Please join us for research presentation by Dr. Michael J. Freedman: “Coping with untrusted or vulnerable cloud services”, Wednesday, July 2nd, POST 302.
Today, we protect our computing infrastructure by building thicker digital walls or by using more aggressive auditing to diagnose data leakage. Yet, the ongoing centralization of services and information in large-scale data centers and cloud environments has only increased their value for targeted cyber attacks. For the last few years, my research group has been pursuing an alternative vision for system and network security: To what extent can we secure applications and data when the infrastructure itself may be actively malicious (due to insider attacks or successful break-ins)? Or, how might we greatly minimize the potential for data loss when application code may be vulnerable to external exploitation? In this talk, I present two related projects addressing these challenges.
First, my group has built systems that use a centralized cloud provider without trusting it with the privacy or integrity of users’ data. The provider’s servers see only encrypted data and cannot deviate from correct protocol execution without detection. The cloud servers primarily act as a storage and ordering service, with most application logic pushed to the client. We have applied these general methods to both group-collaboration applications (such as online word processing) and large-scale social-networking services, both of which support fine-grained, dynamic groups of users that operate on cryptographically-secured information.
Second, in many client-facing applications, a vulnerability in any part can compromise the entire application and gain access to all its data. I describe a new system, Passe, that protects a data store from unintended data leaks and unauthorized writes even in the face of application compromise. Passe automatically splits (previously shared-memory-space) web applications into sandboxed processes, and then restricts communication between those components and the types of accesses each component can make to shared storage, such as a backend database. To limit components to their least privilege, Passe applies dynamic analysis to learn data and control-flow relationships between data accesses, and then strongly enforces those relationships.
Dr. Michael J. Freedman is an Associate Professor in the Computer Science Department at Princeton University, with a research focus on distributed systems, networking, and security. Prior to joining Princeton in 2007, he received his Ph.D. in computer science from NYU’s Courant Institute and his S.B. and M.Eng. degrees from MIT. He developed and operates several self-managing systems — including CoralCDN, a decentralized content distribution network, and DONAR, a server resolution system powering the FCC’s Consumer Broadband Test — which serve millions of users daily. Other research has included software-defined and service-centric networking, cloud storage and data management, untrusted cloud services, fault-tolerant distributed systems, virtual world systems, peer-to-peer systems, and various privacy-enhancing and anti-censorship systems. Freedman’s work on IP geolocation and intelligence led him to co-found Illuminics Systems, which was acquired by Quova (now part of Neustar) in 2006. His work on programmable enterprise networking (Ethane) helped form the basis for the OpenFlow / software-defined networking architecture. Honors include a Presidential Early Career Award for Scientists and Engineers (PECASE), Sloan Fellowship, NSF CAREER Award, Office of Naval Research Young Investigator Award, and DARPA Computer Science Study Group membership.