Alejandro Russo

Professor (Bitr. Professor)

My research focus on protecting confidentiality of data when manipulated by untrusted software components, i.e., software written by someone else. For that, I have been applying a wide-range of rigorous programming languages techniques and authored software solutions to build secure systems for the programming languages Haskell, Python, and JavaScript.

[Google Scholar] [LinkedIn]

Publications

2021


Nachiappan Valliappan, Alejandro Russo, and Lindley
HASKELL 2021
In Proc. of ACM SIGPLAN Haskell Symposium

2020


Elisabet Lobo-Vesga, Alejandro Russo, and Marco Gaboardi
IEEE S&P 2020
In Proc. of IEEE Security and Privacy

Agustín Mista and Alejandro Russo
TFP 2020
In Proc. of International Symposium on Trends in Functional Programming

Gian Luca Scoccia, Marco Autili, Patrizio Pelliccione, Paola Inverardi, Matteo Maria Fiore, and Alejandro Russo
NIER@ICSE 2020
In Proc. of New Ideas and Emerging Results track at ICSE

Carlos Tomé Cortiñas, Marco Vassena, and Alejandro Russo
CSF 2020
In Proc. of IEEE Computer Security Foundations Symposium

Sergio Benitez, Jonathan Cogan, and Alejandro Russo
PLAS 2020
In Proc. of ACM Workshop on Programming Languages and Analysis for Security

Nachiappan Valliappan, Robert Krook, Alejandro Russo, and Koen Claessen
HASKELL 2020
In Proc. of ACM SIGPLAN Haskell Symposium

2019


Elisabet Lobo-Vesga, Alejandro Russo, and Marco Gaboardi
TPDP 2019
In Proc. of Theory and Practice of Differential Privacy Workshop Series

Agustín Mista and Alejandro Russo
IFL 2019
In Proc. of Symposium on Implementation and Application of Functional Languages

Nachiappan Valliappan and Alejandro Russo
PPDP 2019
In Proc. of International Symposium on Principles and Practice of Declarative Programming

Marco Vassena, Alejandro Russo, Deepak Garg, Vineet Rajani, and Deian Stefan
POPL 2019
In Proc. of ACM SIGPLAN Symposium on Principles of Programming Languages

Claudio Agustin Mista, and Alejandro Russo
AST 2019
In Proc. of EEE/ACM 14th International Workshop on Automation of Software Test

Maximilian Algehed, Alejandro Russo, and. Cormac Flanagan
CSF 2019
In Proc. of IEEE Computer Security Foundations Symposium

2018


Minh Ngo, Nataliia Bielova, Cormac Flanagan, Tamara Rezk, Alejandro Russo, and Thomas Schmitz
WWW (Web prog. track) 2018
In Proc. of Proceedings of the The Web Conference 2018

Agustín Mista, Alejandro Russo, and John Hughes
HASKELL 2018
In Proc. of ACM SIGPLAN Haskell Symposium

Thomas Schmitz, Maximilian Algehed, Cormac Flanagan, and Alejandro Russo
CCS 2018
In Proc. of ACM Conference on Computer and Communications Security

Nachiappan Valliappan, Solène Mirliaz, Elisabet Lobo Vesga, and Alejandro Russo
ISoLA 2018
In Proc. of International Symposium On Leveraging Applications of Formal Methods, Verification and Validation

2017


Lucas Waye, Pablo Buiras, Owen Arden, Alejandro Russo, and Stephen Chong
CCS 2017
In Proc. of ACM Conference on Computer and Communications Security

Maximilian Algehed and Alejandro Russo
PLAS 2017
In Proc. of ACM Workshop on Programming Languages and Analysis for Security

Marco Vassena, Joachim Breitner and Alejandro Russo
CSF 2017
In Proc. of IEEE Computer Security Foundations Symposium

2016


Filippo Del Tedesco, David Sands, Alejandro Russo
CSF 2016
In Proc. of IEEE Computer Security Foundations Symposium

Marco Vassena, Pablo Buiras, Lucas Waye and Alejandro Russo
ESORICS 2016
In Proc. of European Symposium on Research in Computer Security

Marco Vassena and Alejandro Russo
PLAS 2016
In Proc. of ACM SIGPLAN Workshop on Programming Languages and Analysis for Security

2015


Alejandro Russo
ICFP 2015
In Proc. of ACM SIGPLAN International Conference on Functional Programming

Pablo Buiras, Dimitrios Vytiniotis, and Alejandro Russo
ICFP 2015
In Proc. of ACM SIGPLAN International Conference on Functional Programming

