National Academies Press: OpenBook

Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop (2010)

Chapter: Appendix C: Biosketches of Steering Committee Members and Staff

« Previous: Appendix B: Workshop Participants
Suggested Citation:"Appendix C: Biosketches of Steering Committee Members and Staff." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×

C
Biosketches of Steering Committee Members and Staff

Nicholas Economides, Chair, is a professor of economics at the Stern School of Business at New York University. He is an internationally recognized academic authority on network economics, electronic commerce, and public policy. His fields of specialization and research include the economics of networks, especially of telecommunications, computers, and information; the economics of technical compatibility and standardization; industrial organization; the structure and organization of financial markets and payment systems; antitrust; application of public policy to network industries; strategic analysis of markets; and law and economics. Professor Economides has published more than 100 articles in top academic journals in the areas of networks, telecommunications, oligopoly, antitrust, and product positioning, and on the liquidity and the organization of financial markets and exchanges. He is editor of Information Economics and Policy, Netnomics, Quarterly Journal of Electronic Commerce, Journal of Financial Transformation, and Journal of Network Industries; he is on the advisory board of the Social Science Research Network, editor of Economics of Networks Abstracts by SSRN, and former editor of the International Journal of Industrial Organization. His Web site on the Economics of Networks has been ranked as one of the top four economics sites worldwide by The Economist magazine. Professor Economides is the executive director of the NET Institute, http://www.NETinst.org, a worldwide focal point for research on the economics of network and high-technology industries. He is an adviser to the U.S. Federal Trade Commission; the governments of Greece, Ireland, New Zealand, and Portugal; the Attorney

Suggested Citation:"Appendix C: Biosketches of Steering Committee Members and Staff." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×

General of New York State; major telecommunications corporations; a number of the Federal Reserve Banks; the Bank of Greece; and major Financial Exchanges. He serves on the advisory board of The Economist Intelligence Unit. He has commented extensively in broadcast and in print on high-technology, antitrust, and public policy issues. Previously, he taught at Columbia University (1981-1988) and at Stanford University (1988-1990). He holds a PhD and MA in economics from the University of California at Berkeley, as well as a BSc (First Class Honors) in mathematical economics from the London School of Economics.


Lorrie Faith Cranor is an associate professor of computer science and of engineering and public policy at Carnegie Mellon University, where she is the director of the CyLab Usable Privacy and Security Laboratory (CUPS). She is also chief scientist of Wombat Security Technologies, Inc. She has authored more than 80 research papers on online privacy, phishing and semantic attacks, spam, electronic voting, anonymous publishing, usable access control, and other topics. She has played a key role in building the usable privacy and security research community, having co-edited the seminal book Security and Usability (O’Reilly, 2005) and founded the Symposium on Usable Privacy and Security (SOUPS). She also chaired the Platform for Privacy Preferences Project (P3P) Specification Working Group at the W3C and authored the book Web Privacy with P3P (O’Reilly, 2002). She has served on a number of boards, including the Electronic Frontier Foundation board of directors, and on the editorial boards of several journals. In 2003, she was named one of the top 100 innovators 35 or younger by Technology Review magazine. She was previously a researcher at AT&T-Labs Research and taught in the Stern School of Business at New York University. Dr. Cranor received her doctorate degree in engineering and policy from Washington University in St. Louis in 1996.


James D. Foley is a professor in the College of Computing, and a professor in the School of Electrical and Computer Engineering at the Georgia Institute of Technology (Georgia Tech). A leading international figure in two major disciplines of computer science (graphics and human-computer interaction), Dr. Foley has received lifetime achievement awards in both fields from the Association for Computer Machinery’s special interest groups (SIGGRAPH in 1997 and SIGCHI in 2007). Dr. Foley was one of the computer graphics pioneers who went on to help establish HCI as a discipline. The co-author of three books, he is the first author of what many consider the definitive text in computer graphics, Fundamentals of Interactive Computer Graphics, which has sold 400,000 copies in 10 translations. Dr. Foley arrived at the College of Computing in 1991 and founded the GVU Center. Four years later, U.S. News and World Report ranked the

