Prof. Peter Honeyman and CSE alumnus Niels Provos have received the USENIX Test of Time Award for their paper on privilege separation, a generic approach that lets parts of an application run with different levels of privilege. They share this award with co-author Markus Friedl.
The USENIX Test of Time Awards recognizes papers presented at its respective conference from at least 10 years ago that have had a lasting impact on their fields.
In the paper, “Preventing Privilege Escalation”, the researchers discuss the methodology and design of privilege separation. Privilege separation enhances the security of operating systems when executing tasks by allowing different levels of privilege. A programming error in a privileged service opens the door to system compromise in the form of unauthorized acquisition of privileges. Privilege separation makes it so that programming errors occurring in the unprivileged parts can no longer be abused to gain unauthorized privileges. This approach can also be useful for system services that authenticate users.
Peter Honeyman, Research Professor of CSE, has been on the University of Michigan faculty for 30 years. He has advised and been a mentor to many high-achieving CSE students over the years, including Avi Rubin (Professor and author of Brave New Ballot: The Battle to Safeguard Democracy in the Age of Electronic Voting), Tim Howes (CTO at ClearStory Data), Larry Huston (Chief Architect at Arbor Networks), and his co-author Niels Provos (Distinguished Engineer at Google, Inc.). Peter holds the B.G.S. (with distinction) from the University of Michigan and the M.S.E., M.A., and Ph.D. degrees from Princeton University.