Publications by Stephen Chong

Conference and highly-selective workshop publications

  1. Automatic Enforcement of Expressive Security Policies using Enclaves
    Anitha Gollamudi and Stephen Chong.
    Proceedings of the 29th Annual ACM SIGPLAN Conference on Object-Oriented Programming Languages, Systems, Languages, and Applications (OOPSLA), October 2016.
    Abstract | PDF | Technical Report | BibTeX ]
  2. Extensible Access Control with Authorization Contracts
    Scott Moore, Christos Dimoulas, Matthew Flatt, Robert Bruce Findler, and Stephen Chong.
    Proceedings of the 29th Annual ACM SIGPLAN Conference on Object-Oriented Programming Languages, Systems, Languages, and Applications (OOPSLA), October 2016.
    Abstract | PDF | Technical Report | BibTeX ]
  3. A Progress-Sensitive Flow-Sensitive Inlined Information-Flow Control Monitor
    Andrew Bedford, Stephen Chong, Josèe Desharnais, and Nadia Tawbi.
    Proceedings of the 31st IFIP TC 11 International Information Security and Privacy Conference (IFIP SEC), pages 352–366, May 2016.
    Abstract | PDF | BibTeX ]
  4. Precise, Dynamic Information Flow for Database-Backed Applications
    Jean Yang, Travis Hance, Thomas H. Austin, Armando Solar-Lezama, Cormac Flanagan, and Stephen Chong.
    Proceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), June 2016.
    Abstract | PDF | BibTeX ]
  5. Correct Audit Logging: Theory and Practice
    Sepehr Amir-Mohammadian, Stephen Chong, and Christian Skalka.
    5th International Conference on Principles of Security and Trust (POST), April 2016.
    Abstract | PDF | BibTeX ]
  6. It’s My Privilege: Controlling Downgrading in DC-Labels
    Lucas Waye, Pablo Buiras, Dan King, Stephen Chong, and Alejandro Russo.
    Proceedings of the 11th International Workshop on Security and Trust Management (STM), September 2015.
    Abstract | PDF | BibTeX ]
  7. Hybrid Monitors for Concurrent Noninterference
    Aslan Askarov, Stephen Chong, and Heiko Mantel.
    Proceedings of the 28th IEEE Computer Security Foundations Symposium (CSF), July 2015.
    Abstract | PDF | Technical Report | BibTeX ]
  8. Cryptographic Enforcement of Language-Based Erasure
    Aslan Askarov, Scott Moore, Christos Dimoulas, and Stephen Chong.
    Proceedings of the 28th IEEE Computer Security Foundations Symposium (CSF), July 2015.
    Abstract | PDF | GitHub | BibTeX ]
  9. Exploring and Enforcing Security Guarantees via Program Dependence Graphs
    Andrew Johnson, Lucas Waye, Scott Moore, and Stephen Chong.
    Proceedings of the 36th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), pages 291–302, June 2015.
    Abstract | PDF | Video abstract | Software | BibTeX ]
  10. Shill: A Secure Shell Scripting Language
    Scott Moore, Christos Dimoulas, Dan King, and Stephen Chong.
    11th USENIX Symposium on Operating Systems Design and Implementation (OSDI), October 2014.
    Abstract | PDF | Shill web site | OSDI presentation | BibTeX ]
  11. Declarative Policies for Capability Control
    Christos Dimoulas, Scott Moore, Aslan Askarov, and Stephen Chong.
    Proceedings of the 27th IEEE Computer Security Foundations Symposium (CSF), June 2014.
    Abstract | PDF | BibTeX ]
  12. Truthful Mechanisms for Agents that Value Privacy
    Yiling Chen, Stephen Chong, Ian Kash, Tal Moran, and Salil Vadhan.
    Proceedings of the 14th ACM Conference on Electronic Commerce (EC), June 2013.
    Abstract | PDF | BibTeX ]
  13. Asynchronous Functional Reactive Programming for GUIs
    Evan Czaplicki and Stephen Chong.
    Proceedings of the 34th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), pages 411–422, June 2013.
    Abstract | Elm web site | PDF | BibTeX ]
  14. Towards Fully Automatic Placement of Security Sanitizers and Declassifiers
    Benjamin Livshits and Stephen Chong.
    Proceedings of the 40th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL), pages 385–398, January 2013.
    Abstract | PDF | BibTeX ]
  15. Towards a Practical Secure Concurrent Language
    Stefan Muller and Stephen Chong.
    Proceedings of the 25th Annual ACM SIGPLAN Conference on Object-Oriented Programming Languages, Systems, Languages, and Applications (OOPSLA), pages 57–74, October 2012.
    Abstract | PDF | Technical Report | BibTeX ]
  16. Precise Enforcement of Progress-Sensitive Security
    Scott Moore, Aslan Askarov, and Stephen Chong.
    Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS), pages 881–893, October 2012.
    Abstract | PDF | BibTeX ]
