Publications, Patents and Products

Books

1. Úlfar Erlingsson and Marco Pistoia (editors). Proceedings of the ACM SIGPLAN Third Workshop on Programming Languages and Analysis for Security. ISBN 978-1-59593-936-4. Association for Computing Machinery. New York, NY, June 2008.
   
2. Marco Pistoia, Nataraj Nagaratnam, Larry Koved, and Anthony Nadalin. Enterprise Java Security - Building Secure J2EE Applications. ISBN 0321118898. Addison-Wesley. Reading, MA, February 2004.
   
3. Marco Pistoia, Nataraj Nagaratnam, Larry Koved, and Anthony Nadalin. 企业级Java安全性——构建安全的J2EE应用. ISBN 7302097445. Tsinghua University Press. People's Republic of China, March 2006.
   
4. Marco Pistoia, Duane F. Reller, Deepak Gupta, Milind Nagnur, and Ashok K. Ramani. Java 2 Network Security, Second Edition. ISBN 0130155926. Prentice Hall PTR. Upper Saddle River, NJ, August 1999.
   
5. Marco Pistoia, Duane F. Reller, Deepak Gupta, Milind Nagnur, and Ashok K. Ramani. Java 2 Network Security. ISBN 0738413445. IBM Redbooks. Research Triangle Park, NC, June1999.
   
6. Marco Pistoia, Kenji Kojima, and Narayan Raghu. Internet Security in the Network Computing Framework. ISBN 0738400653. IBM Redbooks. Research Triangle Park, NC, September 1998.

Refereed Conference Papers and Journal Articles

1. Omer Tripp, Marco Pistoia, Stephen J. Fink, Manu Sridharan, and Omri Weisman. TAJ: Effective Taint Analysis for Java. Accepted for Publication in Proceedings of the ACM SIGPLAN 2009 Conference on Programming Language Design and Implementation (PLDI 2009), Dublin, Ireland, June 2009.
   
2. Avraham Shinnar, Marco Pistoia, and Anindya Banerjee. A Language for Information Flow: Dynamic Information Tracking in Multiple Interdependent Dimensions. Accepted for Publication in Proceedings of the 4th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS 2009), co-located with the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2009), Dublin, Ireland, June 2009.
   
3. Emmanuel Geay, Marco Pistoia, Takaaki Tateishi, Barbara Ryder, and Julian Dolby. Modular String-Sensitive Permission Analysis with Demand-Driven Precision. Accepted for Publication in Proceedings of the 31st International Conference on Software Engineering (ICSE 2009), Vancouver, BC, Canada, May 2009.
   
4. Marco Pistoia and Úlfar Erlingsson. Programming Languages and Program Analysis for Security: A Three-year Retrospective. ACM SIGPLAN Notices, Volume 43, Number 12, New York, NY, USA, December 2008.
   
5. Sharon Shoham, Eran Yahav, Stephen J. Fink, and Marco Pistoia. Static Specification Mining Using Automata-Based Abstractions. IEEE Transactions on Software Engineering (TSE) Journal, Volume 34, Number 5, Piscataway, NJ, USA, September 2008.
   
6. Paolina Centonze, Robert J. Flynn, and Marco Pistoia. Combining Static and Dynamic Analysis for Automatic Identification of Precise Access-Control Policies. In Proceedings of the Annual Computer Security Applications Conference (ACSAC 2007), Miami Beach, FL, December 2007.
   
7. Sharon Shoham, Eran Yahav, Stephen J. Fink, and Marco Pistoia. Static Specification Mining Using Automata-Based Abstractions. In Proceedings of the ACM SIGSOFT 2007 International Symposium on Software Testing and Analysis (ISSTA 2007), London, United Kingdom, July 2007. ACM Press. Winner of the following recognitions:
   
   • ACM SIGSOFT Distinguished Paper Award, London, United Kingdom, July 2007.
     
   • IBM Research Pat Goldberg Memorial Best Paper Award (3 papers selected our of 130 submissions), IBM Thomas J. Watson Research Center, Hawthorne, NY, USA, July 2008.
     
