Jonathan M. McCune
Research Systems Scientist
CyLab
Carnegie Mellon University


Contact Information

Email: jonmccune@cmu.edu
Curriculum Vitae: pdf
Biography: html
Personal: jonmccune.net

Research Areas and Projects

  • Trusted Computing technology
  • Operating system and virtualization security
  • Authentication in ad hoc networks
  • Open-source: eXtensible, Modular Hypervisor Framework (includes TrustVisor!)
  • Open-source: Flicker: Minimal TCB Code Execution
  • Open-source: SafeSlinger: Easy-to-Use and Secure Public-Key Exchange

Publications in Conferences and Workshops

Journal Articles

  • SPATE: Small-Group PKI-Less Authenticated Trust Establishment.
    Yue-Hsun Lin, Ahren Studer, Yao-Hsin Chen, Hsu-Chun Hsiao, Li-Hsiang Kuo, Jason Lee, Jonathan M. McCune, King-Hang Wang, Maxwell Krohn, Phen-Lan Lin, Adrian Perrig, Hung-Min Sun, and Bo-Yin Yang. IEEE Transactions on Mobile Computing. Volume 9, Issue 12, December 2010. ( PDF, BIB )
  • Remote Detection of Virtual Machine Monitors with Fuzzy Benchmarking.
    Jason Franklin, Mark Luk, Jonathan M. McCune, Arvind Seshadri, Adrian Perrig, and Leendert Van Doorn. ACM SIGOPS Operating System Review Special Edition on Computer Forensics. Volume 42, Issue 3, April 2008. ( PDF, BIB )
    An early version appeared as CMU Cylab Technical Report CMU-CyLab-07-001, January 2007, having grown out of a course project described in Technical Report CMU-CS-05-201.
  • Seeing is Believing: Using Camera Phones for Human-Verifiable Authentication.
    Jonathan M. McCune, Adrian Perrig, and Michael K. Reiter. International Journal of Security and Networks Special Issue on Secure Spontaneous Interaction. 4(1-2):43-56, 2009. ( PDF, BIB )
    This work extends our 2005 IEEE S&P paper and Technical Report CMU-CS-04-174.

Technical Reports

  • MiniBox: A Two-Way Sandbox for x86 Native Code.
    Yanlin Li, Adrian Perrig, Jonathan M. McCune, James Newsome, Brandon Baker, and Will Drewry. CMU CyLab Technical Report CMU-CyLab-14-001, February, 2014.
  • Design, Development and Automated Verification of an Integrity-Protected Hypervisor.
    Sagar Chaki, Amit Vasudevan, Limin Jia, Jonathan M. McCune, and Anupam Datta. CMU CyLab Technical Report CMU-CyLab-12-017, July, 2012.
  • Design and Implementation of an eXtensible and Modular Hypervisor Framework.
    Amit Vasudevan, Jonathan M. McCune, and James Newsome. CMU CyLab Technical Report CMU-CyLab-12-014, June, 2012.
  • Trustworthy Execution on Mobile Devices: What security properties can my mobile platform give me?
    Amit Vasudevan, Emmanuel Owusu, Zongwei Zhou, James Newsome, and Jonathan McCune. CMU CyLab Technical Report CMU-CyLab-11-023, November, 2011.
  • Memoir---Formal Specs and Correctness Proofs.
    John R. Douceur, Jacob R. Lorch, Bryan Parno, James Mickens, and Jonathan M. McCune. MSR-TR-2011-19, February 2011.
  • Trust and Trusted Computing Platforms.
    David Fisher, Jonathan M. McCune, Archie D. Andrews. Technical Report CMU/SEI-2011-TN-005, Software Engineering Institute, Carnegie Mellon University, January 2011.
  • Contractual Anonymity.
    Edward J. Schwartz, David Brumley, Jonathan M. McCune. Technical Report CMU-CS-09-144, School of Computer Science, Carnegie Mellon University, September 2009.
  • Efficient TCB Reduction and Attestation.
    Jonathan M. McCune, Ning Qu, Yanlin Li, Anupam Datta, Virgil D. Gligor, Adrian Perrig. CMU CyLab Technical Report CMU-CyLab-09-003, March, 2009.
  • An Execution Infrastructure for TCB Minimization.
    Jonathan M. McCune, Bryan Parno, Adrian Perrig, Michael K. Reiter, and Hiroshi Isozaki. CMU Cylab Technical Report CMU-CyLab-07-018, December 2007
  • Remote Detection of Virtual Machine Monitors with Fuzzy Benchmarking.
    Jason Franklin, Mark Luk, Jonathan M. McCune, Arvind Seshadri, Adrian Perrig, and Leendert van Doorn. CMU Cylab Technical Report CMU-CyLab-07-001, January 2007
  • Bump in the Ether: A Framework for Securing Sensitive User Input.
    Jonathan M. McCune, Adrian Perrig, Michael K. Reiter. CMU Cylab Technical Report CMU-Cylab-05-007, December 2005.
  • Device-Enabled Authorization in the Grey System.
    Lujo Bauer, Scott Garriss, Jonathan M. McCune, Michael K. Reiter, Jason Rouse, and Peter Rutenbar. Technical Report CMU-CS-05-111 (PDF) School of Computer Science, Carnegie Mellon University, February 2005.
  • Seeing is Believing: Using Camera Phones for Human-Verifiable Authentication.
    Jonathan M. McCune, Adrian Perrig, and Michael K. Reiter. Technical Report CMU-CS-04-174, School of Computer Science, Carnegie Mellon University, November 2004.

Talks

Conference
  • TrustVisor: Efficient TCB Reduction and Attestation. (IEEE S&P, Oakland, CA, May, 2010)
  • Safe Passage for Passwords and Other Sensitive Data. NDSS, February 2009. ( PPT )
  • How Low Can You Go? Recommendations for Hardware-Supported Minimal TCB Code Execution. ASPLOS, March 2008. ( PPT )
  • Shamon: A System for Distributed Mandatory Access Control (ACSAC, Miami Beach, FL, December, 2006) ( pdf )
  • Bump in the Ether: A Framework for Securing Sensitive User Input (Usenix ATC, Boston, MA, June, 2006) ( pdf )
  • Seeing is Believing: Using Camera Phones for Human-Verifiable Authentication (IEEE S&P, Oakland, CA, May, 2005) ( pdf )
  • Power Efficient Adaptable Sensor Networks (MAPLD, Washington, DC, September, 2003)

Program Committee Service

PhD Thesis

Co-Advisor: Mike Reiter ( web )
Co-Advisor: Adrian Perrig ( web )
Committee Member: Greg Ganger ( web )
Committee Member: Leendert van Doorn ( web )

Past Projects' Web Pages

  • Seeing is Believing: Using Camera Phones for Human-Verifiable Authentication
  • Grey: Access Control System for Mobile Devices

Links



Last modified: Tue Jul 19 05:06:37 EDT 2011         © 2003-2011, Jonathan M. McCune