log in  |  register  |  feedback?  |  help  |  web accessibility
PhD Proposal: Responding to the threats of Uninformed Configuration
Yehuda Katz
Tuesday, February 4, 2020, 11:00 am-1:00 pm Calendar
  • You are subscribed to this talk through .
  • You are watching this talk through .
  • You are subscribed to this talk. (unsubscribe, watch)
  • You are watching this talk. (unwatch, subscribe)
  • You are not subscribed to this talk. (watch, subscribe)
System administrators are usually trusted to be experts on the systems they control, yet security breaches and performance problems can often be traced to improper configuration by these same administrators. These configuration mistakes aren’t made deliberately and certainly not maliciously, but are usually due to a lack of information about the consequences and interactions of these settings. We call this *Uninformed Configuration*. Existing research focuses on ensuring users don’t make security mistakes or helping developers/engineers validate their systems meet security and performance targets, but there is little research focusing on the system administrator who bridges these two groups, taking systems from developers and maintaining them for the end user.

First, we will show practical examples of the dangers of uninformed configuration and some of the methods that have been attempted to mitigate the issue, and we will explain why those methods are inadequate.

Second, we will dive into the difficulties in finding and tracking the critical settings of systems, explain why it is so difficult and develop a standard way of describing/explaining/analyzing these settings for use in advising the administrator and by other software.

Lastly, we will present **NUCLEAR: the NUCLEAR Uninformed Configuration Locator, Explainer, Advisor and Repairer**, a tool which will combine the previously described settings and help administrators better configure their systems, while resolving the issues with the existing inadequate methods.

Examining Committee: 
                          Chair:               Dr. Ashok Agrawala
                          Dept rep:         Dr.  David Van Horn
                          Members:        Dr. Pete Keleher

Yehuda Katz started taking classes at UMD when he was in high school and has been here ever since. He started programming when he was 8 and hasn't stopped. He spends his time here pushing the limits of campus IT systems. Yehuda also serves as an elected representative to the Graduate Student Government, and advocates for Graduate Student interests across campus.

This talk is organized by Tom Hurst