![[Search]](/static/images/search.gif){kind=small}
![[A-Z Index]](/static/images/az.gif){kind=small}
![[Contact]](/static/images/contact.gif){kind=small}
![[University of Cambridge]](/static/images/identifier2.gif){kind=small}
![[Talks.cam]](/static/images/talkslogosmall.gif)
Sergio Maffeis, Imperial College, London
Friday 22 November 2013, 16:00-17:00
Language based web security: the operational semantics approach
- π€ Speaker: Sergio Maffeis, Imperial College, London
- π Date & Time: Friday 22 November 2013, 16:00 - 17:00
- π Venue: Auditorium, Microsoft Research Ltd, 21 Station Road, Cambridge, CB1 2FB
Abstract
The goal of language based security is to develop applications that are provably secure by design. My recent research has focused on the development of programming-language and program-analysis techniques for enforcing web application security.
In this talk I will describe the path from web technologies to formal models, and ultimately to security proofs. I will focus on two complementary JavaScript-related examples that lead to the discovery of fresh vulnerabilities in widely deployed web applications, such as Facebook, Yahoo!, FireFox, LastPass. These exampls motivate an ongoing effort to mechanize the semantics of web programming languages: I will report on our progress on this front.
Series This talk is part of the Logic and Semantics Seminar (Computer Laboratory) series.
Included in Lists
- All Talks (aka the CURE list)
- Auditorium, Microsoft Research Ltd, 21 Station Road, Cambridge, CB1 2FB
- bld31
- Cambridge talks
- Computing and Mathematics
- Department of Computer Science and Technology talks and seminars
- Interested Talks
- Logic and Semantics Seminar (Computer Laboratory)
- Martin's interesting talks
- School of Technology
- tcw57βs list
- Trust & Technology Initiative - interesting events
- yk373's list
- yk449
Note: Ex-directory lists are not shown.