Lehigh University professor Gang Tan has developed automated techniques to scan for errors in large software systems.
Tan and Lehigh researchers also recently received a five-year CAREER Award from the U.S. National Science Foundation to study and develop modular software that is less vulnerable to system-wide attacks by hackers.
The researchers want to apply the principle of least privilege to software systems. "The principle of least privilege is like the separation of powers in a political system," Tan notes.
He says the researchers have made progress in privilege separation in software environments, but challenges remain with operating system portability, high runtime overhead, architectural flexibility, and compositional reasoning.
“These new tools and methodologies will make the principle of least principle easier to apply to big software systems," Tan says. "By monitoring information flow at the binary instead of the source-language level, it will be easier to check the security properties of individual modules, prevent malicious information flow between modules, and allow only benign information flow."
From Lehigh University
View Full Article
Abstracts Copyright © 2012 Information Inc. , Bethesda, Maryland, USA
No entries found