MPI-INF Logo
Campus Event Calendar

Event Entry

What and Who

Tracking information flow in web applications

Andrei Sabelfeld
Chalmers University
SWS Distinguished Lecture Series

Andrei Sabelfeld is a Professor in the Department of Computer
Science and Engineering at Chalmers University of Technology in
Gothenburg, Sweden. After receiving his Ph.D. in Computer Science
from Chalmers in 2001 and before joining Chalmers as faculty in
2004, he was a Research Associate at Cornell University in
Ithaca, NY. His research has developed the link between two areas
of Computer Science: Programming Languages and Computer
Security. Sabelfeld's article on Language-Based Information-Flow
Security is one of the most cited articles in all of Computer
Science from 2003.
AG 1, AG 2, AG 3, AG 4, AG 5, SWS, RG1, MMCI  
Expert Audience
English

Date, Time and Location

Thursday, 24 July 2014
10:30
60 Minutes
E1 5
002
Saarbrücken

Abstract


This talk discusses a principled approach to web application security
through tracking information flow in web applications. Although the
agile nature of developments in web application technology makes web
application security much of a moving target, we show that there are
some fundamental challenges and tradeoffs that determine possibilities
and limitations of automatically securing web applications. We address
challenges related to mutual distrust on the policy side (as in web
mashups) and tracking information flow in dynamic web programming
languages (such as JavaScript) to provide a foundation for practical web
application security.

Contact

Brigitta Hansen
0681 93039102
--email hidden

Video Broadcast

Yes
Kaiserslautern
G26
113
passcode not visible
logged in users only

Brigitta Hansen, 06/13/2014 13:32 -- Created document.