Gene Spafford

Last updated
Eugene Howard Spafford
Spaf
Gene-spafford.jpg
Eugene Spafford speaks on computer security at Linux Forum 2000 in Copenhagen, Denmark.
Born1956 (age 6768)
Rochester, NY
Other namesSpaf
Citizenship United States
Education State University of New York Brockport (BA)
Georgia Institute of Technology (MS, PhD)
AwardsSee section below
Scientific career
Fields Computer science
Computer security
Institutions Purdue University
Notable students Dan Farmer, Gene Kim
Website spaf.cerias.purdue.edu

Eugene Howard Spafford (born 1956), known as Spaf, is an American professor of computer science at Purdue University and a computer security expert.

Contents

Spafford serves as an advisor to U.S. government agencies and corporations. In 1998, he founded and was the first director of the Center for Education and Research in Information Assurance and Security (CERIAS) at Purdue University.

Biography

Education and early career

Spafford attended the State University of New York at Brockport, graduating with a double major in mathematics and computer science in three years. He then attended the School of Information and Computer Sciences (now the College of Computing) at the Georgia Institute of Technology. He received his Master of Science (M.S.) in 1981, and Doctor of Philosophy (Ph.D.) in 1986, for his design and implementation of the kernel of the original Clouds distributed operating system. [1]

During the formative years of the Internet, Spafford made significant contributions to establishing semi-formal processes to organize and manage Usenet, then the primary channel of communication between users, and to defining the standards of behavior governing its use. [2] [3] Spafford initiated the Phage List as a response to the Morris Worm, one of the earliest computer worms. [4] [5]

Computer science at Purdue

Spafford has served on the faculty at Purdue University in Indiana since 1987, and is a full professor of computer science. He is executive director emeritus of Purdue's Center for Education and Research in Information Assurance and Security (CERIAS), and founded its predecessor, the COAST Laboratory. He has stated that his research interests have focused on "the prevention, detection, and remediation of information system failures and misuse, with an emphasis on applied information security. This has included research in fault tolerance, software testing and debugging, intrusion detection, software forensics, and security policies."

Spafford wrote or co-authored four books on computer and computer security, including Practical Unix and Internet Security for O'Reilly Media, and over 150 research papers, chapters, and monographs. In 1996, he received the Award of Distinguished Technical Communication from the Society for Technical Communication for Practical Unix and Internet Security.

As a PhD advisor, Spafford supervised development of the Open Source Tripwire tool coded by his student Gene Kim. Spafford was the chief external technical advisor to the company Tripwire during their first few years. He was also graduate advisor to Dan Farmer who coded the freeware Computer Oracle and Password System (COPS) tool.

In 2009, Spafford discussed on C-SPAN an article in The New York Times that looked at how the Internet had been a conduit for many types of cybercrime . [6] [7]

Recent work from Spafford has shown how to deceive adversaries and thus make computing systems more secure, [8] drawing on his multi-disciplinary expertise in information security and psychology. [9]

Spafford is on the board of directors of the Computing Research Association and is the former chairperson of the Association for Computing Machinery's (ACM) US Public Policy Committee. [10] He was a member of the President's Information Technology Advisory Committee from 2003 to 2005 [11] and an advisor to the National Science Foundation (NSF).

Spaf is a Fellow of the Association for Computing Machinery (1997), American Association for the Advancement of Science (1999), Institute of Electrical and Electronics Engineers (2000), ISC2 (2008), and the American Academy of Arts and Sciences (2020); he is a Distinguished Fellow of the Information Systems Security Association (2009).

Selected honors and awards

See also

Related Research Articles

The backbone cabal was an informal organization of large-site news server administrators of the worldwide distributed newsgroup-based discussion system Usenet. It existed from about 1983 at least into the 2000s.

The Morris worm or Internet worm of November 2, 1988, is one of the oldest computer worms distributed via the Internet, and the first to gain significant mainstream media attention. It resulted in the first felony conviction in the US under the 1986 Computer Fraud and Abuse Act. It was written by a graduate student at Cornell University, Robert Tappan Morris, and launched on 8:30 pm November 2, 1988, from the Massachusetts Institute of Technology network.

