My research focuses on security of computer systems and networks, addressing the challenges of establishing and maintaining integrity of the systems and data being processed. Within this broad area, my interests span several domains including traditional enterprise computing and cloud computing. More detailed information about my work can be found at:
My major research thrusts include:
Secure Data Provenance
Modern computers provide little in the way of transparency for end users. Data is often processed and results generated without the user being fully aware of the inputs used to generate an output. This model leads to threats that users are powerless to defend against. Furthermore, detecting and mitigating attacks becomes increasingly challenging. This research has focused on addressing these challenges through secure collection and use of data provenance. Provenance-aware systems collect metadata that details the history of each data object processed by the system. The goal of this work is to build systems that can accurately detect and mitigate attacks that compromise the integrity of the data being processed.
- T. Moyer and V. Gadepally, “High-throughput Ingest of Data Provenance Records into Accumulo,” in 2016 IEEE High Performance Extreme Computing Conference, HPEC, Sep. 2016.
- T. Moyer, P. T. Cable, K. Chadha, R. Cunningham, N. Schear, W. Smith, A. Bates, K. Butler, F. Capobianco, and T. Jaeger, “Leveraging Data Provenance to Enhance Cyber Resilience,” in 1st IEEE Cybersecurity Development (SecDev), Nov. 2016.
- A. Bates, K. R. B. Butler, and T. Moyer, “Take Only What You Need: Leveraging Mandatory Access Control Policy to Reduce Provenance Storage Costs,” in 7th USENIX Workshop on the Theory and Practice of Provenance (TaPP 15), Edinburgh, Scotland, Jul. 2015.
- (missing reference)
Users interact with remote machines to exchange data without first understanding the state of the remote system. The integrity state of a machine provides a user with evidence that the system has not been compromised. Consider a web server hosting a login page that is modified by an attacker to send user credentials to an attacker-controlled server. Users currently have few, if any, options to validate that the remote web server is not compromised. This research has focused on building systems that leverage trusted hardware to provide proofs to remote users that the system is high-integrity and the content has not been modified. The systems explore the use of different cryptographic constructions to amortize the high cost of inexpensive trusted hardware (the Trusted Platform Module). This research aims to build systems that generate integrity proofs that provide strong security guarantees about the system and the data being exchanged.
- T. Moyer, K. Butler, J. Schiffman, P. McDaniel, and T. Jaeger, “Scalable Web Content Attestation,” IEEE Transactions on Computers, vol. 61, no. 5, pp. 686–699, May 2012.
- T. Moyer, T. Jaeger, and P. McDaniel, “Scalable Integrity-Guaranteed AJAX,” in Proceedings of the 14th Asia-Pacific Web Conference (APWeb), Kunming, China, Apr. 2012.
- K. Butler, S. McLaughlin, T. Moyer, and P. McDaniel, “New Security Architectures Based on Emerging Disk Functionality,” IEEE Security & Privacy Magazine, Sep. 2010.
- J. Schiffman, T. Moyer, H. Vijayakumar, T. Jaeger, and P. McDaniel, “Seeding Clouds with Trust Anchors,” in CCSW ’10: Proceedings of the 2010 ACM workshop on Cloud computing security, Oct. 2010.
Secure Cloud Computing
As more and more workloads are migrated to cloud computing platforms, the question of security for these platforms becomes even more important. Users of commercial cloud computing services are expected to trust the cloud service provider, but have limited visibility into the state of the systems they are entrusting with their data. This research has focused on creating the building blocks necessary to establish and maintain a secure foundation for cloud computing. Trusted hardware and software are used to create roots of trust within the cloud that users can leverage to construct secure cloud services. The goal of this work is to develop cloud architectures that support sensitive workloads by providing strong security guarantees for the users.
- N. Schear, P. T. C. II, T. Moyer, B. Richard, and R. Rudd, “Bootstrapping and Maintaining Trust in the Cloud,” in Proceedings of the 32nd Annual Computer Security Applications Conference, New York, NY, USA, Dec. 2016, pp. 1–10. To appear
- J. Schiffman, T. Moyer, T. Jaeger, and P. McDaniel, “Network-based Root of Trust for Installation,” IEEE Security & Privacy Magazine, Jan. 2011.
- B. Hicks, S. Rueda, D. King, T. Moyer, J. Schiffman, Y. Sreenivasan, P. McDaniel, and T. Jaeger, “An Architecture for Enforcing End-to-End Access Control Over Web Applications,” in Proceedings of the 2010 Symposium on Access Control Models and Technologies, SACMAT ’10, Jun. 2010.
- J. Schiffman, T. Moyer, C. Shal, T. Jaeger, and P. McDaniel, “Justifying Integrity Using a Virtual Machine Verifier,” in Proceedings of the 2009 Annual Computer Security Applications Conference, ACSAC ’09, Dec. 2009.