Robert N. M. Watson
Robert N. M. Watson

Cambridge homepage
robert.watsonatcl.cam.ac.uk

Professional ACM Member badge
  Affiliation history
Bibliometrics: publication history
Average citations per article11.12
Citation Count289
Publication count26
Publication years2001-2017
Available for download15
Average downloads per article6,317.93
Downloads (cumulative)94,769
Downloads (12 Months)5,864
Downloads (6 Weeks)377
SEARCH
ROLE
Arrow RightAuthor only


AUTHOR'S COLLEAGUES
See all colleagues of this author

SUBJECT AREAS
See all subject areas




BOOKMARK & SHARE


27 results found Export Results: bibtexendnoteacmrefcsv

Result 1 – 20 of 27
Result page: 1 2

Sort by:

1 published by ACM
August 2017 SIGCOMM '17: Proceedings of the Conference of the ACM Special Interest Group on Data Communication
Publisher: ACM
Bibliometrics:
Citation Count: 1
Downloads (6 Weeks): 35,   Downloads (12 Months): 729,   Downloads (Overall): 1,676

Full text available: PDFPDF
Conventional operating systems used for video streaming employ an in-memory disk buffer cache to mask the high latency and low throughput of disks. However, data from Netflix servers show that this cache has a low hit rate, so does little to improve throughput. Latency is not the problem it once ...
Keywords: Network Performance, Network stacks, Storage stacks

2
June 2017 TaPP'17: Proceedings of the 9th USENIX Conference on Theory and Practice of Provenance
Publisher: USENIX Association
Bibliometrics:
Citation Count: 0

Advanced Persistent Threats (APT) are a class of security threats in which a well-resourced attacker targets a specific individual or organisation with a predefined goal. This typically involves exfiltration of confidential material, although increasingly attacks target the encryption or destruction of mission critical data. With traditional prevention and detection mechanisms ...
Keywords: APT, advanced persistent threat, distributed systems, provenance, security

3 published by ACM
May 2017 HotOS '17: Proceedings of the 16th Workshop on Hot Topics in Operating Systems
Publisher: ACM
Bibliometrics:
Citation Count: 0
Downloads (6 Weeks): 19,   Downloads (12 Months): 139,   Downloads (Overall): 206

Full text available: PDFPDF
It is time to reconsider memory protection. The emergence of large non-volatile main memories, scalable interconnects, and rack-scale computers running large numbers of small "micro services" creates significant challenges for memory protection based solely on MMU mechanisms. Central to this is a tension between protection and translation: optimizing for translation ...

4 published by ACM
April 2017 ASPLOS '17: Proceedings of the Twenty-Second International Conference on Architectural Support for Programming Languages and Operating Systems
Publisher: ACM
Bibliometrics:
Citation Count: 0
Downloads (6 Weeks): 17,   Downloads (12 Months): 133,   Downloads (Overall): 308

Full text available: PDFPDF
Java provides security and robustness by building a high-level security model atop the foundation of memory protection. Unfortunately, any native code linked into a Java program -- including the million lines used to implement the standard library -- is able to bypass both the memory protection and the higher-level policies. ...
Keywords: architecture, capability systems, cheri, compartmentalization, compilers, hardware security, java, jni, language security, memory protection, sandboxing
Also published in:
May 2017  ACM SIGPLAN Notices - ASPLOS '17: Volume 52 Issue 4, April 2017 May 2017  ACM SIGARCH Computer Architecture News - Asplos'17: Volume 45 Issue 1, March 2017

5
November 2016 OSDI'16: Proceedings of the 12th USENIX conference on Operating Systems Design and Implementation
Publisher: USENIX Association
Bibliometrics:
Citation Count: 0

Centralized datacenter schedulers can make high-quality placement decisions when scheduling tasks in a cluster. Today, however, high-quality placements come at the cost of high latency at scale, which degrades response time for interactive tasks and reduces cluster utilization. This paper describes Firmament, a centralized scheduler that scales to over ten ...

6
September 2016 IEEE Micro: Volume 36 Issue 5, September 2016
Publisher: IEEE Computer Society Press
Bibliometrics:
Citation Count: 0

Capability Hardware Enhanced RISC Instructions (CHERI) supplement the conventional memory management unit (MMU) with instruction-set architecture (ISA) extensions that implement a capability system model in the address space. CHERI can also underpin a hardware-software object-capability model for scalable application compartmentalization that can mitigate broader classes of attack. This article describes ...

