ºÝºÝߣshows by User: jxyz / http://www.slideshare.net/images/logo.gif ºÝºÝߣshows by User: jxyz / Mon, 06 Feb 2017 16:19:53 GMT ºÝºÝߣShare feed for ºÝºÝߣshows by User: jxyz Programming Languages for Biological Modeling /slideshow/programming-languages-for-biological-modeling/71820621 wecodetechtalk2017-170206161953
Short overview of using programs to model cellular signaling from the WeCode conference for undergraduate women in Computer Science.]]>
Short overview of using programs to model cellular signaling from the WeCode conference for undergraduate women in Computer Science.]]> Mon, 06 Feb 2017 16:19:53 GMT /slideshow/programming-languages-for-biological-modeling/71820621 jxyz@slideshare.net(jxyz) Programming Languages for Biological Modeling jxyz Short overview of using programs to model cellular signaling from the WeCode conference for undergraduate women in Computer Science. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/wecodetechtalk2017-170206161953-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Short overview of using programs to model cellular signaling from the WeCode conference for undergraduate women in Computer Science.
Programming Languages for Biological Modeling from jxyz
]]> 744 7 https://cdn.slidesharecdn.com/ss_thumbnails/wecodetechtalk2017-170206161953-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 PLDI 2016 Presentation on Jacqueline Web Framework /slideshow/pldi-2016-presentation-on-jacqueline-web-framework/63195062 jacquelinepldi2016presentation-160618053624
We present an approach for dynamic information flow control across the application and database. Our approach reduces the amount of policy code required, yields formal guarantees across the application and database, works with existing relational database implementations, and scales for realistic applications. In this paper, we present a programming model that factors out information flow policies from application code and database queries, a dynamic semantics for the underlying {\lambda}^JDB core language, and proofs of termination-insensitive non-interference and policy compliance for the semantics. We implement these ideas in Jacqueline, a Python web framework, and demonstrate feasibility through three application case studies: a course manager, a health record system, and a conference management system used to run an academic workshop. We show that in comparison to traditional applications with hand-coded policy checks, Jacqueline applications have 1) a smaller trusted computing base, 2) fewer lines of policy code, and 2) reasonable, often negligible, additional overheads.]]>
We present an approach for dynamic information flow control across the application and database. Our approach reduces the amount of policy code required, yields formal guarantees across the application and database, works with existing relational database implementations, and scales for realistic applications. In this paper, we present a programming model that factors out information flow policies from application code and database queries, a dynamic semantics for the underlying {\lambda}^JDB core language, and proofs of termination-insensitive non-interference and policy compliance for the semantics. We implement these ideas in Jacqueline, a Python web framework, and demonstrate feasibility through three application case studies: a course manager, a health record system, and a conference management system used to run an academic workshop. We show that in comparison to traditional applications with hand-coded policy checks, Jacqueline applications have 1) a smaller trusted computing base, 2) fewer lines of policy code, and 2) reasonable, often negligible, additional overheads.]]> Sat, 18 Jun 2016 05:36:24 GMT /slideshow/pldi-2016-presentation-on-jacqueline-web-framework/63195062 jxyz@slideshare.net(jxyz) PLDI 2016 Presentation on Jacqueline Web Framework jxyz We present an approach for dynamic information flow control across the application and database. Our approach reduces the amount of policy code required, yields formal guarantees across the application and database, works with existing relational database implementations, and scales for realistic applications. In this paper, we present a programming model that factors out information flow policies from application code and database queries, a dynamic semantics for the underlying {\lambda}^JDB core language, and proofs of termination-insensitive non-interference and policy compliance for the semantics. We implement these ideas in Jacqueline, a Python web framework, and demonstrate feasibility through three application case studies: a course manager, a health record system, and a conference management system used to run an academic workshop. We show that in comparison to traditional applications with hand-coded policy checks, Jacqueline applications have 1) a smaller trusted computing base, 2) fewer lines of policy code, and 2) reasonable, often negligible, additional overheads. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/jacquelinepldi2016presentation-160618053624-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> We present an approach for dynamic information flow control across the application and database. Our approach reduces the amount of policy code required, yields formal guarantees across the application and database, works with existing relational database implementations, and scales for realistic applications. In this paper, we present a programming model that factors out information flow policies from application code and database queries, a dynamic semantics for the underlying {\lambda}^JDB core language, and proofs of termination-insensitive non-interference and policy compliance for the semantics. We implement these ideas in Jacqueline, a Python web framework, and demonstrate feasibility through three application case studies: a course manager, a health record system, and a conference management system used to run an academic workshop. We show that in comparison to traditional applications with hand-coded policy checks, Jacqueline applications have 1) a smaller trusted computing base, 2) fewer lines of policy code, and 2) reasonable, often negligible, additional overheads.
