Andrei Sabelfeld
Andrei Sabelfeld
Andrei Sabelfeld is an Associate Professor in the Department of Computer Science and Engineering at Chalmers University of Technology in Gothenburg, Sweden. After receiving his Ph.D. in Computer Science from Chalmers in 2001 and before joining Chalmers as faculty in 2004, he was a Research Associate at Cornell University in Ithaca, NY. His research has developed the link between two areas of Computer Science: Programming Languages and Computer Security. Sabelfeld's article on Language-Based Information-Flow Security is one of the most cited articles in all of Computer Science from 2003 (source: citeseer).
Information-flow tracking in web applications is an attractive, and increasingly popular, alternative for enforcing end-to-end confidentiality and integrity. However, there is a gap between formal, mostly static, approaches -- that lack support for dynamic language features -- and practical, mostly dynamic, approaches -- that lack soundness arguments. This talk discusses some steps towards bridging this gap, focusing on information release on the policy side and on combinations of static and dynamic techniques on the enforcement side.
The talk is based on joint papers with Aslan Askarov, Andrey Chudnov, Jonas Magazinius, and Alejandro Russo.
Pierangela Samarati
Pierangela Samarati is a Professor at the Department of Information
Technology of the Universita` degli Studi di Milano. Her main research
interests are access control policies, models and systems, data
security and privacy, information system security, and information
protection in general. She has participated in several projects
involving different aspects of information protection. On these topics
she has published more than 170 refereed technical papers in
international journals and conferences. She is co-author of the book
"Database Security," Addison-Wesley, 1995.
She has been Computer Scientist in the Computer Science Laboratory at
SRI, CA (USA). She has been a visiting researcher at the Computer
Science Department of Stanford University, CA (USA), and at the ISSE
Department of George Mason University, VA (USA).
She is the chair of the Steering Committees of the European Symposium
on Research in Computer Security (ESORICS) and of the ACM Workshop on
Security and Privacy in the Electronic Society (WPES). She is the
Coordinator of the Working Group on Security of the Italian
Association for Information Processing (AICA), the Italian
representative in the IFIP (International Federation for Information
Processing) Technical Committee 11 (TC-11) on Security and Privacy.
She is a member of the Steering Committee of: ACM Symposium on
InformAtion, Computer and Communications Security (ASIACCS),
International Conference on Information Systems Security (ICISS), and
International Conference on Information and Communications Security
(ICICS). She has served as program chair and on the program committees
of various conferences. In 2009, she has been named ACM Distinguished
Scientist.
More information at http://www.dti.unimi.it/samarati
Data outsourcing is an emerging paradigm that allows users and companies to give their (potentially sensitive) data to external servers that then become responsible for their storage, management, and dissemination. Although data outsourcing provides many benefits, especially for parties with limited resources for managing an ever more increasing amount of data, it introduces new privacy and security concerns. In this paper we discuss the main privacy issues to be addressed in data outsourcing, ranging from data confidentiality to data utility. We then illustrate the main research directions being investigated for providing effective data protection to data externally stored and for enabling their querying.