CS Department Seminar: Prof. Alejandro Russo, Chalmers University of Technology
December 6, 2013
Title: Towards synthesizing sound information-flow systems
Speaker: Prof. Alejandro Russo, Chalmers University of Technology
Date: December 6th, 2013 at 3:00pm
Location: Babbio Center 310
Information-flow security has recently become relevant to preserve confidentiality of data in popular platforms (e.g. mobile platforms, web services, etc.). A great series of work has been devoted to dynamically control information-flow control using programming language semantics. Sometimes, extending such systems to add new language construct is not trivial, or worse, it might be error prone. In this light, we present the first steps towards a monadic calculus to enforce the non-interference policy, i.e., that secrets are not leaked into public entities. The calculus is based on a floating-label system in such a way that explicitly associates security checks to read or write effects of a given operation. This allows, almost automatically, to synthesize security checks for new features (e.g. references, communication channels, etc.) based on their effects. Moreover, the calculus has support for flow-sensitive and flow-insensitive values as well as sequential or concurrent programming models.
(This is a work in progress with Pablo Buiras, Deian Stefan, and David Mazieres.)
Alejandro Russo is an Assistant Professor at Chalmers University of Technology, Sweden; he is also Visiting Associate Professor at Stanford University during Fall 2013. His research focuses on language-based techniques for information-flow security. He has contributed to that field with theoretical results as well as many practical works. He is noted for providing information-flow security by libraries, in the functional programming language Haskell. Alejandro obtained several grants from different sources to push forward his research agenda: Google (Google Research Award), Vetenskapsradet (something like the NSF in the US), the Swedish foundation for international cooperation in research and high education (STINT), and the Barbro-Osher foundation.