Publications

2008

Stefan Berger, Ram�n C�ceres, Dimitrios Pendarakis, Ronald Perez, Reiner Sailer, Wayne Schildhauer, Deepa Srinivasan, Enriquillo Valdez. TVDc: Managing Security in the Trusted Virtual Datacenter. ACM SIGOPS Operating Systems Review, Vol 42, Issue 1, January 2008. (Final Paper on ACM Server, Draft version as IBM Research Report RC24441).

S. Garriss, R. C�ceres, S. Berger, R. Sailer, L. van Doorn and X. Zhang.Trustworthy and Personalized Computing on Public Kiosks. To appear in Proc. of 6th ACM/USENIX International Conference on Mobile Systems, Applications and Services (MobiSys), June 2008.

2007

B. D. Payne, R. Sailer, R. Caceres, Ron Perez, and W. Lee. A Layered Approach to Simplified Access Control in Virtualized Systems. ACM SIGOPS Operating Systems Review, Vol. 41, No. 3, July 2007 (Final Paper on ACM Server).

Trent Jaeger, Reiner Sailer, Yogesh Sreenivasan: Managing the Risk of Covert Information Flows in Virtual Machine Systems. ACM Symposium on Access Control Models and Technologies (SACMAT), France, June, 2007 (Final Paper on ACM Serer, Draft version as IBM Research Report RC24154).

Scott Garriss, Ram�n C�ceres, Stefan Berger, Reiner Sailer, Leendert van Doorn, Xiaolan Zhang. Towards Trustworthy Kiosk Computing. 8th IEEE Workshop on Mobile Computing Systems and Applications (HotMobile'07), Tucson, Arizona, February 2007 (Final Paper on IEEE Server, Draft as IBM Research Report RC24081).

Enriquillo Valdez, Reiner Sailer, Ronald Perez: Retrofitting the IBM POWER Hypervisor to Support Mandatory Access Control. 23^rd Annual Computer Security Applications Conference (ACSAC), Miami Beach, Florida, December 2007 (Final Paper on ACSAC Server).

2006

Jonathan M McCune, Stefan Berger, Ram�n C�ceres, Trent Jaeger, Reiner Sailer: Shamon -- A System for Distributed Mandatory Access Control. 22^nd Annual Computer Security Applications Conference (ACSAC), Miami Beach, Florida, December 2006 (Final Paper on ACSAC Server).

Yasuharu Katsuno, Michiharu Kudo, Yuji Watanabe, Sachiko Yoshihama, Ronald Perez, Reiner Sailer, Leendert van Doorn: Towards Multi Layer Trusted Virtual Domains. The 2^nd Workshop on Advances in Trusted Computing (WATC2006). Tokyo, Japan, November 2006 (Paper PDF, Presentation Slides PDF).

Kenneth Goldman, Ronald Perez, Reiner Sailer: Linking Remote Attestation to Secure Tunnel Endpoints. 1^st ACM Workshop on Scalable Trusted Computing. Fairfax, Virginia, November 2006. (Final Paper on ACM Server, Draft version as IBM Research Report RC23982).

Trent Jaeger, Patrick McDaniel, Luke St. Clair, Ram�n C�ceres, Reiner Sailer: Shame on Trust in Distributed Systems. HotSec'06. 1^st Usenix Workshop on Hot Topics in Security. July 2006, Vancouver, Canada (Final Paper on Usenix Server, Draft version as IBM Research Report RC23964).

Stefan Berger, Ram�n C�ceres, Kenneth Goldman, Ronald Perez, Reiner Sailer, Leendert van Doorn: vTPM: Virtualizing the Trusted Platform Module. 15^th USENIX Security Symposium, July 2006, Vancouver, Canada (Final Paper on Usenix Server, Draft version as IBM Research Report RC23879).

Ram�n C�ceres, Reiner Sailer: Trusted Mobile Computing. Proc. of IFIP Workshop on Security and Privacy in Mobile and Wireless Networks, May 2006 (Paper PDF).

Trent Jaeger, Reiner Sailer, Umesh Shankar: PRIMA: Policy-Reduced Integrity Measurement Architecture. ACM Symposium on Access Control Models and Technologies (SACMAT), California, June, 2006 (Final Paper on ACM Server, Draft version as IBM Research Report RC23898).

Reiner Sailer: sHype Hypervisor Security Architecture - A Layered Approach Towards Trusted Virtual Domains. 1^st Workshop on Advances in Trusted Computing, March 2006, Tokyo, Japan (Presentation Slides PDF).