  17. Learning is Change in Knowledge: Knowledge-based Security for Dynamic Policies
    Aslan Askarov and Stephen Chong.
    Proceedings of the 25th IEEE Computer Security Foundations Symposium (CSF), pages 308–322, June 2012.
    Abstract | PDF | Technical Report | BibTeX ]
  18. Static Analysis for Efficient Hybrid Information-Flow Control
    Scott Moore and Stephen Chong.
    Proceedings of the 24th IEEE Computer Security Foundations Symposium (CSF), pages 146–160, June 2011.
    Abstract | PDF | Technical Report | BibTeX ]
  19. Inference of Expressive Declassification Policies
    Jeffrey A. Vaughan and Stephen Chong.
    Proceedings of the 2011 IEEE Symposium on Security and Privacy (Oakland), pages 180–195, May 2011.
    Abstract | PDF | BibTeX ]
  20. Required Information Release
    Stephen Chong.
    Proceedings of the 23rd IEEE Computer Security Foundations Symposium (CSF), pages 215–227, July 2010.
    PDF | Technical Report | BibTeX ]
  21. Self-Identifying Sensor Data
    Stephen Chong, Christian Skalka, and Jeffrey A. Vaughan.
    Proceedings of the Ninth International Conference on Information Processing in Sensor Networks (IPSN), pages 82–93, April 2010.
    PDF | Journal version | BibTeX ]
  22. Deriving Epistemic Conclusions from Agent Architecture
    Stephen Chong and Ron van der Meyden.
    Proceedings of the Twelfth Conference on Theoretical Aspects of Rationality and Knowledge (TARK), pages 61–70, July 2009.
    PDF | BibTeX ]
  23. End-to-End Enforcement of Erasure and Declassification
    Stephen Chong and Andrew C. Myers.
    Proceedings of the 21st IEEE Computer Security Foundations Symposium (CSF), pages 98–111, June 2008.
    Abstract | PDF | Technical Report | BibTeX ]
  24. Civitas: Toward a Secure Voting System
    Michael R. Clarkson, Stephen Chong, and Andrew C. Myers.
    Proceedings of the 2008 IEEE Symposium on Security and Privacy (Oakland), pages 354–368, May 2008.
    PDF | Technical Report | Web site | BibTeX ]
  25. Secure Web Applications via Automatic Partitioning
    Stephen Chong, Jed Liu, Andrew C. Myers, Xin Qi, K. Vikram, Lantian Zheng, and Xin Zheng.
    Proceedings of the 21st ACM Symposium on Operating Systems Principles (SOSP), pages 31–44, October 2007.
    (Best paper award.)
    PDF | Web site | BibTeX ]
  26. SIF: Enforcing Confidentiality and Integrity in Web Applications
    Stephen Chong, K. Vikram, and Andrew C. Myers.
    Proceedings of the 16th USENIX Security Symposium, pages 1–16, August 2007.
    PDF | Web site | BibTeX ]
  27. Decentralized Robustness
    Stephen Chong and Andrew C. Myers.
    Proceedings of the 19th IEEE Computer Security Foundations Workshop (CSFW), pages 242–253, July 2006.
    PDF | PS | Slides (ppt) | BibTeX ]
  28. Information-Flow Security for Interactive Programs
    Kevin R. O’Neill, Michael R. Clarkson, and Stephen Chong.
    Proceedings of the 19th IEEE Computer Security Foundations Workshop (CSFW), pages 190–201, July 2006.
    PDF | PS | Technical Report | BibTeX ]
  29. Language-Based Information Erasure
    Stephen Chong and Andrew C. Myers.
    Proceedings of the 18th IEEE Computer Security Foundations Workshop (CSFW), pages 241–254, June 2005.
    PDF | PS | BibTeX ]
  30. Security Policies for Downgrading
    Stephen Chong and Andrew C. Myers.
    Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS), pages 189–209, October 2004.
    PDF | PS | BibTeX ]
  31. Scalable Extensibility via Nested Inheritance
    Nathaniel Nystrom, Stephen Chong, and Andrew C. Myers.
    Proceedings of the 19th Annual ACM SIGPLAN Conference on Object-Oriented Programming Languages, Systems, Languages, and Applications (OOPSLA), pages 99–115, October 2004.
    PDF | PS | Technical Report | Web site | BibTeX ]
  32. Owned Policies for Information Security
    Hubie Chen and Stephen Chong.
    Proceedings of the 17th IEEE Computer Security Foundations Workshop (CSFW), pages 126–138, June 2004.
    PDF | PS | Slides (ppt) | BibTeX ]
  33. Static Analysis of Accessed Regions in Recursive Data Structures
    Stephen Chong and Radu Rugina.
    Proceedings of the 10th International Static Analysis Symposium (SAS), June 2003.
    PDF | PS | Slides (PDF) | BibTeX ]
  34. Using Replication and Partitioning to Build Secure Distributed Systems
    Lantian Zheng, Stephen Chong, Andrew C. Myers, and Steve Zdancewic.
    Proceedings of the 2003 IEEE Symposium on Security and Privacy (Oakland), pages 236–250, May 2003.
    PDF | BibTeX ]