Suggested Citation:"Appendix C: Biosketches of Steering Committee Members and Staff." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×

center No. 1 for graduate computer science work in graphics and user interaction. Active in industry, Dr. Foley became the director of MERL (Mitsubishi Electric Research Laboratory) in 1996 and then CEO and chair of Mitsubishi Electric Information Technology Center America in 1998. He returned to Georgia in late 1999 to head up the state’s Yamacraw economic development initiative in the design of broadband systems, devices, and chips. For 4 years (2001-2005), Dr. Foley chaired the Computing Research Association (CRA), which represents more than 200 research universities, corporate research laboratories, and professional societies. In February 2008, he was elected to the National Academy of Engineering. A few months later, he received the 2008 Class of 1934 Distinguished Professor Award, the highest honor that Georgia Tech bestows on faculty. Of all his awards, Dr. Foley says that he most treasures the one given him by computing graduate students who named him “Most Likely to Make Students Want to Grow Up to Be Professors.”


Simson L. Garfinkel is an associate professor at the Naval Postgraduate School in Monterey, California, and an associate of the School of Engineering and Applied Sciences at Harvard University. His research interests include computer forensics, the emerging field of usability and security, personal information management, privacy, information policy, and terrorism. Dr. Garfinkel is the author or co-author of 14 books on computing. He is perhaps best known for his book Database Nation: The Death of Privacy in the 21st Century. His most successful book, Practical UNIX and Internet Security (co-authored with Gene Spafford), has sold more than 250,000 copies and has been translated into more than a dozen languages since the first edition was published in 1991. Dr. Garfinkel received three bachelor of science degrees from the Massachusetts Institute of Technology (MIT) in 1987, a master of science in journalism from Columbia University in 1988, and a PhD in computer science from MIT in 2005.


Butler W. Lampson is a technical fellow at Microsoft Corporation and an adjunct professor of computer science and electrical engineering at MIT. He was on the faculty at the University of California, Berkeley, and then at the Computer Science Laboratory at Xerox PARC and at Digital Systems Research Center. He has worked on computer architecture, local area networks, raster printers, page description languages, operating systems, remote procedure call, programming languages and their semantics, programming in the large, fault-tolerant computing, transaction processing, computer security, WYSIWYG editors, and tablet computers. He was one of the designers of the SDS 940 time-sharing system, the Alto personal distributed computing system, the Xerox 9700 laser printer, two-phase com-

Suggested Citation:"Appendix C: Biosketches of Steering Committee Members and Staff." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×

mit protocols, the Autonet Local Area Network, the SDSI/SPKI system for network security, the Microsoft Tablet personal computer (PC) software, the Microsoft Palladium high-assurance stack, and several programming languages. He holds a number of patents on networks, security, raster printing, and transaction processing. At Microsoft he has worked on anti-piracy, security, fault-tolerance, and user interfaces. He was one of the designers of Palladium and spent 2 years as an architect in the Tablet PC group. Currently he is in Microsoft Research, working on security, privacy, and fault-tolerance, and kibitzing in systems, networking, and other areas. He is a member of the National Academy of Sciences and the National Academy of Engineering and a fellow of the Association for Computing Machinery and the American Academy of Arts and Sciences. He also served on the Computer Science and Telecommunications Board of the National Research Council. He received an AB from Harvard University, a PhD in EECS from the University of California at Berkeley, and honorary ScD’s from the Eidgenössische Technische Hochschule, Zurich, and the University of Bologna.