Umesh Shankar, Trent Jaeger, Reiner Sailer: Toward Automated Information-Flow Integrity Verification for Security-Critical Applications. 13^th Annual Network and Distributed System Security Symposium, San Diego, California, February 2006 (Paper PDF).

2005

Reiner Sailer, Trent Jaeger, Enriquillo Valdez, Ram�n C�ceres, Ronald Perez, Stefan Berger, John Griffin, Leendert van Doorn: Building a MAC-based Security Architecture for the Xen Opensource Hypervisor. 21^st Annual Computer Security Applications Conference (ACSAC), Tucson, Arizona, December 2005 (Final Paper on ACSAC Server, Presentation Slides PDF).

John L. Griffin, Trent Jaeger, Ronald Perez, Reiner Sailer, Leendert van Doorn, Ram�n C�ceres: Trusted Virtual Domains: Toward Secure Distributed Services. 1^st IEEE Workshop on Hot Topics in System Dependability, June 30, 2005, Yokohama, Japan (Paper PDF).

Reiner Sailer, Enriquillo Valdez, Ronald Perez, Trent Jaeger, Leendert van Doorn, John L. Griffin, Stefan Berger: sHype - Hypervisor Security Architecture, 9. Deutscher IT-Sicherheitskongress, Bundesamt fuer Sicherheit in der Informationstechnik, May, 2005 (German Presentation Slides PDF)

2004

Reiner Sailer, James Giles. Pervasive Authentication Domains for Automatic Pervasive Device Authorization. First IEEE International Workshop on Pervasive Computing and Communication Security, Orlando, Florida, March, 2004. (Paper PDF, Presentation Slides PDF)

Trent Jaeger, Reiner Sailer, Xiaolan Zhang. Resolving Constraint Conflicts. ACM Symposium on Access Control Models and Technologies (SACMAT), New York, June, 2004. (Final Paper on ACM Server)

Reiner Sailer, Xiaolan Zhang, Trent Jaeger, Leendert van Doorn. Design and Implementation of a TCG-based Integrity Measurement Architecture. 13^th Usenix Security Symposium, San Diego, California, August, 2004. (Final Paper on Usenix Server, Presentation Slides PDF)

Reiner Sailer, Leendert van Doorn, James P. Ward: The Role of TPM in Enterprise Security. Datenschutz und Datensicherheit (DuD), September, 2004. (also IBM Research Report 23363)

Reiner Sailer, Trent Jaeger, Xiaolan Zhang, Leendert van Doorn: Attestation-based Policy Enforcement for Remote Access. 11^th ACM Conference on Computer and Communications Security (CCS) 2004, Washington, October, 2004. (Final Paper in ACM Electronic Library. Presentation Slides PDF)

2003

Trent Jaeger, Reiner Sailer, Xiaolan Zhang. Analyzing Integrity Protection in the SELinux Example Policy. 12^th Usenix Security Symposium, Washington, August 2003, pp. 59-74. (Final Paper on Usenix Server)

2002

Xiaolan Zhang, Leendert van Doorn, Trent Jaeger, Ronald Perez, Reiner Sailer. Secure Coprocessor-based Intrusion Detection. Tenth ACM SIGOPS European Workshop, September 2002. (Paper PDF)

James Giles, Reiner Sailer, Dinesh Verma, Suresh Chari. Authentication for Distributed Web Caches. 7^th European Symposium on Research in Computer Security (ESORICS), October 2002, pp. 126-145. (Paper PDF, Presentation Slides PDF)

2001

Joan Dyer, Mark Lindemann, Ronald Perez, Reiner Sailer, Leendert van Doorn, Sean Smith, Steve Weingart. Building the IBM 4758 Secure Cryptographic Coprocessor. IEEE Computer, October 2001, pp. 57-66. (Paper - Draft version PDF)

Reiner Sailer. A User-Focused Security Service Architecture for Communication Networks. AEÜ International Journal of Electronics and Communications, Urban&Fischer Verlag, Vol 55, No 1, 2001, pp. 72-80. (Paper PDF)

Matthias Kabatnik, Reiner Sailer. Distributed Filtering with Contags and Security-Labels. IEEE International Conference on Telecommunications (ICT), Bucharest, Romania, June 2001. (Paper PDF)

