2nd Computer Security Issue



Next Article

Previous Article


Table of Contents


CBI Home

CBI’s Second “Computer Security”

Special Issue

The Charles Babbage Institute guest-edited a second IEEE Annals of the History of Computing special issue on computer security (October-December 2016) that will be available shortly.  Like the first (April-June 2015), it extends from CBI’s National Science Foundation (NSF)-sponsored computer security history workshop held in July 2014.  The issue includes articles from CBI director Thomas Misa, CBI associate director Jeffrey Yost, and co-authored articles by CBI senior research fellow Jim Cortada and University of Colorado’s William Aspray, and UCLA’s Bradley Fidler and University of Toronto’s Quinn DuPont.  We are grateful to NSF for sponsoring the workshop and the four year research effort by the institute to advance infrastructure (oral histories, archives, and a wiki) for computer security history.  The oral histories and other research on this project serves as the basis for a book I am currently writing on the history of computer security for MIT Press.

In the Annals issue, Misa’s article analyzes the origins of the multi-level computer security problem by focusing on research and systems at the RAND Corporation, System Development Corporation (SDC), and the National Security Agency (NSA).  He emphasizes that well before the 1970 (Willis H.) Ware Report and the 1967 Spring Joint Computer Conference (SJCC) Ware-led “Computer Security and Privacy” session (what historians and computer security scientists have presented as the beginning of multi-level computer security), pioneering time-sharing systems by SDC (Q-32) and NSA (RYE) were created and deployed.  These early-to-mid 1960s systems were the true start (in the classified world) to confronting the multi-level computer security problem and informed Willis Ware and NSA’s Bernard Peter’s sophisticated conceptualization of the problem presented at the SJCC session.

Aspray and Cortada’s article concentrates on the early years of Symantec, a longtime leading computer security products and services corporation founded in 1982 by SRI’s Gary Hendrix to develop artificial intelligence software applications.  They explore the company’s strategic evolution as it investigated and engaged in R&D and acquisitions in various areas of software applications.  Their study offers a rich examination of venture funding, innovation, and merger and acquisition activity in the early personal-computer software industry. In 1990 Symantec acquired Peter Norton Computing, which soon led it to focus on anti-virus software and other areas of computer security.

Much of the modest literature in computer security history concentrates on access control technologies and standards to keep unauthorized individuals and malware out of computer systems.  In contrast, my article, “The March of IDES,” focuses on the history of intrusion detection expert systems, or automated batch and real-time audit tools to detect intruders or malware.  It examines the first influential system, SRI’s Intrusion Detection Expert System (IDES), and its successor, NIDES.  The article also discusses NSA’s Computer Misuse and Anomalies Detection research program, as well as the strong leadership contributions of women computer scientists to the intrusion detection field.

Fidler and DuPont offer an important historical study of Private Line Interface (PLI), a Bolt, Beranek and Newman-developed cryptography computer security tool (funded by DARPA) for use on the ARPANET.   They show how PLI—operating between network switches and host computers—was at the “edge” of the network.  They indicate that this set a pattern for network cryptography tools at the edge of networks (including the Internet), shaping understandings of contemporary cybersecurity.

Jeffrey R. Yost


Back to Top | Next Article | Previous Article