Browsing by Subject "Computer security"

Now showing 1 - 20 of 39
  • Thumbnail Image
    Item
    Assessing the Energy Impacts of Cyberattacks on Low-Level Automated Vehicles
    (Center for Transportation Studies, University of Minnesota, 2023-08) Stern, Raphael; Li, Tianyi; Rosenblad, Benjamin; Shang, Mingfeng
    In this study, we investigate the potential impact of stealthy cyberattacks on automated or partially automated vehicles, and consider how they will influence traffic flow and fuel consumption. Specifically, we define stealthy cyberattacks on automated vehicles where driving behavior deviates only slightly from normal driving behavior. We use simulation analysis to consider different cyberattacks, and investigate their impact on traffic flow and aggregate fuel consumption of all vehicles in the traffic flow. We find that such attacks, while difficult to detect, may substantially degrade traffic flow, and, to a lesser extent, vehicle emissions across the traffic flow.
  • Thumbnail Image
    Item
    Oral history interview with Anita K. Jones
    (Charles Babbage Institute, 2015-06-24) Jones, Anita K.
    Computer security pioneer Antia K. Jones briefly discusses her undergraduate education at Rice University and work at IBM. The bulk of the interview concentrates on her graduate education at Carnegie Mellon University and her career as a computer scientist. This includes the discussion of capabilities (a mechanism for implementing naming and security), the HYDRA Kernel, the Take-Grant model, various research collaborations, serving as a faculty member at CMU, co-founding and helping to lead Tartan Laboratories, chairing the Computer Science Department at University of Virginia, serving as the Director of DDR&E, gender and computer science, and digital humanities. Professor William A. Wulf also participates in this interview. This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”
  • Thumbnail Image
    Item
    Oral history interview with Barry Schrager
    (Charles Babbage Institute, 2012-05-24) Schrager, Barry
    Barry Schrager, who has a M.S. in applied mathematics from Northwestern University, is a seminal figure in the design and development of early commercial computer security software products. From 1968 to 1978 he served as Assistant Director of the University of Illinois-Chicago Circle Computer Center, where activity of student hackers on the center’s time-shared system led him to investigate methods and tools to achieve greater security. In the early 1970s he became involved with IBM SHARE, and led a committee of emerging computer security experts – SHARE’s Data Security and Management Group. Schrager and his group’s 1974 SHARE white paper defined access control requirements to achieve security, which led to IBM’s 1976 computer security software product, Resource Access Control Facility (RACF). Initially this product fell short of the requirements outlined in the white paper and Schrager and a colleague, Eberhard Klemens, developed a prototype Access Control Facility (ACF) which met the requirements. In 1978 these two teamed up with Scott Krueger to found SKK, Inc. and refine this computer security software product as ACF2 for its first customer London Life Insurance (Ontario, Canada). Soon thereafter SKK sold this product to General Motors and many other major corporations/organizations. ACF2 became a billion dollar product that is now owned by Computer Associates. This oral history concentrates on Schrager’s work with SHARE, the creation of ACF2, and his leadership of SKK, Inc. This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”
  • Thumbnail Image
    Item
    Oral history interview with Butler Lampson
    (Charles Babbage Institute, 2014-12-11) Lampson, Butler
    Turing Award winning computer scientist Butler Lampson briefly discusses his education and work in time-sharing with Project Genie, the Cal Time-Sharing System (Cal Computer Center), and the Berkeley Computer Corporation (BCC), as well as his seminal work at Xerox PARC (systems and graphics work to create the office of the future—the ALTO and the basis for the Xerox STAR—the primary achievements that led to his receiving the Turing Award in 1992). The interview, part of an NSF-funded CBI effort to document computer security history, concentrates on Lampson’s many contributions to the computer security research field, and his broader perspectives on various aspects of computer security developments (including the economics of computer security). Lampson talks about his work to build a capability machine, and expresses that despite considerable interest from some research scientists, this is not a fruitful path for computer security. He explores the context to his important note on the confinement problem. He also discusses the context of his access matrix. Finally, he discusses his work at Digital Equipment Corporation (DEC) and Microsoft, including his work at DEC on distributed system security, and Microsoft’s Palladium Assurance stack. This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”
  • Thumbnail Image
    Item
    Oral history interview with Carl E. Landwehr
    (Charles Babbage Institute, 2014-04-21) Landwehr, Carl E.
