Skip to main content

Retrofitting Security, Module by Module

Nikos Vasilakis

Software developers make pervasive use of third-party modules to reduce costs and accelerate release cycles, at a risk to safety and security. I will introduce a series of techniques that exploit module boundaries to automate software compartmentalization and enforce security policies, enhancing safety and security. BreakApp transparently spawns modules in compartments while preserving their original behavior. Iris leverages language-based protection to offer finer-grained control and lower performance overheads. Finally, Mir uses a constrained read-write-execute protection model and static language-level analysis to fully automate compartmentalization.

Seminar Link (MS Teams)

Speaker bio

Nikos Vasilakis is a post-doctoral researcher at the Massachusetts Institute of Technology (MIT). His research interests lie in the broad areas of distributed systems, programming languages, and computer security. Recent work includes general-purpose distributed environments, automated distribution, application compartmentalization, sandboxing of third-party libraries, and distributed storage systems. He received a Ph.D. from the department of Computer and Information Science at the University of Pennsylvania, and a B.Sc./M.Eng from the department of Computer Engineering and Informatics at the University of Patras.

Share this: