HOME

TheInfoList



Click Here for Items Related To - Steve Bellovin
OR:
Steve Bellovin on:   [Wikipedia]   [Google]   [Amazon]

Steven M. Bellovin is a researcher on
computer networking A computer network is a set of computers sharing resources located on or provided by network nodes. The computers use common communication protocols over digital interconnections to communicate with each other. These interconnections are ...
and
security" \n\n\nsecurity.txt is a proposed standard for websites' security information that is meant to allow security researchers to easily report security vulnerabilities. The standard prescribes a text file called \"security.txt\" in the well known locat ...
. He has been a professor in the Computer Science department at
Columbia University Columbia University (also known as Columbia, and officially as Columbia University in the City of New York) is a private research university in New York City. Established in 1754 as King's College on the grounds of Trinity Church in Manhatt ...
since 2005. Previously, Bellovin was a Fellow at
AT&T Labs AT&T Labs is the research & development division of AT&T, the telecommunications company. It employs some 1,800 people in various locations, including: Bedminster NJ; Middletown, NJ; Manhattan, NY; Warrenville, IL; Austin, TX; Dallas, TX; Atl ...
Research in Florham Park,
New Jersey New Jersey is a state in the Mid-Atlantic and Northeastern regions of the United States. It is bordered on the north and east by the state of New York; on the east, southeast, and south by the Atlantic Ocean; on the west by the Delawa ...
. In September 2012, Bellovin was appointed Chief Technologist for the United States
Federal Trade Commission The Federal Trade Commission (FTC) is an independent agency of the United States government whose principal mission is the enforcement of civil (non-criminal) antitrust law and the promotion of consumer protection. The FTC shares jurisdiction o ...
, replacing Edward W. Felten, who returned to
Princeton University Princeton University is a private research university in Princeton, New Jersey. Founded in 1746 in Elizabeth as the College of New Jersey, Princeton is the fourth-oldest institution of higher education in the United States and one of the ...
."FTC Announces Appointments to Agency Leadership Positions"
FTC press release, August 3, 2012 He served in this position from September 2012 to August 2013. In February 2016, Bellovin became the first technology scholar for the
Privacy and Civil Liberties Oversight Board The Privacy and Civil Liberties Oversight Board (PCLOB) is an independent agency within the executive branch of the United States government, established by Congress in 2004 to advise the President and other senior executive branch officials to en ...
."Technology Scholar Appointed by Privacy and Civil Liberties Oversight Board"
, PCLOB press release, February 12, 2016


Career

He received a BA degree from
Columbia University Columbia University (also known as Columbia, and officially as Columbia University in the City of New York) is a private research university in New York City. Established in 1754 as King's College on the grounds of Trinity Church in Manhatt ...
, and an MS and PhD in Computer Science from the
University of North Carolina at Chapel Hill A university () is an institution of higher (or tertiary) education and research which awards academic degrees in several academic disciplines. Universities typically offer both undergraduate and postgraduate programs. In the United State ...
. As a graduate student, Bellovin was one of the originators of
USENET Usenet () is a worldwide distributed discussion system available on computers. It was developed from the general-purpose Unix-to-Unix Copy (UUCP) dial-up network architecture. Tom Truscott and Jim Ellis conceived the idea in 1979, and it wa ...
. He later suggested that Gene Spafford should create the Phage mailing list as a response to the Morris Worm. He and Michael Merritt invented the Encrypted key exchange password-authenticated key agreement methods. He was also responsible for the discovery that
one-time pad In cryptography, the one-time pad (OTP) is an encryption technique that cannot be cracked, but requires the use of a single-use pre-shared key that is not smaller than the message being sent. In this technique, a plaintext is paired with a ra ...
s were invented in 1882, not 1917, as previously believed. Bellovin has been active in the
IETF The Internet Engineering Task Force (IETF) is a standards organization for the Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP). It has no formal membership roster or requirements an ...
. He was a member of the
Internet Architecture Board The Internet Architecture Board (IAB) is "a committee of the Internet Engineering Task Force (IETF) and an advisory body of the Internet Society (ISOC). Its responsibilities include architectural oversight of IETF activities, Internet Standards ...
from 1996–2002. Bellovin later was Security Area co-director, and a member of the
Internet Engineering Steering Group The Internet Engineering Task Force (IETF) is a standards organization for the Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP). It has no formal membership roster or requirements and a ...
(IESG) from 2002–2004. He identified some key security weaknesses in the
Domain Name System The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned t ...
; this and other weaknesses eventually led to the development of
DNSSEC The Domain Name System Security Extensions (DNSSEC) are a suite of extension specifications by the Internet Engineering Task Force (IETF) for securing data exchanged in the Domain Name System (DNS) in Internet Protocol (IP) networks. The protocol ...
. He received 2007 National Computer Systems Security Award by the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA). In 2001, he was elected as a member into the
National Academy of Engineering The National Academy of Engineering (NAE) is an American nonprofit, non-governmental organization. The National Academy of Engineering is part of the National Academies of Sciences, Engineering, and Medicine, along with the National Academy of ...
for his contributions to network applications and security. In 2015, Bellovin was part of a team of proponents that included
Matt Blaze Matt may refer to: * Matt (name), people with the given name ''Matt'' or Matthew, meaning "gift from God", or the surname Matt *In British English, of a surface: having a non-glossy finish, see gloss (material appearance) * Matt, Switzerland, a ...
,
J. Alex Halderman J. Alex Halderman (born January 1981) is professor of Computer Science and Engineering at the University of Michigan, where he is also director of the Center for Computer Security & Society. Halderman's research focuses on computer security a ...
,
Nadia Heninger Nadia Heninger (born 1982) is an American cryptographer, computer security expert, and computational number theorist at the University of California, San Diego. Contributions Heninger is known for her work on freezing powered-down security devic ...
, and
Andrea M. Matwyshyn Andrea M. Matwyshyn is a United States law professor and engineering professor at The Pennsylvania State University. She is known as a scholar of technology policy, particularly as an expert at the intersection of law and computer security and f ...
who successfully proposed a security research exemption to Section 1201 of the Digital Millennium Copyright Act. Bellovin is an active
NetBSD NetBSD is a free and open-source Unix operating system based on the Berkeley Software Distribution (BSD). It was the first open-source BSD descendant officially released after 386BSD was forked. It continues to be actively developed and is ava ...
user and a
NetBSD NetBSD is a free and open-source Unix operating system based on the Berkeley Software Distribution (BSD). It was the first open-source BSD descendant officially released after 386BSD was forked. It continues to be actively developed and is ava ...
developer focusing on architectural, operational, and security issues.


Selected publications

Bellovin is the author and co-author of several books, RFCs and technical papers, including: * ''
Firewalls and Internet Security ''Firewalls and Internet Security: Repelling the Wily Hacker'' is a 1994 book by William R. Cheswick and Steven M. Bellovin that helped define the concept of a network firewall. Describing in detail one of the first major firewall deployments ...
: Repelling the Wily Hacker'' (with W. Cheswick) – one of the first books on internet security. ** ''Firewalls and Internet Security: Repelling the Wily Hacker'' 2nd edition (with Cheswick and Aviel D. Rubin) * ''Thinking Security: Stopping Next Year's Hackers'' (2015) * ''Firewall-Friendly FTP'' * ''Security Concerns for IPng'' * ''On Many Addresses per Host'' * ''Defending Against Sequence Number Attacks'' * RFC 3514 ''The Security Flag in the IPv4 Header'' (
April Fools' Day RFC April is the fourth month of the year in the Gregorian and Julian calendars. It is the first of four months to have a length of 30 days, and the second of five months to have a length of less than 31 days. April is commonly associated with ...
) * ''On the Use of Stream Control Transmission Protocol (SCTP) with IPsec'' (with J. Ioannidis, A. Keromytis, R. Stewart.) * ''Security Mechanisms for the Internet'' (with J. Schiller, Ed., C. Kaufman) * ''Guidelines for Cryptographic Key Management'' (with R. Housley) As of October 21, 2020, his publications have been cited 19,578 times, and he has an
h-index The ''h''-index is an author-level metric that measures both the productivity and citation impact of the publications, initially used for an individual scientist or scholar. The ''h''-index correlates with obvious success indicators such as ...
of 59.


See also

*
Computer security Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, t ...
*
Cryptography Cryptography, or cryptology (from grc, , translit=kryptós "hidden, secret"; and ''graphein'', "to write", or '' -logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of adv ...


References


External links


Missing Link: Knotty Privacy – Interview With Steven Bellovin
Heise News, August 4, 2019
"Steven M. Bellovin", DBLP Bibliography "Amnesty v. McConnell - Declaration of Steven M. Bellovin", ''ACLU''
{{DEFAULTSORT:Bellovin, Steven M. Computer security academics Members of the United States National Academy of Engineering Living people Stuyvesant High School alumni Columbia College (New York) alumni Scientists at Bell Labs American chief technology officers Columbia School of Engineering and Applied Science faculty Usenet people Cypherpunks Year of birth missing (living people) Federal Trade Commission personnel People from Brooklyn