SCS Recruiting Seminar: Shweta Shinde

*********************************
There is now a CONTENT FREEZE for Mercury while we switch to a new platform. It began on Friday, March 10 at 6pm and will end on Wednesday, March 15 at noon. No new content can be created during this time, but all material in the system as of the beginning of the freeze will be migrated to the new platform, including users and groups. Functionally the new site is identical to the old one. webteam@gatech.edu
*********************************

Event Details
  • Date/Time:
    • Tuesday March 10, 2020 - Wednesday March 11, 2020
      11:00 am - 11:59 am
  • Location: KACB 1116W
  • Phone:
  • URL:
  • Email:
  • Fee(s):
    N/A
  • Extras:
Contact

Tess Malone, Communications Officer

tess.malone@cc.gatech.edu

Summaries

Summary Sentence: Better Foundations for Secure Software: Minimize Trust and Verify It

Full Summary: No summary paragraph submitted.

Media
  • Shweta Shinde Shweta Shinde
    (image/jpeg)

TITLE: Better Foundations for Secure Software: Minimize Trust and Verify It

ABSTRACT:

Software systems are ever-growing in size and complexity while being rife with vulnerabilities. Patches and defenses are continuously deployed, but the software attack surface is extremely large and attackers invariably find ways to gain a persistent foothold. An effective way to end the arms race between vulnerabilities and defense tools is by isolating the software using trusted hardware. With such isolation, what is the least amount of code that needs to be bug-free to securely run user applications? At the moment, even after using trusted hardware, this number can be upwards of a few million lines of code. Can we do any better?

In this talk, I present two key results from my work that shows a foundational approach to safeguard applications against large and potentially buggy software. First, I present a principled way of using hardware isolation to securely execute Linux applications while only trusting a few thousand lines of code. This system has been adopted by two startups. Second, I show the feasibility of full formal verification of the trusted code by proving guarantees over a large-subset, such as the file system interface. Overall, these implementations point to a new way of executing secure applications with a thousand lines of trusted and verified code. Finally, I will summarize my long-term vision for building the next generation of better, trusted, and verified secure hardware and software designs.
 

BIO:

Shweta Shinde is a postdoctoral scholar at UC Berkeley. Her research is broadly at the intersection of trusted computing, system security, program analysis, and formal verification. Her work has been published at top venues in security (IEEE S&P, CCS, Usenix Security, NDSS), programming languages (PLDI), and software engineering (FSE). Her research has been commercialized at three start-ups and has led to a direct impact at various companies. Shweta received her Ph.D. from the National University of Singapore in 2018, where she was awarded the Dean’s Graduate Research Excellence.

Additional Information

In Campus Calendar
No
Groups

College of Computing, School of Computer Science

Invited Audience
Faculty/Staff, Postdoc, Public, Graduate students, Undergraduate students
Categories
Seminar/Lecture/Colloquium
Keywords
No keywords were submitted.
Status
  • Created By: Tess Malone
  • Workflow Status: Published
  • Created On: Feb 26, 2020 - 11:26pm
  • Last Updated: Feb 27, 2020 - 3:54pm