MIT EECS - Quanta Computer Undergraduate Research and Innovation Scholar
Secure Web Applications with Data Flow Assertions
This project focuses on building a security platform and API for Ruby and the Ruby on Rails web framework. A typical web application will enforce security policies by using assertions throughout its code base, typically at each input and output point. However this method can be unreliablea single missed assertion could lead to vulnerability. This project uses the principles of Resin to secure Rails apps: by attaching security policies to the data models directly we can reliably enforce those policies before they leave the application. My work will be focused on developing the API and retrofitting existing applications with our data policies.
I interned with VMwares Horizon Mobile team over the summer and worked on Android performance testing. I interned with Akamai for a year and worked on developer tools for their SQA department. I chaperoned a month-long high school trip to Angers, France.