PrivExec: Private Execution as an Operating System Service
, Northeastern University
Date: Wednesday, October 23, 2013
Time: 4:00 PM to 5:00 PM Note: all times are in the Eastern Time Zone
Refreshments: 4:00 PM
Host: Raluca Ada Popa
Contact: Raluca Ada Popa, firstname.lastname@example.org
Speaker URL: None
TALK: PrivExec: Private Execution as an Operating System Service
Abstract: Privacy has become an issue of paramount importance for many users. As a result, encryption tools such as TrueCrypt, OS-based full-disk encryption such as FileVault, and privacy modes in all modern browsers have become popular. However, although such tools are useful, they are not perfect. For example, prior work has shown that browsers still leave many traces of user information on disk even if they are started in private browsing mode. In addition, disk encryption alone is not sufficient, as key disclosure through coercion remains possible. Clearly, it would be useful and highly desirable to have OS-level support that provides strong privacy guarantees for any application -- not only browsers.
In this talk, I will present the design and implementation of PrivExec, the first operating system service for private execution. PrivExec provides strong, general guarantees of private execution, allowing any application to execute in a mode where storage writes, either to the filesystem or to swap, will not be recoverable by others during or after execution. PrivExec does not require any explicit application support, recompilation, or any other preconditions. We have implemented a prototype of PrivExec by extending the Linux kernel that is efficient, practical, and that secures sensitive data against disclosure.
Bio: William Robertson is an assistant professor with a joint appointment in the College of Computer and Information Science and the College of Engineering at Northeastern University. His research interests revolve around various
aspects of systems and network security, making use of techniques such as program analysis and machine learning. His work in these areas has had impact both in industry through collaborations with startup ventures such as Lastline Inc., as well as in the world of public policy, where his work on electronic voting security resulted in significant changes to voting procedures in the states of California and Ohio.
He co-chaired the 2013 USENIX Workshop on Offensive Technologies (WOOT), co-located with USENIX Security, and chaired the 2012 Conference on the Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA). He has participated on the program committees of a number of top-tier systems security venues, including IEEE Security and Privacy, USENIX Security, and RAID. He is also the author of numerous peer-reviewed journal and conference
papers in the area of systems and network security.
Created by Raluca Ada Popa at Tuesday, October 15, 2013 at 11:34 PM.