PLDI 2016 Presentation on Jacqueline Web Framework from jxyz
]]> 596 5 https://cdn.slidesharecdn.com/ss_thumbnails/jacquelinepldi2016presentation-160618053624-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Philly ETE 2016: Securing Software by Construction /slideshow/philly-ete-2016-securing-software-by-construction/60775076 phillyete2016-160411200830
The high-profile attacks and data-breaches of the last few years have shown us the importance of securing our software. While it is good that we are seeing more tools that can analyze systems for vulnerabilities, this does not help the programmer write secure code in the first place. To prevent security from becoming a bottleneck–and expensive security mistakes from becoming increasingly probable–we need to look to techniques that allow us to secure software by construction. This talk has two parts. First, I will present technical ideas from research, including my own, that help secure software by construction. Even though these are reasonable ideas, however, the gap between academia and industry often prevents these ideas from becoming realized in practice. Second, I will discuss what prevents longer-term security solutions from being commercialized, how we started the Cybersecurity Factory accelerator bridge the research/industry gap, and how we can work together to address the issues that remain. http://2016.phillyemergingtech.com/session/securing-software-by-construction/]]>
The high-profile attacks and data-breaches of the last few years have shown us the importance of securing our software. While it is good that we are seeing more tools that can analyze systems for vulnerabilities, this does not help the programmer write secure code in the first place. To prevent security from becoming a bottleneck–and expensive security mistakes from becoming increasingly probable–we need to look to techniques that allow us to secure software by construction. This talk has two parts. First, I will present technical ideas from research, including my own, that help secure software by construction. Even though these are reasonable ideas, however, the gap between academia and industry often prevents these ideas from becoming realized in practice. Second, I will discuss what prevents longer-term security solutions from being commercialized, how we started the Cybersecurity Factory accelerator bridge the research/industry gap, and how we can work together to address the issues that remain. http://2016.phillyemergingtech.com/session/securing-software-by-construction/]]> Mon, 11 Apr 2016 20:08:30 GMT /slideshow/philly-ete-2016-securing-software-by-construction/60775076 jxyz@slideshare.net(jxyz) Philly ETE 2016: Securing Software by Construction jxyz The high-profile attacks and data-breaches of the last few years have shown us the importance of securing our software. While it is good that we are seeing more tools that can analyze systems for vulnerabilities, this does not help the programmer write secure code in the first place. To prevent security from becoming a bottleneck–and expensive security mistakes from becoming increasingly probable–we need to look to techniques that allow us to secure software by construction. This talk has two parts. First, I will present technical ideas from research, including my own, that help secure software by construction. Even though these are reasonable ideas, however, the gap between academia and industry often prevents these ideas from becoming realized in practice. Second, I will discuss what prevents longer-term security solutions from being commercialized, how we started the Cybersecurity Factory accelerator bridge the research/industry gap, and how we can work together to address the issues that