News

Talk by Nikos Vasilakis

Nikos Vasilaki who is currently Ph.D. candidate in Computer and Information Science at the University of Pennsylvania, will give a talk on "Retrofitting Security in Applications with Many Third-party Modules" on Tuesday, June 26th, on the 6th floor (606 room) of the Evelpidon Str. building (graduate program building) of the Athens University of Economics and Business (AUEB)

Talk abstract: Developers of large-scale software systems use third-party modules to reduce costs and accelerate release cycles, at a risk to safety and security. I will introduce a set of techniques that exploit module boundaries to automate compartmentalization of systems and enforce security policies, enhancing reliability and security. Our system, BreakApp, transparently spawns modules in protected compartments while preserving their original behavior. Optional high-level policies decouple security assumptions made during development from requirements imposed for module composition and use. These policies allow fine-tuning trade-offs such as security and performance based on changing threat models or load patterns. Evaluation of BreakApp with a prototype implementation for JavaScript -- an environment that is notorioustoday for its high-impact security problems -- demonstrates feasibility by enabling simplified security hardening of existing systems with low performance overhead.

Presenter's biography: Nikos Vasilakis is a Ph.D. candidate in Computer and Information Science at the University of Pennsylvania. Broadly construed, his research focus is large-scale distributed systems, with branches into systems security and programming languages. In the past, he worked as a software engineer in industrial environments that blend engineering with a tablespoon of research (e.g., VMware).