Trent Jaeger

IEEE Secur. Priv., 2023

Nimble: Rollback Protection for Confidential Cloud Services (extended version).

[BibT_eX]

[DOI]

Sudheesh Singanamalla

IACR Cryptol. ePrint Arch., 2023

Top of the Heap: Efficient Memory Error Protection for Many Heap Objects.

[BibT_eX]

[DOI]

CoRR, 2023

PolyScope: Multi-Policy Access Control Analysis to Triage Android Scoped Storage.

[BibT_eX]

[DOI]

CoRR, 2023

Synchronization Storage Channels (S2C): Timer-less Cache Side-Channel Attacks on the Apple M1 via Hardware Synchronization Instructions.

[BibT_eX]

[DOI]

Christopher W. Fletcher

Proceedings of the 32nd USENIX Security Symposium, 2023

Triaging Android Systems Using Bayesian Attack Graphs.

[BibT_eX]

[DOI]

Proceedings of the IEEE Secure Development Conference, 2023

Assessing the Impact of Efficiently Protecting Ten Million Stack Objects from Memory Errors Comprehensively.

[BibT_eX]

[DOI]

Kaiming Huang

Jack Sampson

Proceedings of the IEEE Secure Development Conference, 2023

Nimble: Rollback Protection for Confidential Cloud Services.

[BibT_eX]

[DOI]

Sudheesh Singanamalla

Proceedings of the 17th USENIX Symposium on Operating Systems Design and Implementation, 2023

All Your PC Are Belong to Us: Exploiting Non-control-Transfer Instruction BTB Updates for Dynamic PC Extraction.

[BibT_eX]

[DOI]

Jiyong Yu

Christopher Wardlaw Fletcher

Proceedings of the 50th Annual International Symposium on Computer Architecture, 2023

Evolving Operating System Kernels Towards Secure Kernel-Driver Interfaces.

[BibT_eX]

[DOI]

Proceedings of the 19th Workshop on Hot Topics in Operating Systems, 2023

Unsafe at Any Copy: Name Collisions from Mixing Case Sensitivities.

[BibT_eX]

[DOI]

Proceedings of the 21st USENIX Conference on File and Storage Technologies, 2023

No Free Lunch: On the Increased Code Reuse Attack Surface of Obfuscated Programs.

[BibT_eX]

[DOI]

Proceedings of the 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Network, 2023

2022

Enforcing Multilevel Security Policies in Unstable Networks.

[BibT_eX]

[DOI]

IEEE Trans. Netw. Serv. Manag., 2022

Adversarial Plannning.

[BibT_eX]

[DOI]

Valentin Vie

Ryan Sheatsley

Sophia Beyda

Sushrut Shringarputale

Kevin S. Chan

CoRR, 2022

Pagoda: Towards Binary Code Privacy Protection with SGX-based Execute-Only Memory.

[BibT_eX]

[DOI]

Jiyong Yu

Christopher W. Fletcher

Weidong Cui

Proceedings of the 2022 IEEE International Symposium on Secure and Private Execution Environment Design (SEED), 2022

KSplit: Automating Device Driver Isolation.

[BibT_eX]

[DOI]

Proceedings of the 16th USENIX Symposium on Operating Systems Design and Implementation, 2022

Progressive Scrutiny: Incremental Detection of UBI bugs in the Linux Kernel.

[BibT_eX]

[DOI]

Paul L. Yu

Proceedings of the 29th Annual Network and Distributed System Security Symposium, 2022

The Taming of the Stack: Isolating Stack Data from Memory Errors.

[BibT_eX]

[DOI]

Proceedings of the 29th Annual Network and Distributed System Security Symposium, 2022

IOTA: A Framework for Analyzing System-Level Security of IoTs.

[BibT_eX]

[DOI]

Proceedings of the Seventh IEEE/ACM International Conference on Internet-of-Things Design and Implementation, 2022

2021

MLSNet: A Policy Complying Multilevel Security Framework for Software Defined Networking.

[BibT_eX]

[DOI]

IEEE Trans. Netw. Serv. Manag., 2021

Exploitation Techniques for Data-oriented Attacks with Existing and Potential Defense Approaches.

