Contact Information
Office: 2126 Collaborative Information Center (CIC) Building
Phone: (412) 268-3992
Email: jonmccune@cmu.edu
Curriculum Vitae: pdf
Biography: html
Advertisements
Active Research Areas
- Trusted Computing technology
- Operating system and virtualization security
- Authentication in ad hoc networks
Publications in Conferences and Workshops
- A Contractual Anonymity System.
Edward J. Schwartz, David Brumley, and Jonathan M. McCune.
Network and Distributed System Security Symposium
(NDSS), February 2010. ( To appear. )
- SPATE: Small-group PKI-less Authenticated Trust Establishment.
Yue-Hsun Lin, Ahren Studer, Hsu-Chin Hsiao, Jonathan M. McCune,
King-Hang Wang, Maxwell Krohn, Phen-Lan Lin, Adrian Perrig, Hung-Min
Sun, and Bo-Yin Yang.
Conference on
Mobile Systems, Applications and Services (MobiSys),
June 2009. ( PDF
BIB
) Best Paper Award.
- CLAMP: Practical Prevention of Large-Scale Data Leaks.
Bryan Parno, Jonathan M. McCune, Dan Wendlandt, David G. Andersen,
and Adrian Perrig.
IEEE
Symposium on Security and Privacy, May 2009.
( PDF, BIB )
- Safe Passage for Passwords and Other Sensitive Data.
Jonathan M. McCune, Adrian Perrig, and Michael K. Reiter.
Network and Distributed System Security Symposium
(NDSS), February 2009. ( PDF, BIB )
- GAnGS: Gather, Authenticate, and Group Securely.
Chia-Hsin Owen Chen, Chung-Wei Chen, Cynthia Kuo, Yan-Hao Lai,
Jonathan M. McCune, Ahren Studer, Adrian Perrig, Bo-Yin Yang, and
Tzong-Chen Wu.
The International
Conference on Mobile Computing and
Networking (Mobicom), September 2008. ( PDF, BIB )
- Flicker: An Execution Infrastructure for TCB Minimization.
Jonathan M. McCune, Bryan Parno, Adrian Perrig, Michael K. Reiter, and
Hiroshi Isozaki.
The European
Conference on Computer Systems (EuroSys), April 2008. ( PDF,
BIB
)
- How Low Can You Go?
Recommendations for Hardware-Supported Minimal TCB Code Execution.
Jonathan M. McCune, Bryan Parno, Adrian Perrig, Michael K. Reiter and Arvind Seshadri.
Architectural
Support for Programming Languages and Operating Systems
(ASPLOS), March 2008. ( PDF,
BIB )
- Turtles All the Way Down: Research Challenges in User-Based Attestation.
Jonathan M. McCune,
Adrian Perrig, Arvind Seshadri, and Leendert van Doorn. USENIX Workshop on Hot Topics in Security (HotSec '07)
, August 2007. ( PDF, BIB)
- Minimal TCB Code Execution (Extended Abstract).
Jonathan M. McCune, Bryan Parno,
Adrian Perrig, Michael K. Reiter, and Arvind Seshadri. IEEE Symposium on
Security and Privacy, May 2007. ( PDF, BIB)
- Shamon: A System for Distributed Mandatory Access Control.
Jonathan M. McCune, Stefan Berger, Ramón Cáceres, Trent Jaeger, Reiner Sailer.
Annual Computer Security Applications Conference, December, 2006. ( PDF, BIB )
- Bump in the Ether: A Framework for Securing Sensitive User
Input.
Jonathan M. McCune, Adrian Perrig, Michael K. Reiter.
USENIX Annual Technical Conference, May
2006. ( PDF, BIB) An early version appears
as CMU Cylab Technical Report CMU-Cylab-05-007,
December 2005.
- Device-Enabled Authorization in the Grey System.
Lujo Bauer, Scott Garriss, Jonathan M. McCune, Michael
K. Reiter, Jason Rouse, and Peter Rutenbar. 8th Information
Security Conference, July 2005. (PDF, BIB) Full version appears as Technical
Report CMU-CS-05-111 (PDF)
School of Computer Science, Carnegie Mellon University, February
2005.
- Seeing is Believing: Using Camera Phones for
Human-Verifiable Authentication.
Jonathan M. McCune,
Adrian Perrig, and Michael K. Reiter. IEEE Symposium on
Security and Privacy, May 2005. ( PDF, BIB) An early version
appears as Computer Science Technical Report CMU-CS-04-174,
School of Computer Science, Carnegie Mellon University, November
2004.
- Detection of Denial-of-Message Attacks on Sensor Network
Broadcasts.
Jonathan M. McCune, Elaine Shi, Adrian Perrig,
and Michael K. Reiter. IEEE Symposium on Security and
Privacy, May 2005. (PDF, BIB)
- A Study of Mass-mailing Worms.
