Karger, P.A., An Implementation of XPL for Multics, SB thesis 1972, Massachusetts Institute of Technology: Cambridge, MA.
Karger, P.A. and R.R. Schell, Multics Security Evaluation: Vulnerability Analysis, ESD-TR-74-193, Vol. II, June 1974, HQ Electronic Systems Division: Hanscom AFB, MA. URL: http://csrc.nist.gov/publications/history/karg74.pdf
Biba, K.J., S.R. Ames, E.L. Burke, P.A. Karger, W.R. Price, R.R. Schell, and W.L. Schiller, A Preliminary Specification of a Multics Security Kernel, WP-20119, April 1975, The MITRE Corporation: Bedford, MA.
Biba, K.J., S.R. Ames, E.L. Burke, P.A. Karger, W.R. Price, R.R. Schell, and W.L. Schiller. A Preliminary Specification of a Multics Security Kernel. in ACM Computer Science Conference. 18-20 February 1975, Washington, DC p. 16.
Schell, R.R. and P.A. Karger, Security in Automatic Data Processing (ADP) Network Systems, ESD-TR-77-19, December 1976, HQ Electronic Systems Division: Hanscom AFB, MA.
Karger, P.A., Non-Discretionary Access Control for Decentralized Computing Systems, MIT/LCS/TR-179, May 1977, Laboratory for Computer Science, Massachusetts Institute of Technology: Cambridge, MA. URL: http://www.bitsavers.org/pdf/mit/lcs/tr/MIT-LCS-TR-179.pdf
Karger, P.A. Non-Discretionary Security for Decentralized Computing Systems: Host to Host Protocols. in Trends and Applications: 1978 Distributed Processing. 18 May 1978, National Bureau of Standards, Gaithersburg, MD IEEE. p. 32-39.
Karger, P.A. The Lattice Security Model in a Public Computing Network. in ACM 78: Proceedings 1978 Annual Conference. 4-6 December 1978, Washington, DC Association for Computing Machinery. p. 453-459.
Padlipsky, M.A., D.W. Snow, and P.A. Karger, Limitations of End-to-End Encryption in Secure Computer Networks, ESD-TR-78-158, August 1978, The MITRE Corporation: Bedford MA, HQ Electronic Systems Division: Hanscom AFB, MA. URL: http://stinet.dtic.mil/cgi-bin/GetTRDoc?AD=A059221&Location=U2&doc=GetTRDoc.pdf
Karger, P.A., Security for Distributed Processing, in Auerbach Information Management Series, 51-30-04, 1979, Auerbach Publishers, Inc.: Pennsauken, NJ.
Karger, P.A., History of Security Kernels, in Final Report of the 1979 Summer Study on Air Force Computer Security, J.B. DeWolf and P.A. Szulewski, Editors. R-1326, October 1979, Charles Stark Draper Laboratory, Inc.: Cambridge, MA. p. 17-36.
Karger, P.A., Computer Security Research at Digital. in Proceedings of the Third Seminar on the DoD Computer Security Initiative. 18-20 November 1980, Gaithersburg, MD National Bureau of Standards. p. E-1 - E-6.
Carter, M.G., S.B. Lipner, and P.A. Karger, Protecting Data & Information: A Workshop in Computer & Data Security, EY-AX00080-SM-001, 1982, Digital Equipment Corporation: Maynard, MA.
Karger, P.A. and S.B. Lipner. Digital's Research Activities in Computer Security. in 15th Annual Electronics and Aerospace Systems Conference - EASCON '82 Conference Record. 20-22 September 1982, Washington, DC IEEE. p. 29-32.
Levin, M.S., S.B. Lipner, and P.A. Karger, Protecting Data & Information: A Workshop in Computer & Data Security, EY-AX0008-SM-002, 1982, Digital Equipment Corporation: Maynard, MA.
Karger, P.A., Authentication, Discretionary, and Non-Discretionary Access Control in Computer Networks, in Proceedings of the 6th Computer Security Group Conference 26-29 July 1983: Denver, CO. p. 59-61.
