Research interests

It is too hard to build trustworthy software systems using conventional systems APIs. I work on higher-level, language-based abstractions for programming that better address important cross-cutting concerns: security, extensibility, persistence, distribution.

Selected recent publications

Diagnosing maximum-likelihood program error locations from constraint system failures.

Pattern matching that verifies exhaustiveness and redundancy can coexist with data abstraction and subtyping.

Program analysis and synthesis enable seamlessly moving data and functionality between app and database servers.

For consistently good performance, Pyxis automatically migrates computation and data to the database server.

A new architecture for secure mobile code, supporting secure use, publication, and sharing of code across trust domains.

Awards

Current Projects

• Keynote address at POPL'13: How languages can save distributed computing.
• Fabric: A federated system for securely storing, sharing, and computing information.
• General methods for controlling timing channels.
• Swift: Making web applications secure by construction.
• Jif: an extended version of Java that protects privacy by controlling information flow
• Jx/J&: language features for extensible, composable, adaptable software
• Civitas: A practical, secure, remote voting system.
• JMatch: a Java extension with pattern matching and interruptible iterators
• Polyglot: a widely used, extensible Java compiler front end framework for rapid experimentation with new language extensions.
• Program committees: CCS'13, POST'14, ASPLOS'14 ERC
• Editorial Boards: Journal of Computer Security (Co-Editor-in-Chief), ACM Transactions on Computer Systems (Assoc. Editor)
• ▸Undergraduate and MEng research opportunities
• [Show older projects]