This project investigates the hard problem of resilient architectures from the standpoint of enabling new potential for incorporating privilege separation into computing systems. However, privilege separation alone is insufficient to achieve strong security guarantees. It must also include a security policy for separated components without impacting the functional requirements of the system. The general hypothesis of this project is that, legacy computing systems contain emergent properties that allow automatic software partitioning for privilege separation capable of supporting practical least privilege security policies.
Team
PIs: William Enck & Xiaohui (Helen) Gu Students: Adwait Nadkami, Tsun-Hsuan (Anson) Ho, Ashwin Shashidharan
Attaining Least Privilege Through Automatic Partitioning of Hybrid Programs