Policy Weaving for Secure Systems
Speaker: Bill Harris ,
Date: March 9 2011
Time: 4:00PM to 5:30PM
Location: 8th floor reading room, 32-G882
Host: Professor Armando Solar-Lezama, CSG-CSAIL-MIT
Contact: Sally O. Lee, 3-6837, sally@csail.mit.edu
Talk: Policy Weaving for Secure Systems
Short description: On modern systems, user-level applications such as
web servers and VPN clients must handle sensitive data, yet handle
untrusted input, perhaps from an untrusted network. In the traditional
approach to system security, the application programmer must only use
the semantics of their programming language to verify that their
program behaves securely under all inputs. In practice, this is an
infeasible task. However, recent work in secure systems, including
decentralized information flow systems such as Flume and HiStar or
capability systems such as Capsicum, has produced systems that provide
application programmers with primitives that make this task
feasible. However, the programmer must still bridge the gap between
their high-level specification of secure behavior and how the program
must use the low-level primitives of the system to satisfy this
specification.
To help programmers bridge this gap, we propose a tool, called a
"weaver," that takes an unsecured program and a specification of
secure behavior, and produces a program that uses the primitives of a
given system to satisfy the specification. In this talk, I will first
describe our recent work on designing a weaver for the Flume
decentralized information flow control system. I will then sketch how
the principles behind our Flume weaver may be reapplied to build
weavers for apparently different systems, such as capability-based
systems.
See other events that are part of
See other events happening in March 2011
