Publications

2010

  • J. Smith*, X. He* and J. Alves-Foss. “A Security Review of the Cell Broadband Engine Processor”, in HICCS, 2010.
  • J. Conrad*, J. Alves-Foss and S. Lee. “Analyzing uncertainty in TG protection graphs with TG/MC”, Journal of Computer Security, in press 2010.
  • D. Manz*, J. Alves-Foss and P. Oman “A Framework for Group Key Management Protocol Assessment Independent of View Synchrony”, Journal of Computer Sciences, 6(30):229-234, March 2010.
  • P. Oman, R. Bradetich, J. Alves-Foss, and J. Smith. “Towards Resilient Multicore Architectures for Real-time Controls”, IRCS 2010, to appear August 2010.

2009

  • C. Hinds* and J. Alves-Foss, “Detecting Compromised Nodes in Wireless Sensor Networks Using Trust”, In International Conference on Sensor Networks and Applications, Nov 2009
  • J. Son* & J. Alves-Foss, “A formal framework for real-time information flow analysis, Computers & Security”, 28(6):421-432, 2009, ISSN 0167-4048, DOI: 10.1016/j.cose.2009.01.005.

2008

  • P. Cravens and P. Oman, “Modeling the NAJPTC Network Using NS-2,” International Journal of Critical Infrastructure Protection, Vo. 1(4), 2008, pp. 29-36.
  • P. Cravens and P. Oman, “Modeling ATCS Networks Using NS-2,” in Critical Infrastructure Protection II, (M. Papa & S. Shenoi, eds.) Springer, New York, NY, Mar. 2008, pp. 243-256.L. A. Wahsheh, D. Conte de Leon, and J. Alves-Foss. “Formal verification and visualization of security policies”, Journal of Computers, 3(6):22-31, 2008.
  • L. A. Wahsheh and J. Alves-Foss, “Security Policy Development: Towards a Life-Cycle and Logic-Based Verification Model”, American Journal of Applied Sciences, 5(9): 1117-1126, 2008.
  • H. Wei, J. Alves-Foss. T. Soule, H. Pforsich, D. Zhang and D. Frincke, “A layered decision model for the design of cost-effective network defense”, International Journal of Information and Computer Security, 2(3):297-324, 2008.
  • J. Zhou and J. Alves-Foss, “Security Policy Refinement and Enforcement in Secure Computer Systems Design”, Journal of Computer Security, 16(2):107-131, 2008
  • C. Masuck, J. Alves-Foss and P. Oman, “Analysis of Fault Models for Student Use”, SIGCSE Bulletin, 40(2):79-83, 2008.
  • R. Bradetich and P. Oman, “Implementing SCADA Security Policies via Security-Enhanced Linux,” Western Power Delivery Automation Conference, (Apr. 7-10, Spokane, WA), 2008.

2007

  • D. Conte de Leon* J. Alves-Foss and P. Oman Implementation-Oriented Secure Architectures. To appear HICCS 2007.
  • J. Graham* and J. Alves-Foss. Efficient Allocations in Distributed Object Oriented Databases with Capacity and Security Constraints. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, in press 2007.
  • J. Alves-Foss, W. S. Harrison, P. Oman and C. Taylor. The MILS Architecture for High Assurance Embedded Systems. International Journal of Embedded Systems, in press 2007.

2006

  • S. Zheng*, J. Alves-Foss and S. Lee. The Effect of Rebalancing on the Performance of a Group Key Agreement Protocol. To appear in IEEE LCN Workshop on Network Security, Nov. 2006.
  • D. Conte de Leon* and J. Alves-Foss. Hidden Implementation Dependencies in High Assurance and Critical Computing Systems.IEEE Transactions on Software Engineering, 32(10):790-811, Oct. 2006. (http://doi.ieeecomputersociety.org/10.1109/TSE.2006.103)
  • J. Zhou* and J. Alves-Foss. Architecture-Based Refinements for Secure Computer Systems Design. Proc. Policy, Security and Trust, Nov. 2006.
  • B. Wang* and J. Alves-Foss. An MSLS-EMM for Enforcing Confidentiality in Malicious Environments. IASTED International Conf. on Communication, Network and Information Security (CNIS 2006), Oct. 2006.
  • J. Son* and J. Alves-Foss. Covert Timing Channel Capacity of Rate Monotonic Real-Time Scheduling Algorithm in MLS Systems.IASTED International Conf. on Communication, Network and Information Security (CNIS 2006), Oct. 2006.
  • H. Wei* and J. Alves-Foss. Applying a Layered Decision Model to the Design of Language-Based Security Systems. To appear in Proc. IEEE International Conference on Information Reuse and Integration, Sept. 2006.
  • L. Wahsheh and J. Alves-Foss. Specifying and Enforcing a Multi-Policy Paradigm for High Assurance Embedded Systems. Journal of High Speed Networks, October 2006.
  • J. Son* and J. Alves-Foss. Covert Timing Channel Analysis of Rate Monotonic Real-Time Scheduling Algorithm in MLS Systems. In Proc. IEEE Information Assurance Workshop, June 2006, pp 361-368.
  • C. Taylor, J. Alves-Foss and V. Freeman. An Academic Perspective on the CNSS Standards: A Survey. In Proc. 10th Colloquium for Information Systems Security Education, June 2006.
  • S. Zheng*, D. Manz* and J. Alves-Foss. A Communication-Computation Efficient Group Key Algorithm for Large and Dynamic Groups.Journal of Computer Networks, 51(1):69-93, 2007. Available online: (http://dx.doi.org/10.1016/j.comnet.2006.03.008)
  • S. Zheng*, D. Manz*, J. Alves-Foss and Y. Chen. Security and Performance of Group Key Agreement Protocols. In Proc. IASTED Networks and Communication Systems, Mar. 2006.
  • B. Rossebo*, P. Oman, J. Alves-Foss, R. Blue* and P. Jaszkowiak*. Using Spark-Ada to Model and Verify a MILS Message Router. In Proc. International Symposium on Secure Software Engineering, Mar. 2006.
  • W. S. Harrison, N. Hanebutte and J. Alves-Foss. Programming Education in the Era of the Internet: A Paradigm Shift. In Proc.

