PrivExec: Private Execution as an Operating System Service

Speaker: William Robertson , Northeastern University

Date: Wednesday, October 23, 2013

Time: 4:00 PM to 5:00 PM Note: all times are in the Eastern Time Zone

Refreshments: 4:00 PM

Public: Yes

Location: G882

Event Type:

Room Description:

Host: Raluca Ada Popa

Contact: Raluca Ada Popa,

Relevant URL:

Speaker URL: None

Speaker Photo:

Reminders to:

Reminder Subject: TALK: PrivExec: Private Execution as an Operating System Service

Abstract: Privacy has become an issue of paramount importance for many users. As a result, encryption tools such as TrueCrypt, OS-based full-disk encryption such as FileVault, and privacy modes in all modern browsers have become popular. However, although such tools are useful, they are not perfect. For example, prior work has shown that browsers still leave many traces of user information on disk even if they are started in private browsing mode. In addition, disk encryption alone is not sufficient, as key disclosure through coercion remains possible. Clearly, it would be useful and highly desirable to have OS-level support that provides strong privacy guarantees for any application -- not only browsers.

In this talk, I will present the design and implementation of PrivExec, the first operating system service for private execution. PrivExec provides strong, general guarantees of private execution, allowing any application to execute in a mode where storage writes, either to the filesystem or to swap, will not be recoverable by others during or after execution. PrivExec does not require any explicit application support, recompilation, or any other preconditions. We have implemented a prototype of PrivExec by extending the Linux kernel that is efficient, practical, and that secures sensitive data against disclosure.

Bio: William Robertson is an assistant professor with a joint appointment in the College of Computer and Information Science and the College of Engineering at Northeastern University. His research interests revolve around various
aspects of systems and network security, making use of techniques such as program analysis and machine learning. His work in these areas has had impact both in industry through collaborations with startup ventures such as Lastline Inc., as well as in the world of public policy, where his work on electronic voting security resulted in significant changes to voting procedures in the states of California and Ohio.

He co-chaired the 2013 USENIX Workshop on Offensive Technologies (WOOT), co-located with USENIX Security, and chaired the 2012 Conference on the Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA). He has participated on the program committees of a number of top-tier systems security venues, including IEEE Security and Privacy, USENIX Security, and RAID. He is also the author of numerous peer-reviewed journal and conference
papers in the area of systems and network security.

Research Areas:

Impact Areas:

See other events that are part of the CSAIL Security Seminar 2013/2014.

Created by Raluca Ada Popa Email at Tuesday, October 15, 2013 at 11:34 PM.