7 published by ACM
June 2016 PLDI '16: Proceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation
Publisher: ACM
Bibliometrics:
Citation Count: 16
Downloads (6 Weeks): 51,   Downloads (12 Months): 929,   Downloads (Overall): 2,303

Full text available: PDFPDF
C remains central to our computing infrastructure. It is notionally defined by ISO standards, but in reality the properties of C assumed by systems code and those implemented by compilers have diverged, both from the ISO standards and from each other, and none of these are clearly understood. We make ...
Keywords: C
Also published in:
August 2016  ACM SIGPLAN Notices - PLDI '16: Volume 51 Issue 6, June 2016

8 published by ACM
October 2015 CCS '15: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security
Publisher: ACM
Bibliometrics:
Citation Count: 4
Downloads (6 Weeks): 10,   Downloads (12 Months): 44,   Downloads (Overall): 328

Full text available: PDFPDF
Application compartmentalization, a vulnerability mitigation technique employed in programs such as OpenSSH and the Chromium web browser, decomposes software into isolated components to limit privileges leaked or otherwise available to attackers. However, compartmentalizing applications -- and maintaining that compartmentalization -- is hindered by ad hoc methodologies and significantly increased programming ...
Keywords: compartmentalization, security, vulnerability mitigation

9
May 2015 SP '15: Proceedings of the 2015 IEEE Symposium on Security and Privacy
Publisher: IEEE Computer Society
Bibliometrics:
Citation Count: 7

CHERI extends a conventional RISC Instruction-Set Architecture, compiler, and operating system to support fine-grained, capability-based memory protection to mitigate memory-related vulnerabilities in C-language TCBs. We describe how CHERI capabilities can also underpin a hardware-software object-capability model for application compartmentalization that can mitigate broader classes of attack. Prototyped as an extension ...
Keywords: CHERI processor, capability system, software compartmentalization, computer architecture, memory protection, object capabilities

10
May 2015 NSDI'15: Proceedings of the 12th USENIX Conference on Networked Systems Design and Implementation
Publisher: USENIX Association
Bibliometrics:
Citation Count: 19

QJUMP is a simple and immediately deployable approach to controlling network interference in datacenter networks. Network interference occurs when congestion from throughput-intensive applications causes queueing that delays traffic from latency-sensitive applications. To mitigate network interference, QJUMP applies Internet QoS-inspired techniques to datacenter applications. Each application is assigned to a latency ...

11 published by ACM
March 2015 ASPLOS '15: Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems
Publisher: ACM
Bibliometrics:
Citation Count: 9
Downloads (6 Weeks): 6,   Downloads (12 Months): 68,   Downloads (Overall): 402

Full text available: PDFPDF
We propose a new memory-safe interpretation of the C abstract machine that provides stronger protection to benefit security and debugging. Despite ambiguities in the specification intended to provide implementation flexibility, contemporary implementations of C have converged on a memory model similar to the PDP-11, the original target for C. This ...
Keywords: C language, bounds checking, capabilities, compilers, memory protection, memory safety, processor design, security
Also published in:
May 2015  ACM SIGPLAN Notices - ASPLOS '15: Volume 50 Issue 4, April 2015 May 2015  ACM SIGARCH Computer Architecture News - ASPLOS'15: Volume 43 Issue 1, March 2015

12 published by ACM
August 2014 SIGCOMM '14: Proceedings of the 2014 ACM conference on SIGCOMM
Publisher: ACM
Bibliometrics:
Citation Count: 26
Downloads (6 Weeks): 7,   Downloads (12 Months): 108,   Downloads (Overall): 1,653

Full text available: PDFPDF
Contemporary network stacks are masterpieces of generality, supporting many edge-node and middle-node functions. Generality comes at a high performance cost: current APIs, memory models, and implementations drastically limit the effectiveness of increasingly powerful hardware. Generality has historically been required so that individual systems could perform many functions. However, as providers ...
Keywords: clean-slate design, network performance, network stacks, network- stack specialization
Also published in:
February 2015  ACM SIGCOMM Computer Communication Review - SIGCOMM'14: Volume 44 Issue 4, October 2014