Stefan Heule, Deian Stefan, Edward Z. Yang, John C. Mitchell, and Alejandro Russo
POST 2015
In Proc. of Conference on Principles of Security and Trust

Lucas Waye, Pablo Buiras, Dan King, Stephen Chong, and Alejandro Russo
STM 2015
In Proc. of International Workshop on Security and Trust Management

Stefan Heule, Devon Rifkin, Alejandro Russo, and Deian Stefan
HotOS 2015
In Proc. of USENIX Workshop on Hot Topics in Operating Systems

2014


Filippo Del Tedesco, Alejandro Russo, and David Sands
ESSoS 2014
In Proc. of International Symposium on Secure Software and Systems

Pablo Buiras, Deian Stefan, and Alejandro Russo
CSF 2014
In Proc. of IEEE Computer Security Foundations Symposium

Deian Stefan, Edward Z. Yang, Petr Marchenko, Alejandro Russo, Dave Herman, Brad Karp, and David Mazières
OSDI 2014
In Proc. of USENIX Symposium on Operating Systems Design and Implementation

2013


Pablo Buiras, Deian Stefan, Amit Levy, Alejandro Russo, and David Mazières
TGC 2013
In Proc. of International Symposium on Trustworthy Global Computing

Deian Stefan, Pablo Buiras, Edward Z. Yang, Amit Levy, David Terei, Alejandro Russo, and David Mazières
ESORICS 2013
In Proc. of European Symposium on Research in Computer Security

Pablo Buiras and Alejandro Russo
NordSec 2013
In Proc. of Nordic Conference on Secure IT Systems

Dante Zanarini, Mauro Jaskelioff, and Alejandro Russo
CSF 2013
In Proc. of IEEE Computer Security Foundations Symposium

2012


Deian Stefan, Alejandro Russo, Pablo Buiras, Amit Levy, John C. Mitchell, and David Mazières
ICFP 2012
In Proc. of ACM SIGPLAN International Conference on Functional Programming

Daniel B. Giffin, Amit Levy, Deian Stefan, David Terei, David Mazières, John C. Mitchell, and Alejandro Russo
OSDI 2012
In Proc. of USENIX Symposium on Operating Systems Design and Implementation

Luciano Bello and Alejandro Russo
PLAS 2012
In Proc. of ACM SIGPLAN Workshop on Programming Languages and Analysis for Security

2011


Arnar Birgisson, Alejandro Russo, and Andrei Sabelfeld
PLAS 2011
In Proc. of ACM SIGPLAN Workshop on Programming Languages and Analysis for Security

Deian Stefan, Alejandro Russo, David Mazières, and John C. Mitchell
NORDSEC 2011
In Proc. of Nordic Conference in Secure IT Systems

Deian Stefan, Alejandro Russo, John C. Mitchell, and David Mazières
HASKELL 2011
In Proc. of ACM SIGPLAN Haskell Symposium

Mauro Jaskelioff and Alejandro Russo
PSI 2011
In Proc. of Andrei Ershov International Conference on Perspectives of System Informatics

Michal Palka, Koen Claessen, Alejandro Russo, and John Hughes
AST 2011
In Proc. of IEEE/ACM International Workshop on Automation of Software Test

2010


Juan José Conti and Alejandro Russo
NORDSEC 2010
In Proc. of Nordic Conference in Secure IT Systems

Alejandro Russo and Andrei Sabelfeld
CSF 2010
In Proc. of IEEE Computer Security Foundations Symposium

Filippo del Tedesco, Alejandro Russo, and David Sands
NORDSEC 2010
In Proc. of Nordic Conference in Secure IT Systems

Jonas Magazinius, Alejandro Russo, and Andrei Sabelfeld
SEC 2010
In Proc. of International Information Security Conference

Arnar Birgisson, Alejandro Russo, and Andrei Sabelfeld
ICISS 2010
In Proc. of Conference on Information Systems Security

2009


Alejandro Russo and Andrei Sabelfeld
PSI 2009
In Proc. of Andrei Ershov International Conference on Perspectives of System Informatics

Alejandro Russo and Andrei Sabelfeld
CSF 2009
In Proc. of IEEE Computer Security Foundations Symposium

Alejandro Russo, Andrei Sabelfeld, and Andrey Chudnov
ESORICS 2009
In Proc. of European Symposium on Research in Computer Security

2008


Alejandro Russo, Koen Claessen, and John Hughes
HASKELL 2008
In Proc. of SIGPLAN Haskell Symposium

2007


Tsa-chung Tsai, Alejandro Russo, and John Hughes
CSF 2007
In Proc. of IEEE Computer Security Foundations Symposium

