About me

I am a lecturer in Cornell's computer science department.

I'm interested in the process of programming, and in tools and techniques that can help programmers design software that is correct, secure, and efficient.

I completed a Ph.D. at Cornell University in 2020, under the guidance of Andrew Myers. I received a BA in mathematics and a BS in computer science from the University of Rochester in 2003. I also received an MA in mathematics from the University of Rochester in 2004.

My Ph.D. research focused on building decentralized distributed systems that guarantee strong security properties. I am a lead developer of Fabric, a programming language and runtime system that use information flow analysis to protect users' information, even in the presence of partially trusted code running on a partially trusted platform.

You can find my CV here (updated Jun. 2021).

Teaching

Over the past several years I have been the instructor or co-instructor of the following courses:

Discrete structures (CS 2800, 14 semesters)
Formal proofs, logic, set theory, combinatorics, probability, graphs, finite automata and regular languages.
Functional programming and data structures (CS 3110, 4 semesters)
Functional and concurrent programming in OCaml, writing and using specifications, modular programming and data abstraction, reasoning about program correctness, reasoning about system performance, useful and efficient data structures.
Operating systems (CS 4410, 7 semesters)
Hardware support for operating systems, concurrent programming and synchronization, memory management, filesystems, networking.
Object Oriented Programming and data structures (CS 2110, 3 semesters)
Java, object oriented programming, design patterns, introductory data structures and algorithms, GUI programming.
Design and analysis of algorithms (CS 4820, 1 semester)
Greedy algorithms, dynamic programming, divide and conquer, NP completeness, undecidability, proofs of correctness, asymptotic complexity.

Publications

Trust, Authority, and Information Flow in Secure Distributed Systems
PhD Dissertation, Cornell University. December 2020.
Decentralized information flow control (DIFC) provides a framework for specifying policies on the use of information and ensuring that systems abide by those policies. However, existing DIFC systems do not address the complexity of the modern software ecosystem, where multiple entities interact to provide the software, data storage, and computational resources for a given application. This dissertation aims to bridge the divide between the strong security guarantees provided by DIFC systems and the complex requirements of today's distributed applications.
Fabric: Building Open Distributed Systems Securely by Construction (JCS 2017)
Journal of Computer Security, 25(4–5):319–321, May 2017.
Jed Liu, Owen Arden, Michael D. George, and Andrew C. Myers.
Fabric is a system and language for building open, distributed, extensible information systems that are secure by construction. Fabric is a decentralized system that allows nodes to securely share both data and code despite mutual distrust. All resources are labeled with confidentiality and integrity policies that are enforced through a combination of compile-time and run-time mechanisms.
Warranties for Faster Strong Consistency (NSDI 2014)
11th USENIX Symposium on Networked Systems Design and Implementation.
Jed Liu, Tom Magrino, Owen Arden, Michael D. George, and Andrew C. Myers.
We present a new mechanism, warranties, to enable building distributed systems with linearizable transactions. A warranty is a time-limited assertion about one or more distributed objects. These assertions generalize optimistic concurrency control, improving throughput because clients holding warranties need not communicate to verify the warranty's assertion. Updates that might cause an active warranty to become false are delayed until the warranty expires, trading write latency for read latency. For workloads biased toward reads, warranties improve scalability and system throughput. Warranties can be expressed using language-level computations, and they integrate harmoniously into the programming model as a form of memoization. Experiments with some nontrivial programs demonstrate that warranties enable high performance despite the simple programming model.
Sharing Mobile Code Securely With Information Flow Control (Oakland 2012)
33rd IEEE Symposium on Security and Privacy.
Owen Arden, Michael D. George, Jed Liu, K. Vikram, Aslan Askarov, and Andrew C. Myers.
We introduce a new architecture for secure mobile code, with which developers can securely use, publish, and share mobile code across trust domains. This architecture enables new kinds of distributed applications, and makes it easier to securely reuse and evolve code from untrusted providers.
Fabric: A Platform for Secure Distributed Computation and Storage (SOSP 2009)
22nd ACM Symposium on Operating System Principles.
Jed Liu, Michael D. George, K. Vikram, Xin Qi, Lucas Waye, and Andrew C. Myers.
Fabric is a new system and language for building secure distributed information systems. It is a decentralized system that allows heterogeneous network nodes to securely share both information and computation resources despite mutual distrust.

Other Interests