Abstract:

Aside from some limited applications, trusted computing hardware has largely failed to inspire trust or achieve widespread adoption. Rather, security for many applications rests on a messy combination of cryptography, reputation, law, and blind faith. As more computation moves to the cloud, this is a serious concern: cloud users rely on both the provider's staff and its globally-distributed software/hardware platform not to expose any of their private data. However, newly emerging hardware promises to change this, both in the cloud setting and more generally in many decentralised systems.

In this talk, I'll first introduce the notion of shielded execution, which protects the confidentiality and integrity of a program and its data from the platform on which it runs (i.e., the cloud operator's OS, VM and firmware). I'll present our work on Haven, the first system to achieve shielded execution of unmodified legacy applications, including SQL Server and Apache, on a commodity OS (Windows) and commodity hardware (Intel SGX). I'll close with some thoughts on applying SGX-like hardware protection more generally, and discuss the opportunities and challenges it creates for systems research.

Bio:

Andrew Baumann is a researcher in the OS group at Microsoft Research, Redmond. His research interests include operating systems, distributed systems, systems support for new hardware, and systems aspects of security. Past institutions include The University of New South Wales (BE/PhD), IBM T.J. Watson (extended internship), and ETH Zurich (postdoc). Past and current projects include the L4 microkernel, Mungi single-address-space OS, K42 multiprocessor OS, Barrelfish multikernel OS, Drawbridge LibOS, and Ironclad verified system.

Abstract:

Contemporary networks contain many different kinds of middleboxes that perform a variety of advanced network functions such as intrusion detection, load balancing, policy and access control, traffic shaping, and monitoring. Currently, a special box is tailored to provide each of these functions, and therefore, traffic is routed through a sequence of these boxes on its way to its final destination. Moreover, these special boxes are usually proprietary and have limited network operator control (as defined by the vendor of the box).

In this talk, we will cover new trends and architectures in middlebox design that promise to make middlebox faster, scalable and flexible, while promoting innovation. These opportunities are facilitated by current revolutionary architectures of Network Function Virtualization (NFV) and Software Defined Networks (SDN), that enables more flexible and light-weight middlebox design.

Bio:

Anat Bremler-Barr is an associate Professor at the School of Computer Science, Interdisciplinary Center, Herzliya, Israel. Prof. Bremler-Barr holds a Ph.D. (with distinction) in computer science from Tel Aviv University. In 2001, she co-founded and was the chief scientist of Riverhead Networks Inc., which provided systems to protect from Denial of Service attacks. The company was acquired by Cisco Systems in 2004. Prof. Bremler-Barr then joined the Interdisciplinary Center, Herzliya in 2004, where she co-founded with Prof. David Hay the DEEPNESS lab (funded by an ERC starting grant) that focuses on designing deep packet inspection for next generation network devices. Prof. Bremler-Barr serves currently as an associate editor in ACM/IEEE Transactions of Networking and numerous technical program committee of leading conferences in networking. Her research interests are in computer networks and network security.

Abstract:

The ubiquity of mobile devices equipped with built-in cameras has transformed how and when digital images are captured, shared, and archived. Photographs and videos from social gatherings, public events, and even crime scenes are commonplace online. While the spontaneity afforded by these devices have led to new personal and creative outlets, privacy concerns of bystanders and unwilling subjects have not been addressed.

We are designing a trusted software platform that integrates digital capture with user-defined privacy. In this system, users choose a level of privacy (e.g., image capture allowed or not) based upon social context (e.g., out in public vs. with friends vs. at workplace). The privacy choices of users are advertised via short-range radio, and compliant capture platforms generate media edited to conform to the privacy choices of the image subjects.

The system uses secure multiparty computation to ensure that users' visual features and privacy choices are not revealed publicly, regardless of whether they are the subjects of an image capture. Just as importantly, our approach preserves the ease-of-use and spontaneous nature of capture and sharing among trusted users. An experimental evaluation shows that a practical, energy-efficient image capture system that respects the privacy choices of users within a scene can be built and deployed using current hardware.

Bio:

Peter Druschel is the founding director of the Max Planck Institute for Software Systems (MPI-SWS) in Germany. Previously, he was a Professor of Computer Science and Electrical and Computer Engineering at Rice University in Houston, Texas. He received the Dipl-Ing. (FH) in Data Systems Engineering from Fachhochschule Munich, Germany in 1986 and the M.S. and Ph.D. degrees in Computer Science from the University of Arizona in 1990 and 1994, respectively. His research interests include distributed systems, security and privacy. He is the recipient of an NSF CAREER Award, Alfred P. Sloan Fellowship and the ACM SIGOPS Mark Weiser Award, and a member of Academia Europaea and the German Academy of Sciences Leopoldina.