[BibT_eX]

[DOI]

ACM Trans. Priv. Secur., 2021

SolarWinds and the Challenges of Patching: Can We Ever Stop Dancing With the Devil?

[BibT_eX]

[DOI]

Fabio Massacci

Sean Peisert

IEEE Secur. Priv., 2021

Demystifying Android's Scoped Storage Defense.

[BibT_eX]

[DOI]

IEEE Secur. Priv., 2021

Toward Fail Safety for Security Decisions.

[BibT_eX]

[DOI]

IEEE Secur. Priv., 2021

Towards Practical Integrity in the Smart Home with HomeEndorser.

[BibT_eX]

[DOI]

Kaushal Kafle

Kirti Jagtap

Mansoor Ahmed-Rengers

Adwait Nadkarni

CoRR, 2021

Analyzing the Overhead of Filesystem Protection Using Linux Security Modules.

[BibT_eX]

[DOI]

Wenhui Zhang

Peng Liu

CoRR, 2021

A Survey on Sensor-Based Threats and Attacks to Smart Devices and Applications.

[BibT_eX]

[DOI]

IEEE Commun. Surv. Tutorials, 2021

PolyScope: Multi-Policy Access Control Analysis to Compute Authorized Attack Operations in Android Systems.

[BibT_eX]

[DOI]

Proceedings of the 30th USENIX Security Symposium, 2021

Fine-grained Program Partitioning for Security.

[BibT_eX]

[DOI]

Zhen Huang

Gang Tan

Proceedings of the EuroSec '21: Proceedings of the 14th European Workshop on Systems Security, 2021

Analyzing the Overhead of File Protection by Linux Security Modules.

[BibT_eX]

[DOI]

Wenhui Zhang

Peng Liu

Proceedings of the ASIA CCS '21: ACM Asia Conference on Computer and Communications Security, 2021

2020

Using Safety Properties to Generate Vulnerability Patches.

[BibT_eX]

[DOI]

Hardware Assisted Buffer Protection Mechanisms for Embedded RISC-V.

[BibT_eX]

[DOI]

IEEE Trans. Comput. Aided Des. Integr. Circuits Syst., 2020

PolyScope: Multi-Policy Access Control Analysis to Triage Android Systems.

[BibT_eX]

[DOI]

CoRR, 2020

Lightweight kernel isolation with virtualization and VM functions.

[BibT_eX]

[DOI]

Proceedings of the VEE '20: 16th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, 2020

Types and Abstract Interpretation for Authorization Hook Advice.

[BibT_eX]

[DOI]

Proceedings of the 33rd IEEE Computer Security Foundations Symposium, 2020

Static Analysis Opportunities for Improving Agile and Moving Target Defenses.

[BibT_eX]

[DOI]

Proceedings of the 7th ACM Workshop on Moving Target Defense, 2020

2019

Building a Trustworthy Execution Environment to Defeat Exploits from both Cyber Space and Physical Space for ARM.

[BibT_eX]

[DOI]

IEEE Trans. Dependable Secur. Comput., 2019

Exploitation Techniques and Defenses for Data-Oriented Attacks.

[BibT_eX]

[DOI]

CoRR, 2019

EnTrust: Regulating Sensor Access by Cooperating Programs via Delegation Graphs.

[BibT_eX]

[DOI]

Proceedings of the 28th USENIX Security Symposium, 2019

Exploitation Techniques and Defenses for Data-Oriented Attacks.

[BibT_eX]

[DOI]

Proceedings of the 2019 IEEE Cybersecurity Development, 2019

Employing attack graphs for intrusion detection.

[BibT_eX]

[DOI]

Zhiyun Qian

Mathias Payer

Paul L. Yu

Proceedings of the NSPW '19: New Security Paradigms Workshop, 2019

ForeSee: A Cross-Layer Vulnerability Detection Framework for the Internet of Things.

[BibT_eX]

[DOI]

Proceedings of the 16th IEEE International Conference on Mobile Ad Hoc and Sensor Systems, 2019

FIXER: Flow Integrity Extensions for Embedded RISC-V.

[BibT_eX]

[DOI]

Proceedings of the Design, Automation & Test in Europe Conference & Exhibition, 2019

Program-mandering: Quantitative Privilege Separation.

