• Publications
  • Influence
The CHERI capability model: Revisiting RISC in an age of risk
TLDR
CHERI, a hybrid capability model that extends the 64-bit MIPS ISA with byte-granularity memory protection, is presented, demonstrating that it enables language memory model enforcement and fault isolation in hardware rather than software, and that the CHERI mechanisms are easily adopted by existing programs for efficient in-program memory safety.
Prying Data out of a Social Network
TLDR
This work examines the difficulty of collecting profile and graph information from the popular social networking website Facebook and describes several novel ways in which data can be extracted by third parties, and demonstrates the efficiency of these methods on crawled data.
Capsicum: Practical Capabilities for UNIX
TLDR
This work demonstrates the approach by adapting core FreeBSD utilities and Google's Chromium web browser to use Capsicum primitives, and compares the complexity and robustness of Capsicum with other sandboxing techniques.
Eight friends are enough: social graph approximation via public listings
TLDR
It is demonstrated that it is difficult to safely reveal limited information about a social network from a "public view" which includes eight of the user's friendship links to search engines.
Privacy-enabling social networking over untrusted networks
TLDR
This architecture builds a social network out of smart clients and an untrusted central server in a way that removes the need for faith in network operators and gives users control of their privacy.
Privacy suites: shared privacy for social networks
TLDR
A new paradigm is proposed which allows users to easily choose "suites" of privacy settings which have been specified by friends or trusted experts, only modifying them if they wish, which could dramatically increase the privacy protection that most users experience with minimal time investment.
Inglorious Installers: Security in the Application Marketplace
TLDR
This paper identifies economic causes for the wide variation in their installation and sandboxing techniques, and proposes measures to align the incentives of market actors such that providing better application security guarantees is in everyone’s interest.
Must Social Networking Conflict with Privacy?
Online social networks have serious privacy drawbacks, some of which stem from the business model. Must this be? Is the current OSN business model the only viable one? Or can we construct
A Comparison of Unix Sandboxing Techniques
TLDR
The result was a highly portable operating system that would go on to dominate contemporary thinking about operating systems, but with security features primarily organized around one threat model: users attacking other users (including accidental damage done by buggy software under development).
A taste of Capsicum
TLDR
This work demonstrates the approach by adapting core FreeBSD utilities and Google's Chromium Web browser to use Capsicum primitives, and compares the complexity and robustness of Capsicum with other sandboxing techniques.
...
...