Trellis: Privilege Separation for Multi-User Applications Made Easy

Speaker/Bio

Andrea Mambretti is a PhD student in Information Assurance where he is working at Seclab, and he is being advised by William Robertson and Engin Kirda. His main interest is in system security with special focus on operating systems, program analysis and compilers.

Abstract

Trellis is an approach for expressing hierarchical access control policies in applications and enforcing these policies during execution. The approach enhances the development toolchain and the operating system to allow programmers to secure their applications from GUI misuse and profile privilege escalation within the application.

References

• https://www.andreamambretti.com/files/papers/raid2016_trellis.pdf