Today's IT-systems store and process an abundance of data. Some of this data represents private or secret information, and a crucial question is how to ensure that no such information is leaked.
We focus on techniques that establish confidentiality guarantees by controlling the flow of information within IT-systems. Research on information-flow security has resulted in an impressive portfolio of program analysis techniques and tools. For sequential programs, these approaches are becoming rather mature, and a good understanding of the resulting, declarative security guarantees has been achieved. For concurrent programs, information-flow security is more challenging.
The first part of the talk provides an introduction to theory and practice of information-flow control. The second part clarifies why it is so hard to achieve information-flow security for concurrent programs, and discusses recent results from our on-going research effort to tackle these challenges.
Heiko Mantel is a full professor for Computer Science at TU Darmstadt. He worked as a researcher at DFKI in Saarbrucken and received his Ph.D. from Saarland University in 2003. Before joining TU Darmstadt, he was a post-doctoral researcher at ETH Zurich (2003-2005) and an assistant professor at RWTH Aachen (2005-2007). Heiko Mantel spent extended research stays at Chalmers University, Cornell University, and Harvard University. He is a principal investigator of CASED, CROSSING, and EC-SPRIDE. Since 2010 he leads the national research initiative Reliably Secure Software Systems funded by the DFG. http://www.mais.informatik.tu-darmstadt.de/Heiko_Mantel.html