SCS

Please join in for a special panel discussion, with special guests:

Lorrie Cranor
FORE Systems Professor of Computer Science and Engineering & Public Policy and Director, CyLab Usable Privacy and Security Laboratory, Carnegie Mellon University
Moderator

Panelists

David A. Eckhardt
Teaching Professor, Computer Science Department, Carnegie Mellon University

S. Candice Hoke
Professor, Cleveland-Marshall College of Law

David R Jefferson
Computer Scientist, LLNL

 

About the Speakers

Lorrie Faith Cranor is a Professor of Computer Science and Engineering and Public Policy at Carnegie Mellon University, where she is director of the CyLab Usable Privacy and Security Laboratory (CUPS) and co-director of the MSIT-Privacy Engineering masters program. She is also a co-founder of Wombat Security Technologies, Inc. She has authored over 100 research papers on online privacy, usable security, and other topics. She has played a key role in building the usable privacy and security research community, having co-edited the seminal book Security and Usability O'Reilly 2005) and founded Symposium On Usable Privacy and Security (SOUPS ).

In 2016 to serve as Chief Technologist at the US Federal Trade Commission.  She also chaired the Platform for Privacy Preferences Project (P3P) Specification Working Group at the W3C and authored the book Web Privacy with P3P (O'Reilly 2002). She has served on a number of boards, including the Electronic Frontier Foundation< Board of Directors, and on the editorial boards of several journals. In 2003 she was named one of the top 100 innovators 35 or younger by Technology Reviewmagazine and in 2014 she was named an ACM Fellow for her contributions to usable privacy and security research and education. She was previously a researcher at AT&T-Labs Research and taught in the Stern School of Business, New York University. In 2012-13 she spent her sabbatical year as a fellow in theFrank-Ratchye STUDIO for Creative Inquiry at Carnegie Mellon University where she worked on fiber arts projects that combined her interests in privacy and security, quilting , computers, and technology. She practices yoga, plays soccer, and runs after her three children.

Dr. Cranor earned her B..S. (Engineering and Public Policy) 1992, Washington University in St. Louis, M.S. (Technology and Human Affairs) 1993, Washington University in St. Louis, M.S. (Computer Science) 1996, Washington University in St. Louis, D.Sc. (Engineering and Policy) 1996, Washington University in St. Louis

David A. Eckhardt, Teaching Professor, Computer Science Department, Carnegie Mellon University

David A. Eckhardt is a Teaching Professor in the Department of Computer Science at Carnegie Mellon University, and Associate Director of the course-based Computer Science M.S. program. Dr. Eckhardt teaches upper-level Computer Science classes in the Systems area, especially a two-class sequence in Operating Systems. He has served the citizens of Allegheny County as a Judge of Elections, overseeing the operations of a polling place, since 1997. In 2007 he was appointed to the Allegheny County Citizens' Election System Advisory Panel and in 2011 was engaged by the Board of Elections of Venango County, Pennsylvania, to assess the integrity of their voting system. In 2015 he briefed the Pennsylvania Secretary of the Commonwealth on voting-system security threats. He is a member of the Election Verification Network and vice president of VoteAllegheny, a non-partisan volunteer election integrity organization. Professor Eckhardt holds a B.S. in Computer Science (with a minor in Political Science) from The Pennsylvania State University, and an M.S. and a Ph.D. in Computer Science from Carnegie Mellon. Since 1990 he has been been licensed as amateur radio operator KA3YAI.

S. Candice Hoke, Professor, Cleveland-Marshall College of Law

Professor Hoke is widely recognized national authority on laws governing election technologies (including voting devices and voter registration databases), election management, and on federal regulatory programs reflecting federalism values. She is a graduate of Yale Law School, where she was Senior Editor of the Yale Law Journal and co-chair of the Yale Law Women's Association. Her most recent publications focus on election technology regulatory issues, some of which were co-authored with computer security scientists. Her prior publications focus on health care regulation, welfare/public entitlement programs, and constitutional standards for statutory preemption.