[BibT_eX]

[DOI]

Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019

2018

Regulating Access to System Sensors in Cooperating Programs.

[BibT_eX]

[DOI]

CoRR, 2018

A Survey on Sensor-based Threats to Internet-of-Things (IoT) Devices and Applications.

[BibT_eX]

[DOI]

CoRR, 2018

Security Namespace: Making Linux Security Frameworks Available to Containers.

[BibT_eX]

[DOI]

Proceedings of the 27th USENIX Security Symposium, 2018

Mission-Oriented Security Model, Incorporating Security Risk, Cost and Payout.

[BibT_eX]

[DOI]

Sayed M. Saghaian N. E.

Proceedings of the Security and Privacy in Communication Networks, 2018

Block Oriented Programming: Automating Data-Only Attacks.

[BibT_eX]

[DOI]

Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018

2017

Taming the Costs of Trustworthy Provenance through Policy Reduction.

[BibT_eX]

[DOI]

ACM Trans. Internet Techn., 2017

Long-Span Program Behavior Modeling and Attack Detection.

[BibT_eX]

[DOI]

ACM Trans. Priv. Secur., 2017

Building on the Success of Building Security In.

[BibT_eX]

[DOI]

IEEE Secur. Priv., 2017

AWare: Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings.

[BibT_eX]

[DOI]

Proceedings of the 26th USENIX Security Symposium, 2017

ACCESSPROV: Tracking the Provenance of Access Control Decisions.

[BibT_eX]

[DOI]

Frank Capobianco

Christian Skalka

Proceedings of the 9th USENIX Workshop on the Theory and Practice of Provenance, 2017

Adversarial Network Forensics in Software Defined Networking: Demo.

[BibT_eX]

[DOI]

Proceedings of the Symposium on SDN Research, 2017

Adversarial Network Forensics in Software Defined Networking.

[BibT_eX]

[DOI]

Proceedings of the Symposium on SDN Research, 2017

On Risk in Access Control Enforcement.

[BibT_eX]

[DOI]

Proceedings of the 22nd ACM on Symposium on Access Control Models and Technologies, 2017

An Evil Copy: How the Loader Betrays You.

[BibT_eX]

[DOI]

Mathias Payer

Proceedings of the 24th Annual Network and Distributed System Security Symposium, 2017

TrustShadow: Secure Execution of Unmodified Applications with ARM TrustZone.

[BibT_eX]

[DOI]

Proceedings of the 15th Annual International Conference on Mobile Systems, 2017

Jaal: Towards Network Intrusion Detection at ISP Scale.

[BibT_eX]

[DOI]

Azeem Aqil

Karim Khalil

Ahmed Osama Fathy Atya

Evangelos E. Papalexakis

Proceedings of the 13th International Conference on emerging Networking EXperiments and Technologies, 2017

CFG Construction Soundness in Control-Flow Integrity.

[BibT_eX]

[DOI]

Gang Tan

Proceedings of the 2017 Workshop on Programming Languages and Analysis for Security, 2017

PtrSplit: Supporting General Pointers in Automatic Program Partitioning.

[BibT_eX]

[DOI]

Shen Liu

Gang Tan

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

GRIFFIN: Guarding Control Flows Using Intel Processor Trace.

[BibT_eX]

[DOI]

Weidong Cui

Proceedings of the Twenty-Second International Conference on Architectural Support for Programming Languages and Operating Systems, 2017

2016

Aware: Controlling App Access to I/O Devices on Mobile Platforms.

[BibT_eX]

[DOI]

CoRR, 2016

Maintaining Authorization Hook Placements Across Program Versions.

[BibT_eX]

[DOI]

Proceedings of the IEEE Cybersecurity Development, 2016

Leveraging Data Provenance to Enhance Cyber Resilience.

[BibT_eX]

[DOI]

Proceedings of the IEEE Cybersecurity Development, 2016

Configuring Software and Systems for Defense-in-Depth.

[BibT_eX]

[DOI]

Proceedings of the 2016 ACM Workshop on Automated Decision Making for Active Cyber Defense, 2016

Agility maneuvers to mitigate inference attacks on sensed location data.

[BibT_eX]

[DOI]

Proceedings of the 2016 IEEE Military Communications Conference, 2016

Fine-Grained Control-Flow Integrity for Kernel Software.

