Affordable mobile devices and ubiquitous wireless connectivity have placed digital communication, computation, and sensing at the center of nearly all human activity. However, as the importance and popularity of mobile services like citizen journalism and mobile social networking have grown, so too has the need to reason about the trustworthiness of the data on which these services depend.
These days, there is a lot of hype about big data. But such data is useless
unless we can interpret it. Since such data is often noisy and ambiguous,
especially in the "long tail" where many of the examples occur, we will
inevitably be somewhat uncertain about underlying patterns and/or future
predictions. This motivates analyzing the data using structured
probabilistic models, which can properly represent uncertainty, and exploit
prior knowledge when available.
In this talk, I will describe a new design principle for security: the hardware-up principle. Hardware-up security means that systems should be secured starting from hardware instead of the existing popular approach where software layers are secured, assuming that the lower layers are secure when they are not. I will discuss how systems designed for security from hardware-up offer unique advantages unavailable in current protection systems: a smaller attack surface, energy-efficient execution, and the ability to reason about security compositionally.