CMU/Penn Manifest Security Initiative
Meetings
Fall 2008
This meeting was held December 8 and 9 at the University of Pennsylvania. Discussions revolved around practical applications of the theoretical developments already achieved for manifest security.
Main presentations:
- Aaron Bohannon discussed noninterference for reactive programming languages.
- Deepak Garg demonstrated a prototype file system using proof carrying carrying authorization.
- Avijit Kumar demonstrated a proof-carrying extension to ML5
Summer 2008
This meeting was held June 28 and 29 at Carnegie Mellon. The topics of discussion included refining the threat model for web browsers; updates on ongoing work; and technical issues surrounding proof carrying access control, information flow, and computational models for web scripting.
Main presentations:
- Aaron Bohannon discussed the security aspects of web mashups. His slides are here.
- Steve Zdancewic reported on Aura based on his WG2.8 talk.
- Avijit Kumar presented an informal overview of ML5.
- Dan Licata gave his LICS talk on focusing and binding.
Winter 2008
The principle investigators held an informal meeting at POPL'08 conference.
Fall 2007
We held our kick-off meeting on November 1 and 2 at the University of Pennsylvania. Activities included the following.
- Deepak Garg gave a presentation and demo implementing a file system using an authorization logic for access control.
- Tom Murphy told as about ML5. For more information see the presentation from Trusted Global Computing or his thesis defense.
- We sketched out a straw language design for web programming using dependent types for access control and based on purely functional maps between page states.
