Jump to Content
Jonathan M. McCune

Jonathan M. McCune

Jon earned his Ph.D. degree in Electrical and Computer Engineering from Carnegie Mellon University, and received the A.G. Jordan thesis award. He received his B.Sc. degree in Computer Engineering from the University of Virginia (UVA). Jon's research interests include secure systems, trusted computing, virtualization, and spontaneous interaction between mobile devices. Jon enjoys spending time with his wife and daughters and the outdoors.
Authored Publications
Google Publications
Other Publications
Sort By
  • Title
  • Title, descending
  • Year
  • Year, descending
    Preview abstract We report the success of a project that Google performed as a proof-of-concept for increasing confidence in first-instruction integrity across a variety of server and peripheral environments. We begin by motivating the problem of first-instruction integrity and share the lessons learned from our proof-of-concept implementation. Our goal in sharing this information is to increase industry support and engagement for similar designs. Notable features include a vendor-agnostic capability to interpose on the SPI peripheral bus (from which bootstrap firmware is loaded upon power-on in a wide variety of devices today) without negatively impacting the efficacy of any existing vendor- or device-specific integrity mechanisms, thereby providing additional defense-in-depth. View details
    MiniBox: A Two-Way Sandbox for x86 Native Code
    Yanlin Li
    James Newsome
    Adrian Perrig
    Brandon Baker
    Proceedings of the Usenix Annual Technical Conference, Usenix (2014)
    Design, Implementation and Verification of an eXtensible and Modular Hypervisor Framework
    Amit Vasudevan
    Sagar Chaki
    Limin Jia
    James Newsome
    Anupam Datta
    IEEE Symposium on Security and Privacy (2013) (to appear)
    Preview abstract We present the design, implementation, and verification of XMHF - an eXtensible and Modular Hypervisor Framework. XMHF is designed to achieve three goals - modular extensibility, automated verification, and high performance. XMHF includes a core that provides functionality common to many hypervisor-based security architectures and supports extensions that augment the core with additional security or functional properties while preserving the fundamental hypervisor security property of memory integrity (i.e., ensuring that the hypervisor's memory is not modified by software running at a lower privilege level). We verify the memory integrity of the XMHF core - 6018 lines of code - using a combination of automated and manual techniques. The model checker CBMC automatically verifies 5208 lines of C code in about 80 seconds using less than 2GB of RAM. We manually audit the remaining 422 lines of C code and 388 lines of assembly language code that are stable and unlikely to change as development proceeds. Our experiments indicate that XMHF's performance is comparable to popular high-performance general-purpose hypervisors for the single guest that it supports. View details
    TrustVisor: Efficient TCB Reduction and Attestation
    Yanlin Li
    Ning Qu
    Zongwei Zhou
    Anupam Datta
    Virgil Gligor
    Adrian Perrig
    IEEE Symposium on Security and Privacy 2010