University of Cambridge > Talks.cam > Computer Laboratory Systems Research Group Seminar > Security-Oriented Analysis of Application Programs

Security-Oriented Analysis of Application Programs

Add to your list(s) Download to your calendar using vCal

If you have a question about this talk, please contact Eiko Yoneki.

Application compartmentalization decomposes software into sandboxed components in order to mitigate security vulnerabilities, and has proven effective in limiting the impact of compromise. Experience shows, however, that compartmentalizing existing C-language software is difficult, triggering correctness, performance, and most critically, security problems.

This talk introduces Security-Oriented Analysis of Application Programs (SOAAP), a set of LLVM -based analysis and simulation techniques that support software developers in exploring broad compartmentalization spaces available for each application.

Programmers annotate source code with compartmentalization hypotheses that notify SOAAP of past vulnerabilities, security goals such as data confidentiality, performance objectives, and a proposed compartmentalization strategy. SOAAP then evaluates the hypothesis through a blend of static and dynamic analysis, informing the programmer of potential data consistency bugs, security policy violations and expected performance.

Bio: Khilan Gudka is a Research Associate in the Security group at the University of Cambridge Computer Laboratory. Prior to this he did his PhD at Imperial College London. His research interests include software compartmentalisation, capability systems, static/dynamic program analysis, compilers/runtimes and concurrency.

This talk is part of the Computer Laboratory Systems Research Group Seminar series.

Tell a friend about this talk:

This talk is included in these lists:

Note that ex-directory lists are not shown.

 

© 2006-2020 Talks.cam, University of Cambridge. Contact Us | Help and Documentation | Privacy and Publicity