He won’t start work until next year, but Deian Stefan has accepted an appointment as assistant professor in the Department of Computer Science and Engineering (CSE) at the University of California, San Diego, effective in July. His research interests are in building principled and practical secure systems, and he will join CSE’s Security and Cryptography, Systems and Networking as well as Programming Languages groups.
Stefan joins the CSE department with a Ph.D. fresh from Stanford University. His dissertation focused on “Principled and Practical Web Application Security,” under advisors David Mazières of Stanford’s Secure Computer Systems Lab and John C. Mitchell in the Security Lab.
His delayed arrival on campus will allow Stefan to build up his startup, GitStar, where he currently serves as president and chief scientist. GitStar provides developers with tools for deploying web applications with minimal trust. The company builds on Stefan’s prior research on confinement and information flow control.
Gitstar wants to change the way developers build and deploy web applications. “The company will be consuming his immediate cycles before he joins us in Fall 2016,” said CSE Chair Rajesh Gupta in announcing Stefan’s appointment. “A big thanks is due to our recruiting committee, led by Mohan Paturi, which continues to attract compelling talent to the department.”
GitStar flips the traditional application security model from allow-by-default to deny-by-default. “With GitStar,” said Stefan, “you can use third-party modules and ensure they can only perform safe operations, as explicitly allowed by the application’s security policy. This is in contrast to today’s model where any code you use has unfettered access to the file system, database, network, etc.” The framework, now undergoing pilots, allows developers to not only secure their Node.js applications, but also be more productive. “By offloading security enforcement to GitStar, developers can build and deploy applications faster since, firstly, they don’t need to worry about getting subtle security checks right in their application code, and secondly, they can use the latest, hottest (and potentially unsafe) libraries,” added Stefan.
On the systems side, Stefan has worked on a series of novel security systems:
● COWL is a backwards-compatible browser confinement system designed for web developers to build secure, client-side applications such as mashups involving multiple distrusting parties;
● Hails is a security-centric Haskell framework for building extensible web applications. It allows applications to integrate third-party code in a way that preserves data privacy and integrity;
● LIO is a programming environment for building applications that preserve privacy and integrity using a dynamic information-flow control system; and,
● ESpectro is a security architecture for Node.js that provides application-level virtualization for implementing different security mechanisms.
“I am generally interested in exploring security mechanisms and policy languages that can allow developers to build secure applications more easily,” said Stefan. “I am also interested in exploring a clean-slate approach to building secure, low-level systems and applications, especially because building secure systems applications is notoriously difficult today.” One possibility, he says, is to design a language that allows programmers to describe system components (e.g., the HTTP parser or logger in the case of a web server, etc.), typed interfaces between the components, and high-level security policies. “Given such a description,” he added, “a compiler can then generate the different isolated components, interfaces between them, and mechanisms to enforce the specified policies.”