Title: Shill: A Secure Shell Scripting Language.
Speaker: Stephen Chong, Harvard University

Abstract:

The Principle of Least Privilege suggests that software should be 
executed with no more authority than it requires to accomplish its 
task. Current security tools make it difficult to apply this 
principle: they either require significant modifications to 
applications or do not facilitate reasoning about combining 
untrustworthy components.

In this talk, I present Shill, a secure shell scripting language. 
Shill scripts enable compositional reasoning about security through 
contracts that limit the effects of script execution, including the 
effects of programs invoked by the script. Shill contracts are 
declarative security policies that act as documentation for consumers 
of Shill scripts, and are enforced through a combination of language 
design and sandboxing.

We have implemented a prototype of Shill for FreeBSD and used it for 
several case studies including a grading script and a script to 
download, compile, and install software. Our experience indicates that 
Shill is a practical and useful system security tool, and can provide 
fine-grained security guarantees.


Bio: Stephen Chong is an Associate Professor of Computer Science at 
the Harvard University. Steve's research focuses on programming 
languages, information security, and the intersection of these two 
areas. He is the recipient of an NSF CAREER award, an AFOSR Young 
Investigator award, and a Sloan Research Fellowship. He received a PhD 
from Cornell University, and a bachelor's degree from Victoria 
University of Wellington, New Zealand.