<span class="mw-page-title-main">Robert Tappan Morris</span> American computer scientist; creator of Morris Worm; associate professor at MIT

Robert Tappan Morris is an American computer scientist and entrepreneur. He is best known for creating the Morris worm in 1988, considered the first computer worm on the Internet.

The Computer Science Network (CSNET) was a computer network that began operation in 1981 in the United States. Its purpose was to extend networking benefits, for computer science departments at academic and research institutions that could not be directly connected to ARPANET, due to funding or authorization limitations. It played a significant role in spreading awareness of, and access to, national networking and was a major milestone on the path to development of the global Internet. CSNET was funded by the National Science Foundation for an initial three-year period from 1981 to 1984.

<span class="mw-page-title-main">Mary Ann Horton</span> American computer scientist and Usenet pioneer (born 1955)

Mary Ann Horton, is a Usenet and Internet pioneer. Horton contributed to Berkeley UNIX (BSD), including the vi editor and terminfo database, created the first email binary attachment tool uuencode, and led the growth of Usenet in the 1980s.

<span class="mw-page-title-main">Barbara Simons</span> American computer scientist

Barbara Bluestein Simons is an American computer scientist and the former president of the Association for Computing Machinery (ACM). She is a Ph.D. graduate of the University of California, Berkeley and spent her early career working as an IBM researcher. She is the founder and former co-chair of USACM, the ACM U.S. Public Policy Council. Her main areas of research are compiler optimization, scheduling theory and algorithm analysis and design.

<span class="mw-page-title-main">Dorothy E. Denning</span> American information security researcher

Dorothy Elizabeth Denning is a US-American information security researcher known for lattice-based access control (LBAC), intrusion detection systems (IDS), and other cyber security innovations. She published four books and over 200 articles. Inducted into the National Cyber Security Hall of Fame in 2012, she is now Emeritus Distinguished Professor of Defense Analysis, Naval Postgraduate School.

<span class="mw-page-title-main">Simson Garfinkel</span> American academic and journalist (born 1965)

Simson L. Garfinkel is the Chief Scientist and Chief Operating Officer of BasisTech in Somerville, Massachusetts. He was previously a program scientist at AI2050, part of Schmidt Futures. He has held several roles across government, including a Senior Data Scientist at the Department of Homeland Security, the US Census Bureau's Senior Computer Scientist for Confidentiality and Data Access and a computer scientist at the National Institute of Standards and Technology. From 2006 to 2015, he was an associate professor at the Naval Postgraduate School in Monterey, California. In addition to his research, Garfinkel is a journalist, an entrepreneur and an inventor; his work is generally concerned with computer security, privacy and information technology.

Open Source Tripwire is a free software security and data integrity tool for monitoring and alerting on specific file change(s) on a range of systems originally developed by Eugene H. Spafford and Gene Kim. The project is based on code originally contributed by Tripwire, Inc. in 2000. It is released under the terms of GNU General Public License.

<span class="mw-page-title-main">Tripwire (company)</span> American software company

Tripwire, Inc. is a software company based in Portland, Oregon, that focuses on security and compliance automation. It is a subsidiary of technology company Fortra.

<span class="mw-page-title-main">Werner Vogels</span> American computer scientist and Amazon CTO

Werner Hans Peter Vogels is the chief technology officer and vice president of Amazon in charge of driving technology innovation within the company. Vogels has broad internal and external responsibilities.

<span class="mw-page-title-main">Annie Antón</span> American computer scientist

Annie Antón is an academic and researcher in the fields of computer science, mathematical logic, and bioinformatics.

Elisa Bertino is a professor of computer science at Purdue University and is acting as the research director of CERIAS, the Center for Education and Research in Information Assurance and Security, an institute attached to Purdue University. Bertino's research interest include data privacy and computer security.

<span class="mw-page-title-main">CERIAS</span>

The Center for Education and Research in Information Assurance and Security (CERIAS) of Purdue University, United States, is a center for research and education in areas of information security for computing and communication infrastructures.

Dr Ahmed K. Elmagarmid is a computer scientist, academic and executive. He is the founding executive director of Qatar Computing Research Institute, a national research institute under Hamad bin Khalifa University, a member of the Qatar Foundation for Education, Science and Community Development. Since his appointment in 2010, Elmagarmid has focused on large-scale computing challenges that address national priorities for growth and development of Qatar. The computer research community, especially the database research recognizes the important role he has played at international level by creating data-centric research institution like QCRI and building it into an internationally reputed research institute.

