Max-Planck-Institut für Informatik
max planck institut
informatik
mpii logo Minerva of the Max Planck Society
 

MPI-INF or MPI-SWS or Local Campus Event Calendar

<< Previous Entry Next Entry >> New Event Entry Edit this Entry Login to DB (to update, delete)
What and Who
Title:Comprehensive and Practical Policy Compliance in Data Retrieval Systems
Speaker:Eslam Elnikety
coming from:Max Planck Institute for Software Systems
Speakers Bio:
Event Type:SWS Student Defense Talks - Thesis Proposal
Visibility:SWS
We use this to send out email in the morning.
Level:Public Audience
Language:English
Date, Time and Location
Date:Wednesday, 14 June 2017
Time:13:00
Duration:60 Minutes
Location:Saarbr├╝cken
Building:E1 5
Room:029
Abstract
Data use policies govern how data retrieval systems process data items coming from many different sources, each subject to its own integrity and confidentiality requirements. Ensuring compliance with these requirements despite bugs, misconfigurations, and operator errors in a large, complex, and fast evolving system is a major challenge.

In this thesis, we present comprehensive and practical compliance systems to address this challenge. To be comprehensive, compliance systems must be able to enforce policies specific to individual data items or to a particular client's data items, the service provider's own policies, and policies that capture legal requirements. To be practical, compliance systems need to meet stringent requirements: runtime overhead must be low; existing applications can run with little modifications; and bugs, misconfigurations, compromises in application code, or actions by unprivileged operators cannot violate policies.

We present the design and implementation of two comprehensive and practical compliance systems: Thoth and Shai. At a high-level, data use policies are stated in a declarative language separate from application code, and a small reference monitor ensures compliance with these policies. Thoth and Shai differ in enforcement techniques. Thoth tracks data flows through the system at runtime by intercepting I/O at processes' boundaries, and enforces the associated policies. Shai, on the other hand, combines static flow analysis and light-weight runtime monitoring (sandboxes and capabilities) to ensure compliance of data flows. We demonstrate the practicality of these systems using a prototype search engine based on the popular Apache Lucene.

Contact
Name(s):
Video Broadcast
Video Broadcast:YesTo Location:Kaiserslautern
To Building:G26To Room:113
Meeting ID:
Tags, Category, Keywords and additional notes
Note:
Attachments, File(s):

Created:
Maria-Louise Albrecht/MPI-KLSB, 06/06/2017 10:44 AM
Last modified:
Maria-Louise Albrecht/MPI-KLSB, 06/06/2017 10:50 AM
  • Maria-Louise Albrecht, 06/06/2017 10:50 AM -- Created document.