[Colloq] Hiring Talk - Vicky Weissman, Friday, March 25

Rachel Kalweit rachelb at ccs.neu.edu
Fri Mar 18 12:30:01 EST 2005


College of Computer and Information Science Colloquium

Presents:
Vicky Weissman
Computer Science Department, Cornell University


Who will speak on:
Reasoning about Security Policies


Friday, March 25, 2005
11:00am
366 West Village H
Northeastern University

Abstract:
An authorization policy says that an action is permitted or forbidden if 
certain conditions hold.  For example, in the James Bond movies, the 
British Secret Service (MI6) has the policy 'an agent may assassinate 
people (i.e., has a license to kill) if the agent's number begins with 
'00'.'  Our goal is to answer questions about what is and is not allowed 
by a set of policies. For example, we might want to know if James Bond, 
who is Agent 007, may apply for a British passport, given the MI6's 
policy and the British government policies 'British subjects may not 
assassinate one another' and 'only British subjects may apply for 
British passports'.  In this talk, I show that the policies forbid James 
to apply for a passport.  To handle a wide-range of policies and 
queries, I also present a fragment of first-order logic that Joe Halpern 
and I discovered; if the policies are written in the fragment, then we 
can answer queries in a provably correct way and in time that is 
quadratic in the size of the query.  I finish the talk by discussing the 
impact our work has had on an industry-sponsored language called XrML.

Bio:
Vicky Weissman is graduating this August from Cornell University.  Her 
work has been strongly influenced by both the formal methods community 
that she now calls home and the engineering community where her 
professional activities began with a B.S. in Electrical Engineering and 
few years experience in industry as first a hardware and then a software 
engineer. Vicky's advisor is Joe Halpern.

Hosts: Peter Tarasewich and Carole Hafner





More information about the Colloq mailing list