Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.
OCR for page 50
Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop C Biosketches of Steering Committee Members and Staff Nicholas Economides, Chair, is a professor of economics at the Stern School of Business at New York University. He is an internationally recognized academic authority on network economics, electronic commerce, and public policy. His fields of specialization and research include the economics of networks, especially of telecommunications, computers, and information; the economics of technical compatibility and standardization; industrial organization; the structure and organization of financial markets and payment systems; antitrust; application of public policy to network industries; strategic analysis of markets; and law and economics. Professor Economides has published more than 100 articles in top academic journals in the areas of networks, telecommunications, oligopoly, antitrust, and product positioning, and on the liquidity and the organization of financial markets and exchanges. He is editor of Information Economics and Policy, Netnomics, Quarterly Journal of Electronic Commerce, Journal of Financial Transformation, and Journal of Network Industries; he is on the advisory board of the Social Science Research Network, editor of Economics of Networks Abstracts by SSRN, and former editor of the International Journal of Industrial Organization. His Web site on the Economics of Networks has been ranked as one of the top four economics sites worldwide by The Economist magazine. Professor Economides is the executive director of the NET Institute, http://www.NETinst.org, a worldwide focal point for research on the economics of network and high-technology industries. He is an adviser to the U.S. Federal Trade Commission; the governments of Greece, Ireland, New Zealand, and Portugal; the Attorney
OCR for page 51
Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop General of New York State; major telecommunications corporations; a number of the Federal Reserve Banks; the Bank of Greece; and major Financial Exchanges. He serves on the advisory board of The Economist Intelligence Unit. He has commented extensively in broadcast and in print on high-technology, antitrust, and public policy issues. Previously, he taught at Columbia University (1981-1988) and at Stanford University (1988-1990). He holds a PhD and MA in economics from the University of California at Berkeley, as well as a BSc (First Class Honors) in mathematical economics from the London School of Economics. Lorrie Faith Cranor is an associate professor of computer science and of engineering and public policy at Carnegie Mellon University, where she is the director of the CyLab Usable Privacy and Security Laboratory (CUPS). She is also chief scientist of Wombat Security Technologies, Inc. She has authored more than 80 research papers on online privacy, phishing and semantic attacks, spam, electronic voting, anonymous publishing, usable access control, and other topics. She has played a key role in building the usable privacy and security research community, having co-edited the seminal book Security and Usability (O’Reilly, 2005) and founded the Symposium on Usable Privacy and Security (SOUPS). She also chaired the Platform for Privacy Preferences Project (P3P) Specification Working Group at the W3C and authored the book Web Privacy with P3P (O’Reilly, 2002). She has served on a number of boards, including the Electronic Frontier Foundation board of directors, and on the editorial boards of several journals. In 2003, she was named one of the top 100 innovators 35 or younger by Technology Review magazine. She was previously a researcher at AT&T-Labs Research and taught in the Stern School of Business at New York University. Dr. Cranor received her doctorate degree in engineering and policy from Washington University in St. Louis in 1996. James D. Foley is a professor in the College of Computing, and a professor in the School of Electrical and Computer Engineering at the Georgia Institute of Technology (Georgia Tech). A leading international figure in two major disciplines of computer science (graphics and human-computer interaction), Dr. Foley has received lifetime achievement awards in both fields from the Association for Computer Machinery’s special interest groups (SIGGRAPH in 1997 and SIGCHI in 2007). Dr. Foley was one of the computer graphics pioneers who went on to help establish HCI as a discipline. The co-author of three books, he is the first author of what many consider the definitive text in computer graphics, Fundamentals of Interactive Computer Graphics, which has sold 400,000 copies in 10 translations. Dr. Foley arrived at the College of Computing in 1991 and founded the GVU Center. Four years later, U.S. News and World Report ranked the
OCR for page 52
Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop center No. 1 for graduate computer science work in graphics and user interaction. Active in industry, Dr. Foley became the director of MERL (Mitsubishi Electric Research Laboratory) in 1996 and then CEO and chair of Mitsubishi Electric Information Technology Center America in 1998. He returned to Georgia in late 1999 to head up the state’s Yamacraw economic development initiative in the design of broadband systems, devices, and chips. For 4 years (2001-2005), Dr. Foley chaired the Computing Research Association (CRA), which represents more than 200 research universities, corporate research laboratories, and professional societies. In February 2008, he was elected to the National Academy of Engineering. A few months later, he received the 2008 Class of 1934 Distinguished Professor Award, the highest honor that Georgia Tech bestows on faculty. Of all his awards, Dr. Foley says that he most treasures the one given him by computing graduate students who named him “Most Likely to Make Students Want to Grow Up to Be Professors.” Simson L. Garfinkel is an associate professor at the Naval Postgraduate School in Monterey, California, and an associate of the School of Engineering and Applied Sciences at Harvard University. His research interests include computer forensics, the emerging field of usability and security, personal information management, privacy, information policy, and terrorism. Dr. Garfinkel is the author or co-author of 14 books on computing. He is perhaps best known for his book Database Nation: The Death of Privacy in the 21st Century. His most successful book, Practical UNIX and Internet Security (co-authored with Gene Spafford), has sold more than 250,000 copies and has been translated into more than a dozen languages since the first edition was published in 1991. Dr. Garfinkel received three bachelor of science degrees from the Massachusetts Institute of Technology (MIT) in 1987, a master of science in journalism from Columbia University in 1988, and a PhD in computer science from MIT in 2005. Butler W. Lampson is a technical fellow at Microsoft Corporation and an adjunct professor of computer science and electrical engineering at MIT. He was on the faculty at the University of California, Berkeley, and then at the Computer Science Laboratory at Xerox PARC and at Digital Systems Research Center. He has worked on computer architecture, local area networks, raster printers, page description languages, operating systems, remote procedure call, programming languages and their semantics, programming in the large, fault-tolerant computing, transaction processing, computer security, WYSIWYG editors, and tablet computers. He was one of the designers of the SDS 940 time-sharing system, the Alto personal distributed computing system, the Xerox 9700 laser printer, two-phase com-
OCR for page 53
Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop mit protocols, the Autonet Local Area Network, the SDSI/SPKI system for network security, the Microsoft Tablet personal computer (PC) software, the Microsoft Palladium high-assurance stack, and several programming languages. He holds a number of patents on networks, security, raster printing, and transaction processing. At Microsoft he has worked on anti-piracy, security, fault-tolerance, and user interfaces. He was one of the designers of Palladium and spent 2 years as an architect in the Tablet PC group. Currently he is in Microsoft Research, working on security, privacy, and fault-tolerance, and kibitzing in systems, networking, and other areas. He is a member of the National Academy of Sciences and the National Academy of Engineering and a fellow of the Association for Computing Machinery and the American Academy of Arts and Sciences. He also served on the Computer Science and Telecommunications Board of the National Research Council. He received an AB from Harvard University, a PhD in EECS from the University of California at Berkeley, and honorary ScD’s from the Eidgenössische Technische Hochschule, Zurich, and the University of Bologna. Susan Landau is a fellow at the Radcliffe Institute for Advanced Study during the academic year 2010-2011. She recently completed a book on security risks of building surveillance into communications infrastructures (to be published by MIT Press in the spring of 2011). From 1999 to 2010 Dr. Landau was a Distinguished Engineer at Sun Microsystems; there she concentrated on the interplay between security and public policy. She has briefed government officials both in Washington, D.C., and in Europe on such disparate issues as security risks in surveillance mechanisms, digital rights management, and cryptographic export control; she has written numerous articles and op-ed pieces on these issues. Most recently she testified for the House Science Committee on Cybersecurity Activities at the National Institute of Standards and Technology’s (NIST’s) Information Technology Laboratory. She and Whitfield Diffie wrote Privacy on the Line: The Politics of Wiretapping and Encryption. Dr. Landau is a member of the Commission on Cyber Security for the 44th Presidency, established by the Center for Strategic and International Studies, and serves on the Computer Science and Telecommunications Board of the National Research Council and on the advisory committee for the National Science Foundation’s Directorate for Computer and Information Science and Engineering. Before joining Sun, Dr. Landau was a faculty member at the University of Massachusetts and at Wesleyan University. She is the recipient of the 2008 Women of Vision Social Impact Award, a fellow of the American Association for the Advancement of Science, and an ACM Distinguished Engineer.
