您位于: 首页 / Events / 4月24日学术报告:Prof. Limin Jia (CMU) - Protect Users' Data with Information Flow Control

4月24日学术报告:Prof. Limin Jia (CMU) - Protect Users' Data with Information Flow Control

时间:周五(4月24日)上午10:00,地点:1801 CMU的 Limin Jia教授会介绍利用程序分析技术保护用户隐私的研究工作。Jia教授的研究方向是程序语言、形式化方法和软件系统安全。

事件详细信息

时间

2015-04-24
起始时间 10:00 结束时间 11:30

地点

1801

把事件添加到日历

时间:周五(4月24日)上午10:00,地点:1801

Title: Protect Users' Data with Information Flow Control

 

Abstract: As more and more services are provided over the web and via mobile apps, users' sensitive data such as passwords and credit card numbers are at risk from malicious or buggy mobile phone apps, web scripts, and browser extensions.  In this talk, I will explain why the permission systems used on platforms like Android and Chrome are fundamentally unsuited for specifying security policies for the apps and extensions that run on them.  I'll show how previous work on information-flow control (IFC) can be adapted to provide a stronger alternative, and describe the IFC systems we've built to achieve this on both Android and Chromium.  Finally, I'll discuss the challenges---some that we've overcome and some that we continue to work on---in using IFC in this setting to achieve verifiable protection without sacrificing functionality.

 

Bio: Limin Jia is an assistant Research Professor in ECE & INI at Carnegie Mellon University. She received her Bachelor's degree in Computer Science and Engineering department at the University of Science and Technology of China. She received her Ph.D. in Computer Science from Princeton University.

Limin's research focuses on formal aspects of security. She is particularly interested in applying logic and language-based security techniques to model and verify security properties of software systems.