I am a lecturer in Cornell's computer science department.
I'm interested in the process of programming, and in tools and techniques
that can help programmers design software that is correct, secure, and
I completed a Ph.D. at Cornell University in 2020, under the
guidance of Andrew Myers.
I received a BA in mathematics and a BS in computer science from the
University of Rochester in 2003. I also received an MA in mathematics
from the University of Rochester in 2004.
My Ph.D. research focused on building decentralized distributed systems
that guarantee strong security properties. I am a lead developer of
programming language and runtime system that use information flow
analysis to protect users' information, even in the presence of partially
trusted code running on a partially trusted platform.
You can find my CV here (updated Jun. 2021).
Over the past several years I have been the instructor or co-instructor
of the following courses:
- Discrete structures (CS 2800, 14 semesters)
- Formal proofs, logic, set theory, combinatorics, probability, graphs,
finite automata and regular languages.
- Functional programming and data structures (CS 3110, 4 semesters)
- Functional and concurrent programming in OCaml, writing and using
specifications, modular programming and data abstraction, reasoning
about program correctness, reasoning about system performance, useful
and efficient data structures.
- Operating systems (CS 4410, 7 semesters)
- Hardware support for operating systems, concurrent programming and
synchronization, memory management, filesystems, networking.
- Object Oriented Programming and data structures (CS 2110, 3 semesters)
- Java, object oriented programming, design patterns, introductory data
structures and algorithms, GUI programming.
- Design and analysis of algorithms (CS 4820, 1 semester)
- Greedy algorithms, dynamic programming, divide and conquer, NP
completeness, undecidability, proofs of correctness, asymptotic
- Trust, Authority, and Information Flow in Secure Distributed Systems
- PhD Dissertation, Cornell University. December 2020.
- Decentralized information flow control (DIFC) provides a framework for
specifying policies on the use of information and ensuring that systems abide
by those policies. However, existing DIFC systems do not address the
complexity of the modern software ecosystem, where multiple entities interact
to provide the software, data storage, and computational resources for a given
application. This dissertation aims to bridge the divide between the strong
security guarantees provided by DIFC systems and the complex requirements of
today's distributed applications.
- Fabric: Building Open Distributed Systems Securely by Construction (JCS 2017)
- Journal of Computer Security, 25(4–5):319–321, May 2017.
Jed Liu, Owen Arden, Michael D. George, and Andrew C. Myers.
- Fabric is a system and language for building open, distributed,
extensible information systems that are secure by construction. Fabric
is a decentralized system that allows nodes to securely share both
data and code despite mutual distrust. All resources are labeled with
confidentiality and integrity policies that are enforced through a
combination of compile-time and run-time mechanisms.
- Warranties for Faster Strong Consistency (NSDI 2014)
11th USENIX Symposium on Networked Systems Design and Implementation.
Jed Liu, Tom Magrino, Owen Arden, Michael D. George, and Andrew C. Myers.
- We present a new mechanism, warranties, to enable building distributed
systems with linearizable transactions. A warranty is a time-limited
assertion about one or more distributed objects. These assertions
generalize optimistic concurrency control, improving throughput
because clients holding warranties need not communicate to verify the
warranty's assertion. Updates that might cause an active warranty to
become false are delayed until the warranty expires, trading write
latency for read latency. For workloads biased toward reads,
warranties improve scalability and system throughput. Warranties can
be expressed using language-level computations, and they integrate
harmoniously into the programming model as a form of memoization.
Experiments with some nontrivial programs demonstrate that warranties
enable high performance despite the simple programming model.
- Sharing Mobile Code Securely With Information Flow Control (Oakland 2012)
- 33rd IEEE Symposium on Security and Privacy.
Owen Arden, Michael D. George, Jed Liu, K. Vikram, Aslan Askarov, and Andrew C. Myers.
- We introduce a new architecture for secure mobile code, with which
developers can securely use, publish, and share mobile code across
trust domains. This architecture enables new kinds of distributed
applications, and makes it easier to securely reuse and evolve code
from untrusted providers.
- Fabric: A Platform for Secure Distributed Computation and Storage (SOSP 2009)
- 22nd ACM Symposium on Operating System Principles.
Jed Liu, Michael D. George, K. Vikram, Xin Qi, Lucas Waye, and Andrew C. Myers.
- Fabric is a new system and language for building secure distributed
information systems. It is a decentralized system that allows
heterogeneous network nodes to securely share both information and
computation resources despite mutual distrust.