2005

  • S. Zheng*, J. Alves-Foss and S. Lee. Performance of Group Key Agreement Protocols over Multiple Operations. In Proc. IASTED Parallel and Distributed Computing and Systems (PDCS 2005), Nov. 2005, pp. 600-606.
  • S. Zheng*, J. Alves-Foss and S. Lee. Exploring Average Performance of Group Key Management Algorithms over Multiple Operations. In Proc. IASTED International Conference on Communications, Internet and Information Technology (CIIT 2005), Oct. 2005, pp. 47-52.
  • W. S. Harrison, N. Hanebutte, P. Oman and J. Alves-Foss. The MILS Architecture for a Secure Global Information Grid.Crosstalk: The Journal of Defense Software Engineering, 18(10):20-24, Oct. 2005.
  • N. Hanebutte, O. Oman, P. M. Loosbrock*, A. Holland*, W. S. Harrison and J. Alves-Foss. Software mediators for transparent channel control in unbounded environments. In Proc. IEEE Information Assurance Workshop, June 2005, pp. 201-206.
  • C. Taylor and J. Alves-Foss. The Need for Information Assurance Curriculum Standards. In Proc. Ninth Colloquium for Information Systems Security Education, June 2005, pp. 67-74.
  • J. Alves-Foss. Implementing Secure Applications Using the MILS High Assurance Architecture. In Proc. Software Technology Conference, Apr. 2005.

2004

  • J. Alves-Foss and C. Taylor. An Analysis of the GWV Security Policy. In Proc. ACL2 Workshop, Nov. 2004.
  • T. Song*, C. Ko, J. Alves-Foss and K. Levitt. Formal Reasoning about Intrusion Detection Systems. In Proc. RAID, Sept. 2004, pp. 278-295.
  • P. Oman, A. Krings, D. Conte de Leon* and J. Alves-Foss. Analyzing the Security and Survivability of Real-Time Control Systems. In IEEE Systems, Man and Cybernetics Information Assurance Workshop, June 2004, pp. 342-349.
  • J. Alves-Foss, C. Taylor* and P. Oman. A Multi-layered Approach to Security in High Assurance Systems. In Proc. Hawaii International Conference on System Sciences, Jan. 2004, pp. 90302.2
  • D. Conte de Leon* and J. Alves-Foss. Experiments on Processing and Linking Semantically Augmented Requirement Specifications. In Proc. Hawai'i International Conference on System Sciences, Jan. 2004.
  • H. Lee*, J. Alves-Foss and W. S. Harrison. The Use of Encrypted Functions for Mobile Agent Security. In Proc. Hawai'i International Conference on System Sciences, Jan. 2004. Available online: (http://doi.ieeecomputersociety.org/10.1109/HICSS.2004.1265700)
  • H. Lee*, J. Alves-Foss and W. S. Harrison. Securing Mobile Agents through Evaluation of Encrypted Functions. Web Intelligence and Agent Systems, Vol. 2(1):1-19, 2004.

2003

  • J. Graham* and J. Alves-Foss. Efficient Allocation in a Distributed Object Oriented Database Using Genetic Algorithms.Proc. International Conference on Parallel and Distributed Computing Systems (PDCS 2003), Las Vegas, Aug. 2003.
  • T. Song*, J. Alves-Foss, C. Ko, C. Zhang and K. Levitt. Using ACL2 to Verify Security Properties of Specification-based Intrusion. In Proc. ACL2 Workshop 2003, Boulder, July 2003.
  • Sreekanth Malladi* and J. Alves-Foss. How to Prevent Type-Flaw Guessing Attacks on Password Protocols. Proc. Foundations of Computer Security, Ottowa, June 2003.
  • J. Dai* and J. Alves-Foss. A Formal Authorization Policy Model. Proc. Software Engineering Research & Applications (SERA '03), June 2003.
  • R. Corin*, S. Malladi*, J. Alves-Foss and S. Etalle. Guess What? Here Is a New Tool that Finds Some New Guessing Attacks. In Proc. Workshop on Issues in the Theory of Security (WITS '03), Warsaw, Mar. 2003. (10 pages).
  • J. Graham* and J. Alves-Foss. Efficient Allocation in a Distributed Object Oriented Databases. In Proc. ACM Annual Southeast Conference, Feb. 2003. (6 pages).
  • C. Taylor* and J. Alves-Foss. Attack Recognition for System Survivability: A Low-Level Approach. Proc. of the Thirty Sixth Annual Hawaii International Conference on System Sciences (CD/ROM), Jan. 2003, Computer Society Press, 2003. (7 pages). Available online: (http://doi.ieeecomputersociety.org/10.1109/HICSS.2003.1174912)

