Research interests

It is too hard to build trustworthy software systems using conventional systems APIs. I work on higher-level, language-based abstractions for programming that better address important cross-cutting concerns: security, extensibility, persistence, distribution.

Selected recent publications

Pattern matching can coexist with data abstraction and subtyping, checking exhaustiveness and redundancy.

Program analysis and synthesis enable seamlessly moving data and functionality between app and database servers.

For consistently good performance, Pyxis automatically migrates computation between the app and database server.

A new architecture for secure mobile code, supporting secure use, publication, and sharing of code across trust domains.

A non-restrictive type system in which programs provably leak only a bounded amount of information through timing.

Awards

Current Projects

• Keynote address at POPL'13: How languages can save distributed computing.
• Fabric: A federated system for securely storing, sharing, and computing information.
• General methods for controlling timing channels.
• Swift: Making web applications secure by construction.
• Jif: an extended version of Java that protects privacy by controlling information flow
• Jx/J&: language features for extensible, composable, adaptable software
• Civitas: A practical, secure, remote voting system.
• JMatch: a Java extension with pattern matching and interruptible iterators
• Polyglot: a widely used, extensible Java compiler front end framework for rapid experimentation with new language extensions.
• Program committees: ASPLOS'13, CCS'13, POST'14
• Editorial Boards: Journal of Computer Security (JCS), ACM Transactions on Computer Systems (TOCS)
• ▸Undergraduate and MEng research opportunities
• [Show older projects]