Questions? Call 800-624-6242
|
|
|
|
|
The following HTML text is provided to enhance online
readability. Many aspects of typography translate only awkwardly to HTML.
Please use the page image
as the authoritative form to ensure accuracy.
Page 51
A
Committee Member and Staff Biographies
STEPHEN T. KENT, Chair, is chief
scientist for information security at BBN Technologies, a division
of Verizon Communications. During the last two decades, Dr.
Kent's R&D activities have included the design and
development of user authentication and access control systems,
network layer encryption and access control systems, secure
transport layer protocols, secure e-mail technology, multilevel
secure (X.500) directory systems, and public-key certification
authority systems. His most recent work focuses on security for
Internet routing, very high-speed IP encryption, and high-assurance
cryptographic modules. Dr. Kent served as a member of the Internet
Architecture Board (1983-1994) and chaired the Privacy and Security
Research Group of the Internet Research Task Force (1985-1998). He
chaired the Privacy Enhanced Mail (PEM) working group of the
Internet Engineering Task Force (IETF) from 1990 to 1995 and
co-chairs the Public Key Infrastructure Working Group
(1995-present). He is the primary author of the core IPsec
standards: RFCs 2401, 2402, and 2406. He is a member of the
editorial board of the Journal of Computer Security
(1995-present), serves on the board of the Security Research
Alliance, and served on the board of directors of the International
Association for Cryptologic Research (1982-1989). Dr. Kent was a
member of CSTB's Information Systems Trustworthiness Committee
(1996-1998), which produced Trust in Cyberspace. His other
previous NRC service includes the CSTB Committee on Rights and
Responsibilities of Participants in Networked Communities
(1993-1994), the Technical Assessment panel for the NIST Computer
Systems Laboratory (1990-1992), and the CSTB Secure
|
|
|
|
|
Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter.
Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.
OCR for page 51
A
Committee Member and
Staff Biographies
STEPHEN T. KENT, Chair, is chief scientist for information security at
BBN Technologies, a division of Verizon Communications. During the
last two decades, Dr. Kent’s R&D activities have included the design and
development of user authentication and access control systems, network
layer encryption and access control systems, secure transport layer proto-
cols, secure e-mail technology, multilevel secure (X.500) directory sys-
tems, and public-key certification authority systems. His most recent
work focuses on security for Internet routing, very high-speed IP encryp-
tion, and high-assurance cryptographic modules. Dr. Kent served as a
member of the Internet Architecture Board (1983-1994) and chaired the
Privacy and Security Research Group of the Internet Research Task Force
(1985-1998). He chaired the Privacy Enhanced Mail (PEM) working group
of the Internet Engineering Task Force (IETF) from 1990 to 1995 and co-
chairs the Public Key Infrastructure Working Group (1995-present). He is
the primary author of the core IPsec standards: RFCs 2401, 2402, and 2406.
He is a member of the editorial board of the Journal of Computer Security
(1995-present), serves on the board of the Security Research Alliance, and
served on the board of directors of the International Association for
Cryptologic Research (1982-1989). Dr. Kent was a member of CSTB’s
Information Systems Trustworthiness Committee (1996-1998), which pro-
duced Trust in Cyberspace. His other previous NRC service includes the
CSTB Committee on Rights and Responsibilities of Participants in Net-
worked Communities (1993-1994), the Technical Assessment panel for the
NIST Computer Systems Laboratory (1990-1992), and the CSTB Secure
51
OCR for page 52
52 IDs—NOT THAT EASY
Systems Study Committee (1988-1990). The U.S. Secretary of Commerce
appointed Dr. Kent as chair of the Federal Advisory Committee to De-
velop a FIPS for Federal Key Management Infrastructure (1996-1998). The
author of two book chapters and numerous technical papers on network
security, Dr. Kent has served as a referee, panelist, and session chair for a
number of conferences. Since 1977 he has lectured on the topic of net-
work security on behalf of government agencies, universities, and private
companies throughout the United States, Europe, Australia, and the Far
East. Dr. Kent received the B.S. degree in mathematics summa cum laude
from Loyola University of New Orleans and the S.M., E.E., and Ph.D.
degrees in computer science from the Massachusetts Institute of Technol-
ogy. He is a fellow of the Association for Computing Machinery and a
member of the Internet Society and Sigma Xi.
