Craig Shue, assistant professor of computer science, is developing methods to safeguard the security of virtual desktops that are delivered to potentially
unsecure client computers. The techniques entail allowing only the virtual desktop software to run, while all software installed on the client is kept quiet.
and confusion of a busy operating room or intensive care
unit, but will help hospital staff make informed decisions.
The devices also need to be able to enter some kind of safe
mode until the problem has been solved, without simply
shutting down or failing in a way that could harm a patient.
Together with colleagues at the University of Kansas
and the University of Pennsylvania, Venkatasubramanian
is working to improve IMD alarm systems with the help of
a software "coordinator" — middleware that can interpret
the data fowing from multiple devices, determine what kind
of alarm should be sounded, and communicate that alarm
to healthcare providers in a helpful way.
Isolating the problem
Sometimes, however, it's best to remove users from the
security equation completely. That's one of the goals behind
a system designed by Craig Shue, assistant professor of
computer science, and graduate student Evan Frenn.
Shue notes that desktop virtualization services like
Citrix can deliver entire virtual desktops to client PCs over
40 > wpi.edu/+research
the Web. But while the applications and services delivered
to the client from the server may be secure, the operating
system and applications that live on the client remain vulnerable to infection by malware. In a corporate environment,
that can be a serious problem — especially when untrained
users are largely responsible for their own security settings,
and when more and more people are bringing their own
devices to work.
Shue and Frenn have proposed a system in which only
the software supplied by the server is allowed to run on the
client machine. Everything else, including the client's operating system — millions of lines of code rife with potential
security vulnerabilities — is kept quiet, so that even if the
client machine is loaded with malware, none of it can cause
trouble. The client is able to attest, or prove, via cryptographic means that nothing but the served applications are
running; and responsibility for security stays in the hands
of the trained IT professionals who work on the server side.
Shue and Frenn's scheme was made possible by recent
improvements to secure microprocessors called trusted