[PAST EVENT] Colloquium talk: Insecure by Design; Secure by Execution
LocationMcGlothlin-Street Hall, Online on Zoom
251 Jamestown Rd
Williamsburg, VA 23185Map this location
Every software developer has heard the mantra: "Build security in from day one." However, security on day one does not guarantee security on day two; threat models change, and users wish to deploy software in new environments that the original developers may not have previously envisioned. As a complement to building security-in, my research asks the question: to what extent can we add security after the fact, so that applications and their security can evolve separately from one another. In this talk, I will discuss my work in designing and implementing an OS-level primitive, conclaves, that augments unmodified applications with confidentiality and integrity guarantees through the use of secure hardware. I will then show how conclaves increases the security and privacy for users of two important, existing systems -- content delivery networks and Tor -- without having to change these systems proper. Finally, I will discuss my future research agenda, and in particular, my ongoing work to dynamically transform an unmodified, monolithic application, into a secure distributed one.
Stephen Herwig is a post-doc at the University of Maryland, and is advised by Dave Levin. He received his PhD from the University of Maryland in 2021, and has taught as an adjunct professor at Salisbury University.