MICHAEL ANGELO is currently a staff fellow at Compaq Computer
Corporation and runs a laboratory at Compaq that assesses biometrics
and other security-enhancing technologies, such as smart cards. He is
considered a subject-matter expert for security and its associated tech-
nologies. His job is to provide technical guidance and input into strategic
planning and the development of secure solutions. In addition, he is
responsible for providing technical assistance to the corporate security
team. Dr. Angelo possesses expertise in both biometric and token access
authentication technology, including technical threat model and imple-
mentation analysis, as well as in risk reduction enhancement methodol-
ogy, applied computer system security, computer forensics, advanced
data protection methodologies, and practical encryption techniques. His
experience comprises 15 years in designing, implementing, managing,
and supporting secure intra- and Internets, including gateways, firewalls,
and sentinels, plus 20 years working at the kernel level of numerous
operating systems, including a wide variety of hardware platforms (from
PCs to supercomputers) and software platforms (including several fla-
vors of UNIX, MS-DOS/Windows/NT, and VMS). He holds several pat-
ents. Dr. Angelo has been active in a number of trade standards organiza-
tions: the Trusted Computing Platform Association (TCPA), Americans
for Computer Privacy (ACP), the Bureau of Export Administration Tech-
nical Advisory Committee (BXA-TAC), the Information Security Explor-
atory Committee (ISEC), the Key Recovery Alliance (KRA), the Computer
Systems Policy Project, the Cross-Industry Working Team Security Work-
ing Group, and the National Institute of Standards and Technology’s In-
dustry Key Escrow Working Group.
STEVEN BELLOVIN is a fellow at AT&T Research. Dr. Bellovin re-
ceived a B.A. degree from Columbia University and an M.S. and Ph.D. in
OCR for page 53
53
APPENDIX A
computer science from the University of North Carolina at Chapel Hill.
While a graduate student, he helped create Netnews; for this, he and the
other collaborators were awarded the 1995 USENIX Lifetime Achieve-
ment Award. At AT&T Laboratories, he does research in networks and
security and why the two do not get along. Dr. Bellovin has embraced a
number of public interest causes and weighed in (e.g., through his writ-
ings) on initiatives (e.g., in cryptography and law enforcement) that ap-
pear to threaten privacy. He is currently focusing on cryptographic pro-
tocols and network management. Bellovin is the coauthor of the recent
book Firewalls and Internet Security: Repelling the Wily Hacker, and he is a
member of the Internet Architecture Board. He was a member of the
CSTB committee that produced Trust in Cyberspace (1999), and he is a
member of the National Academy of Engineering.
BOB BLAKLEY is chief scientist for security and privacy at IBM Tivoli
Software in Austin, Texas. Dr. Blakley was chief scientist for DASCOM,
Inc., at the time of its acquisition by IBM and integration into Tivoli.
Before joining DASCOM, Dr. Blakley was lead security architect for IBM,
where he was employed for 9 years. In addition to his product design
responsibilities, Dr. Blakley led the IBM Security Architecture Board and
was the IBM representative to the Open Group Security Program Group.
He also served for 2 years as the chair of the OSF DME/DCE security
working group. He is the author of CORBA Security: An Introduction to
Safe Computing with Objects, published by Addison-Wesley. Dr. Blakley
was also the editor of the Open Group PKI working group’s “Architec-
ture for Public Key Infrastructure.” He has been involved in cryptogra-
phy and data security design work since 1979 and has authored or coau-
thored seven papers on cryptography, secret-sharing schemes, access
control, and other aspects of computer security. He was designated “Dis-
tinguished Practitioner” by the 2001 Annual Computer Security and Ap-
plications Conference. He is currently the general editor of the OASIS
Security Services Technical Committee’s SAML specification effort. He
holds eight patents on security-related technologies. Dr. Blakley cochaired
the ACM New Security Paradigms Workshop in 1997 and 1998, and he
served on the program committees for several industry and academic
conferences, including the NSA/OMG Distributed Object Computing
Workshop, IEEE Security and Privacy, and ISOC Network and Distrib-
uted Systems Security (NDSS). Dr. Blakley received an A.B. in classics
from Princeton University and a master’s degree and Ph.D. in computer
and communications sciences from the University of Michigan.
DREW DEAN is a computer scientist at SRI International. He joined SRI
full time in July 2001; prior to that he was a member of the research staff
OCR for page 54
54 IDs—NOT THAT EASY
at Xerox PARC. Dr. Dean holds M.A. and Ph.D. degrees from Princeton
University and a B.S. degree from Carnegie Mellon University, all in com-
puter science. He pioneered the systematic study of Java security and
more recently has worked across a wide range of areas in security, includ-
ing cryptography, the theory of access control, and IP traceback. He has
received a Best Student Paper award from the ACM Computer and Com-
munications Security conference (1997), an Outstanding Paper award
from the ACM Symposium on Operating System Principles (1997), and a
Best Paper award from the Internet Society’s Network and Distributed
Systems Security Symposium (2001). Dr. Dean is a member of the edito-
rial board of Springer-Verlag’s International Journal of Information Security.
