Thursday, March 11, 2004
B17 Upson Hall
Making Distributed Systems Secure by Construction
Building secure distributed systems typically involves the use of a variety of different mechanisms, such as encryption, digital signatures, access control, and replication. Once the system is built, it is difficult to know that system-level security objectives have been achieved. In this talk I will present a language-based approach for enforcing security policies for data confidentiality and integrity in a distributed environment. Programs annotated with security policies are statically checked and then transformed by the compiler to run securely on a distributed system with untrusted hosts. The code and data of the computation are partitioned and replicated across the available hosts in accordance with the security policies, and the compiler automatically generates secure run-time protocols for communication among the replicated code partitions. We have shown that some programs such as games and auctions can be automatically transformed to run securely.
Andrew Myers is an Assistant Professor at Cornell University. He received a Ph.D. in Computer Science from MIT in 1999. His research interests include computer security, programming languages, and distributed object systems. His recent work has focused on making language-based information flow an expressive and practical way to build secure systems.