Research Area:
Security
Description
Today's computer systems are vulnerable in myriad ways. This is, perhaps, a consequence of the fact that they were not designed with the worst-case scenario in mind, and the problem of protecting them against attack came as an afterthought. How do we protect existing systems from attacks? How do we make sure that future systems are not vulnerable?
We develop practical tools for such tasks as combating denial-of-service attacks (via IP-traceback), certificate revocation, XML signatures and the authentication of Web services. We also tackle the policies that dictate the security of systems. We devise theories and build tools for the analysis of idustrial-scale access-control policies and their interactions with programs. Using state-of-the-art cryptography, we develop systems that ensure fairness and accountability.
Faculty
Topics or Projects
