Optimizing software security
Yaser was a PhD candidate under the supervision of Drs. Amir Hossein Banihashemi and Ioannis Lambadaris at Carleton University, and a Mitacs Accelerate intern who undertook a research project on HTML5 security problems and possible solutions. He was introduced to Irdeto Canada by Justin Moores, Director, Business Development at Mitacs, while pursuing his graduate studies in Electrical and Computer Engineering at Carleton University where he also worked as a Mitacs Globalink student advisor.
HTML5 is a new web technology that enables designers to integrate different types of content on a web page without using any plug-ins or third-party programs. This content may include text, audio, video, PDF and social network sites like Facebook and Twitter. Although HTML5 is developer and user friendly, it is also insecure, making it easy for a hacker to access users’ personal information and webpage’s underlying code.
So far, little research has been done regarding protection of applications in HTML5. Yaser’s Mitacs Accelerate project aimed not only to identify white-box security problems with HTML5, but also to investigate key security problem areas and develop possible solutions. The hope was that the project would help Irdeto to take a step ahead of its competitors and maintain its top rank in the online market business.
“While working on my project, I came up with a new technique that can mitigate attacks on web apps in HTML5 by protecting specific points. Another advantage of this technique is that it’s diverse, which means that it can be applied to digital content destined for different types of clients, each with unique security properties at no platform-dependent cost to the developer’’ says Yaser.
Yaser’s unique technique that transforms data and code of an application was developed into a prototype by Irdeto which is currently investigating the security qualities of this new technology for future commercialization.
“One of the challenges we are facing when using HTML5 is to provide optimal, secure solutions for our clients. Through this research project, we were able to determine where our company stands regarding this technology. Yaser’s research outcome also greatly improved the foundation of our technologies and what he developed is being looked into as a new product feature that we could offer in the near future,” says Yuan Xiang Gu, Chief Architect and Senior Director of Research at Irdeto Canada.
The company has been a long-time industry partner of Mitacs. According to Mr. Gu, collaborating with Mitacs is a win-win situation for both interns and business. Thanks to the Mitacs Accelerate program, the company had access to high quality research talent, and as an intern Yaser got professional work experience addressing real-world problems and recently joined Irdeto full-time. So far, the company has supported six Mitacs Accelerate internships and is working with Mitacs to co-fund a large-scale internship project with graduate students from Queen’s University.
Mitacs gratefully acknowledges the Government of Canada, the Networks of Centres of Excellence's Industrial Research and Development Internship program and the Government of Ontario for their support of Mitacs Accelerate in the province.