Professor Hoke presents her research in academic, technology, and election policy forums throughout the country. She has testified before Congress on federalism aspects of health care reform legislation and on election policies needed to achieve greater public accountability. She founded and directed the Center for Election Integrity, which conducted nationally unprecedented field research on deployed voting technologies and election administration management problems. Her assessments of election technology initiatives and election practices around the nation are frequently sought by the press; the New York Times, Wall Street Journal, National Public Radio, and all major television networks are a few examples. Her research and policy leadership has led to major national foundation funding and to foundation consulting work on election policy issues.

Professor Hoke served three terms on the American Bar Association's Advisory Commission on Election Law. She has consulted with all levels of government on election policies and technology issues. She serves on the Advisory Boards for the Verified Voting Foundation and other nonpartisan election improvement nonprofits located in Florida and Michigan. Following graduation from law school, Professor Hoke clerked for Judge Hugh Bownes of the U.S. Court of Appeals for the First Circuit in Boston, MA and Concord, NH. She then practiced law at Hill & Barlow (Boston)focusing primarily on employment litigation and issues for both plaintiffs and defense) and transactions (both employment and business formation).

David R Jefferson, Computer Scientist

David Jefferson is a computer scientist (CMU PhD, 1980) who has worked at the intersection of public elections, computers, the Internet for over 20 years. He is on the boards of Verified Voting and the California Voter Foundation, and has served as an advisor to the last five California Secretaries of State. In 2004 he was coauthor of a strong critique of the SERVE Internet voting system proposed by the Department of Defense, leading to the program’s cancellation. He is frequently quoted on election security in the press, including an interview on CBS "60 Minutes II". He works at Lawrence Livermore National Laboratory where he does research in extreme scale discrete event simulation.

The Public Key Infrastructure (PKI) for the web was designed to help thwart "phishing" attacks by providing a mechanism for browsers to authenticate web sites, and also to help prevent the disclosure of confidential information by enabling encrypted communications. For users to reap these benefits, however, the parties that implement and operate the PKI, including certificate authorities, web-site operators, and browser vendors, must each perform their roles properly.

This talk focuses on one aspect of the PKI: certificate revocation. The security of a web site hinges on the ability of the site operator to keeps its private keys private.  While most operators guard their keys carefully, on occasion software vulnerabilities such as the notorious Heartbleed Bug have put millions of keys at risk.  If a web-site operator fears that its private key has been compromised, it should ask its certificate authority to revoke the corresponding certificate. 

Browsers, however, often do not fully check whether the certificates they receive have been revoked, and mobile browsers never check.   There are a variety of reasons for not checking, but the most important are the amount of bandwidth required to download certificate revocation lists in advance, the latency of checking certificates on the fly, and the slow progress of upgrading every web server to support the newer certificate status stapling approach.

This talk presents a new and much more efficient system, CRLite, for pushing the revocation status of every certificate to every browser. CRLite leverages a recent development:  although lists of revoked certificates were previously available, Google's Certificate Transparency project now also provides a log of all unrevoked certificates as well.  With both lists in hand, a compact data structure called a filter cascade can be used to represent the status of every certificate with no false positives and no false negatives.   CRLite requires a browser to download a 10MB filter cascade initially, and then a 580KB update (on average) every day. Our results demonstrate that complete revocation checking is within reach for all clients.

Bruce Maggs received the S.B., S.M., and Ph.D. degrees in computer science from the Massachusetts Institute of Technology in 1985, 1986, and 1989, respectively. His advisor was Charles Leiserson. After spending one year as a Postdoctoral Associate at MIT, he worked as a Research Scientist at NEC Research Institute in Princeton from 1990 to 1993. In 1994, he moved to Carnegie Mellon, where he stayed until joining Duke University in 2009 as a Professor in the Department of Computer Science.  While on a two-year leave-of-absence from Carnegie Mellon, Maggs helped to launch Akamai Technologies, serving as its first Vice President for Research and Development.   He retains a part-time role at Akamai as Vice President for Research.

 

Given the convergence of burgeoning enrollments in CS across many universities and colleges in the United States and the need to re-imagine the way computer science is taught to address 21st century challenges, the School of Computer Science at Carnegie Mellon University is hosting a 2-day summit in Pittsburgh.  The summit will be held at the Wyndham Pittsburgh University Center.

