Aaron Blankstein will present his research seminar/general exam on Thursday January 24 at
Noon in Room 402. The members of his committee are: Michael Freedman (advisor), Ed
Felten, and Vivek Pai. Everyone is invited to attend his talk, and those faculty wishing to
remain for the oral exam following are welcome to do so. His abstract and reading list follow
below.
In many client-facing applications, a vulnerability in any portion can
compromise the entire application. In this talk, I describe the design
and implementation of Passe, a web framework that provides integrity
and confidentiality guarantees for existing applications. Passe
automatically splits (previously single-process) web applications into
sandboxed processes, and then limits the types of queries each
component can make to shared storage. While previous approaches like
Decentralized Information Flow Control sought to provide security
guarantees by explicitly labeling and tracking data, Passe provides
similar guarantees by instead enforcing integrity constraints on
database queries, even when they originate from compromised
components. Further, rather than requiring developers to specify such
constraints explicitly, Passe infers these constraints during a
testing phase, in which it assumes that the “proper” execution of
database queries is reading and writing data appropriately. Such
policy inference allows Passe to execute unmodified applications
without explicit policies. I present a prototype of Passe which acts
as a drop-in replacement for the Django web framework. By running
seven unmodified, off-the shelf applications in Passe, I demonstrate
its ability to provide strong security guarantees with reasonable
performance.
Reading List
"Principles of Computer System Design" - Saltzer and Kaashoek
"The KeyKOS Nanokernel Architecture" A. Bomberger, A. Frantz,
W. Frantz, A. Hardy, N. Hardy, C. Landau, and J. Shapiro.
"Complete, Safe Information Flow with Decentralized Labels" A. Myers
and B. Liskov.
"Hails: Protecting data privacy in untrusted web applications." Daniel
B. Giffin, Amit Levy, Deian Stefan, David Terei, David Mazières, John
Mitchell, and Alejandro Russo.
“The protection of information in computer systems,” J. H. Saltzer and
M. D. Schroeder,
"Information Flow Control for Standard OS Abstractions" (Flume) Max
Krohn, Alexander Yip, Micah Brodsky, Natan Cliffer, M. Frans Kaashoek,
Eddie Kohler, Robert Morris
"Making information flow explicit in HiStar. " Nickolai Zeldovich,
Silas Boyd-Wickizer, Eddie Kohler, and David Mazières.
“Bugs as deviant behavior: a general approach to inferring errors in
systems code" D. Engler, D. Y. Chen, S. Hallem, A. Chou, and B. Chelf
“All you ever wanted to know about dynamic taint analysis and forward
symbolic execution (but might have been afraid to ask),” E. J.
Schwartz, T. Avgerinos, and D. Brumley
“Building secure high-performance web services with OKWS" - Max Krohn