Abstract: Building secure distributed systems typically involves the use of a variety of different mechanisms, such as encryption, digital signatures, access control, and replication. Once the system is built, it is difficult to know that system-level security objectives have been achieved.

In this talk I will present a new way to enforce security policies for data confidentiality and integrity in a distributed environment. Programs annotated with security policies are statically checked and then transformed by the compiler to run securely on a distributed system with untrusted hosts. The code and data of the computation are partitioned and replicated across the available hosts in accordance with the security policies, and the compiler automatically generates secure run-time protocols for communication among the replicated code partitions. We have shown that programs such as games and auctions can be automatically transformed to run securely and with reasonable efficiency.

Biography: Andrew Myers is an Associate Professor at Cornell University. He received a Ph.D. in Computer Science from MIT in 1999. His research interests include computer security, programming languages, and distributed object systems. His recent work has focused on using language-based information flow to specify and build trustworthy computing systems.