Galois is pleased to announce the following tech talk.
These talks are open to the interested public.
University of Oregon
30 August 2011, 10:30 A.M.
421 SW 6th Ave.
Portland, OR 97007
(3rd floor of the Commonwealth Building)
The complexity of modern operating systems makes securing them a challenging problem. However, changes in the computing model, such as the rise of cloud computing and smarter peripherals, have presented opportunities to reconsider system architectures, as we move from traditional "stove-pipe" computing to distributed systems. In particular, we can build trustworthy components that act to provide security in complex systems.
This talk discusses how new disk architectures may be exploited to aid the protection of systems by acting as policy decision and enforcement points. We prototype disks that enforce data immutability at the block level on critical system data, preventing malicious code from inserting itself into system configuration and boot files. We then examine how storage may be used to ensure the integrity state of hosts prior to allowing access to data, and how such a design improves the security of portable storage devices. Using continual measurements of system state, we show through formal reasoning that such a device enforces guarantees that data is read and written while the host is in a good state. Finally, we discuss some recent initiatives to assure the identity of the host and identify future directions for exploring the interface between storage and operating system security.
Kevin Butler is an Assistant Professor of Computer and Information Science at the University of Oregon in Eugene. Kevin's research focuses on the security of storage, large-scale systems, and networks. He has also examined malware propagation and web systems, and was a member of the EVEREST study of voting machines for the State of Ohio. Kevin has been a member of over program committees and hosted the first Computer Security Day at the University of Oregon. Prior to receiving his Ph.D. in computer science and engineering from the Pennsylvania State University in 2010, Kevin worked in the Secure Systems Group at AT&T Labs-Research. He also has industrial experience in network operations and research.