Browsing by Subject "Trusted Computer System Evaluation Criteria (TCSEC)"
Now showing 1 - 10 of 10
Results Per Page
Sort Options
Item Oral history interview with Anita K. Jones(Charles Babbage Institute, 2015-06-24) Jones, Anita K.Computer security pioneer Antia K. Jones briefly discusses her undergraduate education at Rice University and work at IBM. The bulk of the interview concentrates on her graduate education at Carnegie Mellon University and her career as a computer scientist. This includes the discussion of capabilities (a mechanism for implementing naming and security), the HYDRA Kernel, the Take-Grant model, various research collaborations, serving as a faculty member at CMU, co-founding and helping to lead Tartan Laboratories, chairing the Computer Science Department at University of Virginia, serving as the Director of DDR&E, gender and computer science, and digital humanities. Professor William A. Wulf also participates in this interview. This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”Item Oral history interview with Daniel J. Edwards(Charles Babbage Institute, 2013-07-02) Edwards, Daniel J.In this oral history, computer security pioneer Daniel Edwards discusses his long-term career as a computer security researcher at the National Security Agency (NSA). He discusses Trojan Horse attacks, a term he introduced in the computer security field to describe a particular type of computer security vulnerability of hidden malicious code within a seemingly harmless program. He provides perspective on the evolving relationship of communications security (COMSEC) and computer security (COMPUSEC) at the NSA. Edwards became part of the NSA’s National Computer Security Center and was principally involved with the development of the NCSC’s/DOD’s Trusted Computer System Evaluation Criteria (TCSEC) and elaborates on the processes and considerations in developing and refining this influential set of computer security standards. This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”Item Oral history interview with John D. McLean(Charles Babbage Institute, 2014-04-22) McLean, John D.In this oral history, computer security pioneer John McLean begins by discussing his graduate education in logic as well as computer science (working with Dave Parnas). The interview focuses on McLean’s long tenure at the Naval Research Laboratory (NRL)—serving as a scientist, supervisory scientist, and later, as a senior administrator (Superintendent of the Information Technology Division of NRL). Among other topics, McLean discusses his collaboration with Carl Landwehr and Constance Heitmeyer on a security model for the Military Message Systems, his (System Z) counterexample that challenged a premise of the Bell-LaPadula security model, the origins of the Foundations Workshop, and managerial roles at NRL. This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”Item Oral history interview with Marvin Schaefer(Charles Babbage Institute, 2013-11-20) Schaefer, MarvinThis interview with computer security pioneer Marvin Schaefer discusses his roles and perspectives on computer security work at the System Development Corporation over many years (an organization he began working at in the summer of 1965), as well as his work at the National Computer Security Center in helping to create the Trusted Computer System Evaluation Criteria (TCSEC). With the latter he relates the challenges to writing the criteria, the debates over the structure and levels, and the involvement of criteria lawyers. He also summarizes his work at the company Trusted Information Systems. In addition to detailing his pivotal work in computer security, he offers insightful commentary on issues in the field such as the Bell-LaPadula Model, John McLean’s System Z, and other topics. This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”Item Oral history interview with Richard A. Kemmerer(Charles Babbage Institute, 2014-04-30) Kemmerer, Richard A.Computer security pioneer Richard Kemmerer discusses his graduate training (at UCLA), his early and long-term consulting work for System Development Corporation in computer security research and development, and his research and education of graduate students at University of California at Santa Barbara. Among the topics covered are his work on Secure Unix, electronic voting, intrusion detection, and other areas. He also relates perspectives on early conferences (VERkshop, IEEE Symposium on Security and Privacy, and others), the NCSC and TCSEC, and other topics. This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”Item Oral history interview with Sheila Brand by Rebecca Slayton(Charles Babbage Institute, 2016-09-29) Brand, SheilaThis interview with security pioneer Sheila Brand discusses her early training and career in mathematics and engineering before turning to her work in both private sector and government computer security. In the late 1960s and early 1970s, Brand helped to develop and secure time-shared databases at Commercial Credit Corporation, shortly after Commercial Credit merged with Control Data Corporation (CDC). In the 1970s Brand worked on computer security