Workshop papers

  1. Using architecture to reason about information security
    Stephen Chong and Ron van der Meyden.
    Proceedings of the 6th Layered Assurance Workshop (LAW), pages 1–11,  2012.
    Abstract | BibTeX ]
  2. A More Precise Security Type System for Dynamic Security Tests
    Gregory Malecha and Stephen Chong.
    Proceedings of the ACM SIGPLAN Fifth Workshop on Programming Languages and Analysis for Security (PLAS), June 2010.
    PDF | Technical Report | BibTeX ]
  3. Provenance: A Future History
    James Cheney, Stephen Chong, Nate Foster, Margo Seltzer, and Stijn Vansummeren.
    Companion to the 24th Annual ACM SIGPLAN Conference on Object-Oriented Programming Languages, Systems, Languages, and Applications: Onward! Session (OOPSLA Onward!), pages 957–964, October 2009.
    PDF | BibTeX ]
  4. Towards Semantics for Provenance Security
    Stephen Chong.
    Proceedings of the 1st Workshop on the Theory and Practice of Provenance (TaPP), February 2009.
    PDF | Slides (PDF) | BibTeX ]
  5. A Framework for Creating Natural Language User Interfaces for Action-Based Applications
    Stephen Chong and Riccardo Pucella.
    Proceedings of the Third International AMAST Workshop on Algebraic Methods in Language Processing, TWLT Report 21 (AMiLP-3), August 2003.
    PDF | BibTeX ]

Journal articles

  1. Using Architecture to Reason about Information Security
    Stephen Chong and Ron van der Meyden.
    ACM Transactions on Information and System Security 18(2), December 2015.
    Abstract | ACM DL | BibTeX ]
  2. Self-Identifying Data for Fair Use
    Stephen Chong, Christian Skalka, and Jeffrey A. Vaughan.
    Journal of Data and Information Quality 5(3), December 2014.
    Abstract | BibTeX ]
  3. Required Information Release
    Stephen Chong.
    Journal of Computer Security 20(6):637–676,  2012.
    Abstract | IOS Press | BibTeX ]

