CBI Computer Security Annals Special Issue
Charles Babbage Institute

Next Article

Previous Article


Table of Contents


CBI Home

First of Two CBI “Computer Security”

Special Issues of the Annals (April-June 2015)

annals computer security1The July 2014 CBI Computer Security History Workshop brought together leading computer historians and some of the foremost computer security pioneers for two days of presentations, discussions, and exchange.  Revised papers from this event will be published as two CBI guest edited special issues of IEEE Annals of the History of Computing, the first of which will be out any day now (and the second in 2016).

This special issue features RAND Corporation’s Willis Ware on the cover, a leading computer scientist who was the first to formally articulate (at the 1967 Spring Joint Computer Conference) the multi-level computer security problem introduced by the rapid advance of time-shared computer systems in the 1960s.  Ware went on to lead the Defense Science Board Task Force on Computer Security in the late 1960s that completed the famed Ware Report in 1970, and several highly influential committees on computers and privacy later that decade.  CBI holds the Willis H. Ware Papers, which are especially strong documenting his committee leadership efforts regarding computers and privacy.

The articles of our special issue make major contributions to the technical, business, political, social, cultural, and intellectual history of computer security.  US Cybercommand Historian Michael Warner and Microsoft’s Steve Lipner’s papers concentrate on foundations—with Warner focusing more on policy history within the executive and legislative branches and Lipner on the pre-history, history, and consequences of the Department of Defense computer security standards with the Trusted Computer System Evaluation Criteria (“The Orange Book”) and the associated certification infrastructure in the 1980s.  Cornell University’s Rebecca Slayton and I extend these foundations.  Slayton’s article examines how U.S. government regulators valued risk analysis and metrics, as practitioners often questioned the measurement of risk.  I analyze the origins and growth of the computer security software products industry—showing how computer giants (IBM) and startups (SKK, Inc.) listened to users in developing access control software products well short of the high assurance goals (upper end of the criteria levels) set by the DoD with TCSEC.  Finally, American University’s Laura DeNardis and Indiana University’s Dongoh Park concentrate on elements of the political and social history of communication security, surveillance, and cryptography.  DeNardis’ article investigates the design tension between national security interests for surveillance versus network security in computing from the mid-1980s into the 2000s—focusing on the work of the Internet Engineering Task Force.  Park extends the geographic scope with a case study of public key encryption technology in South Korea—highlighting the significant social and cultural challenges, as well as technological ones, in implementing public key infrastructure.

We are grateful to all the participants of the workshop for their insightful comments and especially to the Annals Editor-in-Chief Nathan Ensmenger for his participation at the event and guidance with the issue.  We are also grateful to the National Science Foundation and past and present program directors Carl Landwehr and Jeremy Epstein (of Trustworthy Computing and SaTC respectively) for funding the workshop and CBI’s larger four-year computer security history project—NSF 1116862.

Both electronic and print subscriptions to the Annals are available from the IEEE Computer Society, and electronic versions of all issue content are free to download to those affiliated with organizations subscribing to either the IEEE Computer Society Digital Library (through IEEE Xplore) or Project MUSE.

Jeffrey R. Yost

Back to Top | Next Article | Previous Article