Researcher: Patrick Tague
The quick rise in mobile device use has lead to the emergence of a wide variety of security and privacy issues that are close at hand to a large portion of the world's population. Modern mobile devices, however, are more than just telephones, more than computers, more than sensor-rich devices, and more than any other electronic device that has been on the market to date. They rely on a telecommunications infrastructure that was not designed with the diversity of rich applications and services that have emerged, so there is a fundamental mismatch between security models used in their design and the reality of the mobile space. Instead of treating mobile devices as "a telephone that runs apps" or "a computer that makes phone calls", we treat them as a system-of-systems with deep interactions and dependencies among component systems. Along these lines, we have been investigating various issues of security and privacy in telecommunications, personal area networking, near-field communications (NFC), mobile operating systems, mobile applications and permission models.
Outcomes: We are developing a suite of protocols and redesigning aspects of existing approaches specifically for use in mobile devices, from the application domain, to system services, to telecommunication networks, to wireless communication.