Analyzing and Improving Privacy and Security Policies

Event Date: April 23, 2008
Speaker: Adam Barth
Speaker Affiliation: Computer Science Department, Stanford University
Sponsor: ECE Prospective Faculty Candidate
Time: 10:30 AM
Location: EE 118
Contact Name: Host: Prof. Saurabh Bagchi
Contact Phone: (765) 494-3362
Contact Email:
Open To: Acceptable for ECE694A

Security practitioners have experience building security mechanisms, be they cryptographic protocols, buffer overflow protections, or access control systems, but are far less familiar with designing security policies for these mechanisms to enforce. This talk will cover some of my recent policy work as applied to web browsers, digital rights management, and medical privacy. For web browsers, we analyzed existing security policies for frame navigation and implemented an improved, principled policy, which has been adopted in both Safari 3.1 and Firefox 3. By analyzing DRM systems, we uncovered several anomalies in an industrial license language and applied linear logic to provide a rigorous foundation for improvements to the language. In the privacy arena, we developed a formal language for expressing privacy regulations such as HIPAA, which governs medical privacy.
Adam is currently a full-time Ph.D. student in the Computer Science Department at Stanford University. He received his M.S. in Computer Science from Stanford in the summer of 2005.   In May 2003, Adam graduated magna cum laude from Cornell University with a B.A. in Mathematics and Computer Science.
 Web page: