Issued patents:

1. 11,250,165 (2022): Binding of cryptographic operations to context or speculative execution restrictions
2. 11,222,127 (2022): Processor hardware and instructions for SHA3 cryptographic operations
3. 11,216,366 (2022): Security check systems and methods for memory allocations
4. 11,188,639 (2021): System, method and apparatus for automatic program compartmentalization
5. 11,171,983 (2021): Techniques to provide function-level isolation with capability-based security
6. 11,163,569 (2021): Hardware apparatuses, methods, and systems for individually revocable capabilities for enforcing temporal memory safety
7. 11,144,479 (2021): System for address mapping and translation protection
8. 11,080,401 (2021): Memory scanning methods and apparatus
9. 11,036,850 (2021): Technologies for object-oriented memory management with extended segmentation
10. 11,030,113 (2021): Apparatus and method for efficient process-based compartmentalization
11. 10,884,952 (2021): Enforcing memory operand types using protection keys
12. 10,860,709 (2020): Encoded inline capabilities
13. 10,795,997 (2020): Hardened safe stack for return oriented programming attack mitigation
14. 10,785,028 (2020): Protection of keys and sensitive data from attack within microprocessor architecture
15. 10,769,272 (2020): Technology to protect virtual machines from malicious virtual machine managers
16. 10,706,164 (2020): Crypto-enforced capabilities for isolation
17. 10,642,752 (2020): Auxiliary processor resources
18. 10,558,582 (2020): Technologies for execute only transactional memory
19. 10,515,023 (2019): System for address mapping and translation protection
20. 10,503,664 (2019): Virtual machine manager for address mapping and translation protection
21. 10,453,114 (2019): Selective sharing of user information based on contextual relationship information, such as to crowd-source gifts of interest to a recipient
22. 10,452,848 (2019): Memory scanning methods and apparatus
23. 10,324,863 (2019): Protected memory view for nested page table access by virtual machine guests
24. 10,318,733 (2019): Techniques for detecting malware with minimal performance degradation
25. 10,235,301 (2019): Dynamic page table edit control
26. 10,216,522 (2019): Technologies for indirect branch target security
27. 10,157,277 (2018): Technologies for object-oriented memory management with extended segmentation
28. 10,152,612 (2018): Cryptographic operations for secure page mapping in a virtual machine environment
29. 10,104,122 (2018): Verified sensor data processing
30. 10,061,918 (2018): System, apparatus and method for filtering memory access logging in a processor
31. 10,007,784 (2018): Technologies for control flow exploit mitigation using processor trace
32. 9,954,950 (2018): Attestable information flow control in computer systems
33. 9,858,411 (2018): Execution profiling mechanism
34. 9,830,162 (2017): Technologies for indirect branch target security
35. 9,817,976 (2017): Techniques for detecting malware with minimal performance degradation
36. 9,805,194 (2017): Memory scanning methods and apparatus
37. 9,792,222 (2017): Validating virtual address translation by virtual machine monitor utilizing address validation structure to validate tentative guest physical address and aborting based on flag in extended page table requiring an expected guest physical address in the address validation structure
38. 9,710,393 (2017): Dynamic page table edit control
39. 9,703,703 (2017): Control of entry into protected memory views
40. 9,665,373 (2017): Protecting confidential data with transactional processing in execute-only memory
41. 9,501,637 (2016): Hardware shadow stack support for legacy guests
42. 9,335,943 (2016): Method and apparatus for fine grain memory protection
43. 9,124,635 (2015): Verified sensor data processing
44. 8,458,791 (2013): Hardware-implemented hypervisor for root-of-trust monitoring and control of computer system
45. 7,774,411 (2010): Secure electronic message transport protocol

Published patent applications:

