Gene Spafford |
Eugene H. Spafford (born 1956) (known colloquially as Spaf ) is a professor of computer science at Purdue University and a leading computer security expert. An historically significant Internet figure, he is renowned for first analyzing the Morris Worm, one of the earliest computer worms, and his participation in the Usenet backbone cabal. Spafford is a member of the President s Information Technology Advisory Committee (PITAC), has been an advisor to the National Science Foundation (NSF), and serves as an advisor to over a dozen other government agencies and major corporations.
Spafford received his B.A. with a double major in mathematics and computer science from the State University of New York at Brockport. He then attended the School of Information and Computer Sciences (now the College of Computing) at the Georgia Institute of Technology. He received his M.S. in 1981, and Ph.D. in 1986 for his design and implementation of the original Clouds distributed operating system kernel.
During the early formative years of the Internet, Spafford made significant contributions to establishing semi-formal processes to organize and manage Usenet, then the primary channel of communcation between users, as well as being influential in defining the standards of behavior governing its use.
At Purdue, Spafford has a joint appointment as a professor of computer science and as professor of electrical and computer engineering, where he has served on the faculty since 1987. He is also a professor of philosophy (courtesy), and a professor of communication (courtesy). He is also Executive Director of the Purdue CERIAS (Center for Education and Research in Information Assurance and Security) and was the founder and director of COAST Laboratory, which preceded CERIAS.
He is involved in a number of professional societies and activities outside Purdue including serving on the Board of Directors of the Computing Research Association and as co-chair of the Association for Computing Machinery s US Public Policy Committee. He serves on a number of advisory and editorial boards and is internationally known for his writing, research, and speaking on issues of security and ethics. Spafford has authored or co-authored four books on computer and computer security, including Practical Unix and Internet Security for O Reilly Media, as well as over a hundred research papers, chapters and monographs.
Spafford has stated that his research interests have focused on the prevention, detection, and remediation of information system failures and misuse, with an emphasis on applied information security. This has included research in fault tolerance, software testing and debugging, intrusion detection, software forensics, and security policies.
Among notable software designed and/or supervised by Spafford include the freeware ICAT database. Research by other graduate students of his has resulted in tools for software testing and debugging, distributed processing, cyber forensics, firewalls, intrusion detection, auditing, and network traceback.
=Quotations=
Spafford his well-known for his aphorisms regarding the Internet: (Generally, the word Usenet may be replaced by the word Internet or the phrase World Wide Web and these axioms will remain as true as the original statements.) *Axiom #1: The Usenet is not the real world. The Usenet usually does not even resemble the real world. **Corollary #1: Attempts to change the real world by altering the structure of the Usenet is an attempt to work sympathetic magic -- electronic voodoo. **Corollary #2: Arguing about the significance of newsgroup names and their relation to the way people really think is equivalent to arguing whether it is better to read tea leaves or chicken entrails to divine the future.
*Axiom #2: Ability to type on a computer terminal is no guarantee of sanity, intelligence, or common sense. **Corollary #3: An infinite number of monkeys at an infinite number of keyboards could produce something like Usenet. **Corollary #4: They could do a better job of it.
*Axiom #3: Sturgeon s Law (90% of everything is crap) applies to Usenet. **Corollary #5: In an unmoderated newsgroup, no one can agree on what constitutes the 10%. **Corollary #6: Nothing guarantees that the 10% isn t crap, too.
= External links =
*[http://www.cerias.purdue.edu/homes/spaf/ Gene Spaffard s home page at Purdue] *[http://grep.law.harvard.edu/article.plsid=04/04/05/0353235 Greplaw interview] *[http://www.cerias.purdue.edu/ CERIAS website] *[http://protovision.textfiles.com/100/tr823.txt Spafford s analysis of the Morris worm] *[http://www.oreilly.com/catalog/puis3/ Pratical Unix and Internet Security ]
= Selected honors and awards=
*1992 Inducted in Sigma Xi, research scientists honor society. *1992 Inducted in Upsilon Pi Epsilon, the Computer Sciences honor society. *1996 Awarded charter membership in the IEEE Computer Society s Golden Core for distinguished service to the Computer Society during its first 50 years. *1996 Award of Distinguished Technical Communication (highest award) and Award of Merit by the Society for Technical Communication for Practical Unix and Internet Security . *1997 Inducted as a Fellow of the Association for Computing Machinery. *1999 Inducted as a Fellow of the American Association for the Advancement of Science. *2000 NIST/NCSC National Computer Systems Security Award. *2000 Proclaimed a CISSP, honoris causa by (ISC)2 *2000 Inducted as a Fellow of the Institute of Electrical and Electronics Engineers. *2001 Named to the ISSA (Information Systems Security Association) Hall of Fame. *2003 Awarded U.S. Air Force medal for Meritorious Civilian Service. *2005 Honorary D.Sc. from the State University of New York (SUNY)|
|