Example projects from David Walker
        
        
          - 
            secure distributed programming and PlanetLab
            
              - 
                implement a service for PlanetLab using an interesting
                programming model
                
                  - 
                    tuple spaces (see Klaim for Java)
                  
- 
                    join calculus (see JoCaml)
                  
- 
                    distributed logic programming (see SD3, Sophia)
                  
 
- 
                consider the security threats and the mechanisms necessary
                to compensate
              
- 
                implement a security monitoring service (as opposed to an
                arbitrary service)
              
 
- 
            security monitors
            
              - 
                a security monitor watches a program, virtual machine or
                distributed system and interrupts the system when it detects
                a security violation
              
- 
                consider security monitors based on transactions
                
                  - 
                    theory of what is enforceable in the transactional model
                  
- 
                    practice of implementing the system
                  
 
- 
                consider concurrent or distributed security monitors
              
- 
                consider hardware/compiler support for parallelizing
                execution of security monitors with the mainline application
              
- 
                consider type-system support for making security monitors
                compose with one another; implement it in the context of
                Polymer
              
 
- 
            Verifying availability properties
            
              - 
                recently, researchers have a great progress verifying
                cryptographic protocols and establishing authenticity and
                secrecy properties
                
                  - 
                    Multi-set writing protocols (Cervesato et al.)
                  
- 
                    Types for protocols (Gordon and Jeffrey)
                  
 
- 
                can we do the same for availability properties and
                developing robust distributed algorithms?
                
                  - 
                    eg:  can we developed techniques for verifying consensus and
                    other group communication protocols?  Under what failure
                    models?
                  
 
 
- 
            Study the effectiveness of security analysis tools
            
              - 
                How do we evaluate security analysis tools to determine how
                effective they are?
              
- 
                What properties should they have?
              
- 
                What metrics can we use to analyze tools?
              
- 
                Can we develop a benchmark for testing these tools?
              
- 
                Take two or more existing tools and analyze them.
              
 
- 
            Extend a programming language
            
              - 
                Polymer is a compiler framework for extending Java
                
                  - 
                    add some form of program monitors based on automata
                  
- 
                    add Cryptic-like support to Java for verifying cryptographic
                    protocols
                  
 
- 
                Binder is a logic-programming language with built-in secuiry
                
                  - 
                    implement a linear-logic programming version of binder
                  
 
 
- 
            information flow
            
              - 
                consider tracking information flow in a unique programming
                model
                
                  - 
                    tuple space model
                  
- 
                    distributed logic programming model
                  
- 
                    typed assembly language
                  
 
 
- 
            Survey paper option
            
              - 
                choose a relatively broad area and do an in-depth analysis
                of the research in the area
                
                  - 
                    come up with a creative way to classify the work in the area
                  
- 
                    summarize the major contributions
                  
- 
                    determine the most important avenues for future research
                  
 
- 
                focus on producing a particularly well-written report by
                working on multiple drafts
              
- 
                eg:  software program monitors; hardware support for
                security; security in distributed programming models
              
 
- 
            Come up with a own topic related to your own research
            
              - 
                Good topics may bridge gaps between areas
                
                  - 
                    Networking and distributed programming
                  
- 
                    Algorithms for reliable computing and cryptography and
                    languages to support their implementation or verification
                  
- 
                    Architecture or compilers to improve performance of security
                    mechanisms
                  
 
 


