Programming languages

group_project

Visible to the public EDU: Development and Analysis of a Spiral Theory-based Cybersecurity Curriculum

Submitted by Vinod Lohani on Wed, 10/11/2017 - 1:49am

In this SaTC-EDU project at Virginia Tech, faculty members and graduate students in the Engineering Education, Computer Science (CS), Electrical & Computer Engineering (ECE) and the Hume Center for National Security and Technology in College of Engineering are collaborating to develop and implement a unique curriculum delivery model in cybersecurity into the CS and ECE curricula using Jerome Bruner's spiral theory approach.

group_project

Visible to the public TWC: Medium: Scaling proof-based verifiable computation

Submitted by Michael Walfish on Mon, 10/09/2017 - 1:15pm

This research addresses a fundamental problem in systems security: how can a machine specify a computation to another one and then, without executing the computation, check that the other machine carried it out correctly? Over the last several years, a new approach to this problem has emerged, based on refining cryptographic and theoretical tools, and incorporating them into built systems. However, despite exciting advances, the resulting systems are still not practical in the normal sense.

group_project

Visible to the public CAREER: Towards Trustworthy Operating Systems

Submitted by Zhi Wang on Fri, 10/06/2017 - 3:12pm

An operating system is the key software of a computer system that manages the hardware and software resources and provides essential services to computer programs. It plays a critical role in the security of the whole system. Unfortunately, modern operating systems are often bloated with millions of lines of source code, and serious vulnerabilities are routinely being discovered and exploited from them.

group_project

Visible to the public TWC: Small: Provably Enforcing Practical Multi-Layer Policies in Today's Extensible Software Platforms

Submitted by Jia Limin on Thu, 08/17/2017 - 10:36pm

A defining characteristic of modern personal computing is the trend towards extensible platforms (e.g., smartphones and tablets) that run a large number of specialized applications, many of uncertain quality or provenance. The common security mechanisms available on these platforms are application isolation and permission systems. Unfortunately, it has been repeatedly shown that these mechanisms fail to prevent a range of misbehaviors, including privilege-escalation attacks and information-flow leakage.