System-wide intrusion recovery and running applications over encrypted data
Event details
| Date | 10.06.2013 |
| Hour | 15:15 › 16:15 |
| Speaker | Prof. Nickolai Zeldovich, Massachusetts Institute of Technology |
| Location | |
| Category | Conferences - Seminars |
Computer systems are routinely compromised---as a result of software vulnerabilities, mis-configuration by administrators, or insecure choices by end users---and compromises seem inevitable in almost any system.
This talk will describe two of our recent research projects to provide security despite inevitable compromises. First, for integrity, we have been building systems that provide "system-wide undo", which allows users or administrators to recover the integrity of a system after an intrusion, by undoing the attacker's actions and all causal effects thereof, while preserving legitimate user changes. Second, to protect confidentiality, we have been building systems that run applications over encrypted
data, so that even if a server is compromised, an adversary learns only encrypted data, and cannot obtain plaintext confidential information.
This talk will describe two of our recent research projects to provide security despite inevitable compromises. First, for integrity, we have been building systems that provide "system-wide undo", which allows users or administrators to recover the integrity of a system after an intrusion, by undoing the attacker's actions and all causal effects thereof, while preserving legitimate user changes. Second, to protect confidentiality, we have been building systems that run applications over encrypted
data, so that even if a server is compromised, an adversary learns only encrypted data, and cannot obtain plaintext confidential information.
Links
Practical information
- General public
- Free
Organizer
- SuRI 2013
Contact
- Simone Muller