MPI-INF or MPI-SWS or Local Campus Event Calendar

What and Who
Title:	Tracking information flow in web applications
Speaker:	Andrei Sabelfeld
coming from:	Chalmers University
Speakers Bio:	Andrei Sabelfeld is a Professor in the Department of Computer Science and Engineering at Chalmers University of Technology in Gothenburg, Sweden. After receiving his Ph.D. in Computer Science from Chalmers in 2001 and before joining Chalmers as faculty in 2004, he was a Research Associate at Cornell University in Ithaca, NY. His research has developed the link between two areas of Computer Science: Programming Languages and Computer Security. Sabelfeld's article on Language-Based Information-Flow Security is one of the most cited articles in all of Computer Science from 2003.
Event Type:	SWS Distinguished Lecture Series
Visibility:	D1, D2, D3, D4, D5, SWS, RG1, MMCI We use this to send out email in the morning.
Level:	Expert Audience
Language:	English

Abstract
This talk discusses a principled approach to web application security through tracking information flow in web applications. Although the agile nature of developments in web application technology makes web application security much of a moving target, we show that there are some fundamental challenges and tradeoffs that determine possibilities and limitations of automatically securing web applications. We address challenges related to mutual distrust on the policy side (as in web mashups) and tracking information flow in dynamic web programming languages (such as JavaScript) to provide a foundation for practical web application security.

Contact
Name(s):	Brigitta Hansen
Phone:	0681 93039102
EMail:	--email address not disclosed on the web

Tags, Category, Keywords and additional notes
Note:
Attachments, File(s):