Software and services
Graduated PhD students
It is too hard to build trustworthy software systems. I aim for
simple, high-level abstractions that offer programmers strong
guarantees about cross-cutting concerns:
Genus: a Java extension that improves generic programming and exception handling.
Fabric: A language and system for secure, distributed computation, sharing, and storage.
- SHErrLoc: The Static Holistic Error Locator
identifies the most likely locations of program errors by analyzing the entire program constraint graph.
- SecVerilog: a hardware description language for controlling timing channels.
- Jif: an extended
version of Java that protects privacy by controlling information flow.
Civitas: A practical, secure, remote voting system.
a widely used, extensible Java compiler front end framework for rapid
experimentation with new language extensions.
- Editor in Chief,
ACM Transactions on Programming Languages and Systems (TOPLAS)
- Current program committees:
POPL 2018 (PC chair),
CCS 2016 (PC co-chair),
▸ Undergraduate and MEng research opportunities
[Show older projects]
[Show courses taught]
- Editorial Boards:
Journal of Computer Security (Co-Editor-in-Chief, 2013–2016)
ACM Transactions on Computer Systems (2009–2016),
ACM Transactions on Information and System Security (TISSEC, now TOPS)
- Program Committees:
Computer Security Foundations 2010,
IEEE Symposium on Security & Privacy (Oakland) '09;
Co-chair, Principles of Security and Trust (POST) '15,
IEEE S&P (Oakland) '01, '04, '07, '08,
CSF/CSFW '04, '06,
Euro S&P 2016
ASPLOS '13, '14 (ERC),
USENIX Security '06,
OSDI '00, '04,
European Workshop '04,
Heights Elementary School Math Club (5th grade)
- JMatch: a
Java extension with pattern matching and interruptible iterators
Swift: Making web applications secure by construction.
language features for extensible, composable, adaptable software
J\Mask: Java extended with masked types for safe, flexible object initialization.
SIF: Servlets with secure information flow.
STONESOUP: an IARPA-funded study on how to certify and run software of uncertain provenance securely
- DARPA Information Science and Technology Study Group (ISAT), 2005–2008
- Jif/split: a version of Jif that automatically partitions programs
to run securely on a distributed system.
J0: Java for novice programmers
- PolyJ: an extended
version of Java that supports parametric polymorphism, freely
available for both Windows and Unix.
- Thor, a
distributed object-oriented database, and Theta,
the internal programming language of Thor. This work provided scalable
techniques for efficiently implementing distributed, persistent
objects and language features such as methods and parametric polymorphism.
Dagstuhl seminar on Mobility, Ubiquity, and Security (Feb.'07)
- Invited and keynote talks: