The world wide web infrastructure is particularly exposed, where allowing the mere possibility of fetching a web page opens up opportunities to deliver potentially malicious executable content past current security mechanisms such as firewalls. A critical challenge is to secure the computing infrastructures without losing the benefits of the trends.
‒ It is our firm belief that the attacks will continue to succeed unless a fundamental security solution is devised, says Andrei Sabelfeld, professor in the Department of Computer Science and Engineering.
Andrei Sabelfeld has been awarded a Consolidator Grant by the European Research Council, for the project ProSecuToR. ERC Consolidator Grants are designed to support researchers at the stage at which they are consolidating their own independent research team or programme. The scheme will strengthen independent and excellent new individual research teams that have been recently created.
‒ ProSecuToR provides a unique and exciting opportunity to provide a foundation for web application security, and address the web security problem in its entirety – from the formal security model to concrete case studies, says Andrei Sabelfeld.
Language-based security is an innovative approach for enforcing security by construction, and ProSecuToR will develop the technology of programming language-based security in order to secure computing infrastructures. The project aims to deliver policies and enforcement mechanisms for protecting who can see and who can modify sensitive data. Security policies will be expressible by the programmer at the construction phase. Automatic enforcement mechanisms will prevent dangerous programs from executing whenever there is a possibility of compromising desired security properties.
The official start date for ProSecuToR is January 1, 2013.
The ERC Grant provides 1,5million Euro during 5 years.
For further information please contact Andrei Sabelfeld, Department of Computer Science and Engineering.
Phone: 031-772 10 18