[BibT_eX]

[DOI]

Proceedings of the IEEE European Symposium on Security and Privacy, 2016

Pileus: protecting user resources from vulnerable cloud services.

[BibT_eX]

[DOI]

Proceedings of the 32nd Annual Conference on Computer Security Applications, 2016

2015

Designing for Attack Surfaces: Keep Your Friends Close, but Your Enemies Closer.

[BibT_eX]

[DOI]

Proceedings of the Security, Privacy, and Applied Cryptography Engineering, 2015

Challenges in Making Access Control Sensitive to the "Right" Contexts.

[BibT_eX]

[DOI]

Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, 2015

A diagnosis based intrusion detection approach.

[BibT_eX]

[DOI]

Conner Jackson

Karl N. Levitt

Jeff Rowe

Ananthram Swami

Proceedings of the 34th IEEE Military Communications Conference, 2015

Detection of stealthy TCP-based DoS attacks.

[BibT_eX]

[DOI]

Azeem Aqil

Ahmed Osama Fathy Atya

Proceedings of the 34th IEEE Military Communications Conference, 2015

Producing Hook Placements to Enforce Expected Access Control Policies.

[BibT_eX]

[DOI]

Proceedings of the Engineering Secure Software and Systems - 7th International Symposium, 2015

Security-as-a-Service for Microservices-Based Cloud Applications.

[BibT_eX]

[DOI]

Susanta Nanda

Proceedings of the 7th IEEE International Conference on Cloud Computing Technology and Science, 2015

AuDroid: Preventing Attacks on Audio Channels in Mobile Devices.

[BibT_eX]

[DOI]

Proceedings of the 31st Annual Computer Security Applications Conference, 2015

Cloud Armor: Protecting Cloud Commands from Compromised Cloud Services.

[BibT_eX]

[DOI]

Giuseppe Petracca

Proceedings of the 8th IEEE International Conference on Cloud Computing, 2015

2014

Sprobes: Enforcing Kernel Code Integrity on the TrustZone Architecture.

[BibT_eX]

[DOI]

CoRR, 2014

Directed Multicut with linearly ordered terminals.

[BibT_eX]

[DOI]

CoRR, 2014

JIGSAW: Protecting Resource Access by Inferring Programmer Expectations.

[BibT_eX]

[DOI]

Mathias Payer

Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014

Policy models to protect resource retrieval.

[BibT_eX]

[DOI]

Proceedings of the 19th ACM Symposium on Access Control Models and Technologies, 2014

Monitor placement for large-scale systems.

[BibT_eX]

[DOI]

Proceedings of the 19th ACM Symposium on Access Control Models and Technologies, 2014

Inevitable Failure: The Flawed Trust Assumption in the Cloud.

[BibT_eX]

[DOI]

Giuseppe Petracca

Proceedings of the 6th edition of the ACM Workshop on Cloud Computing Security, 2014

Security and Science of Agility.

[BibT_eX]

[DOI]

Iulian Neamtiu

Proceedings of the First ACM Workshop on Moving Target Defense, 2014

2013

Cloud Verifier: Verifiable Auditing Service for IaaS Clouds.

[BibT_eX]

[DOI]

Proceedings of the IEEE Ninth World Congress on Services, 2013

Process firewalls: protecting processes during resource access.

[BibT_eX]

[DOI]

Proceedings of the Eighth Eurosys Conference 2013, 2013

Using Security Policies to Automate Placement of Network Intrusion Prevention.

[BibT_eX]

[DOI]

Proceedings of the Engineering Secure Software and Systems - 5th International Symposium, 2013

Pitfalls in the automated strengthening of passwords.

[BibT_eX]

[DOI]

David Schmidt

Proceedings of the Annual Computer Security Applications Conference, 2013

2012

Scalable Web Content Attestation.

[BibT_eX]

[DOI]

IEEE Trans. Computers, 2012

Lessons from VAX/SVS for High-Assurance VM Systems.

[BibT_eX]

[DOI]

Steve Lipner

Mary Ellen Zurko

IEEE Secur. Priv., 2012

STING: Finding Name Resolution Vulnerabilities in Programs.

