- CSRC Home
- About CSD
- Projects / Research
- news & events
Search the fulltext of NIST's computer security publications:
The papers available on the following pages were initially distributed on CD-ROM at the 21st National Information Systems Security Conference (NISSC '98). These papers are unpublished, seminal works in computer security and are recommended reading for serious students of computer security. This compilation was created by the Computer Security Laboratory of the Computer Science Department at the University of California, Davis. See the acknowledgements from the CD-ROM.
"Computer security as a discipline was first studied in the early 1970s, although the issues had influenced the development of many earlier systems such as the Atlas system and MULTICS. Unfortunately, many of the early seminal papers are often overlooked as developers (and sometimes researchers) rediscover problems and solutions, leading to wasted time and development effort.
The information in these papers provides a historical record of how computer security developed, and why. It provides a resource for computer security education. Instructors will be able to assign sets of papers for students to analyze without having to assemble the resource materials. Lastly, it provides a resource for practitioners, to which they can turn to see what has been suggested (and tried) before, under what conditions, and with what results.
During a discussion of this problem and the benefits of studying the papers, someone suggested finding these papers and making them available to the community. This project grew from that idea.
This CD-ROM, the first in a series (we hope), contains 16 seminal papers. Only papers without copyright restrictions were considered, because we wanted to put out the first CD-ROM quickly to enable the community to accrue benefits as early as possible. We also needed to determine if the process were feasible. (as proof that the idea of the project has merit).
To determine which papers should be included, we polled 25 security researchers, developers, and educators who were very familiar with the literature of the period in question. We confined our request to those papers produced under government contract and not published in a journal or conference proceeding. The response was overwhelming. We produced a list of 26 papers that respondents believed should be included.
We then gathered as many of the papers as we could find. Many of the polled people sent us copies of the papers. We were able to obtain, and scan in, 16 for this first release.
For the future: we have numerous papers that we did not put onto the CD-ROM for various reasons, and are still receiving suggestions! We have enough suggestions to produce at least 3 more CD-ROMs. We will attempt to do so in the near future."
We thank Dr. Blaine Burnham of the NSA for his foresight, encouragement and support. Without it, this project would not have gotten off the ground. We thank Dr. John Gannon of the University of Maryland for his support. It was his contract that supplied the money to collect the papers and scan them into CD-ROM format. We thank James P. Anderson for his patience, knowledge, and immeasurable contributions to this project; Jim donated his collection of papers (which filled six boxes!). Last but not least, we thank Dr. Stuart Katzke of the National Institutes of Science and Technology for his generous support in reproducing these CD-ROMs.
In the early days of computer security, virtually all of the important papers were produced under government contract. Since they were reports rather papers presented at conferences, the authors distributed papers to their colleagues. This meant the reports were not widely disseminated among the general computing community. We focused on these reports because they are seminal and are free from any copyright difficulties. We began with the list in Dr. T. M. P. Lee’s "Lost Treasures of Computer Security" paper. We might have come up with the same list on our own, but Ted’s effort saved us much time and discussion. We added our own preferences, and solicited suggestions from about 25 practitioners familiar with the unpublished literature of the early days of computer security. The response to the solicitation was overwhelming, and many of the respondents offered copies of papers they had helped produce, or pointed us to other reports and sources.
We thank the many people at UC Davis who helped scan the papers and produce the CD-ROM, in particular Dr. Chris Wee, David O’Brien, Anna Mell, and Michael Fitzgerald. We thank Professor Karl Levitt for his help and support as well.
Computer Security Laboratory
Department of Computer Science
University of California at Davis
One Shields Avenue
Davis, CA 95616-8562