Amit Levy : 2012 Security Session


Monday, April 2, 2012
Location: Fisher Conference Center, Arrillaga Alumni Center

"Hails: Protecting Data Privacy in Untrusted Web Apps"
2:30pm - 3:00pm


Web applications are increasingly becoming the primary curators of personal and corporate data. Much of the success of such Web applications is due to the flexibility in allowing third-party vendors to extend user experiences. However, today's web application APIs provide too little extensibility at too high a privacy cost for the next generation of web application extensions. Commonly, web application platforms find a middle ground between restricting access to data by third-party applications and requiring users to disclose private information: sacrificing both extensibility and privacy.

Hails is a web platform that uses information flow control (IFC) to enforce policies on untrusted code. IFC allows users to specify policies in terms of where data can flow instead of what code is privileged to access it.


Amit Levy is a first year Ph.D. student in Computer Science at Stanford. His research interest are in computer security, distributed systems and cloud storage. Prior to Stanford he obtained a BS in Computer Science and Economics and MS in Computer Science at University of Washington.