Policy Analysis: Kathi Fisler, WPI
- 11:00 am on Monday, April 29, 2013
- 12:00 pm on Monday, April 29, 2013
- MCS 148
Access-control policies play a central role in controlling the dissemination of sensitive data in various domains, including healthcare, finance, and social networks. They represent an important but not isolated example of policies or rules that govern the behavior of programs or systems. Developers increasingly separate these policies from the rest of their programs into separate modules written in domain-specific, declarative policy languages. This separation of the policy from the rest of the program affords interesting opportunities for formal analysis. It is, however, unclear that the straightforward application of verification is appropriate or useful. We will discuss these issues, as well as concrete tools and results we've produced and lessons we've learned. Joint work with Shriram Krishnamurthi (Brown) and Dan Dougherty (WPI). Hosts: Azer Bestavros and Assaf Kfoury --- Kathi Fisler has been on the faculty at WPI since 2000. Over time, her research has explored various problems at the intersection of formal logic and human reasoning, including logics of diagrams, feature-oriented software engineering, policy authoring, and computing education. She currently directs WPI's academic Cybersecurity program. She also co-directs Bootstrap, an outreach program that teaches computing to pre-college students in a way that reinforces national math standards in algebra.