in the Social Security Administration and the Inspector General’s office of the Department of Health and Human Services before going to the National Security Agency’s new Computer Security Center in 1982. There she authored the Trusted Computer System Evaluation Criteria (TCSEC), or “Orange Book,” which influenced computer security standards around the world. In her later career at the National Security Agency she worked in intelligence as well as continued standards development, for example leading the task force that developed the Unified INFOSEC Criteria. Brand also discusses the processes whereby she overcame multiple obstacles to women pursuing careers in science and engineering, and the process of becoming a manager as well as a problem-solver. This interview is part of a project conducted by Rebecca Slayton and funded by an ACM History Committee fellowship on “Measuring Security: ACM and the History of Computer Security Metrics.”Item Oral history interview with Terry Benzel(Charles Babbage Institute, 2014-11-18) Benzel, TerryComputer security pioneer Terry Benzel discusses her education and programming work at Charles Draper Laboratory, before focusing on her work at MITRE Corporation, Trusted Information Systems (TIS), Network Associates and USC Information Sciences Institute (ISI). The MITRE discussion highlights her early role and perspectives on criteria evaluation (including her role in the SCOMP evaluation) in the formative years of TCSEC and after the publication of the criteria in 1983. Starting as a TIS principal scientist she rose to become a vice president in charge of the West Coast (Los Angeles) office, and later led a research team of 120 scientists/engineers for Network Associates. Among the technologies discussed are firewall development, and the security testbed at ISI. This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”Item Oral history interview with Thomas A. Berson by Rebecca Slayton(Charles Babbage Institute, 2014-04-18) Berson, Thomas A.This interview with computer security pioneer Tom Berson discusses his early interest in computers, formal training in physics and computer science, and career in computer and network security industry. Berson earned a bachelor’s degree in physics before going to IBM Yorktown Heights in the late 1960s. He worked as a consultant while earning a Ph.D. in computer science from University College London, which he completed in 1977. After completing the Ph.D. he went to work for Ford Aerospace and Communications Corporation in California, where he worked on the Kernelized Secure Operating System (KSOS). In 1979 he and five others from Ford started a computer networking company, Sytek, where Berson was involved in several innovations related to network security. In 1986 he founded a new start-up, Anagram. Berson also discusses his involvement in IEEE Symposium on Security and Privacy, the International Association for Cryptologic Research (IACR), the influence of the Orange Book, and the future of the field of computer security. This interview is part of a project conducted by Rebecca Slayton and funded by an ACM History Committee fellowship on “Measuring Security: ACM and the History of Computer Security Metrics.”Item Oral history interview with W. Earl Boebert(Charles Babbage Institute, 2015-04-28) Boebert, W. EarlComputer security pioneer Earl Boebert discusses his education at Stanford University before the bulk of the interview focuses on his work within the Air Force and at Honeywell. Among the topics he discusses are the Air Force Undergraduate Navigator Training System, efforts to save and market Multics (and the inherent challenges given GE’s existing systems and the economics of the mainframe business), PSOS, Sidewinder, the formation of Secure Computing Corporation. Also discussed is his role in the broader computer security research community including serving on many National Research Council committees, including the one producing the influential 1991 Computers at Risk. This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”Item Oral history interview with William H. Murray(Charles Babbage Institute, 2013-09-24) Murray, William H.In this interview computer security pioneer William Murray begins by discussing early work experiences and influences (his father was an IBM CE and manager, and his mother was a keypunch operator). The bulk of the interview focuses on his work at IBM in computer security and his reflections on developments in this field. This includes efforts with computer security at IBM SHARE, Bob Courtney as an early leader at IBM in this field, Horst Feistel and the cryptographic research group at IBM, MVS TSO, IBM’s MVS Integrity Commitment, TCSEC, and RACF. He also provides context to a number of his publications including his influential Access Control Facility for AAS and Data Security and Controls. Murray was an influential figure with ISC-squared and the CISSP security credential and the auditing and forensics sides to security (working as a consultant for Deloitte & Touche and Ernst & Young after leaving IBM). This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”