   • Invited for publication in the IEEE Transaction on Software Engineering (TSE) Journal, Volume 34, Issue 5, Piscataway, NJ, USA, September 2008.
8. Marco Pistoia, Anindya Banerjee, and David Naumann. Beyond Stack Inspection: A Unified Access-Control and Information-Flow Security Model. In Proceedings of the IEEE Symposium on Security and Privacy 2007, Oakland, CA, May 2007.
   
9. Marco Pistoia, Stephen J. Fink, Robert J. Flynn, and Eran Yahav. When Role Models Have Flaws: Static Validation of Enterprise Security Policies. In Proceedings of the 29th International Conference on Software Engineering (ICSE 2007), Minneapolis, MN, May 2007.
   
10. Marco Pistoia, Satish Chandra, Stephen Fink, and Eran Yahav. A Survey of Static Analysis Methods for Identifying Security Vulnerabilities in Software Systems. IBM Systems Journal, volume 46, number 2, Armonk, NY, USA, May 2007. International Business Machines Corporation.
    
11. Marco Pistoia and Francesco Logozzo. Program Analysis for Security and Privacy. In Object-Oriented Technology: ECOOP 2006 Workshop Reader, Final Reports. Twentieth European Conference on Object-Oriented Programming (ECOOP 2006), Nantes, France, July 2006. Lecture Notes in Computer Science (LNCS), volume 4379. Springer-Verlag.
    
12. Paolina Centonze, Gleb Naumovich, Stephen J. Fink, and Marco Pistoia. Role-Based Access Control Consistency Validation. In Proceedings of the ACM SIGSOFT 2006 International Symposium on Software Testing and Analysis (ISSTA 2006), Portland, ME, USA, July 2006. ACM Press.
    
13. Xiaolan Zhang, Larry Koved, Marco Pistoia, Sam Weber, Trent Jaeger, Guillaume Marceau, and Liangzhao Zeng. The Case for Analysis Preserving Language Transformation. In Proceedings of the ACM SIGSOFT 2006 International Symposium on Software Testing and Analysis (ISSTA 2006), Portland, ME, USA, July 2006. ACM Press.
    
14. Marco Pistoia, Robert J. Flynn, Larry Koved, and Vugranam C. Sreedhar. Interprocedural Analysis for Privileged Code Placement and Tainted Variable Detection. In Proceedings of the 19th European Conference on Object-Oriented Programming (ECOOP 2005), pages 362-386, Glasgow, Scotland, UK, July 2005. Springer-Verlag.
    
15. Larry Koved, Marco Pistoia, and Aaron Kershenbaum. Access Rights Analysis for Java. In Proceedings of the 17th ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA 2002), pages 359-372, Seattle, WA, USA, November 2002. ACM Press.
    
16. Magda Mourad, Jonathan Munson, Tamer Nadeem, Giovanni Pacifici, Marco Pistoia, and Alaa Youssef. WebGuard: A System for Web Content Protection. In Poster Proceedings of the 10th International World Wide Web Conference (WWW 10), Hong Kong, China, May 2001.
    
17. Larry Koved, Anthony J. Nadalin, Nataraj Nagaratnam, Marco Pistoia, and Theodore Shrader. Security Challenges for Enterprise Java in an E-business Environment. IBM Systems Journal, volume 40, number 1, pages 130-152, Armonk, NY, USA, January 2001. International Business Machines Corporation.

Refereed Conference Tutorials

1. Marco Pistoia. Program Analysis and Programming Languages for Security. Invited Conference Tutorial. Tutorial Proceedings of the Ninth International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI 2008). San Francisco, CA, January 2008.
   
2. Marco Pistoia, Ted Habeck, and Larry Koved. Enabling Java 2 Runtime Security with Eclipse Plug-ins. Conference Tutorial. OSGi Developer Forum and World Congress. Paris, France, October 2005.
   
3. Marco Pistoia. Java Security. Invited Conference Tutorial. Tutorial Proceedings of IEEE INFOCOM 2002. New York, NY, June 2002.
   
4. Larry Koved, Anthony Nadalin, and Marco Pistoia. Understanding the Java 2 Platform, Standard Edition (J2SE) Privileged Code: A Practical Approach. Conference Tutorial. Proceedings of Sun Microsystems’ JavaOne 2002 Conference. San Francisco, CA, March 2002.
   
