Overview

Software vulnerabilities are common. One effective strategy to limit the damage of an attack is to apply the principle of least privilege in software design. That is, a software application is designed with an appropriate security architecture, which structures the application into a set of protection domains of least privilege.

This project aims to provide program-analysis tools that help developers partition an application, flexibly configure an application’s security architecture, and reason about its system security. It includes the following components:

Announcements

Participants

Past Participants

Publications

Sponsors

This project is sponsored by NSF CNS-1801534, NSF CCF-1723571, NSF CNS-1408826, NSF CCF-1149211, and a DARPA grant under the GAPS program.