CyLab Distinguished Seminar

  • Robert Mehrabian Collaborative Innovation Center
  • Panther Hollow Conference Room 4101
  • JONATHAN ALDRICH
  • Professor
  • Institute for Software Research
  • School of Computer Science
Seminars

A well-known, principled approach to software security is to build desired properties into the application architecture.  Unfortunately, this approach fails too often in practice, because we have inadequate support for writing down and enforcing the security architecture of a system.  The Wyvern programming language allows developers to express architectural design and system-level security properties within code, and provides usable mechanisms for enforcing both of these.  Based on results from type theory as well as user experiments, we'll describe how Wyvern's immutability types enforce the transitive integrity of data structures, how its type-specific languages can eliminate command injection attacks, and how a few lines of top-level code can enforce system-wide architectural properties.

For More Information, Please Contact: