|
[18]
|
David H. King, Susmit Jha, Divya Muthukumaran, Trent Jaeger, Somesh Jha, and
Sanjit Seshia.
Automating security mediation placement.
In Proceedings of the 19th European Symposium on Programming
(ESOP '10), 2010.
To appear.
[ bib ]
|
|
[19]
|
Joshua Schiffman, Thomas Moyer, Christopher Shal, Trent Jaeger, and Patrick
McDaniel.
Justifying integrity using a Virtual Machine Verifier.
In Proceedings of the 25th Annual Computer Security Applications
Conference (ACSAC '09). ACSA, 2009.
[ bib ]
|
|
[20]
|
Thomas Moyer, Kevin Butler, Joshua Schiffman, Patrick McDaniel, and Trent
Jaeger.
Scalable asynchronous web content attestation.
In Proceedings of the 25th Annual Computer Security Applications
Conference (ACSAC '09). ACSA, 2009.
[ bib ]
|
|
[21]
|
Patrick Traynor, Michael Lin, Machigar Ongtang, Vikhyath Rao, Trent Jaeger,
Patrick McDaniel, and Thomas La Porta.
On cellular botnets: Measuring the impact of malicious devices on a
cellular network core.
In Proceedings of the 16th ACM Conference on Computer and
Communications Security (CCS '09), pages 223-234. ACM, 2009.
[ bib ]
|
|
[22]
|
Vikhyath Rao and Trent Jaeger.
Dynamic access control for multiple stakeholders.
In Proceedings of 14th Symposium on Access Control Models
and Technologies, June 2009.
[ bib |
.pdf ]
|
|
[23]
|
Sandra Rueda, Hayawardh Vijayakumar, and Trent Jaeger.
Analysis of virtual machine system policies.
In Proceedings of 14th Symposium on Access Control Models
and Technologies, June 2009.
[ bib |
.pdf ]
|
|
[24]
|
David H. King, Boniface Hicks, Michael Hicks, and Trent Jaeger.
Implicit Flows: Can't live with 'em, can't live without 'em.
In Proceedings of Fourth International Conference on Information
Systems Security, December 2008.
[ bib |
.pdf ]
|
|
[25]
|
William Enck, Patrick McDaniel, and Trent Jaeger.
PinUP: Pinning user files to known applications.
In Proceedings of the 2008 Annual Computer Security Applications
Conference, December 2008.
[ bib |
.pdf ]
|
|
[26]
|
Albert Tannous, Mohamed Hassan, Stephen E. McLaughlin, Jonathan Trostle, and
Trent Jaeger.
New side channel attacks targeted at passwords.
In Proceedings of the 2008 Annual Computer Security Applications
Conference, December 2008.
[ bib |
.pdf ]
|
|
[27]
|
Sandra Rueda, Yogesh Sreenivasan, and Trent Jaeger.
Flexible configuration for virtual machines.
In Proceedings of the 2nd ACM Computer Security
Architecture Workshop, October 2008.
[ bib |
.pdf ]
|
|
[28]
|
David H. King, Trent Jaeger, Somesh Jha, and Sanjit Seshia.
Effective blame for information-flow violations.
In Proceedings of the 17th ACM SIGSOFT Foundations of
Software Engineering, November 2008.
[ bib |
.pdf ]
|
|
[29]
|
Sandra Rueda, David H. King, and Trent Jaeger.
Verifying compliance of trusted programs.
In Proceedings of the 17th USENIX Security Symposium,
pages 321-334, August 2008.
[ bib |
.pdf ]
|
|
[30]
|
Divya Muthukumaran, Anuj Sawani, Joshua Schiffman, Brian M. Jung, and Trent
Jaeger.
Measuring integrity in mobile phone systems.
In Proceedings of the 13th ACM Symposium on Access Control
Models and Technologies, pages 155-164, June 2008.
[ bib |
.pdf ]
|
|
[31]
|
Luke St. Clair, Joshua Schiffman, Trent Jaeger, and Patrick McDaniel.
Establishing and sustaining system integrity via root of trust
installation.
In Proceedings of the 2007 Annual Computer Security Applications
Conference, pages 19-29, December 2007.
[ bib |
.pdf ]
|
|
[32]
|
William Enck, Sandra Rueda, Yogesh Sreenivasan, Joshua Schiffman, Luke St.
Clair, Trent Jaeger, and Patrick McDaniel.
Protecting users from themselves.
In Proceedings of the First Computer Security Architectures
Workshop, November 2007.
[ bib ]
|
|
[33]
|
Boniface Hicks, Sandra Rueda, Luke St. Clair, Trent Jaeger, and Patrick
McDaniel.
A logical specification and analysis for SELinux MLS policy.
In Proceedings of the 12th ACM Symposium on Access Control
Models and Technologies, pages 91-100, June 2007.
[ bib ]
|
|
[34]
|
Trent Jaeger, Reiner Sailer, and Yogesh Sreenivasan.
Managing the risk of covert information flows in virtual machine
systems.
In Proceedings of the 12th ACM Symposium on Access Control
Models and Technologies, pages 81-90, June 2007.
[ bib ]
|
|
[35]
|
Boniface Hicks, Sandra Rueda, Trent Jaeger, and Patrick McDaniel.
From Trusted to Secure: Building and executing applications that
enforce systems security.
In Proceedings of the 2007 USENIX Annual Technical Conference,
pages 205-218, May 2007.
[ bib ]
|
|
[36]
|
Vinod Ganapathy, David H. King, Trent Jaeger, and Somesh Jha.
Mining security-sensitive operations in legacy code using concept
analysis.
In Proceedings of the 38th International Conference on Software
Engineering, pages 458-467, May 2007.
[ bib ]
|
|
[37]
|
Boniface Hicks, Sandra Rueda, Trent Jaeger, and Patrick McDaniel.
Integration of SELinux and security-typed languages.
In Proceedings of the 2007 Security-Enhanced Linux Workshop,
pages 85-92, March 2007.
[ bib ]
|
|
[38]
|
Jonathon McCune, Stefan Berger, Ramon Caceres, Trent Jaeger, and Reiner Sailer.
Shamon: A system for distributed mandatory access control.
In Proceedings of the 2006 Annual Computer Security Applications
Conference, pages 23-32, December 2006.
[ bib ]
|
|
[39]
|
Luke St. Clair, Lisa Johansen, William Enck, Matthew Pirretti, Patrick Traynor,
Patrick McDaniel, and Trent Jaeger.
Password exhaustion: Predicting the end of password usefulness.
In Proceedings of 2nd International Conference on Information
Systems Security (ICISS), pages 37-55, December 2006.
[ bib ]
|
|
[40]
|
Trent Jaeger, Kevin Butler, David H. King, Serge Hallyn, Joy Latten, and
Xiaolan Zhang.
Leveraging IPsec for mandatory access control across systems.
In Proceedings of the Second International Conference on
Security and Privacy in Communication Networks, August 2006.
[ bib ]
|
|
[41]
|
Trent Jaeger, Patrick McDaniel, Luke St. Clair, Ramon Caceres, and Reiner
Sailer.
Shame on trust in distributed systems.
In Proceedings of the 2006 Workshop on Hot Topics in Security,
August 2006.
[ bib ]
|
|
[42]
|
Xiaolan Zhang, Larry Koved, Marco Pistoia, Sam Weber, Trent Jaeger, and
Guillaume Marceau.
The case for analysis preserving language transformations.
In Proceedings of the 2006 International Symposium on Software
Testing and Analysis, pages 191-201, July 2006.
[ bib ]
|
|
[43]
|
Trent Jaeger, Reiner Sailer, and Ummesh Shankar.
PRIMA: Policy-reduced integrity measurement architecture.
In Proceedings of the 11th ACM Symposium on Access Control
Models and Technologies, pages 19-28, June 2006.
[ bib ]
|
|
[44]
|
Vinod Ganapathy, Trent Jaeger, and Somesh Jha.
Retrofitting legacy code for authorization policy enforcement.
In Proceedings of the 2006 IEEE Symposium on Security and
Privacy, pages 214-229, May 2006.
[ bib ]
|
|
[45]
|
Trent Jaeger.
SELinux protected paths revisited.
In Proceedings of the 2006 Security-Enhanced Linux Workshop,
pages 35-40, March 2006.
[ bib ]
|
|
[46]
|
Vinod Ganapathy, Trent Jaeger, and Somesh Jha.
Towards automated authorization policy enforcement.
In Proceedings of the 2006 Security-Enhanced Linux Workshop,
pages 7-11, March 2006.
[ bib ]
|
|
[47]
|
Umesh Shankar, Trent Jaeger, and Reiner Sailer.
Toward automated information-flow integrity verification for
security-critical applications.
In Proceedings of the 2006 Network and Distributed Systems
Security Symposium, pages 267-280, February 2006.
[ bib ]
|
|
[48]
|
Reiner Sailer, Trent Jaeger, Enriquillo Valdez, Ramon Caceres, Ronald Perez,
Stefan Berger, John Linwood Griffin, and Leendert van Doorn.
Building a MAC-based security architecture for the xen open-source
hypervisor.
In Proceedings of the 2005 Annual Computer Security Applications
Conference, pages 276-285, December 2005.
[ bib ]
|
|
[49]
|
Vinod Ganapathy, Trent Jaeger, and Somesh Jha.
Automatic placement of authorization hooks in the Linux Security
Modules framework.
In Proceedings of the 12th ACM conference on Computer and
communications security, pages 330-339, November 2005.
[ bib ]
|
|
[50]
|
John Linwood Griffin, Trent Jaeger, Ronald Perez, Reiner Sailer, Leendert van
Doorn, and Ramon Caceres architecture.
Trusted virtual domains: Toward secure distributed services.
In Proceedings of the First Workshop on Hot Topics in Systems
Dependability, April 2005.
[ bib ]
|
|
[51]
|
Reiner Sailer, Trent Jaeger, Xiaolan Zhang, and Leendert van Doorn.
Attestation-based policy enforcement for remote access.
In ACM Conference on Computer and Communications Security,
pages 308-317, 2004.
[ bib ]
|
|
[52]
|
Reiner Sailer, Xiaolan Zhang, Trent Jaeger, and Leendert van Doorn.
Design and implementation of a TCG-based integrity measurement
architecture.
In Proceedings of the USENIX Security Symposium, pages
223-238, 2004.
[ bib ]
|
|
[53]
|
Trent Jaeger, Reiner Sailer, and Xiaolan Zhang.
Resolving constraint conflicts.
In Proceedings of the 9th ACM Symposium on Access Control Models
and Technologies, pages 105-114, 2004.
[ bib ]
|
|
[54]
|
Trent Jaeger, Reiner Sailer, and Xiaolan Zhang.
Analyzing integrity protection in the SELinux example policy.
In Proceedings of the 11th USENIX Security Symposium, pages
59-74, August 2003.
[ bib ]
|
|
[55]
|
Antony Edwards, Trent Jaeger, and Xiaolan Zhang.
Runtime verification of authorization hook placement for the Linux
security modules framework.
In Proceedings of the 9th ACM Conference on Computer and
Communications Security, pages 225-234, 2002.
[ bib ]
|
|
[56]
|
Xiaolan Zhang, Leendert van Doorn, Trent Jaeger, Ron Perez, and Reiner
Sailer.
Secure coprocessor-based intrusion detection.
In Proceedings of the Tenth ACM SIGOPS European Workshop,
September 2002.
[ bib ]
|
|
[57]
|
Xiaolan Zhang, Antony Edwards, and Trent Jaeger.
Using CQUAL for static analysis of authorization hook placement.
In Proceedings of the 11th USENIX Security Symposium, pages
33-48, 2002.
[ bib ]
|
|
[58]
|
Trent Jaeger.
Managing access control complexity using metrics.
In Proceedings of the Sixth ACM Symposium on Access Control
Models and Technologies (SACMAT-01), pages 131-152, May 2001.
[ bib ]
|
|
[59]
|
Mohit Aron, Jochen Liedtke, Kevin Elphinstone, Yoonho Park, Trent Jaeger, and
Luke Deller.
The sawmill framework for virtual memory diversity.
In Proceedings of the 2001 Australian Computer Systems
Architecture Conference, pages 3-10, 2001.
[ bib ]
|
|
[60]
|
Jonathon Tidswell and Trent Jaeger.
An access control model for simplifying constraint expression.
In Proceedings of the ACM Conference on Computer and
Communications Security, pages 154-163, 2000.
[ bib ]
|
|
[61]
|
Trent Jaeger, Jonathon Tidswell, Alain Gefflaut, Yoonho Park, Kevin
Elphinstone, and Jochen Liedtke.
Synchronous IPC over transparent monitors.
In Proceedings of the ACM SIGOPS European Workshop, pages
189-194, 2000.