[BibT_eX]

[DOI]

Proceedings of the 21th USENIX Security Symposium, Bellevue, WA, USA, August 8-10, 2012, 2012

Verifying System Integrity by Proxy.

[BibT_eX]

[DOI]

Proceedings of the Trust and Trustworthy Computing - 5th International Conference, 2012

The Right Files at the Right Time.

[BibT_eX]

[DOI]

Proceedings of the Automated Security Management [papers from SafeConfig 2012, 2012

Integrity walls: finding attack surfaces from mandatory access control policies.

[BibT_eX]

[DOI]

Proceedings of the 7th ACM Symposium on Information, Compuer and Communications Security, 2012

Leveraging "choice" to automate authorization hook placement.

[BibT_eX]

[DOI]

Divya Muthukumaran

Vinod Ganapathy

Proceedings of the ACM Conference on Computer and Communications Security, 2012

Scalable Integrity-Guaranteed AJAX.

[BibT_eX]

[DOI]

Thomas Moyer

Proceedings of the Web Technologies and Applications - 14th Asia-Pacific Web Conference, 2012

Transforming commodity security policies to enforce Clark-Wilson integrity.

[BibT_eX]

[DOI]

Divya Muthukumaran

Nirupama Talele

Jason Teutsch

Proceedings of the 28th Annual Computer Security Applications Conference, 2012

2011

Reference Monitor.

[BibT_eX]

[DOI]

Proceedings of the Encyclopedia of Cryptography and Security, 2nd Ed., 2011

From mobile phones to responsible devices.

[BibT_eX]

[DOI]

Secur. Commun. Networks, 2011

Protecting the integrity of trusted applications in mobile phone systems.

[BibT_eX]

[DOI]

Secur. Commun. Networks, 2011

Network-Based Root of Trust for Installation.

[BibT_eX]

[DOI]

IEEE Secur. Priv., 2011

Countering unauthorized code execution on commodity kernels: A survey of common interfaces allowing kernel code modification.

[BibT_eX]

[DOI]

Paul C. van Oorschot

Glenn Wurster

Comput. Secur., 2011

A Rose by Any Other Name or an Insane Root? Adventures in Name Resolution.

[BibT_eX]

[DOI]

Proceedings of the Seventh European Conference on Computer Network Defense, 2011

2010

A logical specification and analysis for SELinux MLS policy.

[BibT_eX]

[DOI]

ACM Trans. Inf. Syst. Secur., 2010

Outlook: Cloudy with a Chance of Security Challenges and Improvements.

[BibT_eX]

[DOI]

IEEE Secur. Priv., 2010

Cut me some security.

[BibT_eX]

[DOI]

Divya Muthukumaran

Proceedings of the 3rd ACM Workshop on Assurable and Usable Security Configuration, 2010

An architecture for enforcing end-to-end access control over web applications.

[BibT_eX]

[DOI]

Proceedings of the 15th ACM Symposium on Access Control Models and Technologies, 2010

Automating Security Mediation Placement.

[BibT_eX]

[DOI]

Proceedings of the Programming Languages and Systems, 2010

Seeding clouds with trust anchors.

[BibT_eX]

[DOI]

Thomas Moyer

Proceedings of the 2nd ACM Cloud Computing Security Workshop, 2010

2009

Designing System-Level Defenses against Cellphone Malware.

[BibT_eX]

[DOI]

Proceedings of the 28th IEEE Symposium on Reliable Distributed Systems (SRDS 2009), 2009

Analysis of virtual machine system policies.

[BibT_eX]

[DOI]

Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, 2009

Dynamic mandatory access control for multiple stakeholders.

[BibT_eX]

[DOI]

Vikhyath Rao

Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, 2009

On cellular botnets: measuring the impact of malicious devices on a cellular network core.

[BibT_eX]

[DOI]

Proceedings of the 2009 ACM Conference on Computer and Communications Security, 2009

Justifying Integrity Using a Virtual Machine Verifier.

[BibT_eX]

[DOI]

Proceedings of the Twenty-Fifth Annual Computer Security Applications Conference, 2009

2008

Operating System Security

[BibT_eX]

[DOI]

Synthesis Lectures on Information Security, Privacy, and Trust, Morgan & Claypool Publishers, ISBN: 978-3-031-02333-0, 2008

A systematic approach for cell-phone worm containment.