    Computer security pioneer Carl Landwehr discusses his educational training (Ph.D. University of Michigan), his research as computer scientist/supervisory computer scientist at the Naval Research Laboratory in the second half of the 1970s, 1980s and 1990s, and subsequent work as a research program officer for computer security at the National Science Foundation (over two separate tenures) and IARPA (where he served as a Division Chief). Among the topics discussed are the Secure Military Message System Project, survey work analyzing early security models, his work on application-based security models, and the role of federal research programs in advancing the field of computer security. This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”
  • Thumbnail Image
    Item
    Oral History Interview with Cynthia Irvine
    (Charles Babbage Institute, 2025-03-04) Irvine, Cynthia
    This oral history interview is sponsored by and a part of NSF 2202484 “Mining a Useable Past: Perspectives, Paradoxes, and Possibilities with Security and Privacy,” at the Charles Babbage Institute. Early in the interview Professor Irvine discusses early educational interests and work, and a focus on Astronomy as an undergraduate and in completing a Ph.D. at Case Western Reserve University. The bulk of the oral history focuses on her work in computer science and computer security, with introduction to the computer security specialty working at Naval Postgraduate initially, mentorship and collaboration with Roger Schell, and going to work for his startup company Gemini, a company launched to build high assurance certified access control systems for government and industry. She discusses gender in science, computer science, and computer security. In returning to Naval Postgraduate School to become a faculty and earning the honor of Distinguished Professor of Computer Science, her work has explored and advanced security models, security practices, and computer security education. An early pioneer in the latter area, she was lead organizer of an early computer security education annual conference in Monterey at NPS, work influential to the field and to the National Security Agency in launching a certification of schools as Centers of Academic Excellence in cybersecurity, which evolved to certifications in education and in research, CAE-CD, CAE-CO, and CAE-R. She discusses educational philosophy and mentorship and her partnering research//work in using gaming as an educational tool for cybersecurity. She also relates her work and education within the framework of the mission of NPS, as well the evolving and fast escalating risk landscape regarding critical infrastructure and other realms.
  • Thumbnail Image
    Item
    Oral history interview with Daniel J. Edwards
    (Charles Babbage Institute, 2013-07-02) Edwards, Daniel J.
    In this oral history, computer security pioneer Daniel Edwards discusses his long-term career as a computer security researcher at the National Security Agency (NSA). He discusses Trojan Horse attacks, a term he introduced in the computer security field to describe a particular type of computer security vulnerability of hidden malicious code within a seemingly harmless program. He provides perspective on the evolving relationship of communications security (COMSEC) and computer security (COMPUSEC) at the NSA. Edwards became part of the NSA’s National Computer Security Center and was principally involved with the development of the NCSC’s/DOD’s Trusted Computer System Evaluation Criteria (TCSEC) and elaborates on the processes and considerations in developing and refining this influential set of computer security standards. This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”
  • Thumbnail Image
    Item
    Oral history interview with David Elliott Bell
    (Charles Babbage Institute, 2012-09-24) Bell, David Elliott
    David Elliott Bell is a mathematician and computer security pioneer who co-developed the highly influential Bell-LaPadula security model. This interview discusses the context of his pivotal computer security work at MITRE Corporation, and his later contributions at the National Security Agency and Trusted Information Systems (including his leadership on TIS’s Trusted Xenix B2-rated system). This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”
  • Thumbnail Image
    Item
    Oral history interview with Donn B. Parker
    (Charles Babbage Institute, 2003-05-14) Parker, Donn B.
    Donn Parker, a renowned expert on computer security, begins by discusses his education and early programming and managerial work at General Dynamics and the Control Data Corporation (CDC). The bulk of the interview concentrates on developments and contexts to Parker’s subsequent work at SRI on computer security and computer crime. This pioneering research, which was funded by the National Science Foundation and the Department of Justice, provided Parker with the substance for a number of influential books. Parker also discusses the emergence of the computer security industry, IBM’s contributions to the field, and computer security legislation. He concludes by addressing aspects of the contemporary computer security situation, best practices to prevent breaches, and his formation of the International Information Integrity Institute (I4).
  • Thumbnail Image
    Item
    Oral history interview with Dorothy E. Denning
    (Charles Babbage Institute, 2013-04-11) Denning, Dorothy E.
