Joshua Serratelli Schiffman

Home | Publications | Vita | Teaching | Contact

Publications:

Journal | Conference | Workshops | Misc | Tech Reports | Patents | Invited Talks

Journals

  1. Thomas Moyer, Kevin Butler, Joshua Schiffman, Patrick McDaniel, and Trent Jaeger. Scalable Web Content Attestation. IEEE Transactions on Computers. 2011. To appear.

  2. Joshua Schiffman, Thomas Moyer, Trent Jaeger, and Patrick McDaniel. Network-based Root of Trust for Installation. IEEE Security & Privacy. 9(1), 40-48, Jan.-Feb. 2011.

  3. Divya Muthukumaran, Joshua Schiffman, Mohamed Hassan, Anuj Sawani, Vikhyath Rao, Trent Jaeger, Protecting the Integrity of Trusted Applications in Mobile Phone Systems, Security and Communication Networks, Volume 4, Issue 6, pages 633-650, June 2011 [PDF]

  4. Trent Jaeger and Joshua Schiffman, Outlook: Cloudy with a Chance of Security Challenges and Improvements, IEEE Security & Privacy, 8(1), 77-80, Jan.-Feb. 2010

  5. Lee, K.C.K., Schiffman J., Zheng, B., Lee, W.C., Leong, H.V., Round-Eye: A system for tracking nearest surrounders in moving object environments. The Journal of Systems and Software, 80:2063-2076, 2007. [Link]

Conferences

  1. H. Vijayakumar, J. Schiffman, and T. Jaeger. STING: Finding Name Resolution Vulnerabilities in Programs, Proceedings of the 21st USENIX Security Symposium (USENIX Security '12), Aug. 2012. to appear. (19% acceptance rate)

  2. J. Schiffman, H. Vijayakumar, T. Jaeger. Verifying System Integrity by Proxy, 5th International Conference on Trust and Trustworthy Computing (TRUST 2012), June, 2012. to appear.

  3. H. Vijayakumar, G. Jakka, S. Rueda, J. Schiffman, and T. Jaeger. Integrity Walls: Finding Attack Surfaces from Mandatory Access Control Policies. In Proceedings of the 7th ACM Symposium on Information, Computer, and Communications Security (AsiaCCS), 2012. (31% acceptance rate)

  4. Hayawardh Vijayakumar, Joshua Schiffman, and Trent Jaeger. A Rose by Any Other Name or an Insane Root? Adventures in Namespace Resolution, 7th European Conference on Computer Network Defense, September 2010. (32% acceptance rate)

  5. P. Traynor, J. Schiffman, T. La Porta, P. McDaniel and A. Ghosh, Constructing Secure Localization Systems with Adjustable Granularity, Proceedings of the IEEE Global Communications Conference (GLOBECOM), December 2010. (35% acceptance rate) [PDF]

  6. Boniface Hicks, Sandra Rueda, Dave King, Thomas Moyer, Joshua Schiffman, Yogesh Sreenivasan, Patrick McDaniel, and Trent Jaeger. An architecture for enforcing end-to-end access control over web applications. In 15th ACM Symposium on Access Control Models and Technologies, June 2010. (24% acceptance rate)

  7. Joshua Schiffman, Xinwen Zhang and Simon Gibbs. DAuth: Fine- grained Authorization Delegation for Distributed Web Application Consumers, POLICY '10: Proceedings of the 2010 IEEE International Symposium on Policies for Distributed Systems and Networks, July, 2010. Washington, DC. (19% acceptance rate) [PDF]

  8. Joshua Schiffman, Thomas Moyer, Christopher Shal, Trent Jaeger, and Patrick McDaniel. Justifying Integrity Using a Virtual Machine Verifier, ACSAC '09: Proceedings of the 2009 Annual Computer Security Applications Conference, December 2009. Honolulu, HI. (19.0% acceptance rate) [PDF] [Slides]

  9. Thomas Moyer, Kevin Butler, Joshua Schiffman, Patrick McDaniel, and Trent Jaeger. Scalable Web Content Attestation, ACSAC '09: Proceedings of the 2009 Annual Computer Security Applications Conference, December 2009. Honolulu, HI. (19.0% acceptance rate) [PDF]

  10. Ken C. K. Lee, Josh Schiffman, Baihua Zheng, Wang-chien Lee, Valid Scope Computation for Location-Dependent Spatial Query in Mobile Broadcast Environments, 17th ACM Conference on Information and Knowledge Management, October 2008. (17% acceptance rate) [Link]

  11. Divya Muthukumaran, Anuj Sawani, Joshua Schiffman, Brian M. Jung, Trent Jaeger, Measuring Integrity on Mobile Phone Systems, SACMAT '08: 13th ACM Symposium on Access Control Models and Technologies, June 2008. (25% acceptance rate) [Link]

  12. Luke St.Clair, Joshua Schiffman, Trent Jaeger, and Patrick McDaniel, Establishing and Sustaining System Integrity via Root of Trust Installation,ACSAC '07: 23rd Annual Computer Security Applications Conference, December 2007. (22% acceptance rate) [Link]

  13. Ken C. K. Lee, Josh Schiffman, Baihua Zheng, Wang-Chien Lee and Hong Va Leong, Tracking Nearest Surrounders in Moving Object Environments, IEEE International Conference on Pervasive Services, 2006. [Link]

Workshops

  1. ACM DL Author-ize serviceSeeding clouds with trust anchors
    Joshua Schiffman, Thomas Moyer, Hayawardh Vijayakumar, Trent Jaeger, Patrick McDaniel. CCSW '10 Proceedings of the 2010 ACM workshop on Cloud computing security workshop, 2010. (14.41% acceptance rate) [Slides]

  2. Xinwen Zhang, Joshua Schiffman, Simon Gibbs, Anugeetha Kunjithapatham, and Sangoh Jeong. Securing Elastic Applications on Mobile Devices for Cloud Computing, 1st ACM Cloud Computing Security Workshop, November 2009. [ Slides]

  3. William Enck, Sandra Rueda, Yogesh Sreenivasan, Joshua Schiffman, Luke St. Clair, Trent Jaeger, and Patrick McDaniel.Protecting Users from 'Themselves'. Proceedings of the 1st ACM Computer Security Architectures Workshop, November 2007. Alexandria, VA. [Link]

Misc

  1. Joshua Schiffman, 19th USENIX Security Symposium Conference Summaries. USENIX ;login Magazine, December 2010.
  2. Joshua Schiffman, 17th USENIX Security Symposium Conference Summaries. USENIX ;login Magazine, December 2008.

Technical Reports

  • J. R. Lorch, J. Mickens, B. Parno, M. Raykova, and J. Schiffman. Toward practical private access to data centers via parallel oram. Cryptology ePrint Archive, Report 2012/133 .

  • Kevin Butler, Stephen McLaughlin, Thomas Moyer, Joshua Schiffman, Patrick McDaniel, and Trent Jaeger. Firma: Disk-Based Foundations for Trusted Operating Systems. Technical Report NAS- TR-0114-2009, Networking and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, May 2009.

Patents

  • Samsung Electronics Co., Ltd.: Joshua Schiffman et al, "Securely Using Service Providers in Elastic Computing Systems and Environments," U.S. Patent Application Number: 20110004916 (April 22, 2010)

Invited Talks

  • Towards Practical Attestation: Challenges and Opportunities, Trusted Infrastructure Workshop, June 10, 2010. Pittsburgh, PA. [Slides]