Stanford Security Lunch

Abstract: Generative AI has enabled a new agentic computing paradigm, in which systems rely on machine learning models to interpret and act on user requests expressed in natural language. While this paradigm promises powerful capabilities, it also introduces serious security, privacy, and safety risks. A central question is: how can we design agentic systems that capture the benefits of the new agentic computing paradigm while still providing strong security, privacy, and safety properties? In this talk, I present a research agenda inspired by decades of work in conventional systems security. I argue that agentic systems at their core remain computing systems, and foundational security principles can be adapted to provide strong security and privacy properties for agentic systems. Furthermore, meaningful human oversight is essential to rein in agentic behaviors, given that today's GenAI models remain unreliable.

Bio: Umar Iqbal is an Assistant Professor in the Department of Computer Science & Engineering at Washington University in St. Louis. His research focuses on computer security and privacy, with a recent emphasis on agentic systems. He is a recipient of ACM IMC Best Paper Award (2023), Caspar Bowden Runner-Up Award for Outstanding Research in Privacy Enhancing Technologies (2024), CRA/NSF Computing Innovation Fellowship (2021), and the University of Iowa Research Excellence Award (2021). You can find more about him on his webpage: https://umariqbal.com