Karger, P.A. and A.J. Herbert. An Augmented Capability Architecture to Support Lattice Security and Traceability of Access. in Proceedings of the 1984 Symposium on Security and Privacy. 29 April - 2 May 1984, Oakland, CA IEEE Computer Society. p. 2-12.
Karger, P.A., Authentication and Discretionary Access Control in Computer Networks. Computer Networks and ISDN Systems, 1985. 10(1): p. 27-37.
Karger, P.A., Authentication and Discretionary Access Control in Computer Networks. Computers and Security, 1986. 5: p. 314-324.
Karger, P.A. Limiting the Damage Potential of Discretionary Trojan Horses. in Proceedings of the 1987 IEEE Symposium on Security and Privacy. 27-29 April 1987, Oakland, CA IEEE Computer Society. p. 32-37.
Denning, D., C. Helsing, P. Karger, K. Meiser, and R. Moulton, Report of WIPCIS working group on granularity and functions. ACM SIGSAC Review, 1988. 6(1): p. 16-22. URL: http://doi.acm.org/10.1145/43889.43891
Karger, P.A. Implementing Commercial Data Integrity with Secure Capabilities. in Proceedings of the 1988 IEEE Symposium on Security and Privacy. 18-21 April 1988, Oakland, CA IEEE Computer Society. p. 130-139.
Karger, P.A., Improving Security and Performance for Capability Systems. Computer Laboratory Technical Report No. 149, October 1988, University of Cambridge: Cambridge, England.
Karger, P.A., Using Registers to Optimize Cross-Domain Call Performance, in Proceedings of the Third International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS) 3-6 April 1989: Boston, MA. p. 194-204.
Karger, P.A. New Methods for Immediate Revocation. in Proceedings of the 1989 IEEE Computer Society Symposium on Security and Privacy. 1-3 May 1989, Oakland, CA IEEE Computer Society. p. 48-55.
Karger, P.A., M.E. Zurko, D.W. Bonin, A.H. Mason, and C.E. Kahn. A VMM Security Kernel for the VAX Architecture. in Proceedings of the 1990 IEEE Computer Society Symposium on Research in Security and Privacy. 7-9 May 1990, Oakland, CA IEEE Computer Society. p. 2-19.
Karger, P.A., M.E. Zurko, D.W. Bonin, A.H. Mason, and C.E. Kahn, A Retrospective on the VAX VMM Security Kernel. IEEE Transactions on Software Engineering, 1991. 17(11): p. 1147-1165.
Karger, P.A. and J.C. Wray. Storage Channels in Disk Arm Optimization. in Proceedings of the 1991 IEEE Computer Society Symposium on Research in Security and Privacy. 20-22 May 1991, Oakland, CA p. 52-61.
Karger, P.A., Open Systems Help to Enforce Security Policies. Signal, 1991. 45(5): p. 23-26.
McKosky, R.A., L. Owens, and P.A. Karger, Security in the Intelligent Network, TM 0610-12-92-589, February 1993, GTE Laboratories, Inc.: Waltham, MA.
Frankel, Y., A. Herzberg, P.A. Karger, H. Krawczyk, C.A. Kunzinger, and M. Yung, CDPD Fraud Prevention and Availability, TR-0296-12-94-589, December 1994, GTE Laboratories, Inc.: Waltham, MA.
McKosky, R.A. and P.A. Karger, Protecting the Intelligence in the Network, in AIN TecForum 2: Intelligence - The State of the Art 24 March 1994, International Engineering Consortium: Tampa, FL. p. D1-D19.
Schreder, K., W. Lum, K. Dessouky, R. Ice, P. Karger, and Y. Frankel, IVHS Architecture Mission Definition, October 1994, Rockwell International, Anaheim, CA: Department of Transportation, FHWA, Washington, DC.
Frankel, Y., A. Herzberg, P.A. Karger, H. Krawczyk, C.A. Kunzinger, and M. Yung, Security Issues in a CDPD Wireless Network. IEEE Personal Communications, 1995. 2(4): p. 16-27.
