Existing mechanisms for authorizing and auditing the flow of information in networked computer systems are insufficient to meet the security requirements of high-assurance software systems. Current best practices typically rely on operating-system provided file permissions for authorization and an ad-hoc combination of OS and network-level (e.g. firewall-level) logging to generate audit trails.

This talk will describe ongoing work on a security-oriented programming language called Aura that attempts to address this problem of auditable information flows in a more principled way. Aura supports a built-in notion of principal and its type system incorporates ideas from authorization logic and information-flow constraints. These features, together with the Aura run-time system, enforce strong information-flow policies while generating good audit trails. These audit trails record access-control decisions (such as uses of downgrading or declassification) that influence how information flows through the system. Aura's programming model, which is based on a weak form of dependent types, is intended to smoothly integrate information-flow and access control constraints with the cryptographic enforcement mechanisms necessary in a distributed computing environment.


Bio:
Dr. Zdancewic is an associate professor in the Computer and Information Science department at the University of Pennsylvania in Philadelphia, PA. He received his Ph.D. in Computer Science from Cornell University in 2002, and he graduated from Carnegie Mellon University with a B.S. in Computer Science and Mathematics in 1996. He is the recipient of an NSF Graduate Research Fellowship, an Intel fellowship, and an NSF CAREER award. His publications in the areas of programming languages and computer security include two best paper awards.