seminar: Design Intent: A Principled Approach to Application Security

Monday, September 14, 2009

Design Intent: A Principled Approach to Application Security

Jonathan Aldrich, CyLab Researcher, Associate Professor in the School of Computer Science

12:00pm
INI Distributed Education Center (DEC), CIC Building *L level


Talk Abstract

Although the state of application security practice has improved, much of what we do is an ad-hoc reaction to past problems. This approach is insufficient in the emerging security world, which is characterized by outsoucing, concurrency, and ever more creative attacks. A more principled approach to application ssecurity demands a focus on design intent: engineering information that describes how a system meets its safer language constructs, better library abstractions, or structured comments in source code. By localizing reasoning about global security properties, design intent supports more effective testing and reviews, and paves the way for a revolution in scalable, precise, and usable static analysis tools. I will describe emerging technologies that provide rigorous, design-intent based assurance about concurrency, secure composition, and architectural information-flow--and how the foundation of design intent can provide a more principled yet pragmatic approach to application security in the enterprise.

Speaker Bio

Jonathan AldrichJonathan Aldrich is Associate Professor in the School of Computer Science at Carnegie Mellon University and a member of CyLab. He is the director of CMU's undergraduate minor program in Software Engineering, and teaches courses in software engineering, analysis, and programming languages. Dr. Aldrich's research achievements include verifying correct implementation of an architectural design, modular formal reasoning about code, and protocol specification and verification. For his work on architecture, Aldrich received a 2006 NSF CAREER award and the 2007 Dahl-Nygaard Junior Prize, given annually for a significant technical contribution to object-oriented programming. Aldrich holds a bachelor's degree in Computer Science from Caltech and a Ph.D. from the University of Washington.