13
June 2014 ISCA '14: Proceeding of the 41st annual international symposium on Computer architecuture
Publisher: IEEE Press
Bibliometrics:
Citation Count: 26
Downloads (6 Weeks): 9,   Downloads (12 Months): 105,   Downloads (Overall): 474

Full text available: PDFPDF
Motivated by contemporary security challenges, we reevaluate and refine capability-based addressing for the RISC era. We present CHERI, a hybrid capability model that extends the 64-bit MIPS ISA with byte-granularity memory protection. We demonstrate that CHERI enables language memory model enforcement and fault isolation in hardware rather than software, and ...
Also published in:
October 2014  ACM SIGARCH Computer Architecture News - ISCA '14: Volume 42 Issue 3, June 2014

14 published by ACM
April 2014 EuroSys '14: Proceedings of the Ninth European Conference on Computer Systems
Publisher: ACM
Bibliometrics:
Citation Count: 0
Downloads (6 Weeks): 2,   Downloads (12 Months): 25,   Downloads (Overall): 177

Full text available: PDFPDF
Large, complex, rapidly evolving pieces of software such as operating systems are notoriously difficult to prove correct. Developers instead describe expected behaviour through assertions and check actual behaviour through testing. However, many dynamic safety properties cannot be validated this way as they are temporal: they depend on events in the ...

15 published by ACM
November 2013 HotNets-XII: Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks
Publisher: ACM
Bibliometrics:
Citation Count: 8
Downloads (6 Weeks): 1,   Downloads (12 Months): 17,   Downloads (Overall): 244

Full text available: PDFPDF
Contemporary network stacks are masterpieces of generality, supporting a range of edge-node and middle-node functions. This generality comes at significant performance cost: current APIs, memory models, and implementations drastically limit the effectiveness of increasingly powerful hardware. Generality has historically been required to allow individual systems to perform many functions. However, ...
Keywords: network performance, network stacks

16 published by ACM
February 2013 Communications of the ACM: Volume 56 Issue 2, February 2013
Publisher: ACM
Bibliometrics:
Citation Count: 9
Downloads (6 Weeks): 44,   Downloads (12 Months): 130,   Downloads (Overall): 1,798

Full text available: HtmlHtml  PDFPDF
Open source security foundations for mobile and embedded devices.

17 published by ACM
January 2013 Queue - Web Development: Volume 11 Issue 1, January 2013
Publisher: ACM
Bibliometrics:
Citation Count: 0
Downloads (6 Weeks): 130,   Downloads (12 Months): 1,065,   Downloads (Overall): 60,445

Full text available: HtmlHtml  PDFPDF
Open source security foundations for mobile and embedded devices

18
April 2012 SP'12: Proceedings of the 20th international conference on Security Protocols
Publisher: Springer-Verlag
Bibliometrics:
Citation Count: 0

Authentication protocols attempt to discern whether or not a user is who she says she is based on what she has, is or knows. In many situtations, however, such as protecting Wikis from robots and Distributed Hash Tables from sybils, identity is less important than liveness: it's not who you ...

19 published by ACM
March 2012 Communications of the ACM: Volume 55 Issue 3, March 2012
Publisher: ACM
Bibliometrics:
Citation Count: 2
Downloads (6 Weeks): 8,   Downloads (12 Months): 64,   Downloads (Overall): 1,906

Full text available: HtmlHtml  PDFPDF
Capsicum is a lightweight operating system (OS) capability and sandbox framework planned for inclusion in FreeBSD 9. Capsicum extends, rather than replaces, UNIX APIs, providing new kernel primitives (sandboxed capability mode and capabilities ) and a userspace sandbox API. These tools support decomposition of monolithic UNIX applications into compartmentalized logical ...

20
March 2011 SP'11: Proceedings of the 19th international conference on Security Protocols
Publisher: Springer-Verlag
Bibliometrics:
Citation Count: 0

Reviewing conference submissions is both labour-intensive and diffuse. A lack of focus leads to reviewers spending much of their scarce time on papers which will not be accepted, which can prevent them from identifying several classes of problems with papers that will be. We identify opportunities for automation in the ...



The ACM Digital Library is published by the Association for Computing Machinery. Copyright © 2018 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us