[BibT_eX]

[DOI]

Proceedings of the 17th International Conference on World Wide Web, 2008

Verifying Compliance of Trusted Programs.

[BibT_eX]

[DOI]

Dave King

Proceedings of the 17th USENIX Security Symposium, 2008

Effective blame for information-flow violations.

[BibT_eX]

[DOI]

Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of Software Engineering, 2008

Measuring integrity on mobile phone systems.

[BibT_eX]

[DOI]

Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, 2008

Implicit Flows: Can't Live with 'Em, Can't Live without 'Em.

[BibT_eX]

[DOI]

Proceedings of the Information Systems Security, 4th International Conference, 2008

Flexible security configuration for virtual machines.

[BibT_eX]

[DOI]

Yogesh Sreenivasan

Proceedings of the 2nd ACM Workshop on Computer Security Architecture, 2008

New Side Channels Targeted at Passwords.

[BibT_eX]

[DOI]

Albert Tannous

Jonathan T. Trostle

Mohamed Hassan

Stephen E. McLaughlin

Proceedings of the Twenty-Fourth Annual Computer Security Applications Conference, 2008

PinUP: Pinning User Files to Known Applications.

[BibT_eX]

[DOI]

Proceedings of the Twenty-Fourth Annual Computer Security Applications Conference, 2008

2007

From Trusted to Secure: Building and Executing Applications That Enforce System Security.

[BibT_eX]

[DOI]

Proceedings of the 2007 USENIX Annual Technical Conference, 2007

Managing the risk of covert information flows in virtual machine systems.

[BibT_eX]

[DOI]

Yogesh Sreenivasan

Proceedings of the 12th ACM Symposium on Access Control Models and Technologies, 2007

Mining Security-Sensitive Operations in Legacy Code Using Concept Analysis.

[BibT_eX]

[DOI]

Proceedings of the 29th International Conference on Software Engineering (ICSE 2007), 2007

Protecting users from "themselves".

[BibT_eX]

[DOI]

Proceedings of the 2007 ACM workshop on Computer Security Architecture, 2007

Establishing and Sustaining System Integrity via Root of Trust Installation.

[BibT_eX]

[DOI]

Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC 2007), 2007

2006

Shame on Trust in Distributed Systems.

[BibT_eX]

[DOI]

Proceedings of the 1st USENIX Workshop on Hot Topics in Security, 2006

Retrofitting Legacy Code for Authorization Policy Enforcement.

[BibT_eX]

[DOI]

Vinod Ganapathy

Somesh Jha

Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P 2006), 2006

Leveraging IPsec for Mandatory Per-Packet Access Control.

[BibT_eX]

[DOI]

Proceedings of the Second International Conference on Security and Privacy in Communication Networks and the Workshops, 2006

PRIMA: policy-reduced integrity measurement architecture.

[BibT_eX]

[DOI]

Umesh Shankar

Proceedings of the 11th ACM Symposium on Access Control Models and Technologies, 2006

Toward Automated Information-Flow Integrity Verification for Security-Critical Applications.

[BibT_eX]

[DOI]

Umesh Shankar

Proceedings of the Network and Distributed System Security Symposium, 2006

The case for analysis preserving language transformation.

[BibT_eX]

[DOI]

Proceedings of the ACM/SIGSOFT International Symposium on Software Testing and Analysis, 2006

Password Exhaustion: Predicting the End of Password Usefulness.

[BibT_eX]

[DOI]

Proceedings of the Information Systems Security, Second International Conference, 2006

Shamon: A System for Distributed Mandatory Access Control.

[BibT_eX]

[DOI]

Proceedings of the 22nd Annual Computer Security Applications Conference (ACSAC 2006), 2006

2005

Automatic placement of authorization hooks in the linux security modules framework.

[BibT_eX]

[DOI]

Vinod Ganapathy

Somesh Jha

Proceedings of the 12th ACM Conference on Computer and Communications Security, 2005

Building a MAC-Based Security Architecture for the Xen Open-Source Hypervisor.

[BibT_eX]

[DOI]

Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC 2005), 2005

2004

Consistency analysis of authorization hook placement in the Linux security modules framework.