5. Larry Koved, Marco Pistoia, and Aaron Kershenbaum. Understanding Java 2 Security Permissions for the Java 2 Platform: A Practical Approach. Conference Tutorial. In Proceedings of Sun Microsystems’ JavaOne 2001 Conference. San Francisco, CA, June 2001.
   
6. Marco Pistoia. Java 2 Security. Technical Tutorial. Proceedings of International Conference for Java Developers 2001. New York, NY, February 2001.
   
7. Marco Pistoia. Security in Java 2. Conference Tutorial. Tutorial Proceedings of the Association for Computing Machinery (ACM) Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA 2000) Conference. Minneapolis, MN, October 2000.
   
8. Marco Pistoia. The New Java Security Model and Its Future Directions. Conference Tutorial. Proceedings of Colorado Software Summit 2000. Keystone, CO, October 2000.
   
9. Marco Pistoia. An In-Depth Look at Java Security. Conference Tutorial. Proceedings of the International Conference for Java Technology 2000. Santa Clara, CA, September 2000.
   
10. Marco Pistoia. Java 2 Platform Security and Its Future Directions. Conference Tutorial. Proceedings of Sun Microsystems’ JavaOne 2000 Conference. San Francisco, CA, June 2000.
    
11. Marco Pistoia. Java 2 Security Fundamentals. Technical Tutorial. Proceedings of the O'Reilly Conference on Java – Enterprise Java. Santa Clara, CA, March 2000.
    

Theses

1. Marco Pistoia. A Unified Mathematical Model for Stack- and Role-Based Authorization Systems. Ph.D. Dissertation. New York University (NYU) Polytechnic Institute, Department of Mathematics, Brooklyn, NY, USA, May 2005.
   
2. Paolina Centonze. An Algebra for Access Control. Ph.D. Dissertation. New York University (NYU) Polytechnic Institute, Department of Mathematics, Brooklyn, NY, USA, June 2008.

Research Reports

1. Avraham Shinnar, Marco Pistoia, and Anindya Banerjee. A Language for Information Flow: Dynamic Information Tracking in Multiple Interdependent Dimensions. IBM Research Report RC24541. IBM Corporation, Thomas J. Watson Research Center, Yorktown Heights, NY, April 2008. International Business Machines Corporation.
   
2. Marco Pistoia, Stephen J. Fink, Robert J. Flynn, and Eran Yahav. When Role Models Have Flaws: Static Validation of Enterprise Security Policies. IBM Research Report RC24056. IBM Corporation, Thomas J. Watson Research Center, Yorktown Heights, NY, September 2006. International Business Machines Corporation.
   
3. Paolina Centonze, Gleb Naumovich, Stephen J. Fink, and Marco Pistoia. Role-Based Access Control Consistency Validation. IBM Research Report RC23876. IBM Corporation, Thomas J. Watson Research Center, Yorktown Heights, NY, February 2006. International Business Machines Corporation.
   
4. Marco Pistoia and Robert J. Flynn. Interprocedural Analysis for Automatic Evaluation of Role-Based Access Control Policies. IBM Research Report RC23846. IBM Corporation, Thomas J. Watson Research Center, Yorktown Heights, NY, December 2005. International Business Machines Corporation.
   
5. Marco Pistoia, Robert J. Flynn, and Vugranam C. Sreedhar. Static Evaluation of Role-Based Access Control Policies in Distributed Component-Based Systems. IBM Research Report RC23836. IBM Corporation, Thomas J. Watson Research Center, Yorktown Heights, NY, December 2005. International Business Machines Corporation.
   
6. Larry Koved, Aaron Kershenbaum, Marco Pistoia. Access Rights Analysis for Java. IBM Research Report RC22224. IBM Corporation, Thomas J. Watson Research Center, Yorktown Heights, NY, October 2001. International Business Machines Corporation.
   
7. Magda Mourad, Jonathan Munson, Tamer Nadeem, Giovanni Pacifici, Marco Pistoia, and Alaa Youssef. WebGuard: A System for Web Content Protection. IBM Research Report RC21944. IBM Corporation, Thomas J. Watson Research Center, Yorktown Heights, NY, November 2000. International Business Machines Corporation.

