Home

Publications

A. SecoreCore Integration:

  1. Timothy Levin, Jeffrey S. Dwoskin, Ganesha Bhaskara, Thuy Nguyen, Paul Clark, Ruby B. Lee, Cynthia Irvine, Terry Benzel. "Securing the Dissemination of Emergency Response Data with an Integrated Hardware-Software Architecture," 2nd International Conference on Trusted Computing (TRUST 2009), Oxford, U.K., April 2009. [PDF]
  2. Jeffrey Dwoskin, Ganesha Bhaskara, Thuy D. Nguyen, Ruby Lee, "SecureCore Prototype/Demo Manual," Version 1.0. Princeton University Department of Electrical Engineering Technical Report CE-L2008-009, August 2008. (Updated 8/25/2009) [PDF]

B. SecureCore Processor Architecture:

Secret Protection (SP) Architecture

  1. Jeffrey S. Dwoskin and Ruby B. Lee, "Hardware-rooted Trust for Secure Key Management and Transient Trust," Proc. of the 14th ACM Conference on Computer and Communications Security (CCS 2007), pp. 389-400, October 2007. [PDF]
  2. Jeffrey Dwoskin, Dahai Xu, Jianwei Huang, Mung Chiang, and Ruby B. Lee, "Secure Key Management Architecture Against Sensor-node Fabrication Attacks." IEEE GlobeCom 2007, Washington, DC, November 2007 [PDF]
  3. Jeffrey Dwoskin, Ruby B. Lee, "SP Processor Architecture Reference Manual," Princeton University Department of Electrical Engineering Technical Report CE-L2008-008, 8/11/2008. (Previous version: CE-L2007-009. Version 0.7, 11/21/2007) [PDF]
  4. Jeffrey Dwoskin, Mahadevan Gomathisankaran, David Champagne, Ruby B. Lee, "SP Reference Manual Addendum – Secure Stacks for TSMs and Emulation of SP Interrupt Protection," Princeton University Department of Electrical Engineering Technical Report CE-L2009-006. August, 2009. [PDF]
  5. Ruby B. Lee, Peter C. S. Kwan, John Patrick McGregor, Jeffrey Dwoskin, and Zhenghong Wang, Architecture for Protecting Critical Secrets in Microprocessors, Proceedings of the 32nd International Symposium on Computer Architecture (ISCA 2005), pp. 2-13, June 2005. [PDF]
  6. Jeffrey Dwoskin and Ruby B. Lee, "Processor Architecture for Remote, Transient, Policy-controlled Secrets," Princeton University Department of Electrical Engineering Technical Report CE-L2006-007, November 2006.
  7. Jeffrey Dwoskin and Ruby Lee, "Enabling Transient Access to Protected Information for Crisis Response", Princeton University Department of Electrical Engineering Technical Report CE-L2006-001, May 2006.
  8. Ganesha Bhaskara, Timothy E. Levin, Thuy D. Nguyen, Cynthia E. Irvine, Terry V. Benzel, Jeffrey Dwoskin, Ruby B. Lee, "Virtualization of Secure Processor Key Management within a Separation Kernel Architecture," Princeton University Department of Electrical Engineering Technical Report CE-L2006-006, November 2006. [PDF]
  9. Ganesha Bhaskara, Timothy E. Levin, Thuy D. Nguyen, Cynthia E. Irvine, Terry V. Benzel, Jeffrey Dwoskin, Ruby Lee, Virtualization and Integration of SP Services in SecureCore, University of California, Information Sciences Institute Technical Report ISI-TR-623, September 2006
  10. Ruby B. Lee, Jeffrey Dwoskin, and David Champagne, "Fundamental Architectural Features in SP processors for Protecting Sensitive Information," submitted to IEEE Micro, December 2006.
  11. Peter Kwan and Ruby B. Lee, "Minimalist Security Architecture in SP-processors", Book Chapter, Hardware-Based Security Anthology, publisher review, 2006.

