This page documents the research on how to analyze a composition of accessors and actors with respect to their security and tools that can help the designer to make a given composition more secure.

The goal of our effort is to put together a security toolkit for compositions of accessors, i.e., swarmlets. We need to discuss what methods and techniques go in this toolkit.

AccessorAuthentication

See Accessor Authentication.

Taint analysis

So far we've looked at performing Taint Analysis for a composition. This is illustrated in our poster from the Security and Privacy workshop.

Sand Boxing

See Sandbox.

Sanitizers/Endorsers

We are researching a way to use sanitizers/endorsers in a given composition of accessors and actors (i.e., a swarmlet).

Open questions:

Placement of sanitizers
Specification of sanitizers

Secure Accessor Communication

Key management

Model validation (optional)

References

Microsoft Research

http://research.microsoft.com/en-us/um/people/livshits/papers/pdf/popl13a.pdf
http://research.microsoft.com/en-us/projects/bek/

Sanjit's papers on sanitization

http://www.eecs.berkeley.edu/~sseshia/pubs/b2hd-king-esop10.html
http://www.eecs.berkeley.edu/~sseshia/pubs/b2hd-KJJS-fse08.html
http://www.eecs.berkeley.edu/~sseshia/pubs/b2hd-tan-vstte14.html
http://www.eecs.berkeley.edu/~sseshia/pubs/b2hd-sturton-memocode13.html

SecureCompositionOfAccessors