[ bib ]
|
|
[62]
|
Alain Gefflaut, Trent Jaeger, Yoonho Park, Jochen Liedtke, Kevin Elphinstone,
Volkmar Uhlig, Jonathon Tidswell, Luke Deller, and Lars Reuther.
The sawmill multiserver approach.
In Proceedings of the ACM SIGOPS European Workshop, pages
109-114, 2000.
[ bib ]
|
|
[63]
|
Jonathan F. Tidswell and Trent Jaeger.
Integrated constraints and inheritance in DTAC.
In Proceedings of the 5th ACM Workshop on Role-Based Access
Control (RBAC-00), pages 93-102, July 2000.
[ bib ]
|
|
[64]
|
Trent Jaeger.
On the increasing importance of constraints.
In Proceedings of the Fourth ACM Wokshop on Role.Based Access
Control, pages 33-42, October 1999.
[ bib ]
|
|
[65]
|
Trent Jaeger, Tony Michailidis, and Roy Rada.
Access control in a virtual university.
In Proceedings of the Workshops on Enabling Technologies:
Infrastructures for Collaborative Enterprises, pages 135-140, 1999.
[ bib ]
|
|
[66]
|
Jochen Liedtke, Volkmar Uhlig, Kevin Elphinstone, Trent Jaeger, and Yoonho
Park.
How to schedule unlimited memory pinning of untrusted processes or
provisional ideas about service-neutrality.
In Proceedings of the Workshop on Hot Topics in Operating
Systems, pages 153-158, 1999.
[ bib ]
|
|
[67]
|
Trent Jaeger, Kevin Elphinstone, Jochen Liedtke, Vsevolod Panteleenko, and
Yoonho Park.
Flexible access control using IPC redirection.
In Proceedings of the Workshop on Hot Topics in Operating
Systems, pages 191-196, 1999.
[ bib ]
|
|
[68]
|
Trent Jaeger, Jochen Liedtke, and Nayeem Islam.
Operating system protection for fine-grained programs.
In Proceedings of the 7th USENIX Security Symposium
proceedings, 1998.
[ bib ]
|
|
[69]
|
Trent Jaeger, Jochen Liedtke, Vsevolod Panteleenko, Yoonho Park, and Nayeem
Islam.
Security architecture for component-based operating systems.
In Proceedings of the Ninth ACM SIGOPS European Workshop, pages
222-228, 1998.
[ bib ]
|
|
[70]
|
Jochen Liedtke, Nayeem Islam, Trent Jaeger, Vsevolod Panteleenko, and Yoonho
Park.
An unconventional proposal: using the x86 architecture as the
ubiquitous virtual standard architecture.
In Proceedings of the Ninth ACM SIGOPS European Workshop, pages
237-241, 1998.
[ bib ]
|
|
[71]
|
Jochen Liedtke, Vsevolod Panteleenko, Trent Jaeger, and Nayeem Islam.
High-performance caching with the Lava hit-server.
In Proceedings of the USENIX 1998 Annual Technical
Conference, 1998.
[ bib ]
|
|
[72]
|
Trent Jaeger, Frederique Giraud, Nayeem Islam, and Jochen Liedtke.
A role-based access control model for protection domain derivation
and management.
In Proceedings of the 2nd ACM Workshop on Role-Based Access
Control (RBAC-97), pages 95-108, November 1997.
[ bib ]
|
|
[73]
|
Trent Jaeger, Aviel D. Rubin, and Atul Prakash.
Building systems that flexibly control downloaded executable content.
In Proceedings of the 6th USENIX Security Symposium, pages
131-148, July 1996.
[ bib ]
|
|
[74]
|
Trent Jaeger and Atul Prakash.
Implementation of a discretionary access control model for
script-based systems.
In Proceedings of the Eighth Computer Security Foundations
Workshop (CSFW '95), pages 70-84, June 1995.
[ bib ]
|
|
[75]
|
Trent Jaeger and Atul Prakash.
Requirements of role-based access control for collaborative systems.
In Proceedings of the 1st ACM Workshop on Role-Based Access
Control, 1995.
[ bib ]
|
|
[76]
|
Trent Jaeger and Atul Prakash.
Support for the file system security requirements of computational
E-mail systems.
In Proceedings of the 2nd ACM Conference on Computer and
Communications Security, pages 1-9, 1994.
[ bib ]
|