remain. http://2016.phillyemergingtech.com/session/securing-software-by-construction/ <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/phillyete2016-160411200830-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> The high-profile attacks and data-breaches of the last few years have shown us the importance of securing our software. While it is good that we are seeing more tools that can analyze systems for vulnerabilities, this does not help the programmer write secure code in the first place. To prevent security from becoming a bottleneck–and expensive security mistakes from becoming increasingly probable–we need to look to techniques that allow us to secure software by construction. This talk has two parts. First, I will present technical ideas from research, including my own, that help secure software by construction. Even though these are reasonable ideas, however, the gap between academia and industry often prevents these ideas from becoming realized in practice. Second, I will discuss what prevents longer-term security solutions from being commercialized, how we started the Cybersecurity Factory accelerator bridge the research/industry gap, and how we can work together to address the issues that remain. http://2016.phillyemergingtech.com/session/securing-software-by-construction/
Philly ETE 2016: Securing Software by Construction from jxyz
]]> 1138 5 https://cdn.slidesharecdn.com/ss_thumbnails/phillyete2016-160411200830-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Cybersecurity: How to Use What We Already Know /slideshow/cybersecurity-how-to-use-what-we-already-know/54792746 keynote10-151105183401-lva1-app6891
ºÝºÝߣs from my PSR keynote on how to secure software by bridging the gap between research and practice. Video: https://t.co/mRr4CMrfKN Event: https://iapp.org/conference/privacy-security-risk-2015]]>
ºÝºÝߣs from my PSR keynote on how to secure software by bridging the gap between research and practice. Video: https://t.co/mRr4CMrfKN Event: https://iapp.org/conference/privacy-security-risk-2015]]> Thu, 05 Nov 2015 18:34:00 GMT /slideshow/cybersecurity-how-to-use-what-we-already-know/54792746 jxyz@slideshare.net(jxyz) Cybersecurity: How to Use What We Already Know jxyz ºÝºÝߣs from my PSR keynote on how to secure software by bridging the gap between research and practice. Video: https://t.co/mRr4CMrfKN Event: https://iapp.org/conference/privacy-security-risk-2015 <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/keynote10-151105183401-lva1-app6891-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> ºÝºÝߣs from my PSR keynote on how to secure software by bridging the gap between research and practice. Video: https://t.co/mRr4CMrfKN Event: https://iapp.org/conference/privacy-security-risk-2015
Cybersecurity: How to Use What We Already Know from jxyz
]]> 3190 15 https://cdn.slidesharecdn.com/ss_thumbnails/keynote10-151105183401-lva1-app6891-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Preventing Information Flow with Jeeves - Singapore Data Privacy Workshop /slideshow/singapore-data-privacy-workshop-talk-72115/50851350 singaporedataprivacyworkshoptalk7-150723152524-lva1-app6892
Talk for the Singapore Data Privacy Workshop, July 21, 2015.]]>
Talk for the Singapore Data Privacy Workshop, July 21, 2015.]]> Thu, 23 Jul 2015 15:25:24 GMT /slideshow/singapore-data-privacy-workshop-talk-72115/50851350 jxyz@slideshare.net(jxyz) Preventing Information Flow with Jeeves - Singapore Data Privacy Workshop jxyz Talk for the Singapore Data Privacy Workshop, July 21, 2015. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/singaporedataprivacyworkshoptalk7-150723152524-lva1-app6892-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Talk for the Singapore Data Privacy Workshop, July 21, 2015.
