DisCoTec | Invited Speaker

10th IFIP International Conference on Formal Methods for Open Object-based Distributed Systems (FMOODS'08)

Invited Speaker

Guiding distributed systems synthesis with language-based security policies

Andrew Myers, Cornell University

The distributed information systems we use every day are becoming more complex and interconnected. Can we trust them with our information? Currently there is no good way to check that distributed software uses information securely, even if we have the source code. Many mechanisms are available, but are error-prone: for example, encryption, various cryptographic protocols, access control, and replication. But it is hard to know when we are using these mechanisms in a way that correctly enforces application security requirements.

This talk describes a higher-level approach to programming secure systems. Instead of using security mechanisms directly, the programming language incorporates explicit security policies specifying the confidentiality, integrity, and availability of information. The compiler then automatically transforms the source code to run securely on the available host machines, and uses a variety of security mechanisms in order to satisfy security policies. The result is systems that are secure by construction. We look at two applications of this approach: building secure web applications using partitioning beween clients and servers, and building more general secure systems by synthesizing fault-tolerance protocols for availability.

Joint work with Steve Chong, Jed Liu, Nate Nystrom, Xin Qi, K. Vikram, Steve Zdancewic, Lantian Zheng, and Xin Zheng.


Andrew Myers is an Associate Professor in the Computer Science Department at Cornell University in Ithaca, NY. He received his Ph.D. in Electrical Engineering and Computer Science from MIT in 1999.

His research interests include computer security, programming languages, and distributed and persistent objects. His work on computer security has focused on practical, sound, expressive languages and systems for enforcing information security. The Jif programming language makes it possible to write programs which the compiler ensures are secure. The Polyglot extensible compiler framework is now widely used for programming language research.

Myers is the recipient of an NSF CAREER award, an Alfred P. Sloan Fellowship, a College of Engineering Abraham T. C. Wong '72 Excellence in Teaching Award, a George M. Sprowls award for outstanding Ph.D. thesis from MIT, and a best paper award for a paper in SOSP 2001.