Penn State researcher to collaborate on NSF-funded cybersecurity project

August 31, 2022

Editor’s note: The original article was published on the Indiana University Bloomington website. It includes Danfeng Zhang, associate professor in the Penn State College of Engineering’s Department of Computer Science and Engineering.

UNIVERSITY PARK, Pa. — The National Science Foundation (NSF) has awarded a multi-institution team a $9 million, five-year grant to understand how to protect data shared across distributed computing systems such as cloud computing environments. Indiana University Bloomington (IU) will lead the project, on which Danfeng Zhang, associate professor in the Penn State College of Engineering’s Department of Computer Science and Engineering, will collaborate. 

Funded through NSF’s Secure and Trustworthy Cyberspace program, the project will establish the Center for Distributed Confidential Computing in collaboration with researchers from Purdue University, Carnegie Mellon University, The Ohio State University, Spelman College, Duke University and Yale University, as well as the IU and Penn State collaborators.

Advances in artificial intelligence (AI) and big data analytics rely on data sharing, which can be impeded by privacy concerns. The researchers will leverage recent progress in the trusted execution environment (TEE), a hardware capability in modern computer chips that isolates and verifies data and the space in which it is shared to run secure computation in a way that cannot be compromised by malicious software across distributed computing systems. They will work to provide solutions for data in use, such as training machine-learning models on private data across cloud and edge systems.

Penn State faculty will bring unique strengths to the team, Zhang said. He specifically will lead the research task of vetting and certifying open and viable TEE code, with a focus on investigating TEE-based checker-worker program certification techniques, among others, to develop an open, distributed and verifiable certification ecosystem.

“To protect data in a distributed computing system, one key challenge is to establish trust on code, which can be malicious and buggy,” Zhang said. “In this project, we will design and develop a trustworthy application store that can automatically vet TEE code and issue certificates for its security properties. One outstanding feature of the application store is that it does not rely on any trusted third party, including code providers and code verifiers.”

The ability to actively protect data as it is being used without relying on third parties reduces vulnerabilities and strengthens protection, according to Zhang.

"Data-in-use protection is considered to be a holy grail of data protection, since even encrypted data needs to be decrypted before it can be analyzed, so there is a risk that the data could be exposed at that point in time," said XiaoFeng Wang, principal investigator on the project and the James H. Rudy Professor of Computer Science, Engineering and Informatics at the IU Luddy School of Informatics, Computing and Engineering. "Our project will lay the technological foundations for practical data-in-use protection across today and tomorrow's cloud and edge systems. This effort is critical for maintaining U.S. leadership in AI and data science, which heavily relies on data-in-use protection."


Share this story:

facebook linked in twitter email


College of Engineering Media Relations


Danfeng Zhang