In the ROSCO project, we have desgined and built a Hadoop cluster for storing digitally signed programs and public key certificates. Using ROSCO, we can provide innovative reputation services to the community: e.g., we can tell when we saw a given signed program or certificate for the first time, how many queries we have received for a given signed object, or what else the signer of a given signed program signed before. It is possible to combine our reputation information with other sources of information (e.g., Virus Total). 
Ultimately, the reputation information obtained from ROSCO can help relying parties to make a more informed decision about the trustworthiness of a given certificate or signed computer program.

Our ROSCO database currently stores millions of certificates and thousands of signed programs. The task of 
the student is to analyze this data and to identify anomalies (e.g., multiple certificates having the same 
public key), weaknesses (e.g., short keys or weak hash functions used), potentially serious problems (e.g., 
RSA public keys that can be broken), hidden relationships, authors of malicious programs, etc. The student 
should also develop simple tools that allow for the computation of different statistics (e.g., average key 
length, distribution of hash functions applied, etc.) on the available information in the database.