Designing secure and scalable distributed applications is incredibly important but almost impossible when policies and workloads change dynamically.
I study language-based approaches to security and distributed systems that offer strong security guarantees and adaptive performance in dynamic environments.
A core programming model that uses flow-limited authorization to provide end-to-end information security to dynamic authorization mechanisms and programs that use them. Updated from CSF'16 version to correct statement of Theorem 2.
JRIF programs use Reactive Information Flow specifications based on finite-state automata that provide expressive policies without the need for explicit downgrading operations.
A new model that unifies authorization and information flow to enforce dynamic policies robustly and without side-channels.
Warranties are adaptively generated time-limited assertions about distributed state that enable fast, linearizable distributed transactions with optimistic concurrency control.
The case for improving database applications by unifying program analysis and database optimization techniques.
Interactive demo of Pyxis at SIGMOD'13.
Seamlessly moving data and functionality between application and database servers with program analysis and synthesis.
Pyxis adaptively migrates computation between clients and a database server by combining static dependency analysis with dynamic workload profiling.
A new architecture for secure mobile code for publishing and sharing code dynamically across trust domains.