Develop Approaches

Virtual Machine Monitors (VMMs) and hypervisors have become a foundational technology for system developers to achieve increased levels of security, reliability, and manageability for large-scale computing systems such as cloud computing. However, when developing software at the VMM layer, developers often need to interpret the very low level hardware layer state and reconstruct the semantic meanings of the guest operating system events due to the lack of operating system level abstractions.

Cloud computing has emerged as one of the most successful computing models in recent years. However, lack of accountability and non-compliance with data protection regulations have prevented major users such as business, healthcare, and defense organizations from utilizing clouds for sensitive data and applications. Due to the lack of information about cloud internals and the inability to perform trustworthy audits, today's clouds are often not used in regulated industries, preventing their widespread adoption.

The telephony system, which enabled near universal voice communication, has undergone a dramatic change due to technological advances and legal and regulatory changes. Although these changes offer many benefits, including low cost calling and richer functionality, they have introduced new vulnerabilities that can seriously undermine the trust people have in transactions conducted over the telephony channel. In fact, caller impersonation and social engineering over the phone are increasingly being used to commit fraud and steal credentials for online account takeovers.

The vast majority of the code in most applications comes from the libraries it imports, rather than the program itself. As a result, hackers often exploit flaws in libraries like glibc or openssl that are used across multiple applications instead of attacking individual flaws in code specific to the application. This makes it easier for an attacker to compromise many applications at once with a single exploit. This work isolates the impact of flaws in a deployed program into the smallest area possible.

Computers and people live in a world governed by policy. At the lowest level, policies determine how information flows within networks; at the highest level, they describe how users' personal information is shared across applications. Of course, end-users, as policy authors, make mistakes: rules can have unintended consequences and multiple policies can interact in ways that their authors didn't intend. Users can benefit from tools to help them understand the policies they write and maintain. Policy analysis refers to rigorous methods for detecting these situations before they cause harm.