[BibT_eX]

[DOI]

ACM Trans. Inf. Syst. Secur., 2004

Design and Implementation of a TCG-based Integrity Measurement Architecture.

[BibT_eX]

[DOI]

Proceedings of the 13th USENIX Security Symposium, August 9-13, 2004, San Diego, CA, USA, 2004

Resolving constraint conflicts.

[BibT_eX]

[DOI]

Proceedings of the 9th ACM Symposium on Access Control Models and Technologies, 2004

Attestation-based policy enforcement for remote access.

[BibT_eX]

[DOI]

Proceedings of the 11th ACM Conference on Computer and Communications Security, 2004

2003

Policy management using access control spaces.

[BibT_eX]

[DOI]

ACM Trans. Inf. Syst. Secur., 2003

Analyzing Integrity Protection in the SELinux Example Policy.

[BibT_eX]

[DOI]

Proceedings of the 12th USENIX Security Symposium, Washington, D.C., USA, August 4-8, 2003, 2003

2002

Using CQUAL for Static Analysis of Authorization Hook Placement.

[BibT_eX]

[DOI]

Proceedings of the 11th USENIX Security Symposium, 2002

Secure coprocessor-based intrusion detection.

[BibT_eX]

[DOI]

Proceedings of the 10th ACM SIGOPS European Workshop, Saint-Emilion, France, July 1, 2002, 2002

Gaining and maintaining confidence in operating systems security.

[BibT_eX]

[DOI]

Proceedings of the 10th ACM SIGOPS European Workshop, Saint-Emilion, France, July 1, 2002, 2002

Managing access control policies using access control spaces.

[BibT_eX]

[DOI]

Proceedings of the 7th ACM Symposium on Access Control Models and Technologies, 2002

Cool security trends.

[BibT_eX]

[DOI]

Proceedings of the 7th ACM Symposium on Access Control Models and Technologies, 2002

Making access control more usable.

[BibT_eX]

[DOI]

Proceedings of the 7th ACM Symposium on Access Control Models and Technologies, 2002

Runtime verification of authorization hook placement for the linux security modules framework.

[BibT_eX]

[DOI]

Proceedings of the 9th ACM Conference on Computer and Communications Security, 2002

2001

Practical safety in flexible access control models.

[BibT_eX]

[DOI]

ACM Trans. Inf. Syst. Secur., 2001

Panel: The next generation of acess control models (panel session): do we need them and what should they be?

[BibT_eX]

[DOI]

Proceedings of the 6th ACM Symposium on Access Control Models and Technologies, 2001

Managing access control complexity using metrices.

[BibT_eX]

[DOI]

Proceedings of the 6th ACM Symposium on Access Control Models and Technologies, 2001

The SawMill Framework for Virtual Memory Diversity.

[BibT_eX]

[DOI]

Proceedings of the 6th Australasian Computer Systems Architecture Conference (ACSAC 2001), 2001

2000

Synchronous IPC over transparent monitors.

[BibT_eX]

[DOI]

Proceedings of the 9th ACM SIGOPS European Workshop, 2000

The SawMill multiserver approach.

[BibT_eX]

[DOI]

Proceedings of the 9th ACM SIGOPS European Workshop, 2000

Integrated constraints and inheritance in DTAC.

[BibT_eX]

[DOI]

Proceedings of the Fifth ACM Workshop on Role-Based Access Control, 2000

Rebuttal to the NIST RBAC model proposal.

[BibT_eX]

[DOI]

Proceedings of the Fifth ACM Workshop on Role-Based Access Control, 2000

An access control model for simplifying constraint expression.

[BibT_eX]

[DOI]

Proceedings of the CCS 2000, 2000

1999

Flexible Control of Downloaded Executable Content.

[BibT_eX]

[DOI]

ACM Trans. Inf. Syst. Secur., 1999

Access Control in a Virtual University.

[BibT_eX]

[DOI]

Tony Michailidis

Roy Rada

Proceedings of the 8th Workshop on Enabling Technologies (WETICE '99), 1999

On the Increasing Importance of Constraints.

[BibT_eX]

[DOI]

Proceedings of the Fourth ACM Workshop on Role-Based Access Control, 1999

How To Schedule Unlimited Memory Pinning of Untrusted Processes Or Provisional Ideas about Service-Neutrality.

