One of the country's pioneering figures in computer security was honored in a special ceremony at the Commerce Department's National Institute of Standards and Technology (NIST) today.
Peter G. Neumann of SRI received the 2002 Computer System Security Award, which is given annually by NIST and the National Security Agency. The award is granted for outstanding contributions toward the advancement of computer security technology and is generally considered the most prestigious award in the area of information security and assurance.
Neumann has helped create many of the fundamental principles in building secure computer and communications systems. During the late 1960s, Neumann had a leadership role in the design, development and management of the Multiplexed Information Computing Services (MULTICS) operating system along with researchers at leading universities and computer companies. This work was used as the security test-bed for some of the most important and seminal security ideas.
In the 1970s, Neumann led the design of the Provably Secure Operating System (PSOS), which was the first design based on formal security analysis.
Neumann has energized and led debates on national issues related to security, reliability, human safety and trustworthy design. He has participated in several National Academy of Sciences studies, including two that produced highly regarded reports—Computers at Risk: Safe Computing in the Information Age in 1990 and CRISIS (Cryptography's Role in Securing the Information Society), a report on U.S. cryptographic policy in 1996.
His book, Computer-Related Risks, is in its fourth printing.
A nominee must meet at least one of the following criteria to be considered for the Computer System Security Award:
Previous winners of the Computer System Security Award include leaders in the field, including MIT encryption expert and RSA Security co-founder Ron Rivest, Purdue University computer sciences professor Gene Spafford and Georgetown University information warfare and security expert Dorothy Denning.
As a non-regulatory agency of the U.S. Department of Commerce's Technology Administration, NIST develops and promotes measurements, standards, and technology to enhance productivity, facilitate trade, and improve the quality of life. Under the Computer Security Act of 1987, NIST also develops standards and guidelines for the protection of sensitive federal computer systems.