Yue Tan will present her FPO "FAASTEN: An Architecture and implementation for securing cloud applications" on September 5, 2024 at 11am in CS 302. The members of her committee are as follows: Amit Levy (advisor), Maria Apostolaki, Wyatt Lloyd Readers: Mae Milano and Marcus Peinado (Microsoft Research) All are welcome to attend. The FPO abstract follows below: Modern web applications have evolved into intricate networks of micro-applications, posing challenges in ensuring the security of user data confidentiality and integrity. In the current discretionary security paradigm, developers must enforce policies for every microapplication and all data paths that can arise at run-time. A promising alternative paradigm, decentralized information flow control (DIFC), suggests that the underlying system should enforce policies by tracking information flows. As the cloud has become a standard operating system for developing web applications, this paper proposes the first DIFC design for the cloud. We present Faasten, an architecture and implementation for securing cloud applications. Faasten includes a DIFC model and a FaaS-inspired system interface that implements the DIFC model. We provide a detailed interface security analysis and showcase how three representative cloud applications benefit from Faasten. We also show that Faasten introduces negligible latencies in controlling information flows and policy storage costs.