Gutierrez, A.S., C. Elliot, E. Grose, B. McConnell, C. Roberts, P.A. Karger, D. Mills, and R. Heft, NII Security Issues Forum: Security for Intelligent Transportation Systems, January 27, 1995, Department of Transportation public meeting, North Carolina Museum of History: Raleigh, NC.
Karger, P.A. and Y. Frankel. Security and Privacy Threats to ITS. in Proceedings of the Second World Congress on Intelligent Transport Systems '95 Yokohama. 9-11 November 1995, Yokohama, Japan Vol. V. p. 2452-2458.
Karger, P.A., Network Security: Threats and Solutions, in CTIA Network Vulnerability Solutions Committee 1996 Security Seminar 26-27 June 1996, Cellular Telephone Industry Association: Schaumberg, IL.
Karger, P.A., Untrusted Applications Need Trusted Operating Systems, in 19th National Information Systems Security Conference 22-25 October 1996, National Institute of Standards and Technology, National Computer Security Center: Baltimore, MD. p. 847-848.
Karger, P.A., Tutorial on Defensive Information Warfare, RC 20781, 28 March 1997, IBM Research Division, T. J. Watson Research Center: Yorktown Heights, NY.
Karger, P.A., Network Security: Threats and Solutions, in The Internet and Telecommunications: Architectures, Technologies, and Business Developments. 1998, International Engineering Consortium: Chicago, IL. p. 127-133.
Gennaro, R., P. Karger, S. Matyas, M. Peyravian, A. Roginsky, D. Safford, M. Willett, and N. Zunic, Secure Key Recovery, May 1999, IBM Cryptography Center of Competence. URL: http://www-03.ibm.com/security/library/wp_key.shtml
Karger, P.A., Multi-Organizational Mandatory Access Controls for Commercial Applications, RC 21673 (97655), 22 February 2000, IBM Research Division, Thomas J. Watson Research Center: Yorktown Heights, NY.
Karger, P.A., V.R. Austel, and D.C. Toll, A New Mandatory Security Policy Combining Secrecy and Integrity, RC 21717 (97406), 15 March 2000, IBM Research Division, Thomas J. Watson Research Center: Yorktown Heights, NY.
Karger, P.A., V.R. Austel, and D.C. Toll. Using a Mandatory Secrecy and Integrity Policy on Smart Cards and Mobile Devices. in EUROSMART Security Conference. 13-15 June 2000, Marseilles, France p. 134-148.
Karger, P.A., V.R. Austel, and D.C. Toll. Using Mandatory Secrecy and Integrity for Business to Business Applications on Mobile Devices. in Workshop on Innovations in Strong Access Control. 25-27 September 2000, Naval Postgraduate School, Monterey, CA published on CD-ROM. URL: http://www.acsac.org/sac-tac/wisac00/wed0830.karger.pdf
Schellhorn, G., W. Reif, A. Schairer, P. Karger, V. Austel, and D. Toll. Verification of a Formal Security Model for Multiapplicative Smart Cards. in 6th European Symposium on Research in Computer Security (ESORICS 2000). 4-6 October 2000, Toulouse, France:Lecture Notes in Computer Science Vol. 1895. Springer-Verlag. p. 17-36.
