Information Trust Institute (ITI) Calendar

Back to Listing

DLS: Matt Bishop: "Vulnerabilities Analysis"

Event Type
B02 Coordinated Science Lab
Oct 24, 2005   4:00 - 5:00 pm  
Matt Bishop, University of California-Davis
Originating Calendar
Information Trust Institute (ITI) archival calendar

This talk presents a new model for classifying vulnerabilities in computer systems. The model is structurally different than other models. It decomposes vulnerabilities into small parts, called primitive conditions. Our hypothesis is that by examining systems for these conditions, we can detect vulnerabilities. By preventing these conditions from holding, we can prevent vulnerabilities from occurring, even if we do not know that the vulnerability exists. We also present a formal basis for this model. The primitive conditions also enable programs to be tested using a technique called property based testing. This method of testing determines whether a program satisfies a given set of security properties.

Reception following in 301 CSL.

link for robots only