19.08.2024
Security in a World of Software Supply-Chain Vulnerabilities
Abstract
Modern software incorporates thousands of third-party components. Bugs or security vulnerabilities in these components can seriously compromise the integrity of incorporating applications. Because of their widespread use, and the difficulty of vetting the enormous number of integrated components for vulnerabilities, they comprise a compelling target for attackers, who purposefully insert vulnerabilities into widely used components with the goal of compromising the integrity of entire software ecosystems.
I will present a series of systems that leverage component boundaries to offer automated solutions to vulnerabilities that appear in the software component supply chain. These solutions leverage system- and language-level containment techniques to prevent different classes of attacks from affecting these applications and the broader system in which they execute. Combined, they provide a holistic and in-depth transformation-based approach to securing software ecosystems.
Bio
Nikos Vasilakis is an Assistant Professor of Computer Science at Brown University. His research encompasses systems, programming languages, and security — and has been recognized by several distinguished paper awards. His current focus is on automatically transforming systems to add new capabilities such as parallelism, distribution, and security — against a variety of threat models. Nikos is also the chair of the Technical Steering Committee behind PaSh, a shell-script optimization system hosted by the Linux Foundation.
More: https://nikos.vasilak.is
Photo provided by speaker
Modern software incorporates thousands of third-party components. Bugs or security vulnerabilities in these components can seriously compromise the integrity of incorporating applications. Because of their widespread use, and the difficulty of vetting the enormous number of integrated components for vulnerabilities, they comprise a compelling target for attackers, who purposefully insert vulnerabilities into widely used components with the goal of compromising the integrity of entire software ecosystems.
I will present a series of systems that leverage component boundaries to offer automated solutions to vulnerabilities that appear in the software component supply chain. These solutions leverage system- and language-level containment techniques to prevent different classes of attacks from affecting these applications and the broader system in which they execute. Combined, they provide a holistic and in-depth transformation-based approach to securing software ecosystems.
Bio
Nikos Vasilakis is an Assistant Professor of Computer Science at Brown University. His research encompasses systems, programming languages, and security — and has been recognized by several distinguished paper awards. His current focus is on automatically transforming systems to add new capabilities such as parallelism, distribution, and security — against a variety of threat models. Nikos is also the chair of the Technical Steering Committee behind PaSh, a shell-script optimization system hosted by the Linux Foundation.
More: https://nikos.vasilak.is
Photo provided by speaker