Sotirios Apostolakis will be presenting his general exam "Securing Commodity Systems with Containment: a Redis Server Case Study" on Monday, October 23, 2017 at 2:30pm in CS 402.   The members of his committee are David August (adviser), Nick Feamster, and Andrew Appel.

Everyone is invited to attend his talk.  

Abstract:
Modern computing systems are too complex to be vulnerability free. Current reactive approaches to security are not effective, and proposed "clean slate" approaches, requiring formal proofs of correctness for whole systems, are impractical. Prior work introduced TrustGuard, an approach that provides proactive protection against malicous and buggy hardware by allowing only the correct execution of signed software to produce output. This work expands TrustGuard’s containment guarantees to additionally protect against flawed software. To demonstrate TrustGuard's expanded capabilities, we implemented a system that secures a commodity Redis server against deviations from the Redis server specification. We show that 4K RTL LOC (one time cost on FPGA network card) and 3K software LOC can secure a modern Redis server consisting of hundreds of millions of LOC of hardware, OS, libraries and applications.