Language-based Abstractions for Secure Distributed Applications
|Event Date:||March 10, 2016|
|Speaker Affiliation:||Ph.D. Candidate
Dept. of Computer Science, Cornell University
|Contact Name:||Professor Xiaozhu "Felix" Lin
Burdening programmers with low-level decisions about security, remote communication, and data storage can make even simple high-level designs hard to implement correctly. Developers need high-level abstractions that help them reason about and maintain the properties they desire. Getting these abstractions right is important: poor abstractions can lead to bad performance, corrupted data, and security breaches.
Language-based techniques can provide better abstractions to programmers that help them build secure and scalable distributed applications. In this talk, I’ll discuss two recent excursions toward this goal: Mobile Fabric and Flow-Limited Authorization.
• Mobile Fabric is a Java-like language and system for building distributed applications using persistent data and mobile code, similar to the applications on the web today. Unlike current applications, all Mobile Fabric applications enforce the confidentiality and integrity of the data they process, even in the presence of malicious code.
• Flow-Limited Authorization unifies two fundamental perspectives on security: authorization, which concerns who trusts whom, and information flow control, which concerns who may learn a secret or influence a value. Flow-Limited Authorization combines these perspectives into a single model, strengthening their security guarantees and eliminating potential vulnerabilities.
Owen Arden is a Ph.D. candidate in the Department of Computer Science at Cornell University, advised by Andrew Myers. Owen's research develops language-based abstractions for secure and scalable distributed systems. He received an NDSEG Fellowship in 2011 and a CIDR Best Paper Award in 2013. Prior to attending Cornell, Owen worked at the National Security Agency, where he received a National Intelligence Meritorious Unit Citation.