I was a graduate student at Penn State University from Fall 2003 to Summer 2009. During that time I had many opportunities to collaborate with some very smart people on topics that I cared passionately about. My advisor was Trent Jaeger.
I defended my thesis ("Retrofitting Programs for Complete Security Mediation") in August 2009.
If you are interested in doing research as a career or are interested in working on self-directed projects, I definitely recommend graduate school. You will be exposed to a lot of great ideas and gain skills that translate well into real world experience. (That said, it was an incredibly difficult and stressful experience I am happy to have in my rear-view.)
Conference Publications
- Automating Security Mediation Placement. Dave King, Susmit Jha, Divya Muthukumaran, Trent Jaeger, Somesh Jha, Sanjit A. Seshia. Proceedings of the 19th European Symposium on Programming (ESOP 2010).
- Implicit Flows: Can't Live With 'Em, Can't Live Without 'Em. Dave King, Boniface Hicks, Trent Jaeger, Michael Hicks. Proceedings of the 4th International Conference on Information Systems Security (ICISS 2008).
- Effective Blame for Information-Flow Violations. Dave King, Trent Jaeger, Somesh Jha, Sanjit A. Seshia. Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE 2008).
- Verifying the Compliance of Trusted Programs. Sandra Rueda, Dave King, Trent Jaeger. Proceedings of the 17th Annual USENIX Security Symposium (USENIX '08). July 2008.
- Mining Security-Sensitive Operations in Legacy Code using Concept Analysis. Vinod Ganapathy, Dave King, Trent Jaeger, Somesh Jha. Proceedings of the 29th International Conference on Software Engineering (ICSE '07), May 2007.
- Leveraging IPsec for Mandatory Access Control Across Systems. Trent Jaeger, David H. King, Kevin Butler, Serge Hallyn, Joy Latten, and Xiaolan Zhang. Second IEEE International Conference on Security and Privacy in Communication Networks (SecureComm), August 2006.
Workshop Publications
- Jifclipse: Development Tools for Security-Typed Languages. Boniface Hicks, Dave King, and Patrick McDaniel. Proceedings of the ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS), June 2007.
- Trusted Declassification: High-level policy for a security-typed language. Boniface Hicks, Dave King, Patrick McDaniel, and Michael Hicks. Proceedings of the ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS), June 2006.
Technical Reports
- Reduction of the compliance problem to the graph isomorphism problem. Sandra Rueda, Dave King, and Trent Jaeger. Technical Report NAS-TR-0081-2007, Network and Security Research Center, CSE Department. The Pennsylvania State University. October 2007. (superceded by USENIX Security 2008 publication)
- On Automatic Placement of Declassifiers for Information-Flow Security. Dave King, Susmit Jha, Trent Jaeger, Somesh Jha, and and Sanjit A. Seshia. Technical Report NAS-TR-0083-2007, Network and Security Research Center, November 2007. Updated January 2008.
- Effective Blame for Information-Flow Violations. Dave King, Trent Jaeger, Somesh Jha, and Sanjit A. Seshia. Technical Report NAS-TR-0069-2007, Network and Security Research Center, May 2007. Updated March 2008. (superceded by FSE 2008 publication)
Non-Refereed Publications
- Use-Based Inference of Reference Polymorphism. Dave King and John Hannan. In the Pre-proceedings of the 8th Symposium on Trends in Functional Programming, April 2007.