The three classes consists in the presentation of the following papers (in this order):

A - "Virtualization and Trusted Computing"

Presentation dates:  Alameda - 1 December.  Tagus - 3 or 4 December.

1. Virtualization I
   Keith Adams and Ole Agesen. "A Comparison of Software and Hardware Techniques for x86 Virtualization", ASPLOS 2006.
   (quem apresentar este artigo deve começar com 1 ou 2 slides a explicar o conceito de virtualização baseada num hipervisor)
   
2. Virtualization II
   Tal Garfinkel et. al. "Terra: A Virtual Machine-Based Platform for Trusted Computing", SOSP 2003.
   
3. Trusted Computing I
   Nuno Santos et. al. "Using ARM TrustZone to Build a Trusted Language Runtime for Mobile Applications", ASPLOS 2014.
   (quem apresentar este artigo deve começar com 1 ou 2 slides a explicar o conceito de Trusted Computing)
   
4. Trusted Computing II
   Xinyang Ge et. al. "SPROBES - Enforcing Kernel Code Integrity on the TrustZone Architecture", MOST 2014.
   
5. Trusted Computing III
   Andrew Baumann et. al. "Shielding applications from an untrusted cloud with Haven", OSDI 2014.
   

Note: 

• It’s recommended that the students read at least the first part of the chapters of the book on these two topics (chapters 15 and 16) before starting to read the papers.
  
• Papers 3 and 4 are about a Trusted Computing technology with a few years called Trustzone, implemented in some ARM processors. Paper 5 is about the Intel SGX technology, still not available commercially.
  

B - "Java security environment"

Presentation dates:  Alameda - 8 December.  Tagus - 10 or 11 December.

1. Java Security Overview
   Java™ Security Overview, 2015
   
2. Stack Inspection
   Dan S. Wallach and Edward W. Felten. "Understanding Java Stack Inspection", S&P 1998.
   
3. Bytecode verification
   Xavier Leroy. "Java Bytecode verification: an overview", CAV 2001.
   
4. Java Card
   Wojciech Mostowski and Erik Poll. "Malicious Code on Java Card Smartcards: Attacks and Countermeasures", CARDIS 2008.
   
5. Class Initialization
   Willard Rafnsson et. al. "Securing Class Initialization in Java-like Languages", TDSC 2012.
   

C - "Secure programming in Java"

Presentation dates:  Alameda - 15 December.  Tagus - 17 or 18 December.

1. Language design
   Eric Jaeger et. al.  "Mind your Language(s) A discussion about languages and security (Long Version)",  LangSec S&P 2014.
   
2. Secure coding in Java
   Secure Coding Guidelines for Java SE, 2014.
   
3. Jif (http://www.cs.cornell.edu/jif/)
   Andrew C. Myers. "JFlow: Practical Mostly-Static Information Flow Control", POPL 1999.
   
4. Paragon (http://www.cse.chalmers.se/research/group/paragon/)
   Niklas Broberg et. al. "Paragon for Practical Programming with Information-Flow Control", APLAS 2013.
   
5. Verifying Java programs
   Ralf Küsters e. al. "A Hybrid Approach for Proving Noninterference of Java Programs", 2015.