Yale University.  
Computer Science.  
   
     
Computer Science
Main Page
Academics
Graduate Program
Undergraduate Program
Course Information
Course Catalog
Course Web Pages
Research
Our Research
Research Areas
Research Projects
Publications
People
Faculty
Graduate Students
Research and Technical Staff
Administrative Staff
Alumni
Resources
Calendars
Computing Facilities
Yale Computer Science FAQ
Yale Workstation Support
Computing Lab
AfterCollege Job Resource
Department Information
Contact Us
History
Life in the Department
Life About Town
Directions
Job Openings
Faculty Positions
Useful Links
City of New Haven
Yale Applied Mathematics
Yale Faculty of Engineering
Yale University Home Page
Google Search
Yale Info Phonebook
Internal
Internal 		 

Faculty Recruit Talk
April 1, 2008
10:30 a.m., AKW 200

Sign up to meet with speaker.

Speaker: Nickolai Zeldovich, Stanford University
Title: Building secure systems from buggy code with information flow control

Abstract: Today, computer security resembles an arms race: the bad guys constantly find new ways to break in, and being safe requires staying one step ahead of them in cutting off avenues of attack. This strategy is simply too risky and too expensive in the long run. In this talk, I will argue that we need to address security at a much more fundamental level, and I will show how re-designing operating systems, network protocols, and hardware can provide a solid foundation for building applications in a way that eliminates or radically reduces vulnerabilities.

Much of the challenge in building secure applications stems from the fact that real systems are constantly evolving, and that most programmers are not security-conscious, resulting in code rife with bugs that cause security vulnerabilities. Instead of trying to fix all code, this talk will argue that we should protect data, by controlling how it can move through the system. The key insight is that data protection cuts across layers: any piece of data in an application can also be viewed as memory or files by the OS, or as physical pages by the hardware. Consequently, even data in buggy applications can be protected by the OS or by hardware, despite the latter two being at a much lower level of abstraction.

In particular, I will first describe how a low-level information flow control mechanism can be provided by a small OS kernel, hardware, or network protocol, and then show how the same mechanism can be used throughout the system to enforce security policies ranging from those traditionally found in Unix to those that can ensure the privacy of user data in a web server built from largely untrusted code.

Bio: Nickolai Zeldovich is a postdoc at Stanford University, where he recently received his Ph.D. Previously he received M.Eng. and S.B. degrees from MIT. His research interests are in security, operating systems, and networking.