Kevin Walsh

Research Projects
  • CloudProxy/Tao Authentication and authorization for cloud computing.
  • Chromatography Alignment algorithms for chromatogram data.
  • Nexus Trustworthy computing, operating systems, and authorization logics.
  • Credence Addressing content pollution in peer to peer filesharing through distributed ratings.
  • SNS: Staged Simulation Improving the scale and performance of discrete event wireless-network simulators.
  • Modelnet A large scale wide-area network emulator built from commodity hardware.
  • MagnetOS A distributed operating system for ad hoc and sensor networks to enable power-aware, adaptive, and efficient ad hoc networking applications.
Recent Software
Odds and Ends
Thesis

My Ph.D. thesis explores issues of trust and authorization in software systems through the design and implementation of Nexus Authorization Logic (NAL). NAL provides a principled basis for specifying and reasoning about credentials and authorization policies. It extends prior access control logics that are based on "says" and "speaks for" operators, enabling authorization of access requests to depend on (i) the source or pedigree of the requester, (ii) the outcome of any mechanized analysis of the requester, or (iii) the use of trusted software to encapsulate or modify the requester.

Recent Publications
  1. Mechanisms for Mutual Attested Microservice Communication.
    Kevin Walsh and John Manferdelli.
    In International Workshop on Clouds and Applications Management, December 2017.
  2. Intra-Cloud and Inter-Cloud Authentication.
    Kevin Walsh and John Manferdelli.
    In Proceedings of the 10th IEEE International Conference on Cloud Computing, June 2017.
  3. TLS with Trustworthy Certificate Authorities.
    Kevin Walsh.
    In IEEE Workshop on Security and Privacy in the Cloud at IEEE Conference on Communications and Network Security (CNS), October 2016.
  4. Hotelling Trace Criterion as a Figure of Merit for the Optimization of Chromatogram Alignment.
    Edward J. Soares, Gopal R. Yalla, John B. O'Connor, Kevin A. Walsh, and Amber M. Hupp.
    Journal of Chemometrics, 29:3, pp 200-212. March 2015.
  5. Authorization and Trust in Software Systems.
    Kevin Walsh.
    Ph. D. Thesis, Cornell University, January 2012.
  6. Costs of Security in the PFS File System.
    Kevin Walsh and Fred B. Schneider.
    Cornell Computing and Information Science Technical Report.
  7. Logical Attestation: An Authorization Architecture for Trustworthy Computing.
    Emin Gün Sirer., Willem de Bruijn, Patrick Reynolds, Alan Shieh, Kevin Walsh, Dan Williams, and Fred B. Schneider.
    In Symposium on Operating Systems Principles (SOSP), October 2011.
    Also available as a Cornell Computing and Information Science Technical Report.
  8. Nexus Authorization Logic (NAL): Design Rationale and Applications.
    Fred B. Schneider, Kevin Walsh, and Emin Gün Sirer.
    In ACM Transactions on Information and System Security (TISSEC), May 2011.
    Also available as a Cornell Computing and Information Science Technical Report.
  9. Device Driver Safety Through a Reference Validation Mechanism.
    Dan Williams, Patrick Reynolds, Kevin Walsh, Emin Gün Sirer, and Fred B. Schneider.
    In Proceedings of 8th Symposium on Operating Systems Design and Implementation (OSDI), San Diego, December, 2008.
  10. Experience with an Object Reputation System for Peer-to-Peer Filesharing.
    Kevin Walsh and Emin Gün Sirer.
    In Proceedings of the Symposium on Networked System Design and Implementation (NSDI), San Jose, California, May 2006.
    Awarded Best Paper.
  11. Fighting Peer-to-Peer SPAM and Decoys with Object Reputation.
    Kevin Walsh and Emin Gün Sirer.
    In Proceedings of the Third Workshop on the Economics of Peer-to-Peer Systems (p2pecon), Philadelphia, August 2005.
  12. Design and Implementation of a Single System Image Operating System for Ad Hoc Networks.
    Hongzhou Liu, Tom Roeder, Kevin Walsh, Rimon Barr, and Emin Gün Sirer. In Proceedings of the 3rd Conference on Mobile Systems, Applications, and Services (MobiSys), Seattle, June 2005.
  13. Staged Simulation: A General Technique for Improving Simulation Scale and Performance.
    Kevin Walsh and Emin Gün Sirer.
    In ACM Transactions on Modeling and Computer Simulation (TOMACS), April 2004.
  14. Staged Simulation for Improving the Scale and Performance of Wireless Network Simulations.
    Kevin Walsh and Emin Gün Sirer.
    In Proceedings of the 2003 Winter Simulation Conference, New Orleans, December, 2003.
  15. Scalability and Accuracy in a Large-Scale Network Emulator.
    Amin Vahdat, Ken Yocum, Kevin Walsh, Priya Mahadevan, Dejan Kostic, Jeff Chase, and David Becker.
    In Proceedings of 5th Symposium on Operating Systems Design and Implementation (OSDI), Boston, December, 2002.
Technical Reports, Conference Posters, and Abstracts
  1. Intra-cloud and Inter-cloud Authentication is No Good.
    Kevin Walsh, in collaboration with Tom Roeder and John Manferdelli.
    Abstract and talk at New England Security Day (NESD), November 2016.
  2. Nexus: A New Operating System for Building Trustworthy Applications.
    Alan Shieh, Dan Williams, Kevin Walsh, Oliver Kennedy, Patrick Reynolds, Emin Gün Sirer, and Fred B. Schneider.
    Poster at Networked System Design and Implementation (NSDI), April 2007.
  3. The Case for an Object-Based Peer-to-Peer Reputation System.
    Kevin Walsh and Emin Güer.
    Poster at Symposium on Operating Systems Principles (SOSP), October 2005.
  4. MagnetOS: A Single System Image Operating System for Wireless Ad Hoc Networks.
    Hongzhou Liu, Tom Roeder, Kevin Walsh, Rimon Barr, and Emin Güer.
    Poster at Mobile Ad Hoc Networking and Computing (Mobihoc), May 2005.
  5. Credence: Combating Peer-to-Peer Pollution.
    Kevin Walsh and Emin Güer.
    Poster at Networked System Design and Implementation (NSDI), May 2005.
  6. Modelnet: Scalability and Accuracy in a Large-Scale Network Emulator.
    Ken Yocum, Kevin Walsh, Amin Vahdat, Priya Mahadevan, Dejan Kostic, Jeff Chase, and David Becker.
    Poster at ACM Special Interest Group on Data Communications (SIGCOMM), August 2002.
  7. Enabling Wide-Area Replication of Database Services with Continuous Consistency.
    Kevin A. Walsh, Amin Vahdat, and Jun Yang.
    Technical Report, Department of Computer Science, Duke University, February 2002.
  8. Truth in Availability Advertising.
    Haifeng Yu, Kevin Walsh, and Amin Vahdat.
    Poster at Symposium on Operating Systems Principles (SOSP), October 2001.