computer science


David Eyers' biographical sketch

David Eyers

For a short summary regarding research, I am fascinated by, and have been delighted to have been able to get involved in, a wide range of computer science fields over my career. However, my most significant research impact so far has probably been in the field of operating system and cloud security: particularly in terms of adding novel forms of security into virtualisation technologies. This has included application of information flow control middleware to databases in the "SafeWeb" system (Middleware 2010); adding layers of network monitoring in web servers in "FlowWatcher" (CCS 2015); porting Docker to Intel SGX in "SCONE" (OSDI 2016); and a new form of container-like structure for the CHERI hardware capability architecture, namely "CapVMs" (OSDI 2022). My collaborative research into data provenance has also contributed (CCS 2018 demonstrates "CamFlow" effecting whole-system provenance) by providing a comprehensive ability to monitor, and preemptively block operations from the vantage point of the Linux kernel. This was applied directly to Docker and Kubernetes containers in a co-authored paper "PACED" that was invited to IC2E 2022.

For a longer version, I completed my undergraduate combined degree (BE(Computer)/BSc(Maths)) at UNSW, Sydney, Australia. My PhD thesis, undertaken at the University of Cambridge Computer Laboratory (as it was then known), is entitled "Active Privilege Management for Distributed Access Control".

My first full postdoc (also at UCam) was in contract-driven architectures, and has influenced strongly my ongoing interests in policy compliance checking, deontic logic, law as applied to computing (particularly cloud computing), and abstractions that help map human-level to machine-level concerns and vice versa.

My second full postdoc was on the UK EPSRC SmartFlow project, that investigated decentralised information flow control technology, and developed software techniques that were applied to effect secure information flow within one of the cancer registries within the UK National Health Service (SafeWeb).

The decentralised information flow control within SmartFlow is a type of security middleware that adopts event-based technology. I have maintained interest and research track record in both of these fields, each of which has a dedicated conference: ACM Middleware and ACM Distributed and Event-Based Systems (DEBS). I presently sit on the steering committees of both of these conferences.

I have been an academic at the University of Otago Department of Computer Science since 2011. This appointment has allowed me to broaden my research considerably. I have had, and still have the privilege of working with a talented group of postgraduate students, covering a wide range of topics. The opportunity to work with my colleagues is a enjoyable and enriching: the small scale of the Department allows such collaboration to work very effectively. More broadly across the University, I have been involved in many interdisciplinary research activities, such as the University's "Research Themes", e.g., the Otago Energy Research Centre, and Catchments Otago.

I was a visiting research fellow within the UK EPSRC CloudSafetyNet project. This project significantly progressed both my systems and cloud security research, as can be seen in my publication record. It also allowed me to open up a new field of research that I am keen to further develop: that of whole-system provenance embodied within the open-source CamFlow provenance capture system.

More recently, I have had the opportunity to collaborate with researchers at Imperial College London using hardware capabilities, particularly Arm's Morello prototype CPU. I am very keen to expand research regarding hardware capabilities, both in the systems area, and in the programming languages field.

A sabbatical in the United Kingdom in 2018 facilitated a resurgence of my earlier interests in compliance and accountability. I have been able to initiate collaborative research linked to cloud law, and within accountable systems. This work led to me joining the steering committee of the University of Otago Centre for AI and Public Policy (CAIPP). Collaboration within CAIPP facilitated my involvement within a project investigating social media governance sponsored by the Global Partnership on AI (GPAI). In future, we hope to be able to deploy emerging privacy enhanced technologies to carry out study of the impact on users of social media platforms' recommender algorithms.

In terms of expanding and enjoying international research (social) networks, I have particularly enjoyed my participation in Dagstuhl Seminars:

  • Dagstuhl Seminar 16341 (2016) was entitled "Integrating Process-Oriented and Event-Based Systems"; I was a co-organiser of this event.
  • Dagstuhl Seminar 18181 (2018) was entitled "Towards Accountable Systems"; I was a co-organiser of this event.
  • Dagstuhl Seminar 20071 (2020) was entitled "Foundations of Composite Event Recognition"; I was an attendee.

Soon after I arrived at the University of Otago, I became involved in eResearch advocacy and support. On one hand eResearch supports researchers accessing specialised technology with which to complete their research. On the other, eResearch is about upskilling all researchers with respect to digital tools and techniques. I have chaired the University of Otago eResearch Advisory Group (eRAG) since 2012: in recent years we have run an eResearch @ Otago event annually, to provide updates and information relevant to researchers within the University. Since 2022, I have served on the New Zealand eScience Infrastructure board of directors.

Valid XHTML 1.0 Strict