Analysis of ocean power extraction capabilites of a rotary wave energy conversion system

Gemstone Team WAVES (Water and Versatile Energy Systems)

Language-based Techniques for Practical and Trustworthy Secure Multi-party Computations

Secure Multi-party Computation (MPC) enables a set of parties to collaboratively compute, using cryptographic protocols, a function over their private data in a way that the participants do not see each other's data, they only see the final output. Typical MPC examples include statistical computations over joint private data, private set intersection, and auctions. While these applications are examples of monolithic MPC, richer MPC applications move between "normal" (i.e., per-party local) and "secure" (i.e., joint, multi-party secure) modes repeatedly, resulting overall in mixed-mode computations. For example, we might use MPC to implement the role of the dealer in a game of mental poker -- the game will be divided into rounds of local decision-making (e.g. bidding) and joint interaction (e.g. dealing). Mixed-mode computations are also used to improve performance over monolithic secure computations. Starting with the Fairplay project, several MPC frameworks have been proposed in the last decade to help programmers write MPC applications in a high-level language, while the toolchain manages the low-level details. However, these frameworks are either not expressive enough to allow writing mixed-mode applications or lack formal specification, and reasoning capabilities, thereby diminishing the parties' trust in such tools, and the programs written using them. Furthermore, none of the frameworks provides a verified toolchain to run the MPC programs, leaving the potential of security holes that can compromise the privacy of parties' data. This dissertation presents language-based techniques to make MPC more practical and trustworthy. First, it presents the design and implementation of a new MPC Domain Specific Language, called Wysteria, for writing rich mixed-mode MPC applications. Wysteria provides several benefits over previous languages, including a conceptual single thread of control, generic support for more than two parties, high-level abstractions for secret shares, and a fully formalized type system and operational semantics. Using Wysteria, we have implemented several MPC applications, including, for the first time, a card dealing application. The dissertation next presents Wys*, an embedding of Wysteria in F*, a full-featured verification oriented programming language. Wys* improves on Wysteria along three lines: (a) It enables programmers to formally verify the correctness and security properties of their programs. As far as we know, Wys* is the first language to provide verification capabilities for MPC programs. (b) It provides a partially verified toolchain to run MPC programs, and finally (c) It enables the MPC programs to use, with no extra effort, standard language constructs from the host language F*, thereby making it more usable and scalable. Finally, the dissertation develops static analyses that help optimize monolithic MPC programs into mixed-mode MPC programs, while providing similar privacy guarantees as the monolithic versions.

When Love Becomes Hate(?): The Interplay Between Consumer-Brand Relationships and Crisis Situations

This study had three purposes. First, it aimed to re-conceptualize organization-public relationships (OPRs) in public relations and crisis communication. This OPR re-conceptualization helps find out when the OPR buffering effect or the OPR love-becomes-hate effect happens. Second, it aimed to examine how consumer emotions are influenced by OPRs and influence consumer behavioral intentions. Third, it aimed to address the current problematic operationalization of the concept of consumer. Three pilot studies and one main study were conducted. Apple and Whole Foods were the two brands examined. One crisis that undermined the self-defining attributes shared between the brand and its consumers and another crisis that did not were examined for each brand. Almost 500 Apple consumers and 400 Whole Foods consumers provided usable questionnaires. This study had several major findings. First, non-identifying relationship and identifying relationship were different constructs. Moreover, trust, satisfaction, and commitment were not conceptually separate dimensions of OPRs. Second, the non-identifying relationships offered buffering effects by increasing positive attitudes and tempering anger and disappointment. The identifying relationships primarily offered the love-becomes-hate effects by increasing anger and disappointment. Third, if the crisis was relevant to consumers’ daily lives, brand response strategies were less effective at mitigating consumer negative reactions. Moreover, apology-compensation-reminder strategy was more effective compared to no-comment strategy. However, the apology-compensation-reminder strategy was no more effective than other strategies as long as brands compensate to the victims. Identifying relationships increased the effectiveness of response strategies. If the crisis did not undermine the self-defining attributes shared between consumers and brands, the response strategies worked even better. This study contributes to crisis communication research in multiple ways. First, it advances the OPR conceptualization by demonstrating that non-identifying relationship and identifying relationship are different concepts. More importantly, it advances the theory building of OPRs’ influences on crises by finding out when the buffering effect and the love-becomes-hate effect happen. Second, it adds to emotion research by demonstrating that strong OPRs can lead to negative emotions and positive emotions can have negative behavioral consequences on organizations. Third, the precise operationalization of the concept of consumer gives more insights about consumer reactions to crises.

A HUMAN-CENTERED APPROACH TO IMPROVING THE USER EXPERIENCE OF SOFTWARE UPDATES

Software updates are critical to the security of software systems and devices. Yet users often do not install them in a timely manner, leaving their devices open to security exploits. This research explored a re-design of automatic software updates on desktop and mobile devices to improve the uptake of updates through three studies. First using interviews, we studied users’ updating patterns and behaviors on desktop machines in a formative study. Second, we distilled these findings into the design of a low-fi prototype for desktops, and evaluated its efficacy for automating updates by means of a think-aloud study. Third, we investigated individual differences in update automation on Android devices using a large scale survey, and interviews. In this thesis, I present the findings of all three studies and provide evidence for how automatic updates can be better appropriated to fit users on both desktops and mobile devices. Additionally, I provide user interface design suggestions for software updates and outline recommendations for future work to improve the user experience of software updates.