2002

  • C. Taylor*, A. Krings and J. Alves-Foss. Risk Analysis and Probabilistic Survivability Assessment (RAPSA): An Assessment Approach for Power Substation Hardening. Proc. of SACT, Nov. 2002.
  • D. Conte de Leon, J. Alves-Foss, A. Krings and P. Oman. Modeling Complex Control Systems to Identify Remotely Accessible Devices Vulnerable to Cyber Attack. Proc. of SACT, Nov 2002.
  • C. Taylor and J. Alves-Foss. An Empirical Analysis of NATE: Network Analysis of Anomalous Traffic Events. New Security Paradigms Workshop, Sept. 2002.
  • J. Dai and J. Alves-Foss. Logic Based Authorization Policy Engineering. Proc. 6th World Multiconference on Systemics, Cybernetics, and Informatics. July 2002, pp. 230-238.
  • Sreekanth Malladi, J. Alves-Foss and Sreenivas Malladi. What are Guessing Attacks and How to Prevent Them. Proc. Seventh International Workshop on Enterprise Security, June 2002. (BEST PAPER AWARD)
  • Sreekanth Malladi, J. Alves-Foss and R. Heckendorn. On Preventing Replay Attacks on Security Protocols. Proc. International Conference on Security and Management, June 2002, pp. 77-83.
  • Sreekanth Malladi, J. Alves-Foss and Sreenivas Malladi. Preventing Guessing Attacks Using Fingerprint Biometrics. Proc. International Conference on Security and Management, June 2002, pp. 215-221.
  • C. Taylor, J. Alves-Foss and B. Rinker. Merging Safety and Assurance: The Process of Dual Certification for Software. Proc. Software Technology Conference, April 2002.
  • J. Alves-Foss, Bob Rinker and C. Taylor. Towards Common Criteria Certification for DO-178B Compliant Airborne Software Systems. January 2002.
  • J. Alves-Foss, D. Conte de Leon, and P. Oman. Experiments in the use of XML to Enhance Traceability Between Object-Oriented Design Specifications and Source Code. Proc. 35th Annual Hawaii International Conference on System Sciences, Jan 2002, pp. 3592-3599.

2001

  • J. Dai and J. Alves-Foss. Certificate Based Authorization Simulation System. Proc. Computer Software and Applications Conference 2001. October 2001, pp. 190-195.
  • C. Taylor and J. Alves-Foss. NATE - Network Analysis of Anomalous Traffic Events, A Low-Cost Approach. Proc. New Security Paradigms Workshop. Sept 2001, pp 89-96.
  • M. R. Holmes and J. Alves-Foss. The Watson Theorem Prover. Journal of Automated Reasoning, Vol 26(4), May 2001, pp. 357-408.

2000

  • J. Alves-Foss. An Efficient Secure Group Key Exchange Algorithm for Large and Dynamic Groups Proc. 23rd National Information Systems Security Conference. Oct 2000.
  • J. Alves-Foss. Cryptographic Protocol Engineering: Building Security from the Group Up In Proc. International Conference on Internet Computing 2000, June 2000, pp. 371-377.

1999

  • J. Alves-Foss. Provably Insecure Mutual Authentication Protocols: The Two-Party Symmetric-Encryption Case. Proc. 22nd National Information Systems Security Conference. Arlington, Va. Oct 1999.
  • A.E.K. Sobel and J. Alves-Foss. A Trace-Based Model of the Chinese Wall Security Policy. Proc. 22nd National Information Systems Security Conference. Arlington Va. Oct 1999.
  • J. Alves-Foss and D. Frincke. Formal Grammar for Java. In J. Alves-Foss (ed) Formal Syntax and Semantics of Java. LNCS #1523 pp. 1-40, June 1999.
  • J. Alves-Foss and F.S. Lam. Dynamic Denotational Semantics of Java. In J. Alves-Foss (ed) Formal Syntax and Semantics of Java. LNCS #1523 pp. 201-240, June 1999.

1998

  • J. Alves-Foss. Multi-Protocol Attacks and the Public-Key Infrastructure. Proc. 21st National Information Systems Security Conference. Arlington, Va. Oct 1998. pp. 566-576.
  • J. Alves-Foss. Security Implications of Quantum Technologies. Proc. 21st National Information Systems Security Conference. Arlington, Va. Oct 1998. pp. 196-202.
  • J. Alves-Foss. The Architecture of Secure Systems. Proc. 31st Annual Hawaii International Conference on System Sciences. January 1998. pp 307-316.