Diplomat: Using delegations to protect community repositories TK Kuppusamy, S Torres-Arias, V Diaz, J Cappos 13th USENIX Symposium on Networked Systems Design and Implementation (NSDI …, 2016 | 57 | 2016 |
in-toto: Providing farm-to-table guarantees for bits and bytes S Torres-Arias, H Afzali, TK Kuppusamy, R Curtmola, J Cappos 28th USENIX Security Symposium (USENIX Security 19), 1393-1410, 2019 | 32 | 2019 |
On omitting commits and committing omissions: Preventing git metadata tampering that (re) introduces software vulnerabilities S Torres-Arias, AK Ammula, R Curtmola, J Cappos 25th USENIX Security Symposium (USENIX Security 16), 379-395, 2016 | 27 | 2016 |
Sok: Analysis of software supply chain security by establishing secure design properties C Okafor, TR Schorlemmer, S Torres-Arias, JC Davis Proceedings of the 2022 ACM Workshop on Software Supply Chain Offensive …, 2022 | 24 | 2022 |
Sigstore: Software signing for everybody Z Newman, JS Meyers, S Torres-Arias Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications …, 2022 | 21 | 2022 |
Commit signatures for centralized version control systems S Vaidya, S Torres-Arias, R Curtmola, J Cappos ICT Systems Security and Privacy Protection: 34th IFIP TC 11 International …, 2019 | 13 | 2019 |
le-git-imate: Towards verifiable web-based Git repositories H Afzali, S Torres-Arias, R Curtmola, J Cappos Proceedings of the 2018 on Asia Conference on Computer and Communications …, 2018 | 5 | 2018 |
Speranza: Usable, privacy-friendly software signing K Merrill, Z Newman, S Torres-Arias, KR Sollins Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications …, 2023 | 4 | 2023 |
What is Log4j? A cybersecurity expert explains the latest internet vulnerability, how bad it is and what’s at stake S Torres-Arias The Conversation 22, 2021 | 4 | 2021 |
Towards adding verifiability to web-based Git repositories H Afzali, S Torres-Arias, R Curtmola, J Cappos Journal of Computer Security 28 (4), 405-436, 2020 | 4 | 2020 |
In-toto: Practical Software Supply Chain Security S Torres-Arias New York University Tandon School of Engineering, 2020 | 4 | 2020 |
Signing in Four Public Software Package Registries: Quantity, Quality, and Influencing Factors TR Schorlemmer, KG Kalu, L Chigges, KM Ko, EAMA Isghair, S Baghi, ... arXiv preprint arXiv:2401.14635, 2024 | 3 | 2024 |
Rust for Embedded Systems: Current State, Challenges and Open Problems A Sharma, S Sharma, S Torres-Arias, A Machiry arXiv preprint arXiv:2311.05063, 2023 | 2 | 2023 |
COLBAC: Shifting cybersecurity from hierarchical to horizontal designs K Gallagher, S Torres-Arias, N Memon, J Feldman Proceedings of the 2021 New Security Paradigms Workshop, 13-27, 2021 | 2 | 2021 |
A Viewpoint on Knowing Software: Bill of Materials Quality When You See It S Torres-Arias, D Geer, JS Meyers IEEE Security & Privacy 21 (6), 50-54, 2023 | 1 | 2023 |
A Viewpoint on Software Supply Chain Security: Are We Getting Lost in Translation? MS Melara, S Torres-Arias IEEE Security & Privacy 21 (6), 55-58, 2023 | 1 | 2023 |
Preventing Supply Chain Vulnerabilities in Java with a Fine-Grained Permission Manager PC Amusuo, KA Robinson, S Torres-Arias, L Simon, JC Davis arXiv preprint arXiv:2310.14117, 2023 | 1 | 2023 |
SCORED'22: ACM Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses S Torres-Arias, M Melara, L Simon Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications …, 2022 | 1 | 2022 |
Bootstrapping Trust in Community Repository Projects S Vaidya, S Torres-Arias, J Cappos, R Curtmola International Conference on Security and Privacy in Communication Systems …, 2022 | 1 | 2022 |
Scudo: A proposal for resolving software supply chain insecurities in vehicles M Moore, ASA Yelgundhalli, TK Kuppusamy, S Torres-Arias, LA DeLong, ... accessed, 2022 | 1 | 2022 |