Joshua Serratelli Schiffman

Home | Publications | Vita | Teaching | Contact

Welcome

I am a PhD Candidate advised by Dr. Trent Jaeger in the Department of Computer Science and Engineering at Penn State University. I am the lead graduate student of the Systems and Internet Infrastructure Security (SIIS) Laboratory, where my duties are to coordinate the activities of the lab, run weekly meetings for members, and meet with students individually for mentoring and development of leadership and research skills.

My research interests include Operating System and virtualization security, trustworthy computing, and building verifiably secure cloud computing infrastructures. My current research focuses on distributed system security including application integrity and information flow security. In particular, I have been examining how to ensure applications running on highly scalable virtualized infrastructures can be proven secure with respect to specific security and integrity criteria. In the past I have researched trusted computing topics including ways of using the Trusted Platform Module (TPM) to report information flow policies and establish trust between machines on an Internet scale. During my undergraduate program, I explored various research topics such as Artificial Intelligence and Spatial Databases.

News
Apr. 22th, 2012 - Our paper, STING: Finding Name Resolution Vulnerabilities in Programs, has been accepted to appear at the 21st USENIX Security Symposium (USENIX Security '12), in San Francisco, CA.

Mar. 26th, 2012 - Our paper, Verifying System Integrity by Proxy, has been accepted to appear at the 5th International Conference on Trust and Trustworthy Computing (TRUST 2012), in Vienna, Austria.

Mar. 5th, 2012 - I have been invited to be on the program committee for the 7th International Workshop on Security (IWSEC) .

Feb. 23rd, 2012 - Our paper, Integrity Walls: Finding Attack Surfaces from Mandatory Access Control Policies, has been accepted to appear at the 7th 7th ACM Symposium on Information, Computer, and Communications Security (ASIACCS).

Aug 3rd, 2011 - Our paper A Rose by Any Other Name or an Insane Root? Adventures in Namespace Resolution has been accepted to appear at the 7th European Conference on Computer Network Defense.

July 8th, 2011 - I have been awarded a Student Travel Grant to the 20th USENIX Security Symposium in San Francisco, CA.

May 31st, 2011 - I have started my summer internship at Microsoft Research in Redmond, WA. I will be working with Bryan Parno and Jay Lorch on privacy-preserving services in data centers using trusted computing.

Feb. 15th, 2011 - Our paper, Scalable Web Content Attestation has been accepted to appear in IEEE Transactions on Computers.

Older news...

 

Any sufficiently advanced technology is indistinguishable from magic.
--Clarke's Third Law of Prediction