Newswise — Tufts University is marshalling interdisciplinary strengths in computer science to shape the future of cybersecurity with the launch of the Cybersecurity Center for the Public Good. The center, housed in the School of Engineering, is made possible by an anonymous $2.6 million gift that also creates a term professorship.
Assistant Professor Megumi Ando is the inaugural holder of the Minnie McNeal Kenny Assistant Professorship in Computer Science, named in honor of the noted 20th-century American cryptanalysis expert.
The new effort is directed by Professor Susan Landau, a noted expert on cybersecurity policy. As Bridge Professor of Cyber Security and Policy, Landau initiated the joint MS degree in Cybersecurity and Public Policy between The Fletcher School and the School of Engineering.
This fall she moves to the School of Engineering to begin directing the center, an initiative encompassing faculty research, funding for undergraduate research, graduate summer internships in cybersecurity policy, and visiting faculty. A student-staffed Cybersecurity Clinic, overseen by Ming Chow, associate teaching professor in computer science, will offer pro bono consulting to local nonprofits, businesses, and municipalities.
Landau is highly regarded for her influential leadership in cybersecurity policy. Last year she was honored with the USENIX Lifetime Achievement Award for having a "profound and lasting impact on computer science, computer security, law, and public policy.” In January she also received the Bertrand Russell Prize from the American Mathematical Society for contributions that advance cybersecurity strategies, including technical research papers, op-eds and policy briefings.
Below, Landau shares thoughts on how the new center will further strengthen cybersecurity.
Tufts Now: What is the mission of the new center?
The center capitalizes on our diverse expertise in computer science, specifically our research on how to make security and privacy capabilities directly benefit people.
In the School of Engineering, Professor Dan Votipka is helping software developers improve cybersecurity and privacy tools. Professor Johes Bater can apply theoretical improvements to real systems. Professor Megumi Ando is working on improving anonymity tools. Yingjie Lao focuses on infrastructure. My own interests are in how to ensure laws and public policy enable and encourage the use of privacy and security tools rather than put up barriers.
Why is a “public good” focus important today?
Generating research from applied issues is part of the center's DNA for a good reason. By framing cybersecurity research for the public good, we emphasize the centrality of people in cybersecurity's future success.
We recognize there are many cybersecurity questions yet to be answered. How can people achieve security and privacy in their online interactions, not in theory and not with a hard-to-use system, but in practice with a transparent system that works well for them? How do we build future systems so that security is baked in in a way that simplifies users' tasks? How do we make sure that government laws and policies not only don’t disrupt good security and privacy practices but instead incentivize them?
These are all questions that focus on having an impact on people’s actual needs.
What does that impact look like?
Our impact can take many forms. Research ideas can change the way to protect privacy or provide a new security paradigm that simplifies implementation and thus improves privacy or security. Research can reframe an argument about encryption's central role in security that changes the public discourse and puts fears about the technology's misuse in an appropriate place, thus removing barriers to cryptography’s wide implementation.
Research also can provide insight into why cybersecurity improvements are not being adopted and propose incentives that change that dynamic. And research can introduce new policy ideas for the international setting that encourage cooperation between nations on some aspects of cybersecurity or privacy.
How do you describe the university’s leadership in cybersecurity, and where the new center fits in?
We're in a unique position to take the lead in cybersecurity. Tufts is the only known U.S. university with an MS program focused on tech-informed cybersecurity policy in an international setting. We have The Fletcher School and the Tisch College of Civic Life, so the ability to integrate public policy and public service into our research work is already here; we can and will tap into those connections.
For cybersecurity to really work, not on paper but in the real world, it must fully involve different interdisciplinary threads from the social sciences, public policy, and the law. Our center is well positioned to do this kind of work.
What are your aspirations for how the center might spur new ideas?
The Cybersecurity Clinic will bring in many expected problems, but also some unexpected ones. Some of the efforts of the clinic will also be a focus of collaborative research, and our connections with The Fletcher School and Tisch College of Civic Life may lead to new twists in anonymity needs that could spur some interesting research questions for Megumi Ando.
I’m also looking forward to bringing in guests. People doing theoretical research will expand the way we look at potential solutions, while people with applied problems will spur new research questions—and get us to new results.