Susan Landau is a fellow at the Radcliffe Institute for Advanced Study during the academic year 2010-2011. She recently completed a book on security risks of building surveillance into communications infrastructures (to be published by MIT Press in the spring of 2011). From 1999 to 2010 Dr. Landau was a Distinguished Engineer at Sun Microsystems; there she concentrated on the interplay between security and public policy. She has briefed government officials both in Washington, D.C., and in Europe on such disparate issues as security risks in surveillance mechanisms, digital rights management, and cryptographic export control; she has written numerous articles and op-ed pieces on these issues. Most recently she testified for the House Science Committee on Cybersecurity Activities at the National Institute of Standards and Technology’s (NIST’s) Information Technology Laboratory. She and Whitfield Diffie wrote Privacy on the Line: The Politics of Wiretapping and Encryption. Dr. Landau is a member of the Commission on Cyber Security for the 44th Presidency, established by the Center for Strategic and International Studies, and serves on the Computer Science and Telecommunications Board of the National Research Council and on the advisory committee for the National Science Foundation’s Directorate for Computer and Information Science and Engineering. Before joining Sun, Dr. Landau was a faculty member at the University of Massachusetts and at Wesleyan University. She is the recipient of the 2008 Women of Vision Social Impact Award, a fellow of the American Association for the Advancement of Science, and an ACM Distinguished Engineer.

Suggested Citation:"Appendix C: Biosketches of Steering Committee Members and Staff." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×

Donald A. Norman is the Breed Professor of Design at Northwestern University where he co-directs MMM, the dual-degree MBA and engineering program offered jointly by Northwestern’s schools of Management and Engineering that focuses on managing products and services from design to execution. He is also co-director of the Segal Design Institute. He is Distinguished Visiting Professor at KAIST, the Korea Advanced Institute of Science and Technology, in the Department of Industrial Design. He is co-founder of the Nielsen Norman Group and has been vice president of Apple Computer and an executive at Hewlett Packard. He serves on many advisory boards, such as the editorial advisory board of Encyclopedia Britannica and KAIST. He has received honorary degrees from the University of Padova (Italy) and the Technical University of Delft (the Netherlands), the “Lifetime Achievement Award” from SIGCHI, the professional organization for Computer-Human Interaction, and the Benjamin Franklin Medal in Computer and Cognitive Science from the Franklin Institute (Philadelphia). He is well known for his books The Design of Everyday Things and Emotional Design. His most recent book, The Design of Future Things, discusses the role that automation plays in such everyday places as the home and the automobile. He is currently working on a new book called Sociable Design that combines the lessons of his previous works, extending them to cover social networks and social interaction. He earned a PhD in psychology from the University of Pennsylvania.


Charles P. Pfleeger is an independent consultant for Pfleeger Consulting Group specializing in computer and information system security. Among his responsibilities are threat and vulnerability analysis, system design review, certification preparation, training, expert witness testimony, and general security advice. His customers include government and commercial clients throughout the world. Dr. Pfleeger was previously a master security architect on the staff of the chief security officer of Cable and Wireless, and Exodus Communications, and before that he was a senior computer scientist and director of research for Arca Systems, director of European Operations for Trusted Information Systems, Inc. (TIS), and a professor in the Computer Science Department of the University of Tennessee. Dr. Pfleeger was chair of the IEEE Computer Society Technical Committee on Security and Privacy from 1997 to 1999 and has been a member of the executive council of that committee since 1995. He is on the board of reviewers for Computers and Security, is a book review editor for IEEE Security and Privacy, and is on the board of advisers for OWASP, the Open Web Application Security Project. Dr. Pfleeger has lectured throughout the world and published numerous papers and books. His book Security in Computing (of which the fourth edition—co-authored with Dr. Shari Lawrence Pfleeger—was published in October 2006) is the

Suggested Citation:"Appendix C: Biosketches of Steering Committee Members and Staff." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×

standard college textbook in computer security. He is the author of other books and articles on technical computer security and computer science topics. He holds a PhD degree in computer science from Pennsylvania State University and a BA with honors in mathematics from Ohio Wesleyan University. He is a Certified Information Systems Security Professional (CISSP).

CSTB STAFF

Jon Eisenberg is director of the Computer Science and Telecommunications Board of the National Research Council. He has also been study director for a diverse body of work, including a series of studies exploring Internet and broadband policy and networking and communications technologies. In 1995-1997 he was a AAAS (American Association for the Advancement of Science) Science, Engineering, and Diplomacy Fellow at the U.S. Agency for International Development, where he worked on technology transfer and information and telecommunications policy issues. Dr. Eisenberg received his PhD in physics from the University of Washington in 1996 and a BS in physics with honors from the University of Massachusetts at Amherst in 1988.


