I'm interested in analyzing, desiging, building and evaluating software systems. During my PhD I focused on systems providing data confidentiality, integrity and accounting. For example our Guardat project describes a novel storage architecture allowing to associate data protection policies with stored files and thus proctect data integrity and confidentiality from risks such as bugs, misconfigurations and security vulnerabilities. I collaborate with my co-advisors Peter Druschel and Deepak Garg as well as fellow students Eslam Elnikety and Aastha Mehta. During a summer internship I worked with Ronald Aigner at MSR Redmond on possible usages of Trusted Plattform Modules (TPM) and Intel's Software Guard Extensions (SGX).


Light-weight Contexts: An OS Abstraction for Safety and Performance

Light-weight contexts (lwCs) provides independent units of protection, privilege, and execution state within a process. A process may include several lwCs, each with possibly different views of memory, file descriptors, and access capabilities. lwCs can be used to efficiently implement roll-back, isolated address spaces, and privilege separation in a single process. The overhead of a lwC is proportional to the amount of memory exclusive to the lwC; switching lwCs is quicker than switching kernel threads within the same process. We prototype lwCs within the FreeBSD 11.0 kernel and evaluate common usage patterns, including fast rollback, session isolation, sensitive data isolation, and inprocess reference monitoring, using Apache, nginx, PHP, and OpenSSL.

Thoth: Practical data flow protection in a search engine

Online data retrieval services like commercial search engines, online social networking, and trading and sharing sites process large volumes of data of different origins and types. Each data item indexed by a search engine, such as, online social network (OSN) data, personal email, corporate documents, public web documents, has its own usage policy. For example, email is private, OSN data and blogs may be limited to friends, and corporate documents may be restricted to employees. Furthermore, providers may have to filter certain data items in order to comply with local laws and court orders. Ensuring compliance with applicable policies in such a complex system, however, is a labor-intensive and error prone challenge. In Thoth we explore the problem of providing a practical safety net for policy compliance in a search engine.


Guardat: Enforcing data policies at the storage layer

In today’s systems, policies protecting stored data and mechanisms for their enforcement are spread across many software components, increasing the risk of violation due to bugs, vulnerabilities and misconfigurations. Guardat addresses this problem. Users, developers and administrators specify file protection policies declaratively, concisely and separate from code, and Guardat enforces these policies by mediating I/O in the storage layer. Thus, policy enforcement relies only on the integrity of the Guardat controller and any external policy dependencies. The semantic gap between the storage layer enforcement and per-file policies is bridged using cryptographic attestations from Guardat. We show experimentally that the overhead is low.
Conference Video: Youtube

Storage lease

A storage leases is a storage primitive preventing to overwrite stored data for a pre-determined period (lease period). During the lease period, online data is protected from corruption due to security breaches, software errors, or accidental data deletion. Storage leases fill an important gap in the spectrum of data protection options because they combine strong integrity for online data with the ability to eventually reclaim storage. A simulation-based evaluation indicates that storage leases have a modest performance cost for most workloads on magnetic disks. Using a small amount of flash memory, this overhead can be reduced to near zero.


Dependable Wireless Safety-Critical Hard-Real-Time Design

Design, implementation and verification of a wireless electric bicycle brake using Chess's MyriaNed nodes and Modest. Assumptions: 250 ms total reaction time (100 ms mechanical reaction time, 150 ms for communication), no fail-safe, ~60% message loss rate. This video demonstrates the wireless bicycle brake.
Press: Video (DRS 3 - Digital filming our demo at CeBit), CNN, ZDNet, CNET, GIZMODO, Engadget, Slashdot



DBLP | Google Scholar





My detailed Resume PDF





Email: vahldiek@mpi-sws.org
Public key: gpg
Tel: +49 681 9303 9124
Mailing address:
Campus E1.5, Room 414
D-66123 Saarbuecken