Karger, P.A. and R.R. Schell. Thirty Years Later: Lessons from the Multics Security Evaluation. in Proceedings of the 18th Annual Computer Security Applications Conference. 9-13 December 2002, Las Vegas, NV IEEE Computer Society. p. 119-126. URL: http://www.acsa-admin.org/2002/papers/classic-multics.pdf
Karger, P.A. and R.R. Schell. Multics Security Evaluation: Vulnerability Analysis. in Proceedings of the 18th Annual Computer Security Applications Conference. 9-13 December 2002, Las Vegas, NV IEEE Computer Society. p. 127-146. URL: http://www.acsa-admin.org/2002/papers/classic-multics-orig.pdf
Schellhorn, G., W. Reif, A. Schairer, P. Karger, V. Austel, and D. Toll, Verified formal security model for multiapplicative smart cards. Journal of Computer Security, 2002. 10(4): p. 339-367. URL: http://iospress.metapress.com/link.asp?id=uqmavl5q58ah74ja
Karger, P.A. The Importance of High-Assurance Security in Pervasive Computing. in Security in Pervasive Computing: First International Conference. 12-14 March 2003, Boppard, Germany:Lecture Notes in Computer Science Vol. 2802. Springer-Verlag. p. 9. URL: http://web.archive.org/web/20040524183841/http://www.dfki.de/spc2003/karger.pdf
Scherzer, H., R. Canetti, P.A. Karger, H. Krawczyk, T. Rabin, and D.C. Toll. Authenticating Mandatory Access Controls and Preserving Privacy for a High-Assurance Smart Card. in 8th European Symposium on Research in Computer Security (ESORICS 2003). 13-15 October 2003, Gjøvik, Norway:Lecture Notes in Computer Science Vol. 2808. Springer Verlag. p. 181-200.
Halevi, S., P.A. Karger, and D. Naor. A Cryptographic Model for Access Control. in DIMACS Workshop on Cryptography: Theory Meets Practice. 14-15 October 2004, Rutgers University, Piscataway, NJ. URL: http://dimacs.rutgers.edu/Workshops/Practice/abstracts.html#halevi
Karger, P.A. and H. Kurth. Increased Information Flow Needs for High-Assurance Composite Evaluations. in Second IEEE International Information Assurance Workshop. 8-9 April 2004, Charlotte, NC IEEE Computer Society. p. 129-140.
Karger, P.A. and H. Kurth. Increased Information Flow Needs for High-Assurance Composite Evaluations. in Fourth Annual High Confidence Software and Systems Proceedings. 13-15 April 2004, Baltimore, MD National Security Agency. p. 59.
Karger, P.A. Universal Access Classes: Authentication and Privacy Preservation. in DARPA Invitational Workshop: Security Challenges at the Foundation:
Secure Computing Enabled by Hardware, Firmware and Low-Level Software. 30-31 August 2004, Naval Postgraduate School, Monterey, CA. URL: http://www.cisr.nps.navy.mil/DARPA/agenda.html
Karger, P.A. Thirty Years Later. in MIT Multics Reunion Honoring Prof. Fernando J. Corbató. 19 June 2004, Cambridge, MA. URL: http://www.multicians.org/reunion-04/index.html
Kurth, H. and P.A. Karger. Suggestion for a Framework for Composite Evaluations. in The 5th International Common Criteria Conference. 28-30 September 2004, Berlin, Germany. URL: http://www.iccconference.com/conference-agenda/track-agenda.htm
Halevi, S., P.A. Karger, and D. Naor, Enforcing Confinement in Distributed Storage and a Cryptographic Model for Access Control, Report 2005/169, 8 June 2005, Cryptology ePrint Archive. URL: http://eprint.iacr.org/2005/169
Karger, P.A. Multi-Level Security Requirements for Hypervisors. in 21st Annual Computer Security Applications Conference. 2005, Tucson, AZ IEEE Computer Society. p. 240-248. URL: http://www.acsa-admin.org/2005/papers/154.pdf
Karger, P.A., FIPS PUB 201 Security and Privacy Recommendations, RC23871 (W0501-049), 14 January 2005, IBM Corporation, Thomas J. Watson Research Center: Yorktown Heights, NY.
Weber, S., P.A. Karger, and A. Paradkar. A Software Flaw Taxonomy: Aiming Tools At Security. in Proceedings of the 2005 Workshop on Software Engineering for Secure Systems—Building Trustworthy Applications. 15-16 May 2005, St. Louis, MO ACM. p. 1-7. URL: http://doi.acm.org/10.1145/1083200.1083209
Kc, G.S. and P.A. Karger, Preventing Attacks on Machine Readable Travel Documents (MRTDs), RC 23909 (W0603-079), 10 March 2006, IBM T. J. Watson Research Center: Yorktown Heights, NY.