Shenae Bradley is a senior program assistant at the Computer Science and Telecommunications Board of the National Research Council. She currently provides support for the Committee on Sustaining Growth in Computing Performance, the Committee on Wireless Technology Prospects and Policy Options, and the Computational Thinking for Everyone: A Workshop Series Planning Committee, to name a few. Prior to this, she served as an administrative assistant for the Ironworker Management Progressive Action Cooperative Trust and managed a number of apartment rental communities for Edgewood Management Corporation in the Maryland/DC/Delaware metropolitan areas. Ms. Bradley is in the process of earning her BS in family studies from the University of Maryland at College Park.

Suggested Citation:"Appendix C: Biosketches of Steering Committee Members and Staff." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×

This page intentionally left blank.

Suggested Citation:"Appendix C: Biosketches of Steering Committee Members and Staff." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×
Page 50
Suggested Citation:"Appendix C: Biosketches of Steering Committee Members and Staff." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×
Page 51
Suggested Citation:"Appendix C: Biosketches of Steering Committee Members and Staff." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×
Page 52
Suggested Citation:"Appendix C: Biosketches of Steering Committee Members and Staff." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×
Page 53
Suggested Citation:"Appendix C: Biosketches of Steering Committee Members and Staff." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×
Page 54
Suggested Citation:"Appendix C: Biosketches of Steering Committee Members and Staff." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×
Page 55
Suggested Citation:"Appendix C: Biosketches of Steering Committee Members and Staff." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×
Page 56
Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop Get This Book
×
Buy Paperback | $29.00 Buy Ebook | $23.99
MyNAP members save 10% online.
Login or Register to save!
Download Free PDF

Despite many advances, security and privacy often remain too complex for individuals or enterprises to manage effectively or to use conveniently. Security is hard for users, administrators, and developers to understand, making it all too easy to use, configure, or operate systems in ways that are inadvertently insecure. Moreover, security and privacy technologies originally were developed in a context in which system administrators had primary responsibility for security and privacy protections and in which the users tended to be sophisticated. Today, the user base is much wider--including the vast majority of employees in many organizations and a large fraction of households--but the basic models for security and privacy are essentially unchanged.

Security features can be clumsy and awkward to use and can present significant obstacles to getting work done. As a result, cybersecurity measures are all too often disabled or bypassed by the users they are intended to protect. Similarly, when security gets in the way of functionality, designers and administrators deemphasize it.

The result is that end users often engage in actions, knowingly or unknowingly, that compromise the security of computer systems or contribute to the unwanted release of personal or other confidential information. Toward Better Usability, Security, and Privacy of Information Technology discusses computer system security and privacy, their relationship to usability, and research at their intersection.

  1. ×

    Welcome to OpenBook!

    You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.

    Do you want to take a quick tour of the OpenBook's features?

    No Thanks Take a Tour »
  2. ×

    Show this book's table of contents, where you can jump to any chapter by name.

    « Back Next »
  3. ×

    ...or use these buttons to go back to the previous chapter or skip to the next one.

    « Back Next »
  4. ×

    Jump up to the previous page or down to the next one. Also, you can type in a page number and press Enter to go directly to that page in the book.

    « Back Next »
  5. ×

    Switch between the Original Pages, where you can read the report as it appeared in print, and Text Pages for the web version, where you can highlight and search the text.

    « Back Next »
  6. ×

    To search the entire text of this book, type in your search term here and press Enter.

    « Back Next »
  7. ×

    Share a link to this book page on your preferred social network or via email.

    « Back Next »
  8. ×

    View our suggested citation for this chapter.

    « Back Next »
  9. ×

    Ready to take your reading offline? Click here to buy this book in print or download it as a free PDF, if available.

    « Back Next »
Stay Connected!