[BibT_eX]

[DOI]

Proceedings of The Seventh Workshop on Hot Topics in Operating Systems, 1999

Flexible Access Control using IPC Redirection.

[BibT_eX]

[DOI]

Proceedings of The Seventh Workshop on Hot Topics in Operating Systems, 1999

Access Control in Configurable Systems.

[BibT_eX]

[DOI]

Proceedings of the Secure Internet Programming, 1999

1998

Operating System Protection for Fine-Grained Programs.

[BibT_eX]

[DOI]

Jochen Liedtke

Nayeem Islam

Proceedings of the 7th USENIX Security Symposium, 1998

High-Performance Caching With The Lava Hit-Server.

[BibT_eX]

[DOI]

Proceedings of the 1998 USENIX Annual Technical Conference, 1998

Irreproducible benchmarks might be sometimes helpful.

[BibT_eX]

[DOI]

Proceedings of the 8th ACM SIGOPS European Workshop: Support for Composing Distributed Applications, 1998

An unconventional proposal: using the x86 architecture as the ubiquitous virtual standard architecture.

[BibT_eX]

[DOI]

Proceedings of the 8th ACM SIGOPS European Workshop: Support for Composing Distributed Applications, 1998

Security architecture for component-based operating systems.

[BibT_eX]

[DOI]

Proceedings of the 8th ACM SIGOPS European Workshop: Support for Composing Distributed Applications, 1998

1997

Flexible control of downloaded executable content.

[BibT_eX]

[DOI]

PhD thesis, 1997

A Flexible Security System for Using Internet Content.

[BibT_eX]

[DOI]

IEEE Softw., 1997

A Flexible Security Model for Using Internet Content.

[BibT_eX]

[DOI]

Proceedings of the Sixteenth Symposium on Reliable Distributed Systems, 1997

A role-based access control model for protection domain derivation and management.

[BibT_eX]

[DOI]

Proceedings of the Second Workshop on Role-Based Access Control, 1997

Preventing Denial-of-Service Attacks on a µ-Kernel for WebOSes.

[BibT_eX]

[DOI]

Jochen Liedtke

Nayeem Islam

Proceedings of The Sixth Workshop on Hot Topics in Operating Systems, 1997

Achieved IPC Performance.

[BibT_eX]

[DOI]

Proceedings of The Sixth Workshop on Hot Topics in Operating Systems, 1997

1996

Building Systems That Flexibly Download Executable Content.

[BibT_eX]

[DOI]

Proceedings of the 6th USENIX Security Symposium, San Jose, CA, USA, July 22-25, 1996, 1996

Preserving Integrity in Remote File Location and Retrieval.

[BibT_eX]

[DOI]

Aviel D. Rubin

Proceedings of the 1996 Symposium on Network and Distributed System Security, 1996

Supporting Multi-User, Multi-Applet Workspaces in CBE.

[BibT_eX]

[DOI]

Proceedings of the CSCW '96, 1996

1995

Representation and Adaptation of Organization Coordination Knowledge for Autonomous Agent Systems.

[BibT_eX]

Proceedings of the SEKE'95, 1995

Requirements of role-based access control for collaborative systems.

[BibT_eX]

[DOI]

Proceedings of the First ACM Workshop on Role-Based Access Control, 1995

Management and utilization of knowledge for the automatic improvement of workflow performance.

[BibT_eX]

[DOI]

Proceedings of the Conference on Organizational Computing Systems, 1995

Implementation of a discretionary access control model for script-based systems.

[BibT_eX]

[DOI]

Proceedings of the Eighth IEEE Computer Security Foundations Workshop (CSFW '95), 1995

1994

A Framework for Automatic Improvement of Workflows to Meet Performance Goals.

[BibT_eX]

[DOI]

Masayuki Ishikawa

Proceedings of the Sixth International Conference on Tools with Artificial Intelligence, 1994

Support for the File System Security Requirements of Computational E-Mail Systems.

[BibT_eX]

[DOI]

Proceedings of the CCS '94, 1994

1993

BIZSPEC: A Business-Oriented Model for Specification and Analysis of Office Information Systems.

[BibT_eX]