js06金沙登录大厅

书记信箱 校长信箱 学生邮件 教工邮件
信息公开 综合信息网 网站地图 English
您当前所在位置: 首页 > 讲座报告 > 正文
讲座报告

js06金沙登录大厅:Open Source Security: Challenges, Solutions, and Opportunities

来源:网络与信息安全学院          点击:
报告人 刘杨 教授 时间 11月28日14:30
地点 腾讯会议直播 报告时间

讲座名称:Open Source Security: Challenges, Solutions, and Opportunities

讲座人:刘杨 教授

讲座时间:11月28日14:30

讲座地点:腾讯会议直播(ID:187 575 403)

讲座人介绍:

新加坡南洋理工大学(NTU)计算机学院教授,NTU网络安全实验室主任、HP-NTU公司实验室项目主任以及新加坡国家卓越卫星中心副主任,并于2019年荣获大学领袖论坛讲席教授。刘杨博士专攻软件验证,软件安全和软件工程,其研究填补了形式化方法和程序分析中理论和实际应用之间的空白,评估了软件的设计与实现以确保高安全性。到目前为止,他已经在顶级会议和顶级期刊上发表了超过400篇文章。他还获得多项著名奖项,包括MSRA fellowship,TRF Fellowship, 南洋助理教授,Tan Chin Tuan Fellowship,Nanyang Research Award 2019,NRF Investigatorship 2020,并且在ASE、FSE、ICSE等顶级软件工程会议上获得20项最佳论文奖以及最具影响力软件奖。


讲座内容:

Open-source software (OSS) has become increasingly popular in software development to simplify and shorten the developing cycle. Unfortunately, the reuse of OSS also brings security risks that OSS vulnerabilities could be excessively amplified. Recently, the frequent outbreaks of OSS vulnerabilities, e.g., Log4Shell and Spring4Shell vulnerabilities, and supply chain attacks, have also proved the urgency of securing OSS or the bigger scope of the OSS supply chain. Therefore, identifying, managing, remediating, and governing the potential risks throughout the OSS supply chain is promptly required to be further investigated.

In this talk, we will discuss the rigorous situation of the vulnerable software supply chain, as well as the challenges we are facing to secure the OSS environment. We will also show our recent efforts and solutions in securing the OSS supply chain, including our techniques on software component analysis (SCA), OSS supply chain analysis, license-related risk management, artificial intelligence-based security vulnerability analysis, and our larger scope of governing OSS with health profiles for both open-source software, as well as corresponding development teams. We also highlight the potential opportunities of OSS security and call for research in this direction.


主办单位:网络与信息安全学院

123

南校区地址:陕西省西安市西沣路兴隆段266号

邮编:710126

北校区地址:陕西省西安市太白南路2号

邮编:710071

电话:029-88201000

访问量:

版权所有:js06金沙登录大厅     陕ICP备05016463号     建设与运维:信息网络技术中心 

js06金沙登录大厅(上海)工程有限公司