Software and services
Graduated PhD students
Current research assistants
It is too hard to build trustworthy software systems
using conventional systems APIs. I work on higher-level,
language-based abstractions for programming that better
address important cross-cutting concerns:
Selected recent publications
Pattern matching can coexist with
data abstraction and subtyping, checking
exhaustiveness and redundancy.
Program analysis and synthesis enable seamlessly moving data and
functionality between app and database servers.
For consistently good performance, Pyxis automatically migrates computation
between the app and database server.
A new architecture for secure mobile code, supporting secure use,
publication, and sharing of code across trust domains.
A non-restrictive type system in which
programs provably leak only a bounded amount
of information through timing.
Best paper award, CIDR 2013
Provost's Award for Distinguished Scholarship
James and Mary Tien Excellence in Teaching Award
ACM SIGPLAN Most Influential POPL Paper Award
, 2009 (for POPL 1999)
Merrill Presidential Scholar Outstanding Educator Award, 2009
Best paper award, 21st ACM Symposium on Operating Systems Principles
T.C. Wong '72, Excellence in Teaching Award, 2002
NSF CAREER Award, 2002
Alfred P. Sloan Research Fellowship, 2002
Best Paper Award, 18th ACM Symposium on Operating Systems Principles
George M. Sprowls Award for outstanding Ph.D. thesis (MIT EECS Dept.)
- Keynote address at POPL'13: How languages can save distributed computing.
Fabric: A federated system for securely storing, sharing, and computing information.
General methods for controlling timing channels.
Swift: Making web applications secure by construction.
- Jif: an extended
version of Java that protects privacy by controlling information flow
language features for extensible, composable, adaptable software
Civitas: A practical, secure, remote voting system.
- JMatch: a
Java extension with pattern matching and interruptible iterators
a widely used, extensible Java compiler front end framework for rapid
experimentation with new language extensions.
- Program committees:
- Editorial Boards:
Journal of Computer Security (JCS),
ACM Transactions on Computer Systems (TOCS)
▸Undergraduate and MEng research opportunities
[Show older projects]
[Show courses taught]
- Program Committees:
Computer Security Foundations 2010,
IEEE Symposium on Security & Privacy (Oakland) '09;
CSF/CSFW '04, '06,
IEEE S&P (Oakland) '01, '04, '07, '08,
USENIX Security 2006,
OSDI '00, '04,
European Workshop '04,
J\Mask: Java extended with masked types for safe, flexible object initialization.
SIF: Servlets with secure information flow.
STONESOUP: an IARPA-funded study on how to certify and run software of uncertain provenance securely
- DARPA Information Science and Technology Study Group (ISAT), 2005–2008
- Jif/split: a version of Jif that automatically partitions programs
to run securely on a distributed system.
J0: Java for novice programmers
- PolyJ: an extended
version of Java that supports parametric polymorphism, freely
available for both Windows and Unix.
- Thor, a
distributed object-oriented database, and Theta,
the internal programming language of Thor. This work provided scalable
techniques for efficiently implementing distributed, persistent
objects and language features such as methods and parametric polymorphism.
Dagstuhl seminar on Mobility, Ubiquity, and Security (Feb.'07)
- Invited and keynote talks: