The Center for Research on Computation and Society presents its last
lunch seminar of the semester:

CRCS Privacy and Security Lunch Seminar
Date: Wednesday, 14 May 2008
Time: 12:00pm-1:30 pm
Place: Maxwell Dworkin 319

Title: The Web Browser as a Platform for Building Secure Applications.
Presenter: Ben Adida, Harvard.

The Web browser is the new operating system, and Web sites the new
user applications. This new platform is incomplete: features such as
inter-process communication (cross-domain requests) and durable data
(client-side storage) are still in the design phase. The core
complication is, of course, security. Each feature requires tremendous
design care, lest it unleash a new wave of attacks against hundreds of
millions of users.

In this talk, we cover the highlights of three novel secure web-based
applications, each providing a new security feature without extending
the core browser:

(1) BeamAuth: two-factor authentication with a bookmark,
(2) SessionLock: securing non-SSL sessions against eavesdroppers, and
(3) Helios: building cryptographic voting in a web browser.

We argue that building these enhancements can inform the design of new
browser features, in particular how browsers should become true
security platforms. New security solutions should be implementable in
the web application layer.

Ben Adida is a member of the Faculty at Harvard Medical School and at
the Children’s Hospital Informatics Program, as well as a research
fellow with the Center for Research on Computation and Society with
the Harvard School of Engineering and Applied Sciences. His work
focuses on security and privacy of health data, in particular in the
context of personally-controlled health records delivered over the
web.

This entry was posted on Monday, May 12th, 2008 at 1:07 pm and is filed under Events. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.