Technical Reports

1. Marco Pistoia and David Safford. Java Security Antipatterns (And the Top-Ten Guidelines to Avoid Them). Anti-Patterns: Exchanging Painful Lessons Learned, IBM Academy of Technology Conference, October 2005.
   
2. Marco Pistoia. Caching and Filtering to Manage Internet Traffic and Bandwidth Demand. IBM Redpaper. International Technical Support Organization. REDP0003. Research Triangle Park, NC, January 1999.
   
3. Marco Pistoia. Web Caching and Filtering with IBM WebSphere Performance Pack. IBM Redpaper. International Technical Support Organization. REDP0009. Research Triangle Park, NC, March 1999.

Patents

Granted

1. Paul H. Abbott, Lawrence Koved, Anthony J. Nadalin, and Marco Pistoia. Software Verification System, Method, and Computer Program Element. Issued as Patent 7,496,757 in the United States Patent and Trademark Office, February 2009.
   
2. Lawrence Koved, Anthony J. Nadalin, and Marco Pistoia. Method and Apparatus for Adopting Authorizations. Issued as Patent Number 7,343,620 by the United States Patent and Trademark Office, March 2008.
   
3. Lawrence Koved, Magda Mourad, Jonathan P. Munson, Giovanni Pacifici, Marco Pistoia, and Alaa S. Youssef. System and Method for Supporting Digital Rights Management in an Enhanced Java 2 Runtime Environment. Issued as Patent Number 7,308,717 by the United States Patent and Trademark Office, December 2007.
   
4. Aaron Kershenbaum, Lawrence Koved, Anthony J. Nadalin, and Marco Pistoia. Method and Apparatus for Automatically Determining Optimum Placement of Privileged Code Locations in Existing Code. Issued as Patent Number 7,237,236 by the United States Patent and Trademark Office, June 2007.
   
5. Ann N. Dalton, David Granshaw, Matthew R. Hogstrom, Aaron Kershenbaum, Lawrence Koved, Bert Laonipon, Simon C. Nash, and Marco Pistoia. Code Analysis for Selective Runtime Data Processing. Issued as Patent No. 7,219,341 by the United States Patent and Trademark Office, May 2007.
   
6. Magda Mourad, Jonathan P. Munson, Tamer Nadeem, Giovanni Pacifici, Marco Pistoia, and Alaa S. Youssef. Transparent Digital Rights Management for Extendible Content Viewers. Issued as Patent No. 7,171,558 by the United States Patent and Trademark Office, January 2007.
   
7. Aaron Kershenbaum, Lawrence Koved, and Marco Pistoia. Automated Program Resource Identification and Association. Issued as Patent No. 7,076,804 by the United States Patent and Trademark Office, July 2006.

Filed

1. Stephen Fink, Yinnon A. Haviv, Marco Pistoia, Omer Tripp and Omri Weisman. Importance-Based Call Graph Construction. Filed in the United States Patent and Trademark Office, March 2009.
   
2. Shinya Kawanaka, Marco Pistoia, Guy Podjarny, Ory Segal, Adi Sharabani, Takaaki Tateishi, and Sachiko Yoshihama. Improved Crawling of Object Model Using Transformation Graph. Filed in the United States Patent and Trademark Office, August 2008.
   
3. Julian Dolby, Emmanuel Geay, Marco Pistoia, Barbara Ryder, and Takaaki Tateishi. System, Method, and Apparatus for Modular, String-Sensitive, Access Rights Analysis with Demand-Driven Precision. Filed in the United States Patent and Trademark Office, August 2008.
   
4. Marco Pistoia, Takaaki Tateishi, Omer Tripp, and Omri Weisman. A Client-Driven Refinement-Based Static Analysis Method for Identifying Chainable Accesses to a Logical Container. Filed as Docket IL8-2008-0188 in the United States Patent and Trademark Office, June 2008.
   
5. Anindya Banerjee, Marco Pistoia, and Avraham Shinnar. System, Method, and Apparatus for Automatic Tracking of Information in Multiple Interdependent Dimensions and Provably Secure User-Customizable Verification. Filed as Docket YOR9-2007-0721-US1 in the United States Patent and Trademark Office, January 2008.
   
