Five-College Speaker Series on Information Assurance
|
Steve Zdancewic
|
 |
In this talk, I describe an approach to using programming-language and compiler technology to build secure distributed software. The goal of this research is to explore ways of providing strong confidentiality and integrity guarantees in systems where there are mutually distrusting participants. The starting point for this work is the Jif programming language, which is a version of Java with a type system that supports information-flow security policies. I will show how a compiler can make use of the structure of the security policy to automatically partition the source program among distributed hosts, extracting an appropriate communication protocol from the source and inserting authentication and encryption as required. The resulting distributed subprograms collectively implement the original program, yet the system as a whole satisfies the security requirements of participating principals without requiring a universally trusted host. This research is joint work with Stephen Tse and Peng Li of the University of Pennsylvania and Andrew Myers, Lantian Zheng, and Steve Chong of Cornell University.
|
|