![[Search]](/static/images/search.gif){kind=small}
![[A-Z Index]](/static/images/az.gif){kind=small}
![[Contact]](/static/images/contact.gif){kind=small}
![[University of Cambridge]](/static/images/identifier2.gif){kind=small}
![[Talks.cam]](/static/images/talkslogosmall.gif)
Sergio Maffeis, Imperial College
Friday 22 November 2013, 16:00-17:00
Language based web security: the operational semantics approach
- 👤 Speaker: Sergio Maffeis, Imperial College
- 📅 Date & Time: Friday 22 November 2013, 16:00 - 17:00
- 📍 Venue: Auditorium, Microsoft Research Ltd, 21 Station Road, Cambridge, CB1 2FB
Abstract
The goal of language based security is to develop applications that are provably secure by design. My recent research has focused on the development of programming-language and program-analysis techniques for enforcing web application security. In this talk I will describe the path from web technologies to formal models, and ultimately to security proofs. I will focus on two complementary JavaScript-related examples that lead to the discovery of fresh vulnerabilities in widely deployed web applications, such as Facebook, Yahoo!, FireFox, LastPass. These examples motivate an ongoing effort to mechanize the semantics of web programming languages: I will report on our progress on this front.
Series This talk is part of the Microsoft Research Cambridge, public talks series.
Included in Lists
- All Talks (aka the CURE list)
- Auditorium, Microsoft Research Ltd, 21 Station Road, Cambridge, CB1 2FB
- bld31
- Cambridge Centre for Data-Driven Discovery (C2D3)
- Cambridge talks
- Chris Davis' list
- Guy Emerson's list
- Interested Talks
- Microsoft Research Cambridge, public talks
- ndk22's list
- ob366-ai4er
- Optics for the Cloud
- personal list
- PMRFPS's
- rp587
- School of Technology
- Trust & Technology Initiative - interesting events
- yk449
Note: Ex-directory lists are not shown.