Even as the virtual world of cyberspace has become a ubiquitous part of daily life, measures to support individual privacy have scarcely kept pace. However, recent research by assistant professor Yoshi Kohno of the University of Washington’s Department of Computer Science and Engineering has illuminated new tactics for strengthening cybersecurity.
Kohno, along with fellow CSE assistant professor Magda Balazinska, shares this research in a new program debuting on UWTV this month, “The Cyberspace Data Explosion: Boon or Black Hole?”
“We are entering a very exciting world, a world where we have an unprecedented ability to collect near real-time information about our environment and about ourselves,” Balazinska explained. She then posed some big questions: “Do we have the ability to leverage all this data? What are the security implications of all these sensors deployed around us? How can we protect our privacy?”
|
Since its public inception in the 1990s, the Internet and its store of information have been host to a number of security breaches. A history of phished e-mail accounts and high-profile “cyber attacks” like the one on Google in December 2009 have made it clear that the firewalls around our computers are far from shatterproof.
What researchers like Kohno are trying to develop is a method of filtering data into two categories: one which is saved, archived and protected in the long term, and another which the user has the power to essentially destroy.
“The Internet never forgets, so to speak,” Kohno mused. “E-mails we send today may live forever. Even if we think we delete the e-mail, those e-mails may still reside on backup tapes on some Web server, for example, at Google or Hotmail.”
Consequently, “this message will self-destruct” might become more than just espionage lingo. In fact, it’s one way that Kohno is trying to empower Internet users with greater control over the privacy of their data. Last year, he and other CSE researchers prototyped “Vanish,” a system, as the name implies, with the potential to automatically destroy data after a set time period.
Self-destructing data, whether e-mails or private Facebook messages, would not only be deleted from a single computer, but all other copies on different Web servers would also expire.
But restoring faith in Internet privacy is only the tip of the iceberg. “Typically, when people think of computer science, they think about the computers sitting on their desks or on their laps,” Kohno points out. Yet the places where computer science is more behind-the-scenes, such as the power grid, airlines and medical devices, are just as at risk to be compromised.
The implantable medical device (IMD) is one such technology that Kohno says he is particularly interested in because it is “outside the confines of the traditional desktop or laptop computer.”
To observe and treat physiological conditions within the body, IMDs, including pacemakers and cardiac defibrillators, increasingly rely on wireless communication systems for remote patient monitoring. That is, IMDs transfer information wirelessly to a computation center which is independent from the body.
Making the leap from the patient’s body to a distant monitoring system is the security sticking point. If the wireless signals were to be intercepted by a third party, a patient’s name, birth date and medical history could be revealed.
Fortunately, it is only as IMD technology evolves that such privacy violations will become truly relevant for patients. Nevertheless, this is the opportune moment for addressing security issues as Kohno, and researchers across the nation, look forward to next-generation devices.
While the evolution of computerized technology has forced us to grapple with many tough questions, none may be as pertinent as Balazinska’s query: “How can we protect our privacy?"