Santiago Torres-Arias
Santiago Torres-Arias
Assistant Professor of Electrical and Computer Engineering, Purdue University
Dirección de correo verificada de - Página principal
Citado por
Citado por
Diplomat: Using delegations to protect community repositories
TK Kuppusamy, S Torres-Arias, V Diaz, J Cappos
13th USENIX Symposium on Networked Systems Design and Implementation (NSDI …, 2016
in-toto: Providing farm-to-table guarantees for bits and bytes
S Torres-Arias, H Afzali, TK Kuppusamy, R Curtmola, J Cappos
28th USENIX Security Symposium (USENIX Security 19), 1393-1410, 2019
Sigstore: Software signing for everybody
Z Newman, JS Meyers, S Torres-Arias
Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications …, 2022
Sok: Analysis of software supply chain security by establishing secure design properties
C Okafor, TR Schorlemmer, S Torres-Arias, JC Davis
Proceedings of the 2022 ACM Workshop on Software Supply Chain Offensive …, 2022
On omitting commits and committing omissions: Preventing git metadata tampering that (re) introduces software vulnerabilities
S Torres-Arias, AK Ammula, R Curtmola, J Cappos
25th USENIX Security Symposium (USENIX Security 16), 379-395, 2016
Commit signatures for centralized version control systems
S Vaidya, S Torres-Arias, R Curtmola, J Cappos
ICT Systems Security and Privacy Protection: 34th IFIP TC 11 International …, 2019
Signing in four public software package registries: Quantity, quality, and influencing factors
TR Schorlemmer, KG Kalu, L Chigges, KM Ko, EAMA Isghair, S Baghi, ...
arXiv preprint arXiv:2401.14635, 2024
Speranza: Usable, privacy-friendly software signing
K Merrill, Z Newman, S Torres-Arias, KR Sollins
Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications …, 2023
le-git-imate: Towards verifiable web-based Git repositories
H Afzali, S Torres-Arias, R Curtmola, J Cappos
Proceedings of the 2018 on Asia Conference on Computer and Communications …, 2018
In-toto: Practical Software Supply Chain Security
S Torres-Arias
New York University Tandon School of Engineering, 2020
What is Log4j? A cybersecurity expert explains the latest internet vulnerability, how bad it is and what’s at stake
S Torres-Arias
The Conversation 22, 2021
Towards adding verifiability to web-based Git repositories
H Afzali, S Torres-Arias, R Curtmola, J Cappos
Journal of Computer Security 28 (4), 405-436, 2020
Rust for Embedded Systems: Current State, Challenges and Open Problems
A Sharma, S Sharma, S Torres-Arias, A Machiry
arXiv preprint arXiv:2311.05063, 2023
A Viewpoint on Software Supply Chain Security: Are We Getting Lost in Translation?
MS Melara, S Torres-Arias
IEEE Security & Privacy 21 (6), 55-58, 2023
Preventing Supply Chain Vulnerabilities in Java with a Fine-Grained Permission Manager
PC Amusuo, KA Robinson, S Torres-Arias, L Simon, JC Davis
arXiv preprint arXiv:2310.14117, 2023
COLBAC: Shifting cybersecurity from hierarchical to horizontal designs
K Gallagher, S Torres-Arias, N Memon, J Feldman
Proceedings of the 2021 New Security Paradigms Workshop, 13-27, 2021
An Industry Interview Study of Software Signing for Supply Chain Security
KG Kalu, T Singla, C Okafor, S Torres-Arias, JC Davis
arXiv preprint arXiv:2406.08198, 2024
Strategies for the Integration of Software Supply Chain Security in DevSecOps CI/CD Pipelines
R Chandramouli, F Kautz, S Torres Arias, 2024
A Viewpoint on Knowing Software: Bill of Materials Quality When You See It
S Torres-Arias, D Geer, JS Meyers
IEEE Security & Privacy 21 (6), 50-54, 2023
Towards verifiable web-based code review systems
H Afzali, S Torres-Arias, R Curtmola, J Cappos
Journal of Computer Security 31 (2), 153-184, 2023
El sistema no puede realizar la operación en estos momentos. Inténtalo de nuevo más tarde.
Artículos 1–20