Preventing Information Flow with Jeeves - Singapore Data Privacy Workshop from jxyz
]]> 1108 5 https://cdn.slidesharecdn.com/ss_thumbnails/singaporedataprivacyworkshoptalk7-150723152524-lva1-app6892-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 A Brief History of Programming /slideshow/a-brief-history-of-programming-42780183/42780183 girlgeekdinner12-141216210832-conversion-gate01
A brief history of women's contributions to computing. Also see: http://www.quora.com/What-programming-languages-were-created-by-women]]>
A brief history of women's contributions to computing. Also see: http://www.quora.com/What-programming-languages-were-created-by-women]]> Tue, 16 Dec 2014 21:08:32 GMT /slideshow/a-brief-history-of-programming-42780183/42780183 jxyz@slideshare.net(jxyz) A Brief History of Programming jxyz A brief history of women's contributions to computing. Also see: http://www.quora.com/What-programming-languages-were-created-by-women <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/girlgeekdinner12-141216210832-conversion-gate01-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> A brief history of women&#39;s contributions to computing. Also see: http://www.quora.com/What-programming-languages-were-created-by-women
A Brief History of Programming from jxyz
]]> 7537 9 https://cdn.slidesharecdn.com/ss_thumbnails/girlgeekdinner12-141216210832-conversion-gate01-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 GigaOM Structure 10 for 2013 Short Talk /jxyz/giga-om-structure-61913 gigaomstructure6-19-13-130619181950-phpapp02
My talk on redesigning programming language infrastructure for enforcing information flow policies for security.]]>
My talk on redesigning programming language infrastructure for enforcing information flow policies for security.]]> Wed, 19 Jun 2013 18:19:50 GMT /jxyz/giga-om-structure-61913 jxyz@slideshare.net(jxyz) GigaOM Structure 10 for 2013 Short Talk jxyz My talk on redesigning programming language infrastructure for enforcing information flow policies for security. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/gigaomstructure6-19-13-130619181950-phpapp02-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> My talk on redesigning programming language infrastructure for enforcing information flow policies for security.
GigaOM Structure 10 for 2013 Short Talk from jxyz
]]> 473 2 https://cdn.slidesharecdn.com/ss_thumbnails/gigaomstructure6-19-13-130619181950-phpapp02-thumbnail.jpg?width=120&height=120&fit=bounds presentation White http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Jeeves Talk Spring 2012 /slideshow/jeeves-talk-spring-2012/12284134 googlejeevestalk3-30-12-120404144635-phpapp01
It is becoming increasingly important for applications to protect sensitive data. With current techniques, the programmer bears the burden of ensuring that the application’s behavior adheres to policies about where sensitive values may flow. Unfortunately, privacy policies are difficult to manage because their global nature requires coordinated reasoning and enforcement. To address this problem, we describe a programming model that makes the system responsible for ensuring adherence to privacy policies. The programming model has two components: 1) core programs describing functionality independent of privacy concerns and 2) declarative, decentralized policies controlling how sensitive values are disclosed. Each sensitive value encapsulates multiple views; policies describe which views are allowed based on the output context. The system is responsible for automatically ensuring that outputs are consistent with the policies. We have implemented this programming model in a new functional constraint language named Jeeves. In Jeeves, sensitive values are introduced as symbolic variables and policies correspond to constraints that are resolved at output channels. We have implemented Jeeves as a Scala library using an SMT solver as a model finder. In this talk I describe the Jeeves programming language and our experience using Jeeves to implement a conference management system.]]>
It is becoming increasingly important for applications to protect sensitive data. With current techniques, the programmer bears the burden of ensuring that the application’s behavior adheres to policies about where sensitive values may flow. Unfortunately, privacy policies are difficult to manage because their global nature requires coordinated reasoning and enforcement. To address this problem, we describe a programming model that makes the system responsible for ensuring adherence to privacy policies. The programming model has two components: 1) core programs describing functionality independent of privacy concerns and 2) declarative, decentralized policies controlling how sensitive values are disclosed. Each sensitive value encapsulates multiple views; policies describe which views are allowed based on the output context. The system is responsible for automatically ensuring that outputs are consistent with the policies. We have implemented this programming model in a new functional constraint language named Jeeves. In Jeeves, sensitive values are introduced as symbolic variables and policies correspond to constraints that are resolved at output channels. We have implemented Jeeves as a Scala library using an SMT solver as a model finder. In this talk I describe the Jeeves programming language and our experience using Jeeves to implement a conference management system.]]