption : new proof techniques and advancing capabilities.” 2012. Doctoral Dissertation, University of Texas – Austin. Accessed January 26, 2021.
http://hdl.handle.net/2152/ETD-UT-2012-05-5374.
MLA Handbook (7th Edition):
Lewko, Allison Bishop. “Functional encryption : new proof techniques and advancing capabilities.” 2012. Web. 26 Jan 2021.
Vancouver:
Lewko AB. Functional encryption : new proof techniques and advancing capabilities. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2012. [cited 2021 Jan 26].
Available from: http://hdl.handle.net/2152/ETD-UT-2012-05-5374.
Council of Science Editors:
Lewko AB. Functional encryption : new proof techniques and advancing capabilities. [Doctoral Dissertation]. University of Texas – Austin; 2012. Available from: http://hdl.handle.net/2152/ETD-UT-2012-05-5374
University of Texas – Austin
13.
Srivastava, Varun.
Static analysis for finding security inconsistencies between similar implementations.
Degree: MA, Computer Sciences, 2010, University of Texas – Austin
URL: http://hdl.handle.net/2152/38234
► The proliferation of distributed, multilayer software services is encouraging a separation of Application Programming Interfaces (APIs) and their implementation, and thus multiple implementations of the…
(more)
▼ The proliferation of distributed, multilayer software services is encouraging a separation of Application Programming Interfaces (APIs) and their implementation, and thus multiple implementations of the same API. Increasing number of platforms are following the Software As A Service (SAAS) model [2,18,20,31], which encourages multiple implementations of the same functionality. To work securely and seamlessly on top of these platforms, software applications rely on consistent implementations of APIs. Vulnerabilities, or interoperability bugs due to differences in security semantics in these APIs, can be exploited to break the security of applications using them. Previous techniques for finding security vulnerabilities and verifying security properties, require manually provided security specifications, which limits their scope [9,11,19]. Techniques which automatically extract security policies tend to have a large number of false positives [41].
This work proposes a novel method for automatically extracting security policies and then differencing them to exploit multiple implementations of the same functionality to find errors. We perform context-sensitive, interprocedural forward dataflow analysis to extract the security policies from each implementation and difference them. Determining which security policy is correct is difficult. Instead, we exploit the fact that multiple implementations of the same API should have consistent security semantics, i.e., we do not determine which one is correct, but which one(s) are different.
We compare the Sun, Harmony and Classpath Java Virtual Machine libraries using our approach and produce very encouraging results. Our approach finds 15 unique cases of security-relevant semantic differences (manifested in 46 APIs) between Sun and Harmony, and 18 cases of security-relevant semantic differences (manifested in 303 APIs) between Sun and Classpath. All these semantic differences are either exploitable vulnerabilities, or bugs resulting in interoperability issues. The approach is effective for accurately finding security vulnerabilities. It takes advantage of the fact that multiple implementations of APIs should have the same security semantics.
Advisors/Committee Members: Shmatikov, Vitaly (advisor), McKinley, Kathryn S. (advisor), Bond, Michael D (committee member).
Subjects/Keywords: Security semantics; Static analysis; Software differences
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Srivastava, V. (2010). Static analysis for finding security inconsistencies between similar implementations. (Masters Thesis). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/38234
Chicago Manual of Style (16th Edition):
Srivastava, Varun. “Static analysis for finding security inconsistencies between similar implementations.” 2010. Masters Thesis, University of Texas – Austin. Accessed January 26, 2021.
http://hdl.handle.net/2152/38234.
MLA Handbook (7th Edition):
Srivastava, Varun. “Static analysis for finding security inconsistencies between similar implementations.” 2010. Web. 26 Jan 2021.
Vancouver:
Srivastava V. Static analysis for finding security inconsistencies between similar implementations. [Internet] [Masters thesis]. University of Texas – Austin; 2010. [cited 2021 Jan 26].
Available from: http://hdl.handle.net/2152/38234.
Council of Science Editors:
Srivastava V. Static analysis for finding security inconsistencies between similar implementations. [Masters Thesis]. University of Texas – Austin; 2010. Available from: http://hdl.handle.net/2152/38234
University of Texas – Austin
14.
Roy, Indrajit.
Protecting sensitive information from untrusted code.
Degree: PhD, Computer Sciences, 2010, University of Texas – Austin
URL: http://hdl.handle.net/2152/ETD-UT-2010-08-1951
► As computer systems support more aspects of modern life, from finance to health care, security is becoming increasingly important. However, building secure systems remains a…
(more)
▼ As computer systems support more aspects of modern life, from finance to health care, security is becoming increasingly important. However, building secure systems remains a challenge. Software continues to
have security vulnerabilities due to reasons ranging from programmer
errors to inadequate programming tools. Because of these
vulnerabilities we need mechanisms that protect sensitive data
even when the software is untrusted.
This dissertation shows that secure and practical frameworks can be built
for protecting users' data from untrusted applications in both desktop
and cloud computing environment.
Laminar is a new framework that secures desktop applications by
enforcing policies written as information flow rules. Information flow control, a form of mandatory access control, enables programmers to write powerful, end-to-end security guarantees while reducing
the amount of trusted code. Current programming abstractions and implementations of this model either compromise end-to-end security guarantees or require substantial modifications to applications, thus deterring adoption. Laminar addresses these shortcomings by exporting
a single set of abstractions to control information flows through
operating system resources and heap-allocated objects. Programmers express security policies by labeling data and represent access restrictions on code using a new abstraction called a security region.
The Laminar programming model eases incremental deployment, limits dynamic security checks, and supports multithreaded programs that can access
heterogeneously labeled data.
In large scale, distributed computations safeguarding information requires solutions beyond mandatory access control. An important challenge is to ensure that the computation, including its output,
does not leak sensitive information about the inputs. For untrusted code, access control cannot guarantee that the output does not leak information. This dissertation proposes Airavat, a MapReduce-based system which augments mandatory access control with differential privacy to guarantee security and privacy for distributed computations. Data providers control the security policy for their sensitive data, including a mathematical bound on potential privacy violations. Users without security expertise can perform computations
on the data; Airavat prevents information leakage beyond the data
provider's policy. Our prototype implementation of Airavat
demonstrates that several data mining tasks can be performed in a
privacy preserving fashion with modest performance overheads.
Advisors/Committee Members: Witchel, Emmett (advisor), Dahlin, Michael D. (committee member), Mazières, David (committee member), McKinley, Kathryn S. (committee member), Shmatikov, Vitaly (committee member).
Subjects/Keywords: Security; Operating systems; Java virtual machine; Cloud computing; Information flow control; Access control; Differential privacy
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Roy, I. (2010). Protecting sensitive information from untrusted code. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/ETD-UT-2010-08-1951
Chicago Manual of Style (16th Edition):
Roy, Indrajit. “Protecting sensitive information from untrusted code.” 2010. Doctoral Dissertation, University of Texas – Austin. Accessed January 26, 2021.
http://hdl.handle.net/2152/ETD-UT-2010-08-1951.
MLA Handbook (7th Edition):
Roy, Indrajit. “Protecting sensitive information from untrusted code.” 2010. Web. 26 Jan 2021.
Vancouver:
Roy I. Protecting sensitive information from untrusted code. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2010. [cited 2021 Jan 26].
Available from: http://hdl.handle.net/2152/ETD-UT-2010-08-1951.
Council of Science Editors:
Roy I. Protecting sensitive information from untrusted code. [Doctoral Dissertation]. University of Texas – Austin; 2010. Available from: http://hdl.handle.net/2152/ETD-UT-2010-08-1951
. 
Open Access Theses and Dissertations
