Building Secure Software
Wednesday April 10, 2002
Building 8 Auditorium - 3:30 PM
(Refreshments at 3:00 PM)
Dr. Gene Spafford, will talk about Building Secure Software. "Why the fuss over security?" Isn't the software we use every day good enough? "After all, what would anyone want with your system?" And, besides, we can depend on the vendors to provide all the security we need." In this presentation, Dr. Spafford will explain what's wrong with those attitudes, and why the need for security is only going to increase. He will present some basic issues of software design and operation that should be followed so as to increase reliability of new software. Many of these principles have been known for three decades, but they don't match the way computing is currently practiced and encouraged. He will discuss why this mismatch has occurred. The talk may also include coverage of a few legal issues affecting information assurance.
Dr. Gene Spafford is a professor of Computer Sciences at Purdue University, (a professor of Philosophy,) and is Director of the Center for Education Research Information Assurance and Security. (CERIAS is a campus-wide multi-disciplinary Center, with a broadly focused mission to explore issues related to protecting information and information resources.) Dr. Spafford has written extensively about information security, software engineering, and professional ethics. (He has published over 100 articles and reports on his research, written or contributed to over a dozen books, and serves on the editorial boards of most major information security-related journals. Dr. Spafford is a Fellow of the ACM, Fellow of the AAAS, Fellow of the IEEE, and is a charter recipient of the Computer Society's Golden Core award. In 2000, he was named as a CISSP, honoris causa.) He was the year 2000 recipient of the NIST/NCSC National Computer Systems Security Award, generally regarded as the field's most significant honor in information security research.(In 2001, he was named as one of the recipients of the "Charles B. Murphy" awards and named as a Fellow of the Purdue Teaching Academy, Purdue University's two highest awards for outstanding undergraduate teaching. In 2001, he was elected to the ISSA Hall of Fame, and he was awarded the William Hugh Murray medal of the NCISSE for his contributions to research and education in information security. Among his many activities, he is co-chair of the ACM's U.S. Public Policy Committee and of its Advisory Committee on Computing Security, is a member of the Board of Directors of the Computing Research Association, and is a member of the US Air Force Scientific Advisory Board.
IS&T Colloquium Committee Host: Mike Seablom