Trevor Jim

Trevor Jim
AT&T Labs Research
180 Park Avenue
P.O. Box 971
Florham Park, NJ 07932
trevor@research.att.com

I study methods and build tools for making computers and computer programs more secure. Most recently, I have concentrated on the security of web browsers and web applications; these programs are particularly vulnerable due to the inherent insecurities of the open Internet, and to the proliferation of malicious web sites and malicious content republished at reputable sites.

Much of my work focuses on building general defenses against classes of attacks, rather than fixing a single vulnerability in a single program. For example, I work on secure programming languages because they can give all programs written in the language protection against a class of threats.

Read more in my research summary.

Papers

Projects

  DXQ: distributed query language

  BEEP: prevent script injection attacks

  Cyclone: program in a safe C dialect

  SD3: manage distributed security policies and digital certificates

  QCM: the original distributed trust management system

  SEDNS: working towards a more secure Domain Name System

  SML/NJ: compiler for Standard ML

  Unison: synchronize files between Unix and Windows

  Make.text: convert web pages into Markdown notation

  Ocamldot: draw program dependency graphs for Ocaml programs

Errata for LDTA 2009 pre-proceedings

Papers
Projects
DXQ: distributed query language
BEEP: prevent script injection attacks
Cyclone: program in a safe C dialect
SD3: manage distributed security policies and digital certificates
QCM: the original distributed trust management system
SEDNS: working towards a more secure Domain Name System
SML/NJ: compiler for Standard ML
Unison: synchronize files between Unix and Windows
Make.text: convert web pages into Markdown notation
Ocamldot: draw program dependency graphs for Ocaml programs