Difference between revisions of "User:Sjmurdoch"

From C4 Wiki
Jump to: navigation, search
Line 4: Line 4:
  
 
[http://www.cl.cam.ac.uk/users/sjm217/ My main website]
 
[http://www.cl.cam.ac.uk/users/sjm217/ My main website]
 +
 +
Hello. I'm another one of the students from [http://www.cam.ac.uk/
 +
Cambridge]. Currently I am working on a PhD in the
 +
[http://www.cl.cam.ac.uk/Research/Security/ Security Group] in the
 +
[http://www.cl.cam.ac.uk/ Computer Lab].  My main PhD topic is on
 +
secure storage of structured data, but I have also worked on a few
 +
other projects, including reverse engineering
 +
[http://www.cl.cam.ac.uk/TechReports/UCAM-CL-TR-592.pdf cryptographic
 +
co-processors], understanding
 +
[http://www.cl.cam.ac.uk/users/sjm217/projects/currency/ currency
 +
counterfeiting prevention systems] and
 +
[http://www.cl.cam.ac.uk/users/sjm217/papers/ih04connect-4.pdf
 +
colluding in games].
 +
 +
Last year I did some work on [http://www.nsa.gov/selinux/ Security
 +
Enhanced Linux], and I am generally interested in improving OS
 +
security. One reason behind this is that I am a sysadmin for
 +
[http://www.srcf.ucam.org/ a server with 1,396 active users], each of
 +
which can run insecure CGI/PHP scripts.  So in addition to the normal
 +
security goal of keeping unauthorised users out, we also have to be
 +
very careful to partition users and prevent privilege
 +
escalation. Recently I have been looking at more conventional software
 +
vulnerabilities (buffer overflows, format strings, etc.) and writing
 +
tools to detect them in binaries. Hopefully this summer school will
 +
give me the opportunity to extend and improve these.

Revision as of 15:50, 21 September 2004

Steven Murdoch

http://www.cl.cam.ac.uk/users/sjm217/StevenMurdoch.jpg

My main website

Hello. I'm another one of the students from [http://www.cam.ac.uk/ Cambridge]. Currently I am working on a PhD in the Security Group in the Computer Lab. My main PhD topic is on secure storage of structured data, but I have also worked on a few other projects, including reverse engineering [http://www.cl.cam.ac.uk/TechReports/UCAM-CL-TR-592.pdf cryptographic co-processors], understanding [http://www.cl.cam.ac.uk/users/sjm217/projects/currency/ currency counterfeiting prevention systems] and [http://www.cl.cam.ac.uk/users/sjm217/papers/ih04connect-4.pdf colluding in games].

Last year I did some work on [http://www.nsa.gov/selinux/ Security Enhanced Linux], and I am generally interested in improving OS security. One reason behind this is that I am a sysadmin for a server with 1,396 active users, each of which can run insecure CGI/PHP scripts. So in addition to the normal security goal of keeping unauthorised users out, we also have to be very careful to partition users and prevent privilege escalation. Recently I have been looking at more conventional software vulnerabilities (buffer overflows, format strings, etc.) and writing tools to detect them in binaries. Hopefully this summer school will give me the opportunity to extend and improve these.