Research Fellows Directory
Dr Brad Karp
University College London
Computer systems and networks have become essential tools in commerce, science, medicine, and indeed, across all fields of endeavor. Yet despite their widespread use and familiarity throughout society, they remain immature and highly imperfect tools. First, computer systems and networks do not yet offer sufficient performance or functionality to be applied to many tasks. And second, now that the day-to-day functioning of society relies crucially on networked computer systems, the security of these systems--their resilience against attack and ability to preserve the privacy of personal, sensitive information--has become a vital issue of individual, corporate, and national concern. In my research, I design new computer systems and networks that offer previously unseen functionality and high performance, and offer improved security, to enhance their dependability and reliability and to protect the sensitive data they frequently manipulate.
In an era when connectivity is ubiquitous, and shared, remotely accessible servers are instrumental in the daily tasks carried out by citizens, a networked server's software must frequently handle sensitive data. A user of an online store expects his credit card number not to fall into the hands of miscreants. But today, vulnerabilities in software allow attackers to steal a user's credit card number, delete an online store's order database, or take other malicious actions. In my research, I'm pioneering new ways to structure the software for networked servers to protect people's personal or sensitive data. The essence of the approach is to split software into compartments separated by firewalls, and give each compartment only the minimal privileges needed to do its job. The result is a server that even if attacked will not disclose sensitive data. This approach will enable online stores where a customer's credit card number cannot be stolen, and medical record databases that strongly protect patients' confidential records.