Abstract:
The web is changing. Web servers are dealing with the dynamic web, delivering rich applications to clients, where the browsers are increasing their complexity to handle them. Both parties might have good reasons to not trust each other, creating interesting security challenges. This talk explores information-flow tracking technologies for a safer web. We tackle practical problems while providing formal guarantees for our solutions. We investigate the compromise between security and flexibility for protecting confidentiality and integrity in web scenarios. Furthermore, using purely dynamic techniques, we implement our ideas to demonstrate their applicability.
Bio:
Luciano Bello is a last-year PhD student at Chalmers University of Technology (Gothenburg, Sweden). Under the supervision of Andrei Sabelfeld, he is studying how information-flow control techniques can improve the security of the web. He is also a free software developer and an enthusiastic go player.
Contact Sergio Maffeis if you would like to arrange a meeting.