Events - Colloquia & Seminars

CCIS Colloquium Spring 2005

Reasoning about Security

Speaker: Riccardo Pucella
Cornell University

Date: March 28, 2005
Talk: 2:00 pm, 366 WVH

Abstract

The past decade has seen an increase in the amount of work that deals with security in one way or another, as it pertains, for instance, to communication protocols, auctions, and access to distributed resources. There are significant challenges in developing tools and techniques to specify, model, and verify security properties of such systems. In recent years, I have focused on developing frameworks to better express and reason about security properties of systems in general, and security protocols in particular. My work starts from the premise that reasoning about security is really reasoning about what agents (including possible intruders) in a system know; most security properties get a natural reading in terms of knowledge. This makes formal theories of knowledge and uncertainty a good foundation on which to build frameworks for reasoning about security. In this talk, I will focus on some of the most interesting issues that arise in this setting. More specifically, I will point out some limitations of formal models of knowledge for security, and present techniques for overcoming these limitations, with the added benefit that they can model in a natural way adversaries with different capabilities. I will also discuss the relevance of evidence when reasoning quantitatively about security, and show how it can be used to formally capture certain forms of knowledge that are difficult to express in other frameworks.

Biography

Riccardo Pucella obtained his B.Sc. in Mathematics and M.Sc. in Computer Science at McGill University in Montreal, after which he joined Bell Labs to work on the SML/NJ compiler. He attended Cornell University a few years later, completing a Ph.D. in Computer Science and working with Joe Halpern on topics ranging from the theory of security to uncertainty in AI, with stints exploring programming language semantics and type systems. He is currently a postdoc at Cornell, working with Fred Schneider and trying to wrap his head around proactive obfuscation.