Technical reports and manuscripts

  1. Automatic Enforcement of Expressive Security Policies using Enclaves
    Anitha Gollamudi and Stephen Chong.
    Harvard University Technical Report TR-02-16,  2016.
    DASH | BibTeX ]
  2. Extensible Access Control with Authorization Contracts
    Scott Moore, Christos Dimoulas, Matthew Flatt, Robert Bruce Findler, and Stephen Chong.
    Harvard University Technical Report TR-03-16,  2016.
    DASH | BibTeX ]
  3. Report on the NSF Workshop on Formal Methods for Security
    Stephen Chong, Joshua Guttman, Anupam Datta, Andrew Myers, Benjamin Pierce, Patrick Schaumont, Tim Sherwood, and Nickolai Zeldovich.
    August 2016.
    Abstract | Summary | Full Report (ACM DL) | Full Report (arXiv) | BibTeX ]
  4. Higher-order Behavioral Contracts for Distributed Components
    Lucas Waye, Christos Dimoulas, and Stephen Chong.
    Harvard University Technical Report TR-03-15,  2015.
    DASH | BibTeX ]
  5. Global and Local Monitors to Enforce Noninterference in Concurrent Programs
    Aslan Askarov, Stephen Chong, and Heiko Mantel.
    Harvard University Technical Report TR-02-15,  2015.
    Abstract | PDF | BibTeX ]
  6. Exploring and Enforcing Application Security Guarantees via Program Dependence Graphs
    Andrew Johnson, Lucas Waye, Scott Moore, and Stephen Chong.
    Harvard University Technical Report TR-04-14,  2014.
    Abstract | PDF | BibTeX ]
  7. Enforcing Language Semantics Using Proof-Carrying Data
    Stephen Chong, Eran Tromer, and Jeffrey A. Vaughan.
    August 2013.
    http://eprint.iacr.org/2013/513
    Abstract | IACR ePrint Archive | BibTeX ]
  8. Towards a Practical Secure Concurrent Language
    Stefan Muller and Stephen Chong.
    Harvard University Technical Report TR-05-12, August 2012.
    PDF | BibTeX ]
  9. Learning is Change in Knowledge: Knowledge-based Security for Dynamic Policies
    Aslan Askarov and Stephen Chong.
    Harvard University Technical Report TR-02-12,  2012.
    PDF | BibTeX ]
  10. Static Analysis for Efficient Hybrid Information-Flow Control
    Scott Moore and Stephen Chong.
    Harvard University Technical Report TR-05-11, May 2011.
    PDF | BibTeX ]
  11. Required Information Release
    Stephen Chong.
    Harvard University Technical Report TR-04-10, April 2010.
    PDF | BibTeX ]
  12. A More Precise Security Type System for Dynamic Security Tests
    Gregory Malecha and Stephen Chong.
    Harvard University Technical Report TR-05-10, June 2010.
    PDF | BibTeX ]
  13. Secure Web Applications via Automatic Partitioning
    Stephen Chong, Jed Liu, Andrew C. Myers, Xin Qi, K. Vikram, Lantian Zheng, and Xin Zheng.
    Communications of the ACM 52(2):79–87, February 2009.
    ACM Portal | BibTeX ]
  14. Expressive and Enforceable Information Security Policies
    Stephen Chong.
    Ph.D. thesis, Cornell University, August 2008.
    PDF | BibTeX ]
  15. Civitas: Toward a Secure Voting System
    Michael R. Clarkson, Stephen Chong, and Andrew C. Myers.
    Cornell University Computing and Information Science Technical Report 2007-2081, May 2008.
    URI | BibTeX ]
  16. End-to-End Enforcement of Erasure and Declassification
    Stephen Chong and Andrew C. Myers.
    Cornell University Computing and Information Science Technical Report http://hdl.handle.net/1813/10504, April 2008.
    URI | BibTeX ]
  17. Information-Flow Security for Interactive Programs
    Kevin R. O’Neill, Michael R. Clarkson, and Stephen Chong.
    Cornell University Computing and Information Science Technical Report 2006-2022, April 2006.
    URI | BibTeX ]
  18. Scalable Extensibility via Nested Inheritance
    Nathaniel Nystrom, Stephen Chong, and Andrew C. Myers.
    Cornell University Computing and Information Science Technical Report 2004-1940,  2004.
    PDF | BibTeX ]
  19. Word Alignment of Proof Verbalizations Using Generative Statistical Models
    Stephen Chong.
    Cornell University Computer Science Department Technical Report 2002-1864, May 2002.
    PDF | PS | BibTeX ]

Books

  1. Proceedings of the 2009 Workshop on Programming Languages and Analysis for Security
    Stephen Chong and David A. Naumann, editors.
    ACM, June 2009. ISBN 978-1-60558-645-8.
    BibTeX ]

Distributing papers

The papers available here have been provided by the contributing authors as a means to ensure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.