Cynthia Wong, Stan
Bielski, Jonathan M. McCune, and Chenxi Wang.
ACM Workshop on Rapid Malcode (WORM),
2004. (PDF, BIB)
- Power-Efficient Adaptable Wireless Sensor Networks.
John Lach, David Evans, Jon McCune, Jason Brandon. Military
and Aerospace Programmable Logic Devices (MAPLD)
International Conference, 2003. ( web
)
- Behavior Combination and Swarm Programming.
Keen
Browne, Jon McCune, Adam Trost, et al. Lecture Notes in Computer
Science, Springer-Verlag Heidelberg. February 2002. ( web
)
Journal Articles
- Remote Detection of Virtual Machine Monitors with Fuzzy Benchmarking.
Jason Franklin, Mark Luk, Jonathan M. McCune, Arvind Seshadri,
Adrian Perrig, and Leendert Van Doorn.
ACM SIGOPS Operating System
Review Special Edition on Computer Forensics. Volume 42, Issue
3, April
2008. ( PDF,
BIB )
An early version appeared as CMU Cylab Technical Report
CMU-CyLab-07-001, January 2007
- Seeing is Believing: Using Camera Phones for
Human-Verifiable Authentication.
Jonathan M. McCune,
Adrian Perrig, and Michael K. Reiter.
International Journal of Security and Networks Special Issue on
Secure Spontaneous Interaction. 4(1-2):43-56,
2009. ( PDF BIB
)
This work extends our 2005 IEEE S&P paper and
Technical Report CMU-CS-04-174.
Technical Reports
- Contractual Anonymity.
Edward J. Schwartz, David
Brumley, Jonathan M. McCune. Technical Report CMU-CS-09-144 (PDF)
School of Computer Science, Carnegie Mellon University, September
2009.
- Efficient TCB Reduction and Attestation.
Jonathan M. McCune, Ning Qu, Yanlin Li, Anupam Datta, Virgil
D. Gligor, Adrian Perrig. CMU CyLab Technical Report
CMU-CyLab-09-003 (PDF),
March, 2009.
- An Execution Infrastructure for TCB Minimization.
Jonathan M. McCune, Bryan Parno, Adrian Perrig, Michael K. Reiter,
and Hiroshi Isozaki. CMU Cylab Technical Report
CMU-CyLab-07-018, December 2007
- Remote Detection of Virtual Machine Monitors with Fuzzy
Benchmarking.
Jason Franklin, Mark Luk, Jonathan M. McCune, Arvind Seshadri,
Adrian Perrig, and Leendert van Doorn. CMU Cylab Technical Report
CMU-CyLab-07-001, January 2007
- Bump in the Ether: A Framework for Securing Sensitive User
Input.
Jonathan M. McCune, Adrian Perrig, Michael K. Reiter.
CMU Cylab Technical Report CMU-Cylab-05-007,
December 2005.
- Device-Enabled Authorization in the Grey System.
Lujo Bauer, Scott Garriss, Jonathan M. McCune, Michael
K. Reiter, Jason Rouse, and Peter Rutenbar. Technical
Report CMU-CS-05-111 (PDF)
School of Computer Science, Carnegie Mellon University, February
2005.
- Seeing is Believing: Using Camera Phones for
Human-Verifiable Authentication.
Jonathan M. McCune,
Adrian Perrig, and Michael K. Reiter. Technical Report CMU-CS-04-174,
School of Computer Science, Carnegie Mellon University, November
2004.
Talks
Conference
- Safe Passage for Passwords and Other Sensitive Data. NDSS,
February 2009. ( PPT )
- How Low Can You Go? Recommendations for Hardware-Supported Minimal TCB Code Execution.
ASPLOS, March 2008. ( PPT )
- Shamon: A System for Distributed Mandatory Access Control (ACSAC, Miami Beach, FL, December, 2006) ( pdf )
- Bump in the Ether: A Framework for Securing Sensitive User Input (Usenix ATC, Boston, MA, June, 2006) ( pdf )
- Seeing is Believing: Using Camera Phones for Human-Verifiable Authentication (IEEE S&P, Oakland, CA, May, 2005) ( pdf )
- Power Efficient Adaptable Sensor Networks (MAPLD, Washington, DC,
September, 2003)
PhD Thesis
Co-Advisor: Mike Reiter
( web )
Co-Advisor: Adrian Perrig
( web )
Committee Member: Greg Ganger ( web )
Committee Member: Leendert van Doorn ( web )
Project Pages
- Flicker: Minimal TCB Code Execution
- Seeing is Believing: Using Camera Phones for Human-Verifiable Authentication
- Grey: Access Control System for Mobile Devices
Teaching
Fall 2008
Teaching Assistant: 18-732: Secure
Software Systems
Fall 2005
Teaching Assistant: 18-730: Introduction to Computer Security
Spring 2005
Teaching Assistant: 18-731: Network Security
Links
|