> Wed, 04 Apr 2012 14:46:33 GMT /slideshow/jeeves-talk-spring-2012/12284134 jxyz@slideshare.net(jxyz) Jeeves Talk Spring 2012 jxyz It is becoming increasingly important for applications to protect sensitive data. With current techniques, the programmer bears the burden of ensuring that the application’s behavior adheres to policies about where sensitive values may flow. Unfortunately, privacy policies are difficult to manage because their global nature requires coordinated reasoning and enforcement. To address this problem, we describe a programming model that makes the system responsible for ensuring adherence to privacy policies. The programming model has two components: 1) core programs describing functionality independent of privacy concerns and 2) declarative, decentralized policies controlling how sensitive values are disclosed. Each sensitive value encapsulates multiple views; policies describe which views are allowed based on the output context. The system is responsible for automatically ensuring that outputs are consistent with the policies. We have implemented this programming model in a new functional constraint language named Jeeves. In Jeeves, sensitive values are introduced as symbolic variables and policies correspond to constraints that are resolved at output channels. We have implemented Jeeves as a Scala library using an SMT solver as a model finder. In this talk I describe the Jeeves programming language and our experience using Jeeves to implement a conference management system. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/googlejeevestalk3-30-12-120404144635-phpapp01-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> It is becoming increasingly important for applications to protect sensitive data. With current techniques, the programmer bears the burden of ensuring that the application’s behavior adheres to policies about where sensitive values may flow. Unfortunately, privacy policies are difficult to manage because their global nature requires coordinated reasoning and enforcement. To address this problem, we describe a programming model that makes the system responsible for ensuring adherence to privacy policies. The programming model has two components: 1) core programs describing functionality independent of privacy concerns and 2) declarative, decentralized policies controlling how sensitive values are disclosed. Each sensitive value encapsulates multiple views; policies describe which views are allowed based on the output context. The system is responsible for automatically ensuring that outputs are consistent with the policies. We have implemented this programming model in a new functional constraint language named Jeeves. In Jeeves, sensitive values are introduced as symbolic variables and policies correspond to constraints that are resolved at output channels. We have implemented Jeeves as a Scala library using an SMT solver as a model finder. In this talk I describe the Jeeves programming language and our experience using Jeeves to implement a conference management system.
Jeeves Talk Spring 2012 from jxyz
]]> 569 2 https://cdn.slidesharecdn.com/ss_thumbnails/googlejeevestalk3-30-12-120404144635-phpapp01-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 PLDI 2010: Safe to the Last Instruction /jxyz/pldi-2010-safe-to-the-last-instruction pldi2010verve-100612215708-phpapp01
My first con]]>
My first con]]> Sat, 12 Jun 2010 21:57:00 GMT /jxyz/pldi-2010-safe-to-the-last-instruction jxyz@slideshare.net(jxyz) PLDI 2010: Safe to the Last Instruction jxyz My first con <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/pldi2010verve-100612215708-phpapp01-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> My first con
PLDI 2010: Safe to the Last Instruction from jxyz
]]> 1215 2 https://cdn.slidesharecdn.com/ss_thumbnails/pldi2010verve-100612215708-phpapp01-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 https://public.slidesharecdn.com/v2/images/profile-picture.png https://cdn.slidesharecdn.com/ss_thumbnails/wecodetechtalk2017-170206161953-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/programming-languages-for-biological-modeling/71820621 Programming Languages ... https://cdn.slidesharecdn.com/ss_thumbnails/jacquelinepldi2016presentation-160618053624-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/pldi-2016-presentation-on-jacqueline-web-framework/63195062 PLDI 2016 Presentation... https://cdn.slidesharecdn.com/ss_thumbnails/phillyete2016-160411200830-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/philly-ete-2016-securing-software-by-construction/60775076 Philly ETE 2016: Secur...