OCR for page 54
Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop Donald A. Norman is the Breed Professor of Design at Northwestern University where he co-directs MMM, the dual-degree MBA and engineering program offered jointly by Northwestern’s schools of Management and Engineering that focuses on managing products and services from design to execution. He is also co-director of the Segal Design Institute. He is Distinguished Visiting Professor at KAIST, the Korea Advanced Institute of Science and Technology, in the Department of Industrial Design. He is co-founder of the Nielsen Norman Group and has been vice president of Apple Computer and an executive at Hewlett Packard. He serves on many advisory boards, such as the editorial advisory board of Encyclopedia Britannica and KAIST. He has received honorary degrees from the University of Padova (Italy) and the Technical University of Delft (the Netherlands), the “Lifetime Achievement Award” from SIGCHI, the professional organization for Computer-Human Interaction, and the Benjamin Franklin Medal in Computer and Cognitive Science from the Franklin Institute (Philadelphia). He is well known for his books The Design of Everyday Things and Emotional Design. His most recent book, The Design of Future Things, discusses the role that automation plays in such everyday places as the home and the automobile. He is currently working on a new book called Sociable Design that combines the lessons of his previous works, extending them to cover social networks and social interaction. He earned a PhD in psychology from the University of Pennsylvania. Charles P. Pfleeger is an independent consultant for Pfleeger Consulting Group specializing in computer and information system security. Among his responsibilities are threat and vulnerability analysis, system design review, certification preparation, training, expert witness testimony, and general security advice. His customers include government and commercial clients throughout the world. Dr. Pfleeger was previously a master security architect on the staff of the chief security officer of Cable and Wireless, and Exodus Communications, and before that he was a senior computer scientist and director of research for Arca Systems, director of European Operations for Trusted Information Systems, Inc. (TIS), and a professor in the Computer Science Department of the University of Tennessee. Dr. Pfleeger was chair of the IEEE Computer Society Technical Committee on Security and Privacy from 1997 to 1999 and has been a member of the executive council of that committee since 1995. He is on the board of reviewers for Computers and Security, is a book review editor for IEEE Security and Privacy, and is on the board of advisers for OWASP, the Open Web Application Security Project. Dr. Pfleeger has lectured throughout the world and published numerous papers and books. His book Security in Computing (of which the fourth edition—co-authored with Dr. Shari Lawrence Pfleeger—was published in October 2006) is the
OCR for page 55
Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop standard college textbook in computer security. He is the author of other books and articles on technical computer security and computer science topics. He holds a PhD degree in computer science from Pennsylvania State University and a BA with honors in mathematics from Ohio Wesleyan University. He is a Certified Information Systems Security Professional (CISSP). CSTB STAFF Jon Eisenberg is director of the Computer Science and Telecommunications Board of the National Research Council. He has also been study director for a diverse body of work, including a series of studies exploring Internet and broadband policy and networking and communications technologies. In 1995-1997 he was a AAAS (American Association for the Advancement of Science) Science, Engineering, and Diplomacy Fellow at the U.S. Agency for International Development, where he worked on technology transfer and information and telecommunications policy issues. Dr. Eisenberg received his PhD in physics from the University of Washington in 1996 and a BS in physics with honors from the University of Massachusetts at Amherst in 1988. Shenae Bradley is a senior program assistant at the Computer Science and Telecommunications Board of the National Research Council. She currently provides support for the Committee on Sustaining Growth in Computing Performance, the Committee on Wireless Technology Prospects and Policy Options, and the Computational Thinking for Everyone: A Workshop Series Planning Committee, to name a few. Prior to this, she served as an administrative assistant for the Ironworker Management Progressive Action Cooperative Trust and managed a number of apartment rental communities for Edgewood Management Corporation in the Maryland/DC/Delaware metropolitan areas. Ms. Bradley is in the process of earning her BS in family studies from the University of Maryland at College Park.
OCR for page 56
Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop This page intentionally left blank.