CS297 Proposal: USB Key Profile Manager for Mozilla
Yun Zhou (email@example.com)
Advisor: Dr. Chris Pollett (firstname.lastname@example.org)
Browsers normally use a local cache to store important user information, such as passwords and automatically filled-in forms. Since this information is maintained on the local drive, it is not difficult to be stolen by other users using the same computer. To solve this problem, a secure profile manager using Universal Serial Bus (USB) key will be implemented in this project to enhance cache security. Once the user completes her task and leaves the computer, she can remove the USB key and the information stored in the key will also be safely removed. Besides, the profile manager can also achieve location independence. The user should be able to select different levels of profile settings or simply use the traditional cache. When the USB key is selected, the profile manager should automatically detect and apply user information stored on the key with reasonable performance. Advanced Encryption Scheme (AES) is considered to be used to ensure the cache security. Ideally, the USB key profile manager should be an add-on component instead of a modification of the existing profile manager in order to achieve backward compatibility with older versions of Mozilla. The USB key profiler manager will support both Firebird and Thunderbird. Linux will be the main development platform, although I hope to deploy the component on different platforms, such as Windows and Unix.
The full project will be done when CS298 is completed. The following will be done by the end of CS297:
1. Reports on literature review.
2. Modified implementation of Linux journaling ext3 file system.
3. Modified cache implementation mounted to USB drive.
4. CS297 report.
 "Creating XPCOM Components", Retrieved on 1/12/04, from http://www.mozilla.org/projects/xpcom/book/cxc/.
 Rapid Application Development with Mozilla. Nigel Mcfarlane. Prentice Hall. 2003.
 Running Linux. Matthias Kalle Dalheimer, Terry Dawson, Lar Kaufman, Matt Welsh. O'Reilly. 2003.
 "Netscape Portable Runtime", Retrieved on 1/8/04, from http://www.mozilla.org/projects/nspr/.
 "XPCOM". Retrieved on 1/8/04, from http://www.mozilla.org/projects/xpcom/.
 "Security Projects", Retrieved on 1/8/04, from http://www.mozilla.org/projects/security/.
 Understanding the Linux Kernel. Daniel P. Bovet, Marco Cesati. O'Reilly. 2003.
 Linux Device Drivers. Jonathan Corbet, Alessandro Rubini. O'Reilly. 2003.
 Building Secure Servers with Linux. Michael D. Bauer. O'Reilly. 2002.
 The Cathedral & the Bazaar. Eric S. Raymond. O'Reilly. 2002.
 "An FPGA-based performance evaluation of the AES block cipher candidate algorithm finalists". IEEE Transactions on Very Large Scale Integration (VLSI) Systems. Elbirt, A.J. 2001.
 "Sub-Operating Systems: A New Approach to Application Security". Sotiris Ioannidis, Steven M. Bellovin. 2000.
 "State-of-the-art ciphers for commercial applications". Computers & Security. Preneel, Bart. 1999.
Red Hat Linux 7.3: The Official Red Hat Linux Reference Guide. Retrieved on 1/8/04, from http://linux.web.cern.ch/linux/redhat73/documentation/redhatcd/RH-DOCS/rhl-rg-en-7.3/ch-ext3.html.