Information Technology Reference
In-Depth Information
Matt Bishop
Matt Bishop received his PhD in computer science from Purdue
University, where he specialized in computer security, in 1984. He was
a research scientist at the Research Institute for Advanced Computer
Science and was on the faculty at Dartmouth College before joining
the Department of Computer Science at the University of California at
Davis. He teaches courses in computer security, operating systems, and
programming.
His main research area is the analysis of vulnerabilities in computer
systems, including modeling them, building tools to detect vulnera-
bilities, and ameliorating or eliminating them. This includes detecting and handling all types of
malicious logic. He is active in the areas of network security, the study of denial-of-service attacks
and defenses, policy modeling, software assurance testing, and formal modeling of access con-
trol. He also studies the issue of trust as an underpinning for security policies, procedures, and
mechanisms.
He is active in information assurance education, is a charter member of the Colloquium on
Information Systems Security Education, and led a project to gather and make available many
unpublished seminal works in computer security. He has authored a textbook,
Computer Security: Art
and Science
, published by Addison-Wesley Professional.
What led you to focus your research on system vulnerabilities?
I became interested in this area because of the ubiquity of the problem. We have been designing and
building computer systems since the 1950s, and we still don't know how to secure systems in practice.
Why not? How can we find the existing vulnerabilities and improve the security of those existing
systems?
Also, there are parallels with nontechnical fields. I find those parallels fascinating, and I enjoy learn-
ing and studying other fields to see if any of the methods and ideas from those fields can be applied
to analyzing systems and improving their security. Some fields, like military science, political science,
and psychology, have obvious connections. Others, such as art and literature, have less obvious con-
nections. But all emphasize the importance of people to computer and software security.
Do you have an example of what can happenwhen security is treated as an add-on, rather
than designed into a system from the beginning?
Yes. Consider the Internet. When it was first implemented (as the old ARPANET), the protocols were
not developed to supply the security services that are now considered important. (The security services
that were considered important were various forms of robustness, so that the network would provide
connectivity even in the face of multiple failures of systems in the network and even of portions of the
network itself. It supplied those services very well.) As a result, security services such as authentication,
confidentiality of messages, and integrity of messages are being treated as add-ons rather than the
protocols being redesigned to provide those services inherently. So today we have security problems in
the descendant of the ARPANET, the Internet.