1. 17/485,213: OBJECT AND CACHELINE GRANULARITY CRYPTOGRAPHIC MEMORY INTEGRITY
2. 17/314,349: TECHNOLOGY TO CONTROL SYSTEM CALL INVOCATIONS WITHIN A SINGLE ADDRESS SPACE
3. 17/255,588: FUNCTION AS A SERVICE (FAAS) SYSTEM ENHANCEMENTS
4. 16/998,913: PROTECTION OF KEYS AND SENSITIVE DATA FROM ATTACK WITHIN MICROPROCESSOR ARCHITECTURE
5. 16/912,378: COLLISION-FREE HASHING FOR ACCESSING CRYPTOGRAPHIC COMPUTING METADATA AND FOR CACHE EXPANSION
6. 16/862,022: MEMORY WRITE FOR OWNERSHIP ACCESS IN A CORE
7. 16/776,467: CRYPTOGRAPHIC COMPUTING ENGINE FOR MEMORY LOAD AND STORE UNITS OF A MICROARCHITECTURE PIPELINE
8. 16/740,359: CRYPTOGRAPHIC COMPUTING USING ENCRYPTED BASE ADDRESSES AND USED IN MULTI-TENANT ENVIRONMENTS
9. 16/724,105: MICROPROCESSOR PIPELINE CIRCUITRY TO SUPPORT CRYPTOGRAPHIC COMPUTING
10. 16/724,026: DATA ENCRYPTION BASED ON IMMUTABLE POINTERS
11. 16/723,977: CRYPTOGRAPHIC ISOLATION OF MEMORY COMPARTMENTS IN A COMPUTING ENVIRONMENT
12. 16/722,707: CRYPTOGRAPHIC COMPUTING USING ENCRYPTED BASE ADDRESSES AND USED IN MULTI-TENANT ENVIRONMENTS
13. 16/722,342: POINTER BASED DATA ENCRYPTION
14. WO2020096639: Function as a Service (FaaS) System Enhancements
15. 16/024,257: Memory tagging for side-channel defense, memory safety, and sandboxing
16. 15/859,142: Apparatus and method for pausing processor trace for efficient analysis
17. 15/721,553: Installing and manipulating a secure virtual machine image through an untrusted hypervisor
18. 15/713,573: Methods and arrangements to determine physical resource assignments
19. 16/040,193: System, method and apparatus for automatic program compartmentalization
20. 15/273,286: Access control
21. 15/201,018: Regulating control transfers for execute-only code execution

Professional society memberships:

• Senior Member of the Association for Computing Machinery (ACM)
• Senior Member of IEEE

PC member:

• TRUST 2010 & 2011

Journal reviews:

• 2019 IEEE Transactions on Networking
• 2013 IEEE Transactions on Information Forensics & Security (TIFS)
• 2009 Journal of Computer Security (JCS)
• 2009 IEEE Transactions on Industrial Electronics (TIE)
• 2007 ACM Transactions on the Web (TWEB)
• 2005 ACM Transactions on Information and System Security (TISSEC)

Conference and workshop reviews:

• 2021 Design Automation Conference (DAC)
• 2013 IEEE PowerTech
• 2009 International Conference on Distributed Computing Systems (ICDCS)
• 2009 IEEE Symposium on Security and Privacy (Oakland)
• 2008 IEEE Workshop on Policies for Distributed Systems and Networks (POLICY)
• 2008 Hawaiian International Conference on System Sciences (HICSS)
• 2007 IEEE Computer Security Foundations Symposium (CSF)
• 2007 ACM Workshop on Privacy in the Electronic Society (WPES)
• 2006 IEEE International Conference on Network Protocols (ICNP)
• 2006 IFIP International Conference on Critical Infrastructure Protection (ICCIP)
• 2006 ACM Workshop on Privacy in the Electronic Society (WPES)

Selected Mentoring Experiences:

• Summer 2021: Two mentees within inaugural Princeton/Intel Research Experience for Undergraduates (REU) summer program.
• 2020-present: High schooler and author of introductory book on cryptography.
• 2018-present: Multiple mentees within official intra-Intel mentoring program.

Volunteering:

• Computer Science Category Judge at 2020-2022 NWSE Beaverton Hillsboro Science Expo

• Run commuting
• Commuting by Onewheel
• Gardening

  

• Camping, hiking, and backpacking