Current Projects

• Shared Reference Monitor Systems: Shamon: A distributed systems security enforcement architecture based on establishing reference monitor guarantees for security enforcement software across a set of machines
• Retrofitting for Security: (Mostly) automated generation of security code and conversion of ordinary programs into secure programs
• Information Flow Policy Design, Analysis, and Enforcement: Research in security policy analysis and design that would enable practical information flow guarantees and supporting enforcement mechanisms
• Network Mandatory Access Control: Per-packet mandatory access control in Linux and supporting models and applications

Recent Projects

• Linux Security Analysis: Applying policy and source code analysis to improving Linux Security.
• Linux Integrity Measurement Architecture: Application of the TCG TPM to integrity measurement for Linux systems and applications