Queue Video Portrait: Ang Cui

Ang Cui is a Ph.D. student at Columbia University in New York City. His research focuses on embedded devices such as routers, printers and VOIP phones. He is the inventor of a novel, host-based defense mechanism known as Symbiotes. Symbiotes are designed specifically to retrofit black-box, vulnerable, legacy embedded systems with sophisticated anti-exploitation mechanisms. In this video portrait, Ang describes how the extent of the embedded threat in real-world environments, discusses novel exploitation techniques for embedded systems–like enterprise networking equipment–and develops practical defenses for embedded systems that constitute our global communication substrate.

 

Ang Cui

 

Queue Portrait: Ang Cui

 

A Decade of OS Access-control Extensibility

Open source security foundations for mobile and embedded devices

ROBERT N. M. WATSON, UNIVERSITY OF CAMBRIDGE COMPUTER LABORATORY

To discuss operating system security is to marvel at the diversity of deployed access-control models: Unix and Windows NT multiuser security; Type Enforcement in SELinux; anti-malware products; app sandboxing in Apple OS X, Apple iOS, and Google Android; and application-facing systems such as Capsicum in FreeBSD. This diversity is the result of a stunning transition from the narrow 1990s Unix and NT status quo to security localization—the adaptation of operating-system security models to site-local or product-specific requirements.

A Decade of OS Access-control Extensibility

Related:

Building Systems to Be Shared, Securely

ACM CTO Roundtable on Mobile Devices in the Enterprise

Extensible Programming for the 21st Century