Reiner Sailer, Arup Acharya, Mandis Beigi, Raymond Jennings, Dinesh Verma. IPSECvalidate: A Tool to Validate IPSEC Configurations. 15^th System Administration Conference, LISA 2001, Usenix/SAGE, San Diego, December 2001. (Final Paper on Usenix Server)

Joan Dyer, Ronald Perez, Reiner Sailer, Leendert van Doorn. Personal Firewalls and Intrusion Detection Systems. 2nd Australian Information Warfare & Security Conference (IWAR), Perth, Australia, November 2001. (Paper PDF)

Matthias Kabatnik, Reiner Sailer: Verteiltes Filtern mit Contags und Sicherheits-Labeln. 12. Fachkonferenz der GI: Kommunikation in Verteilten Systemen (KiVS), Hamburg, Germany, Februar 2001, pp.93-102. (Paper PDF)

2000

Reiner Sailer, Matthias Kabatnik. History Based Distributed Filtering - A Tagging Approach to Network-Level Access Control. Proceedings of 16^th Annual Computer Security Applications Conference (ACSAC), New Orleans (Louisiana), December 2000, pp. 373-382. (Final Paper on ACSAC Server)

1999

M. Kabatnik, R. Sailer: Modelling of Secure Interconnection. Communication Fraud Control Association, 1999 Spring International Conference in Ismaning/Germany, May 1999. (Presentation Slides PDF).

Reiner Sailer, Hannes Federrath, Andreas Pfitzmann: Security Functions in Telecommunications - Placement & Achievable Security. Book Chapter IV. In: Multilateral Security Vol. 3: Technology, Infrastructure, Economy. Addison-Wesley Information Security Series, 1999, pp. 323-348. (Section PDF)

Reiner Sailer: Sicherheitsarchitektur für mehrseitig sichere Kommunikationsdienste am Beispiel ISDN. Dissertationsschrift, Institut für Nachrichtenvermittlung und Datenverarbeitung, Universität Stuttgart, 1999. (German, includes English abstract PDF)

1998

Reiner Sailer: An Evolutionary Approach to Multilaterally Secure Services in ISDN / IN. Proc. of the Seventh International Conference on Computer Communications and Networks, Lafayette (Louisiana), October 1998, pp. 276-283. (Paper PDF, Presentation Slides PDF)

Reiner Sailer: Security Services in an Open Service Environment. Proc. of the 14^th Annual Computer Security Applications Conference, Scottsdale (Arizona), December 1998, pp. 223-234. (Final Paper on ACSAC Server, Presenatation Slides PDF)

1997

Reiner Sailer: Signalling and Service Interfaces for Separating Security Sensitive Telecommunication Functions Considering Multilateral Security. Proceedings of the 6^th Open Workshop On High Speed Networks, Stuttgart, October 8-9, 1997, pp. 99-109. (Paper+Slides postscript)

Reiner Sailer, Hannes Federrath, Anja Jerichow, Dogan Kesdogan, Andreas Pfitzmann: Allokation von Sicherheitsfunktionen in Kommunikationsnetzen. In G. Müller, A. Pfitzmann (Hrsg.): "Mehrseitige Sicherheit in der Kommunikationstechnik - Verfahren Komponenten, Integration", Addison-Wesley 1997, pp. 325-357. (Section PDF)

Reiner Sailer, Paul J. Kühn: Integration von Authentikationsverfahren in Kommunikationsnetze unter Verwendung separat sicherbarer Bereiche. In G. Müller, A. Pfitzmann (Hrsg.): "Mehrseitige Sicherheit in der Kommunikationstechnik - Verfahren Komponenten, Integration", Addison-Wesley 1997, pp. 133-167. (Section PDF)

Reiner Sailer: Authentikation als Grundlage der Skalierung von Sicherheit in der Kommunikationstechnik. Im Tagungsband Kommunikation in Verteilten Systemen (KiVS) 1997, Springer-Verlag, Februar 1997, pp. 62-76. (Paper PDF, Presentation Slides postscript)

1996

R. Sailer, Paul J. Kühn: Ein Domain-Konzept zur systematischen und wirtschaftlichen Integration von Sicherheit in Kommunikationsnetze. Informationstechnik und Technische Informatik (it+ti), 38/4, August 1996, pp. 30-33. (Paper PDF)

Reiner Sailer: Integrating Authentication into Existing Protocols. Proceedings of the 5^th Open Workshop On High Speed Networks, Paris, March 20-21, 1996, pp. 4.25-4.31. (Paper postscript, Presentation Slides postscript)