Jonathan M. McCune

I am a Software Engineer on Google's Security Team, where I help to build and harden production security infrastructure.

I was previously a Research Systems Scientist at CMU CyLab, where I did research on trustworthy computing.

CV | Bio | jonmccune@ any of {gmail.com,google.com,cmu.edu}

Photo of Jonathan McCune

Software

Service

Program Committees (Affiliation Google) Program Committees (Affiliation CMU) Thesis Committees
  • Jan-Erik Ekberg
  • Kari Kostiainen
Other Service
  • NSF Panelist
  • 2014 STARSS Workshop

Publications in Conferences and Workshops

Journal Articles

  • SPATE: Small-Group PKI-Less Authenticated Trust Establishment.
    Yue-Hsun Lin, Ahren Studer, Yao-Hsin Chen, Hsu-Chun Hsiao, Li-Hsiang Kuo, Jason Lee, Jonathan M. McCune, King-Hang Wang, Maxwell Krohn, Phen-Lan Lin, Adrian Perrig, Hung-Min Sun, and Bo-Yin Yang. IEEE Transactions on Mobile Computing. Volume 9, Issue 12, December 2010. ( PDF, BIB )
  • Remote Detection of Virtual Machine Monitors with Fuzzy Benchmarking.
    Jason Franklin, Mark Luk, Jonathan M. McCune, Arvind Seshadri, Adrian Perrig, and Leendert Van Doorn. ACM SIGOPS Operating System Review Special Edition on Computer Forensics. Volume 42, Issue 3, April 2008. ( PDF, BIB )
    An early version appeared as CMU Cylab Technical Report CMU-CyLab-07-001, January 2007, having grown out of a course project described in Technical Report CMU-CS-05-201.
  • Seeing is Believing: Using Camera Phones for Human-Verifiable Authentication.
    Jonathan M. McCune, Adrian Perrig, and Michael K. Reiter. International Journal of Security and Networks Special Issue on Secure Spontaneous Interaction. 4(1-2):43-56, 2009. ( PDF, BIB )
    This work extends our 2005 IEEE S&P paper and Technical Report CMU-CS-04-174.

Technical Reports

  • MiniBox: A Two-Way Sandbox for x86 Native Code.
    Yanlin Li, Adrian Perrig, Jonathan M. McCune, James Newsome, Brandon Baker, and Will Drewry. CMU CyLab Technical Report CMU-CyLab-14-001, February, 2014.
  • Design, Development and Automated Verification of an Integrity-Protected Hypervisor.
    Sagar Chaki, Amit Vasudevan, Limin Jia, Jonathan M. McCune, and Anupam Datta. CMU CyLab Technical Report CMU-CyLab-12-017, July, 2012.
  • Design and Implementation of an eXtensible and Modular Hypervisor Framework.
    Amit Vasudevan, Jonathan M. McCune, and James Newsome. CMU CyLab Technical Report CMU-CyLab-12-014, June, 2012.
  • Trustworthy Execution on Mobile Devices: What security properties can my mobile platform give me?
    Amit Vasudevan, Emmanuel Owusu, Zongwei Zhou, James Newsome, and Jonathan McCune. CMU CyLab Technical Report CMU-CyLab-11-023, November, 2011.
  • Memoir---Formal Specs and Correctness Proofs.
    John R. Douceur, Jacob R. Lorch, Bryan Parno, James Mickens, and Jonathan M. McCune. MSR-TR-2011-19, February 2011.
  • Trust and Trusted Computing Platforms.
    David Fisher, Jonathan M. McCune, Archie D. Andrews. Technical Report CMU/SEI-2011-TN-005, Software Engineering Institute, Carnegie Mellon University, January 2011.
  • Contractual Anonymity.
    Edward J. Schwartz, David Brumley, Jonathan M. McCune. Technical Report CMU-CS-09-144, School of Computer Science, Carnegie Mellon University, September 2009.
  • Efficient TCB Reduction and Attestation.
    Jonathan M. McCune, Ning Qu, Yanlin Li, Anupam Datta, Virgil D. Gligor, Adrian Perrig. CMU CyLab Technical Report CMU-CyLab-09-003, March, 2009.
  • An Execution Infrastructure for TCB Minimization.
    Jonathan M. McCune, Bryan Parno, Adrian Perrig, Michael K. Reiter, and Hiroshi Isozaki. CMU Cylab Technical Report CMU-CyLab-07-018, December 2007
  • Remote Detection of Virtual Machine Monitors with Fuzzy Benchmarking.
    Jason Franklin, Mark Luk, Jonathan M. McCune, Arvind Seshadri, Adrian Perrig, and Leendert van Doorn. CMU Cylab Technical Report CMU-CyLab-07-001, January 2007
  • Bump in the Ether: A Framework for Securing Sensitive User Input.
    Jonathan M. McCune, Adrian Perrig, Michael K. Reiter. CMU Cylab Technical Report CMU-Cylab-05-007, December 2005.
  • Device-Enabled Authorization in the Grey System.
    Lujo Bauer, Scott Garriss, Jonathan M. McCune, Michael K. Reiter, Jason Rouse, and Peter Rutenbar. Technical Report CMU-CS-05-111 (PDF) School of Computer Science, Carnegie Mellon University, February 2005.
  • Seeing is Believing: Using Camera Phones for Human-Verifiable Authentication.
    Jonathan M. McCune, Adrian Perrig, and Michael K. Reiter. Technical Report CMU-CS-04-174, School of Computer Science, Carnegie Mellon University, November 2004.

Patents

  • Methods and apparatuses for user-verifiable trusted path in the presence of malware.
    Jonathan M. McCune, Adrian Perrig, Anupam Datta, Virgil D. Gligor, Ning Qu. US Patent 8,832,778 (Google Patents link) September 2014.
  • Methods and apparatuses for user-verifiable execution of security-sensitive code.
    Jonathan McCune, Adrian Perrig, Anupam Datta, Virgil Gligor, Yanlin Li, Bryan Parno, Amit Vasudevan, Ning Qu. US Patent 8,627,414 (Google Patents link | WIPO link) January 2014.
  • Other patents pending

Talks

Conference
  • TrustVisor: Efficient TCB Reduction and Attestation. (IEEE S&P, Oakland, CA, May, 2010)
  • Safe Passage for Passwords and Other Sensitive Data. NDSS, February 2009.
  • How Low Can You Go? Recommendations for Hardware-Supported Minimal TCB Code Execution. ASPLOS, March 2008. ( PPT )
  • Shamon: A System for Distributed Mandatory Access Control (ACSAC, Miami Beach, FL, December, 2006) ( pdf )
  • Bump in the Ether: A Framework for Securing Sensitive User Input (Usenix ATC, Boston, MA, June, 2006) ( pdf )
  • Seeing is Believing: Using Camera Phones for Human-Verifiable Authentication (IEEE S&P, Oakland, CA, May, 2005) ( pdf )
  • Power Efficient Adaptable Sensor Networks (MAPLD, Washington, DC, September, 2003)

PhD Thesis

Links

Last modified: Mon Jan 05 22:28:00 PDT 2015         © 2003-2015, Jonathan M. McCune