Secure Composition of Systems and Policies

file

Visible to the public Insights into Composability from Lablet Research

Submitted by JonathanAldrich on Thu, 10/30/2014 - 1:57pm. Contributors:

Abstract

This presentation describes a framework for understanding the hard problem of Composability in the setting of security, along with highlights of lablet research results illustrating recent progress in this area and remaining research challenges.

group_project

Visible to the public Secure Composition of Systems and Policies

Submitted by Heather Lucas on Wed, 11/07/2012 - 7:47pm

Compositional security is a recognized central scientific challenge for trustworthy computing. Contemporary systems are built up from smaller components. However, even if each component is secure in isolation, the composed system may not achieve the desired end-to-end security property: an adversary may exploit complex interactions between components to compromise security. Such attacks have shown up in the wild in many different settings, including web browsers and infrastructure, network protocols and infrastructure, and application and systems software.