Modern systems such as operating systems, web browsers, and Internet services, are increasingly built in a modular fashion by combining components of diverse pedigrees. Establishing the security of such systems is an open challenge. Traditionally, isolating partially (in)secure componets from each other and from the runtime system relied on access-control policy enforcement and sandboxing. Although cumbersome and often too restrictive, such approaches have been applied at all levels in the software stack, from OS kernels to general-purpose applications to web browsers and web pages. Alternative approaches have built on program verication to establish that software components satisfy some minimal properties guaranteeing security of the whole system or on a combination of program verication and runtime isolation enforcement. Recently, the framework of universal composability was adapted from its original use on cryptographic protocols to software systems, where it allows for formal reasoning about the composition of components with well-defined interfaces.
The workshop to advance the current state of the art in secure-system building with input from academic and industry experts. Questions of interest include: How do traditional approaches (which are well understood and benefit from mature implementations) interact with each other when applied to different layers in the software stack? What is the most effective and eficient way to combine a-priori verification with runtime enforcement? What are the design patterns that allow for the secure composition of software layers, in the presence of components from different sources and under varying update schedules? How does one certify remotely that a particular Internet system (e.g., a web application or service) runs a secure combination of known software components?
Next: Call for Participation
Workshop Index
DIMACS Homepage