BARBARA FOX is currently senior architect, Digital Rights Management
and Cryptography, at Microsoft Corporation. She is coauthor of a num-
ber of research papers in the application of public key infrastructures to
payment systems and, most recently, the IETF/W3C XML Digital Signa-
ture standard. Ms. Fox also serves on the board of directors for the Inter-
national Financial Cryptography Association.
STEPHEN H. HOLDEN is an assistant professor in the Department of
Information Systems at the University of Maryland, Baltimore County
(UMBC). Dr. Holden’s research, publications, and teachings leverage his
substantial federal government experience in government-wide policy in
information technology management and electronic government. Other
research interests include information policy, electronic authentication
policies and practices, and strategic management processes. He recently
left the Internal Revenue Service (IRS) as a senior executive after a 16-year
career in the federal career service. While at the IRS he served as the
program executive, Electronic Tax Administration (ETA) Modernization,
reporting to the assistant commissioner. Before that position in ETA he
served as the national director of Electronic Program Enhancements.
During that time he led efforts to develop new ETA programs, policies,
and e-government systems for the IRS, including the ETA partnership
effort, electronic payments, electronic authentication, and the IRS e-file
promotional campaign. He also served on the federal Public Key Infra-
structure Steering Committee. Prior to going to the IRS, Dr. Holden
worked for 10 years at the Office of Management and Budget (OMB),
doing a variety of policy, management, and budget analysis work. Sig-
nificant accomplishments at OMB included drafting and completing a
revision to the information technology management section of Circular
A-130 and overseeing the publication of the first “Information Resource
Management Plan of the Federal Government.” Dr. Holden’s career as a
federal civil servant began in 1983 as a Presidential Management Intern at
OCR for page 55
55
APPENDIX A
the Naval Sea Systems Command. He holds a Ph.D. (public administra-
tion and public affairs) from Virginia Polytechnic and State University
and an M.P.A in public administration and a B.A. in public management
from the University of Maine.
DEIRDRE MULLIGAN is director of the new Samuelson Law, Technol-
ogy and Public Policy Clinic at the University of California, Berkeley,
School of Law (Boalt Hall). While attending Georgetown University Law
Center, Mulligan worked on the American Civil Liberties Union’s privacy
and technology project, where she honed her interest in preserving and
enhancing civil liberties and democratic values. After law school, she
became a founding member of the Center for Democracy and Technol-
ogy, a high-tech, civil liberties public interest organization based in Wash-
ington, D.C. For 6 years, Mulligan was staff counsel at the center. She has
worked with federal lawmakers, governmental agencies, the judicial sys-
tem, public interest organizations, and the high-tech business commu-
nity, with the goal of enhancing individual privacy on the Internet, thwart-
ing threats to free speech on the Internet, and limiting governmental access
to private data. She has testified in several settings and contributed to
technical standards development. Ms. Mulligan received her J.D., cum
laude, from Georgetown University Law Center in 1994 and a B.A. in
architecture and art history from Smith College in 1988.
JUDITH S. OLSON is the Richard W. Pew Chair in Human Computer
Interaction at the University of Michigan. She is also a professor in the
School of Information, the Business School, and the Department of Psy-
chology. Her research interests include computer-supported cooperative
work, human-computer interaction, the design of business information
systems for organizational effectiveness, and cognitive psychology. Pro-
fessor Olson’s recent research focuses on the nature of group work and
the design and evaluation of technology to support it. This field com-
bines cognitive and social psychology with the design of information
systems. She began her career at the University of Michigan in the De-
partment of Psychology, served as a technical supervisor for human fac-
tors in systems engineering at Bell Laboratories in New Jersey, and re-
turned to Michigan to the Business School and the then-new School of
Information. She has over 60 publications in journals and books and has
served on a number of national committees, including the National Re-
search Council Committee on Human Factors and the Council of the As-
sociation for Computing Machinery. She has recently been appointed to
the CHI Academy of ACM’s Special Interest Group on Computer-Human
Interaction. Dr. Olson earned a B.A. in mathematics and psychology from
OCR for page 56
56 IDs—NOT THAT EASY
Northwestern University in 1965 and a Ph.D. 4 years later in the same
disciplines from the University of Michigan.