6. Ted Habeck, Lawrence Koved, Jeff McAffer, and Marco Pistoia. Method and Apparatus for Automatic Determination of Authorization Requirements while Editing or Generating Code. Filed as Docket YOR9-2007-0244-US1 in the United States Patent and Trademark Office, October 2007.
   
7. Paolina Centonze and Marco Pistoia. System and Method for the Automatic Verification of Privilege-Asserting and Subject-executed Code. Filed as Docket YOR9-2006-0801-US1 in the United States Patent and Trademark Office, February 2007.
   
8. Paolina Centonze and Marco Pistoia. System and Method for the Automatic Identification of Subject-Executed Code and Subject-Granted Access Rights. Filed as Docket YOR9-2006-0802-US1 in the United States Patent and Trademark Office, February 2007.
   
9. Paolina Centonze and Marco Pistoia. System and Method for the Automatic Evaluation of Existing Security Policies and Automatic Creation of New Security Policies. Filed as Docket YOR9-2006-0475-US1 in the United States Patent and Trademark Office, February 2007.
   
10. Lawrence Koved and Marco Pistoia. Method, System and Computer Program Product for Enforcing Privacy Policies. Filed as Docket YOR9-2006-0512-US1 in the United States Patent and Trademark Office, October 2006.
    
11. Paolina Centonze, José Gomes, and Marco Pistoia. Method and System for Run-time Dynamic and Interactive Identification of Software Authorization Requirements and Privileged Code Locations and for Validation of Other Software Program Analysis Results. Filed as Docket YOR9-2006-0113-US1 in the United States Patent and Trademark Office, May 2006.
    
12. Marco Pistoia, Lawrence Koved, and Paolina Centonze. System, Apparatus and Method for Identifying Authorization Requirements in Component-based Systems. Filed as Docket YOR920040183US1 in the United States Patent and Trademark Office, May 2004.
    
13. Bowen L. Alpern, Aaron Kershenbaum, Robert D. Johnson, Lawrence Koved, George B. Leeman Jr., Marco Pistoia, Darrell Reimer, Kavitha Srinivas, and Harini Srinivasan. Static Analysis Based Error Reduction for Software Applications. Filed as Docket YOR920020352US1 in the United States Patent and Trademark Office, July 2003.
    
14. Lawrence Koved, Anthony J. Nadalin, Nataraj Nagaratnam, Marco Pistoia, and Bruce Rich. Method and Apparatus for Security Providers to Implement Java Permission Based Access Control through Permission Type Inheritance. Filed as Docket AUS9-2001-0942-US1 in the United States Patent and Trademark Office, November 2001.
    
15. Lawrence Koved, Anthony J. Nadalin, Nataraj Nagaratnam, Marco Pistoia, and Bruce Rich. Method and Apparatus for Type Independent Permission Based Access Control. Filed as Docket AUS9-2001-0941-US1 in the United States Patent and Trademark Office, November 2001.

Products

The LaBaSec project has provided algorithms, code and technologies that has been included in two IBM products:

1. IBM Rational Software Analyzer (RSAR). RSAR is an extensible software development solution that enables software code reviews, bug identification, and policy enforcement very early in the development cycle. We have contributed to RSAR through a number of algorithms and analyses that improve the code quality and security. For example, our analyses detect whether certain Application Programming Interfaces (APIs) are called according to the right specification. Other analyses verify that Java Platform, Enterprise Edition (Java EE) Web applications do not perform certain security-sensitive operations, such as setting a new SecurityManager or ClassLoader, according to the Java EE Specification.
   
2. IBM Rational AppScan Developer Edition (AppScan DE). AppScan DE empowers developers with the ability to invoke Web application security testing within their development environment. It provides the most comprehensive scanning coverage by uniquely combining static, dynamic, run-time and string analysis, integrates security testing into the development environment to help find vulnerabilities earlier in the process, and helps security teams extend vulnerability testing out to development by providing a solution that simplifies analysis by non-security professionals. The LaBaSec project has contributed to AppScan DE by providing the static analysis and string analysis technologies.