I am a member of the Security Department and my research is in the areas of secure virtualization and cloud security. Currently, I am working on detecting anomalous behavior and misconfiguration of applications in cloud environments.
In past projects, I have worked on isolating workloads on virtualized systems and enabling isolated multi-tenant network services. I designed and implemented a hypervisor-based mandatory access control for authorizing workloads on systems and controlling access to physical and virtual resources in order to enforce tenant isolation requirements. For supporting isolated networks, I provided a high-performance network device driver to the Virtual IO Server (VIOS) facilitating overlay networks, e.g., DOVE, and led the work on providing Trusted Firewall on VIOS, enabling inter-VLAN routing integrated with network packet filtering on Power Systems.