Paradkar, A., S. McIntosh, S. Weber, D. Toll, P. Karger, and M. Kaplan. Chicken & Egg: Dependencies in Security Testing and Compliance with Common Criteria Evaluations. in IEEE International Symposium on Secure Software Engineering (ISSSE '06). 13-15 March 2006, Arlington, VA IEEE Computer Society. p. 65-74.
Karger, P.A. Privacy and Security Threat Analysis of the Federal
Employee Personal Identity Verification (PIV) Program. in Proceedings of the 2nd Symposium on Usable Privacy and Security. 12-14 July 2006, Pittsburgh, PA: ACM Press. p. 114-121. URL: http://cups.cs.cmu.edu/soups/2006/proceedings/p114_karger.pdf
Karger, P.A. Capabilities and Security. in NSF Safe Computing Workshop. 29 November - 1 December 2006, Albuquerque, NM.
Cheng, P.-C., P. Rohatgi, C. Keser, P.A. Karger, G.M. Wagner, and A.S. Reninger, Fuzzy Multi-Level Security: An Experiment on Quantified Risk-Adaptive Access Control, RC24190 (W0702-085), 20 February 2007, IBM Research Division, Thomas J. Watson Research Center: Yorktown Heights, NY.
Weber, S. and P. Karger, Classloading and Build Issues for Secure and Reliable Java Systems, RC24232 (W0704-030), 6 April 2007, IBM Research Division, Thomas J. Watson Research Center: Yorktown Heights, NY. URL: http://domino.watson.ibm.com/library/CyberDig.nsf/Home
Cheng, P.-C., P. Rohatgi, C. Keser, P.A. Karger, G.M. Wagner, and A.S. Reninger. Fuzzy Multi-Level Security: An Experiment on Quantified Risk-Adaptive Access Control: Extended Abstract. in IEEE Symposium on Security and Privacy. 20-23 May 2007, Oakland, CA: IEEE. p. 222-227.
Karger, P.A. Mashups Legitimize Man-in-the-Middle Attacks: Position Paper. in Web 2.0 Security and Privacy 2007. 24 May 2007, Oakland, CA: IEEE Technical Committee on Security and Privacy. URL: http://seclab.cs.rice.edu/w2sp/2007/papers/paper-141-z_5622.pdf
Karger, P.A. Mashups Legitimize Man-in-the-Middle Attacks: Slides. in Web 2.0 Security and Privacy 2007. 24 May 2007, Oakland, CA: IEEE Technical Committee on Security and Privacy. URL: http://seclab.cs.rice.edu/w2sp/2007/slides/mashups-in-the-middle-slides%20with%20changes.pdf
Karger, P.A. Performance and Security Lessons Learned from Virtualizing the Alpha Processor. in The 34th Annual International Symposium on Computer Architecture. 9-13 June 2007, San Diego, CA: Association for Computing Machinery. p. 392-401.
Levitt, K., C. Landwehr, C. Irvine, and P. Karger. Promising Concepts and Challenge Areas in Trustworthy Computing, Networking, and Distributed Applications. in Information Assurance Leadership Workshop. 13 June 2007, Reston, VA: Northrup-Grumman.
Karger, P.A., D.C. Toll, and S.K. McIntosh. Processor Requirements for a High Security Smart Card Operating System. in Proceedings of the Eighth e-Smart Conference. 19-21 September 2007, Sophia Antipolis, France: Eurosmart.
Irvine, C., P. Karger, and B. Meushaw. Threats: A Host-Based Perspective. in NCDI Workshop on Game-Changing Solutions for Cyber Security. 7 November 2007, College Park, MD: Intelligence Advanced Research Projects Activity.
Karger, P.A., et. al. High Assurance Smart Card Operating System. in NCDI Workshop on Game-Changing Solutions for Cyber Security. 7 November 2007, College Park, MD: Intelligence Advanced Research Projects Activity.