 

Processor Covert Channels and Cache Side Channels:

  1. Zhenghong Wang and Ruby B. Lee, "New Cache Designs for Thwarting Software Cache-based Side Channel Attacks", International Symposium on Computer Architecture, ISCA'07, June 2007.
  2. Zhenghong Wang, Jing Deng, and Ruby B. Lee, "Mutual Anonymous Communications: A New Covert Channel Based on Splitting Tree MAC", 26th Annual IEEE Conference on Computer Communications (Infocom '07), Minisymposium, May 2007.
  3. Zhenghong Wang and Ruby B. Lee, "Covert and Side Channels due to Processor Architecture", Proceedings of the 22nd Annual Computer Security Applications Conference (ACSAC'06), pp.473-482, December 2006.
  4. Michael Neve, Jean-Pierre Seifert, and Zhenghong Wang, "A refined look at Bernstein's AES side-channel analysis", Fast abstract in the Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, pp. 369, March 2006.
  5. Zhenghong Wang and Ruby Lee, "Cache-based side channel attacks: analysis and countermeasures," Princeton University Department of Electrical Engineering Technical Report, May 2006.

 

Memory Integrity:

  1. Reouven Elbaz, David Champagne, Ruby B. Lee, Lionel Torres, Gilles Sassatelli and Pierre Guillemin, "TEC-Tree: A Low Cost, Parallelizable Tree for Efficient Defense against Memory Replay Attacks", to appear in Proc. Workshop on Cryptographic Hardware and Embedded Systems (CHES 2007), September 2007.
  2. Reouven Elbaz, David Champagne and Ruby B. Lee, "TEC-Tree: A Low Cost and Parallelizable Tree for Efficient Defense against Memory Replay Attacks", Technical Report CE-L2007-002, Department of Electrical Engineering, Princeton University, March 12th 2007.
  3. David Champagne and Ruby B. Lee, "Memory Integrity for Secure Computing Platforms", Draft Technical Report, Department of Electrical Engineering, Princeton University, June 2006 (under revision).

 

Availability:

  1. David Champagne and Ruby B. Lee, "Scope of DDoS Countermeasures: Taxonomy of Proposed Solutions and Design Goals for Real-World Deployment", 8th International Symposium on Systems and Information Security, November 2006.
  2. David Champagne and Ruby B. Lee, "Remote Takeovers: Software Vulnerabilities and Architectural Countermeasures", Book Chapter, Hardware-Based Security Anthology, publisher review, 2006.

 

Testing Framework:

  1. Yu-Yuan Chen, Jeffrey S. Dwoskin, Mahadevan Gomathisankaran, Ruby B. Lee. "Making Security Validation as Easy as Performance Evaluation", Princeton University Department of Electrical Engineering Technical Report CE-L2009-005, November, 2009. (To be submitted)
  2. Jeffrey S. Dwoskin, Mahadevan Gomathisankaran, Ruby B. Lee. "A Framework for Testing Hardware-Software Security Architectures", Princeton University Department of Electrical Engineering Technical Report CE-L2009-001, Feb 04, 2009. (Updated June 2009) [PDF]
  3. Jeffrey S. Dwoskin, Mahadevan Gomathisankaran, Ruby B. Lee. "Framework for Design Validation of Security Architectures," Princeton University Department of Electrical Engineering Technical Report CE-L2008-013, November 2008. [PDF]

 

 

 

C. SecureCore OS (Separation Kernel) Architecture

 