    Computer security pioneer Dorothy Denning discusses her career including her Lattice Model for Computer Security, research on database security, intrusion detection, and other areas, such as her influential textbooks. The interview also addresses computer security research infrastructure and collaborators at various institutions where she worked including Purdue University, SRI International, Digital Equipment Corporation, Georgetown University, and Naval Postgraduate School. This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”
  • Thumbnail Image
    Item
    Oral history interview with Eldon Worley
    (Charles Babbage Institute, 2012-11-15) Worley, Eldon
    Eldon Worley was a longtime software scientist/engineer at IBM Research in San Jose. He pioneered Information Management Facility (IMF), a path breaking security system that was the underlying basis for the IBM security product Resource Access Control Facility, or RACF. After this work left IBM Research to be developed into a product, Worley continued to analyze and provide feedback to IBM’s development staff. RACF has gone through many different releases since its first iteration in the mid-1970s. Worley provides background on the origins of IMF and RACF, and how RACF evolved over two decades—including perspective on customer installations of RACF in the UK, where he spent time in both the mid-1970s and mid-1980s. This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”
  • Thumbnail Image
    Item
    Oral history interview with Eugene H. Spafford
    (Charles Babbage Institute, 2013-11-12) Spafford, Eugene H.
    This interview with computer security pioneer Eugene Spafford spans from his early education to the near present (2013). He discusses how he came to focus on computer security as a research field and his long and ongoing career as a faculty member, editor-in-chief (Computers & Security), center director, and educator. A substantial portion of the interview addresses his work in founding and leading a premier center for computer security research—COAST Lab (Computer Operations, Audit, and Security Technology), which evolved to become CERIAS (Center for Education and Research in Information Assurance and Security). CERIAS is the largest academic research center on information assurance and computer security and has had tremendous influence on the field from its pioneer research and education to its highly regarded symposiums and outreach. Among other topics Spafford discusses are intrusion detection research and development, Unix security, Tripwire, the Association for Computing Machinery, service to the federal government, and the importance of a sense of humor. This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”
  • Thumbnail Image
    Item
    Oral history interview with John D. McLean
    (Charles Babbage Institute, 2014-04-22) McLean, John D.
    In this oral history, computer security pioneer John McLean begins by discussing his graduate education in logic as well as computer science (working with Dave Parnas). The interview focuses on McLean’s long tenure at the Naval Research Laboratory (NRL)—serving as a scientist, supervisory scientist, and later, as a senior administrator (Superintendent of the Information Technology Division of NRL). Among other topics, McLean discusses his collaboration with Carl Landwehr and Constance Heitmeyer on a security model for the Military Message Systems, his (System Z) counterexample that challenged a premise of the Bell-LaPadula security model, the origins of the Foundations Workshop, and managerial roles at NRL. This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”
  • Thumbnail Image
    Item
    Oral history interview with Karl Levitt
    (Charles Babbage Institute, 2013-06-06) Levitt, Karl
    Computer security pioneer discusses his educational background and early career, with the bulk of the interview on his approximately four decades plus focus on computer security research. He discusses his work with fault-tolerant systems, the institutional setting and his research and management roles at SRI (including PSOS, IDES/NIDES, etc.). He also discusses joining the faculty at UC-Davis in Computer Science and launching its Computer Security Laboratory, which has been influential in educating and placing computer security specialists in academe, government, and industry. Also discussed is his post-IDES/NIDES work on intrusion detection, voting systems and security, federal funding for computer security, his program manager role for Trustworthy Computing at NSF, and other topics. This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”
  • Thumbnail Image
    Item
    Oral history interview with Lance Hoffman by Rebecca Slayton
    (Charles Babbage Institute, 2014-07-01) Hoffman, Lance
    This interview with security pioneer Lance Hoffman discusses his entrance into the field of computer security and privacy—including earning a B.S. in math at the Carnegie Institute of Technology, interning at SDC, and earning a PhD at Stanford University—before turning to his research on computer security risk management at as a Professor at the University of California–Berkeley and George Washington University. He also discusses the relationship between his PhD research on access control models and the political climate of the late 1960s, and entrepreneurial activities ranging from the creation of a computerized dating service to the starting of a company based upon the development of a decision support tool, RiskCalc. Hoffman also discusses his work with the Association for Computing Machinery and IEEE Computer Society, including his role in helping to institutionalize the ACM Conference on Computers, Freedom, and Privacy. The interview concludes with some reflections on the current state of the field of cybersecurity and the work of his graduate students. This interview is part of a project conducted by Rebecca Slayton and funded by an ACM History Committee fellowship on “Measuring Security: ACM and the History of Computer Security Metrics.”