JOE PATO is currently the principal scientist for the trust, security, and
privacy research program at HP Labs and has served as the CTO for
Hewlett-Packard’s Internet Security Solutions Division. Mr. Pato’s cur-
rent research focuses on the trust needs of collaborative enterprises on the
Internet, addressing both interenterprise models and the needs of light-
weight information appliances representing the interests of the individual.
He is looking at critical infrastructure protection and the confluence of
trust, e-services, and mobility. This work recently led him to be one of the
founders of the Information Technology Information Sharing and Analy-
sis Center (IT-ISAC). His past work has included the design of delegation
protocols for secure distributed computation; key exchange protocols;
interdomain trust structures; the development of public- and secret-key-
based infrastructures; and the more general development of distributed
enterprise environments. Mr. Pato is currently cochair of the OASIS Secu-
rity Services Technical Committee and has participated on several IEEE,
ANSI, and NIST standards or advisory committees.
RADIA PERLMAN is a Distinguished Engineer at Sun Microsystems
Laboratories. She is the architect for a group that does research in net-
work security issues, recently focused on PKI deployment. Some of the
group’s implementation will be distributed as part of a reference imple-
mentation for Java. She is the author of many papers in the field of
network security, as well as coauthor of a textbook on network security
and author of a textbook on lower-layer networking protocols. She is also
well known for her work on sabotage-proof routing protocols. Her work
on lower-layer protocols is also well known and forms the basis of mod-
ern bridging, switching, and routing protocols. This expertise is crucial to
understanding the technology behind such things as providing Internet
anonymity. She has about 50 issued patents, a Ph.D. in computer science
from MIT, and S.B. and S.M. degrees in mathematics from that institution.
She was recently awarded an honorary doctorate from KTH, the Royal
Institute of Technology, Sweden.
PRISCILLA M. REGAN is an associate professor in the Department of
Public and International Affairs at George Mason University. Prior to
joining that faculty in 1989, she was a senior analyst in the Congressional
Office of Technology Assessment (1984-1989) and an assistant professor
of politics and government at the University of Puget Sound (1979-1984).
Since the mid-1970s, Dr. Regan’s primary research interest has been the
analysis of the social, policy, and legal implications of organizational use
OCR for page 57
57
APPENDIX A
of new information and communications technologies. Dr. Regan has
published over 20 articles or book chapters, as well as Legislating Privacy:
Technology, Social Values, and Public Policy (University of North Carolina
Press, 1995). As a recognized researcher in this area, Dr. Regan has testi-
fied before Congress and participated in meetings held by the Depart-
ment of Commerce, the Federal Trade Commission, the Social Security
Administration, and the Census Bureau. Dr. Regan received her Ph.D. in
government from Cornell University in 1981 and her B.A. from Mount
Holyoke College in 1972.
JEFFREY I. SCHILLER received his S.B. in electrical engineering (1979)
from the Massachusetts Institute of Technology. As MIT network man-
ager he has managed the MIT Campus Computer Network since its in-
ception in 1984. Prior to his work in the Network Group, he maintained
MIT’s Multics timesharing system during the time frame of the ARPANET
TCP/IP conversion. He is an author of MIT’s Kerberos Authentication
system. Mr. Schiller is the Internet Engineering Steering Group’s (IESG)
area director for security. He is responsible for overseeing security-re-
lated working groups of the Internet Engineering Task Force (IETF). He
was responsible for releasing a U.S. legal freeware version of the popular
PGP encryption program. Mr. Schiller is also responsible for the develop-
ment and deployment of an X.509-based PKI at MIT. He is the technical
lead for the new Higher Education Certifying Authority being operated
by the Corporation for Research and Educational Networking (CREN).
Mr. Schiller is also a founding member of the Steering Group of the New
England Academic and Research Network (NEARnet). NEARnet, now
part of Genuity, Inc., is a major nationwide Internet service provider.
SOUMITRA SENGUPTA is assistant professor in the Department of
Medical Informatics at Columbia University. Dr. Sengupta has focused
his work on the challenges of security and privacy in health care, comple-
menting his academic work by service as security officer for the New
York-Presbyterian Healthcare System. His research interests are in the
areas of distributed systems, their monitoring, management, and security
aspects, and their application in a health care environment. He is inter-
ested in the architectural design and engineering concerns of building
large, functioning systems over heterogeneous platforms and protocols.
Dr. Sengupta holds a B.E. from Birla Institute of Technology and Science
(electrical and electronics engineering), Pilani, India, and M.S. and Ph.D.
degrees in computer science from the State University of New York at
Stony Brook. He was a member of the Association for Computing Machinery
(ACM) from 1984 to 1994 and the Institute for Electrical and Electronic
OCR for page 58
58 IDs—NOT THAT EASY
Engineers (Computer Society) from 1984 to1992, and is currently a mem-
ber of the American Medical Informatics Association.
