My current focus is on secure systems, particularly on how to boot them securely, and how to assure that the correct software stack is running.
My current research centers on extending principles of UEFI Secure Boot, Measured Boot, and physical and virtual Trusted Platform Modules to high availability cloud and enterprise servers whose power down cycles may span multiple years before they are rebooted! Here are some avenues of research I am currently exploring:
- How does the concept of Trusted Computing, which was originally designed for client systems, apply in a complex, high availability server, with multiple subsystems, and with components being physically removed and added without rebooting?
- How can we build fully open systems that protect themselves as well as attest to their configurations in a trustworthy manner, starting from the first firmware that is executed on power up, all the way up through a guest operating system?
- How can we build fully open systems that permit multiple parties to establish ownership and control over various parts of a system?
In past projects, I led the research and development of the firmware and operating system inside the IBM 4758. The 4758 was a tamper-responding secure coprocessor that earned the world's first FIPS 140-1 overall level 4 certificate (certificate #35). It is in its third generation, now known as the IBM 4765 Cryptographic Coprocessor. I also led the research and development of a high assurance smart card operating system.
Two other fun (past) projects:
- Security consultant to a Billion Dollar Bracket Challenge project for a US college basketball tournament
- Security consultant to a Watson Health Project which focused on personalizing treatment options to cancer patients