Software vulnerabilities are common. One effective strategy to limit the damage of an attack is to apply the principle of least privilege in software design. That is, a software application is designed with an appropriate security architecture, which structures the application into a set of protection domains of least privilege.

This project aims to provide tools that help developers partition an application, flexibly configure an application’s security architecture, and reason about its system security. It includes the following components:


Past Participants



This project is sponsored by NSF CNS-1408826 and NSF CCF-1149211.