Ph.D. Candidate
Department of Computer Science
University of Maryland
College Park, MD
| I have moved to Microsoft Research. I have also started to maintain a personal blog. This page remains as an archive. | |
|
Nikhil Swamy Ph.D. Candidate Department of Computer Science University of Maryland College Park, MD
|
|
|
I am a member of the programming languages
group and am advised by Dr. Michael Hicks. My research
is focused primarily on provably securing software systems by
utilizing formal methods in the design, implementation or analysis of
programming languages.
I expect to graduate this summer. In the fall, I will begin work as a researcher at Microsoft Research, in Redmond, WA. A list of my publications is available here and my resume is here. |
| SELinks: End-to-end Security for Web Applications | ||
|
My dissertation work has focused on developing techniques for making
web applications secure by construction. I've applied ideas from type
theory (mainly dependent types) to design a programming language
called SELinks in which fine-grained security policies can be reliably
enforced. We've built a couple of realistic web applications using
this language. More information can be found here.
|
||
| Defeating XSS attacks | ||
|
The whole purpose of sites like Blogger, MySpace, and Flickr is to
republish content provided by their users. If this content contains
scripts, then the script will be executed in the browser of anyone who
visits the site. This is a script injection attack, and it is
currently the #1 class of security vulnerabilities being reported
today. We propose BEEP, a solution in which web site developers can
equip their web pages with policies that allow a browser to filter out
all malicious content. More information can be found here.
|
||
| Verification of cryptographic protocols | ||
| Windows Vista now ships with a system called CardSpace that manages digital identity in a user's interaction with a web service. This paper describes a technique to verify that implementations of tricky multi-party cryptographic protocols (like those used in CardSpace) provide the necessary guarantees of secrecy and authenticity. | ||
| I have also worked on a number of other projects that address various aspects of software quality. | ||
| Dynamic Information Flow Security | ||
|
Managing Policy Updates in Security-Typed Languages
N. Swamy, M. Hicks, S. Tse and S. Zdancewic In Proc. IEEE Computer Security Foundations Workshop, 2006 |
||
| Memory Management | ||
|
Safe Manual Memory Management in Cyclone N. Swamy, M. Hicks, G. Morrisett, D. Grossman and T. Jim Science of Computer Programming, Special Issue on Memory Management |
||
| Race Detection | ||
|
Dynamic Inference of Polymorphic Lock Types J. Rose, N. Swamy and M. Hicks Science of Computer Programming, Special Issue on Concurrency and Synchronization in Java programs |
||
| Performance Analysis | ||
|
Finding and Removing Performance Bottlenecks in Large Systems G. Ammons, J. Choi, M. Gupta and N. Swamy In Proceedings of European Conference on Object Oriented Programming (ECOOP) 2004 |
||
| In the past, I did some work on quantum computing and artificial intelligence. The best thing to emerge from this work is my Erdös number which is now no greater than 3. (Barnum -> Saks -> Erdös) Just kidding ... AI is awesome and I'm pretty proud of this old work as well. | ||
|
RGL Study in Hybrid Real-Time Systems K. Hennacy, N. Swamy and D. Perlis Neural Networks and Computational Intelligence, 2004 |
||
|
Finding a Better-than-Classical Quantum AND/OR Algorithm L. Spector, H. Barnum, H.J. Bernstein and N. Swamy Congress of Evolutionary Computation, 1999 |
||
|
Quantum
computing applications of genetic programming L. Spector, H. Barnum, H.J. Bernstein and N. Swamy Advances in Genetic Programming, MIT Press, 2000 |
||
|
Quantum
Computing and AI An overview of this project from L.Spector's invited talk at AAAI '99 |
||