I'm Aaron, a PhD student at Princeton University working with Mike Freedman. My research focuses on exploiting regularity in the structure of modern web applications to improve different aspects of those applications. Generally speaking, I am interested in distributed systems, security and information privacy.
Previously, I attended MIT and received a pair of bachelor's degrees. I received my M.Eng in 2011 advised by Barbara Liskov while working in the Programming Methodology Group on Distributed Information Flow Control and Secure Audit Trail Analysis. My thesis was titled Analyzing Audit Trails in the Aeolus Security Platform.
My current work investigates how web applications' data access patterns can inform cache eviction strategies. In particular, by incorporating varying decay rates for different items in the cache, the eviction strategy is able to perform better than prior strategies on web-like workloads. However, these varying decays introduce reorderings that are not easily implemented using classical queue structures, and so this work requires new approaches to managing item priorities. I spent the summer of 2015 at MSR New York working on this project with Sid Sen.
Passe explores alternative programming models and mechanisms for securing application data. Many modern applications rely on a centralized and logically separate shared data store. By ensuring that only "normal" queries can execute on this data store, certain confidentiality and integrity guarantees can be provided for application data even while the application itself is compromised by attackers. This model allows application programmers to use already familiar interfaces without any explicit security specifications. Developers need only execute our analysis tool on their applications. I made a poster for this work which may serve as a handy infographic for those interested.
A paper on this work appeared at the 2014 IEEE Symposium on Security and Privacy.
As a research intern at MSR Cambridge with Miguel Castro and Manuel Costa in the summers of 2013 and 2014, I helped investigate the impact of garbage collection on performance sensitive code. In systems with large memory capacity, high memory utilization, and small objects, modern GCs can introduce application stalls on the order of tens of seconds, which is unacceptable for systems applications such as key-value stores and databases. However, GCs are relied on to provide temporal memory safety. In my internship, I helped developed a prototype variant of C# with manual memory management and temporal memory safety achieved with compiler-inserted checks.