riverrun: a Vicious Viconian Ricorso on the Informatic Vicus
Marvin Schaefer - Arca Systems
Mar 22, 1996
AbstractGiambattista Vico theorised in la Scienza Nuova (1725) that man's history proceeds cyclically through three ages: the Divine, the Heroic, and the Human. In our experience, we have seen that security errors designed into computer systems appear to pass through similar stages: the Design, the Hyped, and the Fuming.
This talk will examine anecdotal themes of omission, commission and remission encountered over the last three decades of computer security research and development. It will be seen that though much has changed, little has had to change in the lore of the accomplished interloper. It will be argued that a small invariant core of basic principles of secure system design, discovered in a Viconian cycle every few years, remains integral to the control and protection of computer assets.
About the SpeakerMarvin Schaefer is Chief Scientist of Arca Systems, Inc. He served as the first Chief Scientist of the Department of Defense Computer Security Center (to become the National Computer Security Center), where he was a principal author of the DoD Trusted Computer System Evaluation Criteria (Orange Book). While at System Development Corporation and Trusted Information Systems, he played significant roles in the modeling, design and implementation of systems designed to be secure (ADEPT 50, 1967-9; Kernelized VM/370, 1976-81; PR/SM, and MDF 1987-92, etc.), and developed expertise as a penetrator over approximately the same period. A recognised expert in database security, he chaired the National Research Council/Air Force Study Board Summer Study on the Multilevel Management of Data (1982). Currently, he is conducting research on multilevel security for distributed object-oriented database management systems.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.