Karger, P.A., et. al. Next Generation Secure Hypervisor. in NCDI Workshop on Game-Changing Solutions for Cyber Security. 7 November 2007, College Park, MD: Intelligence Advanced Research Projects Activity.
Karger, P.A., et. al. Next Generation Secure Processor Architecture. in NCDI Workshop on Game-Changing Solutions for Cyber Security. 7 November 2007, College Park, MD: Intelligence Advanced Research Projects Activity.
Karger, P.A., E.R. Palmer, D.C. Toll, S. McIntosh, and S. Weber. High Assurance Smart Cards for Multinational Coalitions and Other Applications of National Security. in IBM-Princeton Security & Architecture Day. 7 December 2007, Princeton, NJ.
Toll, D.C., P.A. Karger, E.R. Palmer, S.K. McIntosh, and S. Weber, The Caernarvon Secure Embedded Operating System. Operating Systems Review, January 2008. 42(1): p. 32-39.
Cheng, P.-C. and P.A. Karger, Risk Modulating Factors in Risk–Based Access Control for Information in a MANET, RC24494 (W0802-051), 13 February 2008, IBM, Thomas J. Watson Research Center: Yorktown Heights, NY. URL: http://domino.watson.ibm.com/library/CyberDig.nsf/home
Weber, S., P.A. Karger, and A. Paradkar. A Software Flaw Taxonomy: Aiming Tools at Security. in Build Security In. 19 February 2008, Department of Homeland Security. URL: https://buildsecurityin.us-cert.gov/daisy/bsi/resources/published/articles/951.html
Toll, D.C., S. Weber, P.A. Karger, E.R. Palmer, and S.K. McIntosh. Tooling in Support of Common Criteria Evaluation of a High Assurance Operating System. in Build Security In. 3 April 2008, Department of Homeland Security. URL: https://buildsecurityin.us-cert.gov/daisy/bsi/articles/knowledge/lessons/961.html
Karger, P.A., D.C. Toll, E.R. Palmer, S.K. McIntosh, and S.M. Weber, Designing a Secure Smart Card Operating System, RC24531 (W0804-034), 9 April 2008, IBM Research Division, Thomas J. Watson Research Center: Yorktown Heights, NY. URL: http://domino.watson.ibm.com/library/CyberDig.nsf/Home
Karger, P.A. How do Computers Get Broken Into? in Seminar Day. 29 May 2008, Chappaqua, NY: Horace Greeley High School.
Karger, P.A. Caernarvon Security Model: Confinement of Malicious Code and Downloading of Trusted Code. in STONESOUP: Securely Taking on New Executable Stuff of Uncertain Provenance. 20 June 2008, Redmond, WA: Intelligence Advanced Research Projects Activity (IARPA).
Karger, P.A. and D.R. Safford, I/O for Virtual Machine Monitors: Security and Performance Issues. IEEE Security & Privacy, September/October 2008. 6(5): p. 16-23.
Karger, P.A. Is Your Virtual Machine Monitor Secure? in Third Asia-Pacific Trusted Infrastructure Technologies Conference. 14-17 October 2008, Wuhan, Hubei, China: IEEE Computer Society. p. 5.
Weber, S., S.K. McIntosh, A. Paradkar, D.C. Toll, P.A. Karger, M. Kaplan, and E.R. Palmer. The Feasibility of Automated Feedback-Directed Test Generation: A Case Study of a High-Assurance Operating System. in 19th International Symposium on Software Reliability Engineering. 11-14 November 2008, Redmond, WA: IEEE Computer Society. p. 229-238.
Karger, P.A., G.S. Kc, and D.C. Toll, Privacy is Essential for Secure Mobile Devices. IBM Journal of Research and Development, 2009. 53(2): p. 5:1 - 5:17. URL: http://www.research.ibm.com/journal/rd/532/karger.pdf
Karger, P.A. Securing Virtual Machine Monitors: What is Needed? in ACM Symposium on Information, Computer & Communication Security (ASIACCS). 10-12 March 2009, Sydney, Australia: Association for Computing Machinery. p. xiv-xv.