API Usability and Security, and the Human Side of Security Engineering

Lecture / Panel
For NYU Community

Speaker: Samuel Weber, Carnegie-Mellon University

Ultimately, the security of a system relies upon its architects and programmers correctly designing and implementing it. Unfortunately these people, being only human, are prone to making mistakes.  In this talk I argue that research needs to be done on secure development processes, and in particular those that take into account usability from the developer’s point of view.  As an example of this, I’ll discuss one of my current research projects, investigating how to design APIs so as to make it easier for programmers to create more secure code.

Bio: Sam Weber’s primary research interests lie in the empirical evaluation of secure development methodologies.  He obtained his PhD from Cornell University on specification and verification, was a faculty member at Cornell University and the University of Pennsylvania, and an IBM T.J. Watson Research Center research staff member.  Before joining the Software Engineering Institute, he served as Program Director for NSF’s Secure and Trustworthy Cyberspace program.

For more information, contact Prof. Justin Cappos.