David Schultz
PhD CandidateProgramming Methodology Group
Computer Science and Artificial Intelligence Laboratory
Department of Electrical Engineering and Computer Science
Massachusetts Institute of Technology
| Overview | Research | Teaching | Personal |
I am interested in building secure and reliable distributed systems. My present research addresses the problem of privacy leaks in online services, resulting in the loss of account information, social security numbers, credit card numbers, medical records, and other sensitive data. I am building a new platform, IFDB, that addresses a major source of these problems—bugs in database-backed applications. IFDB uses decentralized information flow control; it labels sensitive data and tracks data flows through the database and applications. It enforces security policies that can prevent buggy applications from releasing information inappropriately. In addition to the IFDB work, I am also involved in the design and implementation of the Aeolus information flow platform.
Some of my past research includes proactive recovery for Byzantine-fault-tolerant replicated systems. Undetected breaches happen all the time, so how is it possible to defend against an attacker who may have surreptitiously compromised servers and stolen private keys? Proactive recovery prevents the attacker from gaining the upper hand by periodically reinitializing servers to a known-good state, and using new protocols based on secret sharing to refresh cryptographic keys. Before that, I worked at Berkeley on model checking to detect security bugs, and automated detection and repair of side-channel attacks.
I have also done a few internships and worked on various other systems projects over the years. At MSR, I applied model-checking techniques to identify logical errors in distributed protocols. At Sun, I designed and implemented the file number allocator, based on a multi-level bitmap data structure, for the ZFS filesystem. In my free time, I contribute to the FreeBSD Project.
Winnie Cheng, Dan Ports, David Schultz, Victoria Popic, Aaron Blankstein, James Cowling, Dorothy Curtis, Liuba Shrira, and Barbara Liskov. Abstractions for Usable Information Flow Control in Aeolus. In Proc. USENIX Annual Technical Conference, USENIX, June 2012. [pdf]
Rodrigo Rodrigues, Barbara Liskov, Kathryn Chen, Moses Liskov, and David Schultz. Automatic Reconfiguration for Large-Scale Reliable Storage Systems. Trans. on Dependable and Secure Computing (TDSC), vol. 9, no. 2, IEEE, March 2012. [pdf]
David Schultz, Barbara Liskov, and Moses Liskov. Mobile Proactive Secret Sharing. Trans. on Info. and System Security (TISSEC), vol. 13, no. 4, ACM, December 2010. [pdf]
The Program Counter Security Model: Automatic Detection and Removal of Control-Flow Side Channel Attacks. David Molnar, Matt Piotrowski, David Schultz, and David Wagner. In ICISC 2005, LNCS 3935. Springer-Verlag, Dec 2005. [pdf]