Carl E. Landwehr is an American computer scientist whose research focus is cybersecurity and trustworthy computing. His work has addressed the identification of software vulnerabilities toward high assurance software development, architectures for intrusion-tolerant and multilevel security systems, token-based authentication, and system evaluation and certification methods. In an invited essay for ACSAC 2013, he proposed the idea of developing building codes for building software that is used in critical infrastructures. He has organized an NSF funded workshop to develop a building code and research agenda for medical device software security. The final committee report is available through the Cyber Security and Policy Institute of the George Washington University, and the building code through the IEEE.

The National Cyber Security Hall of Fame, founded by Larry Letow and Rick Geritz, was established in 2012 to recognize the contributions of key individuals in the field of cyber security; its mission statement is, Respect the Past - Protect the Future. According to its website, it is designed to honor the innovative individuals and organizations which had the vision and leadership to create the fundamental building blocks for the cybersecurity Industry. The organization also highlights major milestones in the industry's 40-year history through a timeline representation, which includes inductees and their corresponding accomplishments.

<span class="mw-page-title-main">Valerie Taylor (computer scientist)</span> American computer scientist

Valerie Elaine Taylor is an American computer scientist who is the director of the Mathematics and Computer Science Division of Argonne National Laboratory in Illinois. Her research includes topics such as performance analysis, power analysis, and resiliency. She is known for her work on "Prophesy," described as "a database used to collect and analyze data to predict the performance on different applications on parallel systems."

Robert B. Schnabel is an American computer scientist. He was executive director and CEO of the Association for Computing Machinery (ACM) from November 1, 2015 to 2017. He is now professor and external chair of computer science at University of Colorado Boulder.

Gene Tsudik is a Distinguished Professor of Computer Science at the University of California, Irvine (UCI).

References

  1. Spafford, Eugene H. (2013-11-12). "Oral history interview with Eugene H. Spafford". Charles Babbage Institute (Interview). Minneapolis, Minnesota: University of Minnesota . Retrieved 2020-04-12.
  2. "Usenet: The Great Renaming [FAQ]: 1985–1988". Archived from the original on 2002-10-12. Retrieved 2020-04-12. Originally organized by Gene Spafford in 1983, the backbone was formalized by Spaf after the Great Renaming.
  3. "Mary Ann Horton, Ph.D.: Professional Profile". Archived from the original on 2006-07-09. Retrieved 2020-04-12. ... 1980-1987 ... Designed Usenet Backbone, recruited and led the "Backbone Cabal" of key Usenet site administrators.
  4. "The Phage List". Security Digest. Retrieved 5 October 2022.
  5. "Spafford's analysis of the Morris worm" . Retrieved 5 October 2022.
  6. "The Internet and Cyber-Security". C-SPAN . Purdue University: National Cable Satellite Corporation. 2009-02-21.
  7. Markoff, John (2009-02-14). "Do We Need a New Internet?". The New York Times .
  8. "Deceiving the deceivers: professor employs false fronts, data to fool hackers". Purdue 150th. 2019-01-30. Retrieved 2021-06-25.
  9. "NSF Award Search: Award # 1548114 - EAGER: Exploring the Use of Deception to Enhance Cyber Security". nsf.gov. Retrieved 2021-06-25.
  10. "ACM US Technology Policy Committee". www.acm.org. Retrieved 5 October 2022.
  11. "President's Information Technology Advisory Committee – Archive" . Retrieved 2011-10-03.
  12. "Spafford Receives ACM President's Award". Spafford Receives ACM President's Award. Purdue University. 2007-04-06. Archived from the original on 2015-09-14. Retrieved 2015-01-30.
  13. "National Cybersecurity Hall of Fame" . Retrieved 2020-04-12.
  14. "Prof. Spafford Receives Lifetime Achievement Award" . Retrieved 2023-11-30.
  15. "Kristian Beckman and Yves Deswarte Awards". IFIP TC-11. International Federation for Information Processing. Retrieved 2020-04-12.
  16. "Honorary appointments - The University of Nottingham". www.nottingham.ac.uk. Retrieved 2022-07-21.