  • Thumbnail Image
    Item
    Oral history interview with Marvin Schaefer
    (Charles Babbage Institute, 2013-11-20) Schaefer, Marvin
    This interview with computer security pioneer Marvin Schaefer discusses his roles and perspectives on computer security work at the System Development Corporation over many years (an organization he began working at in the summer of 1965), as well as his work at the National Computer Security Center in helping to create the Trusted Computer System Evaluation Criteria (TCSEC). With the latter he relates the challenges to writing the criteria, the debates over the structure and levels, and the involvement of criteria lawyers. He also summarizes his work at the company Trusted Information Systems. In addition to detailing his pivotal work in computer security, he offers insightful commentary on issues in the field such as the Bell-LaPadula Model, John McLean’s System Z, and other topics. This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”
  • Thumbnail Image
    Item
    Oral history interview with Matt Bishop
    (Charles Babbage Institute, 2013-06-06) Bishop, Matt
    This interview with computer security pioneer Matt Bishop discusses his doctoral research (access controls and the Take-Grant Protection Model) working with Dorothy Denning at Purdue University and subsequent career as a computer scientist and computer security specialist at the Research Institute of Advanced Computer Science, on the faculty at Dartmouth University, and on the faculty at University of California-Davis. Bishop’s research is wide-ranging and the interview touches on his work on Unix security and vulnerabilities, network security, intrusion detection, electronic voting systems, and other areas. Bishop recounts the project he launched to provide public (Web) access to seminal early papers in computer security, an important effort to facilitate computer security history and learning from the past. And he relates the evolution of the UC-Davis Computer Security Lab and its influence on the research field and education in computer security. He also discusses his role as an educator and the authoring of his textbook Computer Security: Art and Science (2002). This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”
  • Thumbnail Image
    Item
    Oral history interview with Peter C. Patton
    (Charles Babbage Institute, 2000-08-30) Patton, Peter C.
    In this oral history Peter Patton, Chief Technology Officer at Lawson Software in St. Paul, MN, and former Director of Academic Computing at the University of Minnesota, talks about his education at Harvard, his involvement in the development of PLATO courses in the humanities, and his perspectives on the software industry and patenting. Patton also shares his experience with IBM 650, CDC 6600, and Cray installations on several university campuses, his role in Project Safeguard, and his design of the Hennepin Justice Information System.
  • Thumbnail Image
    Item
    Oral history interview with Peter G. Neumann
    (Charles Babbage Institute, 2013-06-03) Neumann, Peter G.
    In this interview, computer security pioneer Peter G. Neumann relates his education at Harvard University (A.B. in Math, S.M. and Ph.D. in Applied Math), including an influential (to his perspective and career) two-hour long meeting/discussion as an undergraduate with Albert Einstein (discussing “complexity” and other topics). The vast majority of the interview addresses the many facets of his highly influential career in computer security research. With regard to the latter, this includes discussion of his work at Bell Labs and extensive involvement with MULTICS security, and his subsequent four-decade (and continuing) career as a research scientist at SRI International. He tells of his work and leadership with the Provably Secure Operating System (PSOS), research and writing on risks (including moderating the ACM Risks Forum), insider misuse and intrusion-detection systems (IDES, NIDES, EMERALD), and his current work on two DARPA-funded projects that builds on key lessons of the past to design and develop secure/trustworthy computer systems. He also relates the computer security research infrastructure and how it evolved, as well as comments on a number of other topics such as the major computer security conferences and the range of perspectives of researchers in the computer security research community. This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”
  • Thumbnail Image
    Item
    Oral history interview with Peter J. Denning
    (Charles Babbage Institute, 2013-04-10) Denning, Peter J.;
    This interview focuses on Peter Denning’s pioneering early contributions to computer security. This includes discussion of his perspective on CTSS and Multics as a graduate student at MIT, pioneering (with his student Scott Graham) the critical computer security concept of a reference monitor for each information object as a young faculty member at Princeton University, and his continuing contributions to the computer security field in his first years as a faculty member at Purdue University. Because of an extensive, career spanning oral history done with Denning as part of the ACM Oral History series (which includes his contributions as President of ACM, research on operating systems, and principles of computer science), this interview is primarily limited to Denning’s early career when computer security was one of his fundamental research areas. This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”