  1. Timothy E. Levin, Ganesha Bhaskara, Thuy D. Nguyen, Paul C. Clark, Terry V. Benzel, Cynthia E. Irvine. SecureCore Security Architecture: Authority Mode and Emergency Management, University of California, Information Sciences Institute Technical Report ISI-TR-647, November 2007. [PDF]
  2. Ganesha Bhaskara, Timothy E. Levin, Paul C. Clark, Thuy D. Nguyen, Cynthia E. Irvine, Terry V. Benzel. Integration of Authority Mode hardware extensions with SecureCore software architecture to enable transient trust, University of California, Information Sciences Institute Technical Report ISI-TR-635, March 2007. [PDF]
  3. Ganesha Bhaskara, Timothy E. Levin, Thuy D. Nguyen, Cynthia E. Irvine, Terry V. Benzel, Jeffrey Dwoskin, Ruby Lee, Virtualization and Integration of SP Services in SecureCore, University of California, Information Sciences Institute Technical Report ISI-TR-623, September 2006[PDF]
  4. Timothy E. Levin, Cynthia E. Irvine, Thuy D. Nguyen, Terry V. Benzel, Ganesha Bhaskara, Initial SecureCore Security Architecture , Naval Postgraduate School Technical ReportNPS-CS-07-003 and University of California, Information Sciences Institute Technical Report ISI-TR-622, September 2006[PDF]
  5. Thuy D. Nguyen, Timothy E. Levin, Cynthia E. Irvine,Terry V. Benzel, and Ganesha Bhaskara, Preliminary Security Requirements for SecureCore Hardware, Naval Postgraduate School Technical Report NPS-CS-06-014, and University of California, Information Sciences Institute Technical Report ISI-TR-621, September 2006[PDF]
  6. Timothy E. Levin, Cynthia E. Irvine and Thuy D. Nguyen, "Least Privilege in Separation Kernels," Proceedings International Conference on Security and Cryptography, Setubal, Portugal, August 2006, pp. 355-362
  7. Timothy E. Levin, Cynthia Irvine and Thuy Nguyen, An Analysis of Three Kernel-based Multilevel Security Architectures, Naval Postgraduate School Technical Report NPS-CS-06-001, August 2006 [PDF]
  8. Ganesha Bhaskara, Timothy E. Levin, Thuy D. Nguyen, Terry V. Benzel, Cynthia E. Irvine, Paul C. Clark, Integration of User Specific Hardware for SecureCore Cryptographic Services, Naval Postgraduate School Technical Report NPS-CS-06-012, July 2006
    9. [PDF]
  9. Thuy D. Nguyen, Timothy E. Levin, Cynthia E. Irvine, "High Robustness Requirements in a Common Criteria Protection Profile," Proceedings of the 4th IEEE International Information Assurance Workshop, Royal Holloway, UK, April 2006, pp. 66-75
  10. Timothy E. Levin, Cynthia E. Irvine and Evdoxia Spyropoulou, "Quality of Security Service: Adaptive Security," Handbook of Information Security, Vol.3, pp 1016-1025, ed. H. Bidgoli, John Wiley and Sons, 2006

 

D. SecureCore Ad-hoc Networking Architecture

 

  1. Dahai Xu, Jianwei Huang, Jeffrey Dwoskin, Mung Chiang, and Ruby Lee, "Re-examining Probabilistic Versus Deterministic Key Management," Proceedings of the 2007 IEEE International Symposium on Information Theory(ISIT), pp. 2586-2590, Jun. 2007. [PDF]
  2. Jeffrey Dwoskin, Dahai Xu, Jianwei Huang, Mung Chiang, and Ruby B. Lee, "Secure Key Management Architecture Against Sensor-node Fabrication Attacks." IEEE GlobeCom 2007, Washington, DC, November 2007 [PDF]
  3. J. W. Lee, A. Tang, J. Huang, M. Chiang, and A. R. Calderbank, "Reverse-Engineering MAC: A Non-Cooperative Game Model", IEEE Journal of Selected Areas in Communications, August 2007, Page(s):1135-1147.
  4. D. Xu, Y. Li, M. Chiang, and A. R. Calderbank, "Optimal provisioning of elastic service availability", Proc. IEEE INFOCOM, May 2007,
  5. M. Chiang, S. H. Low, A. R. Calderbank, and J. C. Doyle, "Layering as optimization decomposition: A mathematical theory of network architectures", Proceedings of the IEEE, Jan. 2007, Page(s) 255-312.