riverrun: a Vicious Viconian Ricorso on the Informatic Vicus

Page Content

Marvin Schaefer

Mar 22, 1996

Abstract

Giambattista Vico theorised in la Scienza Nuova (1725) that man's history proceeds cyclically through three ages: the Divine, the Heroic, and the Human. In our experience, we have seen that security errors designed into computer systems appear to pass through similar stages: the Design, the Hyped, and the Fuming.
This talk will examine anecdotal themes of omission, commission and remission encountered over the last three decades of computer security research and development. It will be seen that though much has changed, little has had to change in the lore of the accomplished interloper. It will be argued that a small invariant core of basic principles of secure system design, discovered in a Viconian cycle every few years, remains integral to the control and protection of computer assets.

About the Speaker

Marvin Schaefer is Chief Scientist of Arca Systems, Inc. He served as the first Chief Scientist of the Department of Defense Computer Security Center (to become the National Computer Security Center), where he was a principal author of the DoD Trusted Computer System Evaluation Criteria (Orange Book). While at System Development Corporation and Trusted Information Systems, he played significant roles in the modeling, design and implementation of systems designed to be secure (ADEPT 50, 1967-9; Kernelized VM/370, 1976-81; PR/SM, and MDF 1987-92, etc.), and developed expertise as a penetrator over approximately the same period. A recognised expert in database security, he chaired the National Research Council/Air Force Study Board Summer Study on the Multilevel Management of Data (1982). Currently, he is conducting research on multilevel security for distributed object-oriented database management systems.

Footer

Intranet Site