JAMES L. WAYMAN has been the director of the Biometrics Test Center
at San Jose State University in San Jose, California, since 1995. The center
is funded by the United States and other countries to develop standards
and scientific test and analysis methods and to advise on the use or non-
use of biometric identification technologies. The test center served as the
U.S. National Biometrics Test Center from 1997 to 2000. Dr. Wayman
received the Ph.D. degree in engineering from the University of Califor-
nia at Santa Barbara in 1980 and joined the faculty of the Department of
Mathematics at the U.S. Naval Postgraduate School in 1981. In 1986, he
became a full-time researcher for the Department of Defense in the areas
of technical security and biometrics. Dr. Wayman holds three patents in
speech processing and is the author of dozens of articles in books, techni-
cal journals, and conference proceedings on biometrics, speech compres-
sion, acoustics, and network control. He serves on the editorial boards of
two journals and on several national and international biometrics stan-
dards committees. He is a senior member of the Institute of Electrical and
Electronic Engineers.
DANIEL J. WEITZNER is director of the World Wide Web Consortium’s
Technology and Society activities. As such, he is responsible for develop-
ment of technology standards that enable the Web to address social, legal,
and public policy concerns such as privacy, free speech, protection of
minors, authentication, intellectual property, and identification. He is also
the W3C’s chief liaison to public policy communities around the world
and a member of the ICANN Protocol Supporting Organization’s Protocol
Council. Mr. Weitzner holds a research appointment at MIT’s Laboratory
for Computer Science and teaches Internet public policy at MIT. Before
joining the W3C, Mr. Weitzner was cofounder and deputy director of the
Center for Democracy and Technology, an Internet civil liberties organi-
zation in Washington, D.C. He was also deputy policy director of the
Electronic Frontier Foundation. As a leading figure in the Internet public
policy community, he was the first to advocate user control technologies
such as content filtering and rating to protect children and avoid govern-
ment censorship of the Internet. These arguments played a critical role in
the 1997 U.S. Supreme Court case Reno v. ACLU, awarding the highest
free speech protections to the Internet. He successfully advocated the
adoption of amendments to the Electronic Communications Privacy Act,
creating new privacy protections for online transactional information such
as Web site access logs. Mr. Weitzner has a degree in law from Buffalo
Law School and a B.A. in philosophy from Swarthmore College. His pub-
OCR for page 59
59
APPENDIX A
lications on communications policy have appeared in the Yale Law Review,
Global Networks, Computerworld, Wired, Social Research, Electronic Network-
ing: Research, Applications & Policy, and Whole Earth. He is also a commen-
tator for NPR’s Marketplace Radio.
STAFF
LYNETTE I. MILLETT is a study director and program officer with the
Computer Science and Telecommunications Board of the National Re-
search Council. She is currently involved in several CSTB projects along
with the authentication study, including a comprehensive exploration of
privacy in the information age and a study examining the fundamentals
of computer science. She is also exploring possible study options for
CSTB with respect to the issues of open source software development,
dependability of complex software systems, and women in computer sci-
ence. She recently completed the CSTB study that produced Embedded,
Everywhere: A Research Agenda for Networked Systems of Embedded Comput-
ers. Before joining CSTB, she was involved in research on static analysis
techniques for concurrent programming languages as well as research on
value-sensitive design and informed consent online. She has an M.Sc. in
computer science from Cornell University. Her undergraduate degree is
in mathematics and computer science from Colby College. Her graduate
work was supported by both an NSF graduate fellowship and an Intel
graduate fellowship. While at Cornell, Ms. Millett cofounded its Engi-
neering Graduate Student Association.
JENNIFER BISHOP is a senior project assistant with the Computer Sci-
ence and Telecommunications Board of the National Research Council.
Before moving to Washington, Ms. Bishop worked for the City of Ithaca,
New York, coordinating the Police Department’s transition to a new SQL-
based time accrual and scheduling application. Her other work experi-
ence includes designing customized hospitality industry performance re-
ports for Ithaca-based RealTime Hotel Reports, LLC, maintaining the
police records database for the City of Ithaca, and hand-painting furni-
ture for Mackenzie-Childs, Ltd., of Aurora, New York. She is an artist
working in oil and mixed media and is currently attempting to make her
professional debut on the Washington art scene. Ms. Bishop holds a
B.F.A (2001) in studio art from Cornell University.
