Charla de Alejandro Russo
Este martes 22 de noviembre a las 11:00hs en el aula 15, el Dr. Alejandro Russo de la Chalmers University of Technology (Suecia) va a dictar la charla
"Preserving Privacy with Monads"
El Dr. Russo se graduó de Licenciado en Cs. de la Computación en le Universidad Nacional de Rosario y obtuvo el Doctorado en la Chalmers University of Technology, en Suecia, donde continuó toda su arrera académica, siendo hoy Profesor Asociado. El Dr. Russo se especializa en diversos aspectos de seguridad y en lenguajes de programación particularmente en el estudio de esto para la construcción de sistemas seguros.
Si bien la charla es de caracter general, está dirigida particularmente a los alumnos para poder despertar su interés en el área y puedan explorar la posibilidad de continuar desempeñándose en investigación al finalizar su carrera.
Debajo se pueden encontrar los datos de la charla.
Título: Preserving Privacy with Monads
Expositor: Dr. Alejandro Russo, Chalmers University of Technology, Suecia
In a all-connected society, users consciously (or unconsciously) value their privacy. Even skeptical people will recognize its importance; if they do not, ask them to unlock their smartphone and hand it out to someone else - they will most probably refuse! Users want to have control on how their data gets disseminated, specially today when private information gets handled by software with heterogeneous trustworthiness -consider, for example, the various smartphones apps with access to users’ private photos, messages, and contacts that exists today. Unfortunately, current software practices are insufficient to protect privacy: users who wish to benefit from software functionalityare often forced to grant access to their private data with no guarantees how it gets handled. The key insight to guarantee privacy is not about granting or denying access to private data, but ensuring that information only flows into the appropriated places. Information-Flow Control (IFC) is a research area dedicated to protect privacy of data. Based on programming languages techniques, IFC scrutinizes source code to track how data of different sensitivity levels (e.g., public or private) flows within a program, where alarms are raised when privacy might be at stake. IFC tools often provide specially designed compilers to build privacy-preserving apps. Rather than building a compiler from scratch (a major task on its own), Haskell plays a unique privileged role in this scenario: it can provide IFC security via libraries. As long as developers program against the libraries’ API, code is secure by construction. This talk shows how to build such libraries by specially designing monads capable to restrict the propagation of private data. The presentation explores the different techniques used in a wide range of libraries, namely LIO, MAC, and HLIO, where IFC is enforced dynamically (in the form of an execution monitor), statically (by leveraging Haskell’s type-system), and as a combination of both.