Publications

For the most recent list of papers and patents, visit my Google Scholar page.

Papers


"SoK: A Defense-Oriented Evaluation of Software Supply Chain Security" (preprint)
E. Ishgair, M. S. Melara and S. Torres Arias. ArXiv Preprint. May 2024.

"A Viewpoint on Software Supply Chain Security: Are We Getting Lost in Translation?" (article)
M. S. Melara and S. Torres Arias. IEEE Security & Privacy, Vol. 21, Issue 6. Nov 2023.

"Hardware-Enforced Integrity and Provenance for Distributed Code Deployments" (pdf)
M. S. Melara and M. Bowman. NIST Workshop on Enhancing Software Supply Chain Security. June 2021.

"Enabling Security-Oriented Orchestration of Microservices" (preprint)
M. S. Melara and M. Bowman. ArXiv Preprint. May 2021.

"EnclaveDom: Privilege Separation for Large-TCB Applications in Trusted Execution Environments" (preprint)
M. S. Melara, M. J. Freedman, and M. Bowman. ArXiv Preprint. July 2019.

"Pyronia: Redesigning Least Privilege and Isolation for the Age of IoT" (preprint)
M. S. Melara, D. Liu, and M. J. Freedman. ArXiv Preprint. March 2019.

"CONIKS: Bringing Key Transparency to End Users" (pdf) (slides)
M. S. Melara, A. Blankstein, J. Bonneau, E. Felten, M. Freedman. USENIX Security Symposium. August 2015.
Caspar Bowden PET Award, 2017.

"Shining the Floodlights on Mobile Web Tracking — A Privacy Survey" (pdf)
C. Eubank, M. Melara, D. Perez Botero, A. Narayanan. W2SP, 2013.

"Vireos: an Integrated, Bottom-Up Educational Operating Systems Project with FPGA support" (pdf)
M. Corliss, M. Melara. ACM SIGCSE, 2011.

Conference Talks


"Auditing the CI/CD Platform: Reproducible Builds vs. Hardware-Attested Build Environments, Which is Right for You?" (slides)
M. S. Melara, C. Kimes. ACM SCORED '24. Oct 2024.

"TPMs, Merkle Trees and TEEs: Enhancing SLSA with Hardware-Assisted Build Environment Verification" (slides) (video)
M. Melara, C. Kimes. Open Source Summit NA. Apr 2024.

"Panel Discussion: Improving Supply Chain Integrity with OpenSSF Technologies" (video)
A. Le Hors, M. Lieberman, J. White, M. Melara, I. Hepworth. Open Source Summit NA. Apr 2024.

"Panel Discussion: DEI for the OpenSSF Community" (video)
M. McElaney, J. Kjell, J. White, C. Voong, M. Melara. SOSS Community Day NA. Apr 2024.

"All things in-toto! Supply chain attestations, policies, and adoption stories, oh my!" (slides) (video)
M. Melara, S. Torres Arias. KubeCon & CloudNativeCon NA. Nov 2023.

"Using FPGAs to Create a Complete Computer System for the Classroom" (slides)
M. Melara. NYCWiC 2011.

Invited Talks


"Understanding the Software Supply Chain Trust Landscape" (slides)
M. Melara. C2PA Conformance Working Group. Jul 2024.

"Securing the Software Supply Chain: An In-Depth Exploration of SLSA" (video)
M. Lieberman, M. Melara, J. Lock, L. Capadan. OpenSSF Tech Talk. Oct 2023.

"Building Trust with Attestation" (podcast)
M. Melara, V. Scarlata. Open at Intel Podcast. May 2023.

"Software Supply Chains" (podcast)
M. Melara, B. Domingues. Open at Intel Podcast. Mar 2023.

"EnclaveDom: Privilege Separation for Large-TCB Applications in Trusted Execution Environments" (slides)
M. Melara. Microsoft Research Cryptography & Privacy Colloqium. Sep 2020.

Blog Posts


"The Opportunity for DEI Participation in the Security Industry (And OpenSSF)" (post)
C. Voong, J. White, J. Kjell, M. Melara, M. McElaney. OpenSSF Blog. May 2024.

"Why Making Johnny's Key Management Transparent is So Challenging" (post)
M. Melara. Freedom to Tinker. March 2016.

"There's Something Wrong With This Picture..." (post)
M. Melara. Guest blogger, Grand Central Blog. November 2010.

"Busy Moms Need Energy" (post)
M. Melara. Guest blogger, Grand Central Blog. October 2010.

Posters


"Protecting the IoT Against Data Leaks through Intra-Process Access Control" (poster) (slides)
M. Melara. Stony Brook University, National Security Institute Security & Privacy Day 2017.

"Building an Automatic and Scalable Tool for Improving Environmental Recycling: ELARA" (poster)
M. Melara. HWS Summer Research Symposium 2011.

"Using FPGAs to Create a Complete Computer System for the Classroom" (poster)
M. Melara. HWS Summer Research Symposium 2010.

Theses


"Intra-Process Least Privilege and Isolation for Emerging Applications" (pdf)
M. Melara. PhD Dissertation. Princeton University, Department of Computer Science.
Advisor: Michael J. Freedman. 2019.

"CONIKS: Preserving Secure Communication with Untrusted Identity Providers" (pdf)
M. Melara. Master's Thesis. Princeton University, Department of Computer Science.
Advisor: Edward W. Felten. 2014.

"ELARA: Environmental Liaison and Automated Recycling Assistant" (pdf)
M. Melara. Senior Honors Thesis. HWS Dept. of Math and Computer Science.
Advisor: John Vaughn. 2012.