CS Talk
Wen Zhang
Refreshments will be provided from Koffee.
Host: Anurag Khandelwal
Title: Sensitive-data Protection for Today’s Web Applications
Abstract:
As web applications increasingly handle sensitive user data, protecting that data from unauthorized access is more critical than ever. Yet, despite decades of research on access control, data leaks remain prevalent—not due to a lack of solutions, but because existing solutions are difficult to adopt by today’s deployed applications. Two key challenges hinder adoption: (1) many solutions require nonstandard programming models that are incompatible with mainstream web frameworks, and (2) developers must manually define access-control policies—a time-consuming and error-prone task, particularly for legacy applications that lack such policies.
If we want to solve the societal problem of sensitive-data protection, we must meet today’s applications where they are. My recent work has focused on developing access-control techniques that can be easily applied to existing applications. In this talk, I will present two systems: Blockaid, which performs fine-grained access control on existing web applications with minimal modification, and Ote, which aids in policy creation by extracting implicit policies embedded in legacy code. By supporting today’s applications without requiring a redesign, my approach aims to bring practical data protection to real-world deployments.
Bio:
Wen Zhang is a PhD candidate at UC Berkeley advised by Professor Scott Shenker. His research focuses on computer systems—with interests spanning databases, distributed and cloud computing, and operating systems—and draws on techniques from formal methods and software engineering. His past work has investigated database access control, general-purpose serverless computing, and persistent-memory storage systems. He received his bachelor’s degree from Stanford University.