Earlier this year, the UBC Computer Science Department opened the door to a new addition within the domain of systems security.
Assistant Professor Dr. Aastha Mehta brings her experience in security, data privacy, operating systems, and distributed systems, and is one of a trio of experts hired concurrently.
“It’s very exciting to be in the middle of this growth phase for the systems group here at UBC,” Aastha said. “It’s such a great opportunity to learn and grow alongside others in my field. I really enjoy working at the intersections of systems and security.”
Before joining UBC, Dr. Mehta was in Germany completing her PhD at Max Planck Institute for Software Systems (MPI-SWS). Prior to that, she completed her Bachelor’s in Computer Science from Birla Institute of Technology and Science (BITS) in India, and worked as a software development engineer with NetApp in Bengaluru.
Aastha explained the breadth of her research, “I work on building systems to mitigate various threats to data privacy in online services, such as side-channel leaks, and ensure compliance with data privacy regulations. I am currently also venturing into the embedded and mobile systems space, where we are building a new system for contact tracing that provides privacy by design.”
What is a side-channel leak?
It is an information leak that arises from the implementation of a computer system, rather than weaknesses in the algorithm. Aastha explained, “When building applications, most software developers today do not think much about network traffic beyond encryption. However, it has been shown that someone can learn about your private conversation by eavesdropping on the network and observing just the sizes and timing of your network packets."
Similarly, when two applications run on a shared platform, one application can observe how the other uses the hardware resources of that platform and infer the latter’s secrets. Such leaks are an important concern in cloud platforms today. “I work on mitigating a class of side-channel leaks, called the network side-channel leaks, in cloud and Internet services,” Aastha said.
Aastha is currently also engaged in building out a solution for effective, secure contact tracing and risk notification in the context of COVID-19.
“We are developing a system whereby users would carry a dongle, similar to a key fob,” she explained. “The system uses locational beacons to passively collect info about where users are. If one of those users falls ill and reports this, an alert is sent to other users who were also at that location at the same time. The dongles act as quiet listeners and the beacons help identify where you were. It’s privacy-preserving because there is no personal data recorded or exchanged,” she explained.
Aastha points out that in addition, the system would help to identify hotspots through the data collected, which in turn can aid experts in controlling and mitigating further risk.
Aastha has joined the Systopia lab in the department, where members conduct research on topics including operating systems, distributed systems, and program analysis. She is supervising two Master’s students, as well as teaching the grad course: Security and Privacy in the Era of Side Channels during the 2021 Winter term.
With an NSERC Discovery Grant funding her research, Aastha is already well on her way to making a significant contribution in the world of security.
And as for downtime? She has forayed recently into artwork, specifically painting, and during the warmer months she likes to hike. “I am also considering revisiting an older interest of mine: I spent 12 years training in an Indian classical dance form called Bharatanatyam. I lost touch with it while in Germany, but would like to possibly pick it up again.”
The CS department is pleased to have Dr. Mehta aboard and looks very forward to the fruits of her research on security systems.