The summit will focus on reviewing recent reports about increasing enrollments and brainstorming ways that the education community, and supporting constituents such as computing organizations, governmental agencies and industry, can work toward a fundamental transformation in CS undergraduate education. The summit will bring together CS education experts from various college levels, including research universities, liberal arts and minority colleges, community colleges, computing organizations and associations and leading industry partners to come up with common goals that can be brought to the greater CS education community.

The summit will center on a number of key questions that seek to understand growing enrollment pressures in various types of colleges and regions, the need to continue efforts to increase diversity in computing, the readiness of the computing education community to embrace institutional changes and whether it is time for a larger, broader summit of CS education leaders to start to develop a roadmap for broad and sustained change at the undergraduate level similar to a recent effort done in the field of biological sciences. We hope that bringing together constituents from a wide variety of regions and audiences can lead to future collaborations to develop new solutions to address the growing interest in computing at the undergraduate level.

Generously supported by Carnegie Mellon University's School of Computer Science and the National Science Foundation (CNS-1752904).

Given the convergence of burgeoning enrollments in CS across many universities and colleges in the United States and the need to re-imagine the way computer science is taught to address 21st century challenges, the School of Computer Science at Carnegie Mellon University is hosting a 2-day summit in Pittsburgh.  The summit will be held at the Wyndham Pittsburgh University Center.

The summit will focus on reviewing recent reports about increasing enrollments and brainstorming ways that the education community, and supporting constituents such as computing organizations, governmental agencies and industry, can work toward a fundamental transformation in CS undergraduate education. The summit will bring together CS education experts from various college levels, including research universities, liberal arts and minority colleges, community colleges, computing organizations and associations and leading industry partners to come up with common goals that can be brought to the greater CS education community.

The summit will center on a number of key questions that seek to understand growing enrollment pressures in various types of colleges and regions, the need to continue efforts to increase diversity in computing, the readiness of the computing education community to embrace institutional changes and whether it is time for a larger, broader summit of CS education leaders to start to develop a roadmap for broad and sustained change at the undergraduate level similar to a recent effort done in the field of biological sciences. We hope that bringing together constituents from a wide variety of regions and audiences can lead to future collaborations to develop new solutions to address the growing interest in computing at the undergraduate level.

Generously supported by Carnegie Mellon University's School of Computer Science and the National Science Foundation (CNS-1752904).

Microsoft’s corporate mission is to help every person and every organization on the planet to achieve more.  One of our academic motions is to explore ways in which Microsoft Azure can help transform the way courses are taught and what students are able to achieve through assignments. This motion is about faculty teaching and student learning, as distinct from research, which Microsoft supports in other ways.  This program is being piloted at a handful of elite computer science universities, and we are looking for faculty and courses where a generous grants of Azure credits ($20K +) could transform a course or at least a major course assignment. 

We are learning that the sweet spot for these grants are data science and machine learning assignments, and that these courses may be found across campus including computer science, life sciences, civil engineering, and business. In our visit, we will share details on how the grants were used at five elite universities last year, and hopefully begin the conversation with leaders and professors to identify opportunities at CMU.

Our team is also able to help train professors and TA’s in selecting appropriate Azure services and consulting on the setup.

Faculty Only

Watch for updates.

To complement our Annual SCS Mobot Races in Spring 2018, we also host the annual Fall Demos/Races: ToboM.

With MoBot (now in its 24th year),  members of the CMU community harness their singular and collective talents to create Mobots that race along and "down" the slalom-course on the paved walkway in front of Wean Hall. (i.e., the curvy white lines).

ToboM asks community members to race their bots up The Helix in GHC. The problem is challenging,  the solutions many,  the weather more predictable, but we get to introduce whole new levels of complexity.  Going up or down, issues of autonomous movement are always exciting.

The Helix starts on the 3rd floor of GHC and winds its way up to the 5th floor.  It's a long and circuitous hike for humans --- and perhaps an even greater challenge for a robot?  And as it's also Family Weekend, we hope to let our guests see what we do and build!

If you have a robot you would like to build,  try out,  or simply test  to see if it will make its way up The Helix....please join in!  We would like to see what Robots  can do when faced with a winding, uphill bit of architecture.  Rolling, hovering, flying, slithering,  or crawling --- all is acceptable.  And you'll be showing our community/guests what is possible -- while better defining the essence and scope of ToBoM Racing.

Pages

Subscribe to SCS