Gilles Barthe, Tamara Rezk, Alejandro Russo, and Andrei Sabelfeld
ESORICS 2007
In Proc. of European Symposium on Research in Computer Security

2006


Alejandro Russo, John Hughes, David Naumann, and Andrei Sabelfeld
ASIAN 2006
In Proc. of Annual Asian Computing Science Conference

Alejandro Russo and Andrei Sabelfeld
CSFW 2006
In Proc. of IEEE Computer Security Foundations Workshop

Alejandro Russo and Andrei Sabelfeld
PSI 2006
In Proc. of Andrei Ershov International Conference on Perspectives of System Informatics

Journals


Daniel B. Giffin, Amit Levy, Deian Stefan, David Terei, David Mazières, John C. Mitchell, and Alejandro Russo
JCS 2017
In Journal of Journal of Computer Security

Deian Stefan, Alejandro Russo, John Mitchell, and David Mazières
JFP 2016
In Journal of Functional Programming, Cambridge University Press

Jonas Magazinius, Alejandro Russo, and Andrei Sabelfeld
2012
In Journal of Computers & Security, Elsevier

Gilles Barthe, Tamara Rezk, Alejandro Russo, and Andrei Sabelfeld
TISSEC 2010
In Journal of ACM Transactions on Information and System Security

Alejandro Russo, Andrei Sabelfeld, and Keqin Li
2009
In Journal of Marktoberdorf Summer School, IOS Press

Alejandro Russo and Andrei Sabelfeld
JLAP 2007
In Journal of Logic and Algebraic Programming dedicated to the Nordic Workshop on Programming Theory (NWPT'07), Elsevier Editorial

Thesis


Alejandro Russo
2008
PhD Thesis, Chalmers University of Technology

Alejandro Russo
2007
Licentiate Thesis, Chalmers University of Technology

Alejandro Russo
2004
Diploma Thesis, Facultad de Ciencias Exactas, Ingeniería y Agrimensura (UNR), Rosario, Argentina

Students

Current


Supervisor (2019 - 2024)

I supervise Carlos on developing secure functional languages.

Now at

Carlos Tomé Cortiñas, PhD student (Chalmers University of Technology)

Past


Projects

Current


Past


HIPSTER: HybrId Privacy Analysis with Hardware Support (VR)

(PI) This project develops techniques to combine static and dynamic analysis for information-flow control so that (i) developers must control the boundaries of static and dynamic analyses, (ii) enforcement techniques should be easily deployed in ubiquitous hardware and software, and (iii) the proposed solutions must be provably sound. The project also explores the use of the forthcoming Intel support for security, called Software Guard Extension, to safely deploy IFC techniques in cloud services.

Duration: 4 years (2016 - 2020)

AppFlow: Putting Information Flow Control to Work (VR)

(Co-PI) This projects focus on bridging the gap between theory and practice of information-flow control (IFC) systems. It involves topics like policy inference, protecting data in data stores, and different analysis for protecting sensitive data. The project brings together researchers from some state-of-the-art IFC tools: Paragon (based on Java), LIO/MAC (based on Haskell), and JSFlow (based on JavaScript).

Duration: 4 years (2015 - 2019)

Controlling Privileges for Data Release (STINT)

(PI) This projects develops foundations to understands systems which release sensitive information using capability-like declassification mechanisms. The funds support a collaboration with Prof. Stephen Chong and his group at Harvard University.

Duration: 1 years (2014)

Addressing Hardware Timing Covert Channles (STINT)

(PI) This project developed several solutions to remove information leaks in information-flow control systems due to timing perturbations arising from hardware, e.g., caches, TLB, etc. The funds supported a collaboration with Prof. David Mazières and his group at Stanford University.

Duration: 1 years (2013)

SecOpen: Securing Open Development Environments (VR)

(PI) This project focus on developing technology to track how sensitive information flows within concurrent systems. We provide solutions for dynamically enforce confidentiality in Haskell.

Duration: 4 years (2012 - 2016)

A taint mode for Google App Engine (Google Research Award)

(PI) This project developed a taint analysis for the Python Google App Engine. Our solution consists on a library in Python rather than modification to the runtime system or interpreter.

Duration: 1 years (2011)

Activities

PC member


External research positions


Event organizer


Contact

Room 5481, EDIT Building,
Rännvägen 6B,
Chalmers University Technology,
41296 Göteborg, Sweden.

+46 31-772-6156

Map

Latest News

Teaching Advanced Functional Programming (January - March)

Recent Tweets