Computer Security in the Real World

EECS Joint Colloquium Distinguished Lecture Series

pic of Butler Lampson

Dr. Butler Lampson
Tablet PC, Microsoft Research

Wednesday, January 24, 2001
Hewlett Packard Auditorium, 306 Soda Hall
4:00-5:00 p.m.


What people want from computer security is to be as secure with computers as they are in the real world. Real-world security is about value, locks, and police. When it works, you get good enough locks (not too many break-ins), good enough police (so break-ins aren't a paying business), and minimum interference with daily life. Computer security is hard because people don t trust new things (especially when they don t understand them), and computers are fast and complicated. The kind of computer break-ins most people care about are vandalism or sabotage that damages information or disrupts service, theft of money or information, and loss of privacy. Some people think that because computers are precise, perfect computer security should be possible. I'll explain why this is wrong, and talk about what kind of security is practical and how to get it.


Butler Lampson is a Distinguished Engineer at Microsoft Corporation and an Adjunct Professor at MIT. He has worked on computer architecture, local area networks, raster printers, page description languages, operating systems, remote procedure call, programming languages and their semantics, programming in the large, fault-tolerant computing, transaction processing, computer security, WYSIWYG editors, and tablet computers. He was one of the designers of the SDS 940 time-sharing system, the Alto personal distributed computing system, the Xerox 9700 laser printer, two-phase commit protocols, the Autonet LAN, the SPKI system for network security, and several programming languages. He received the ACM Software Systems Award in 1984 for his work on the Alto, the IEEE Computer Pioneer award in 1996 and von Neumann Medal in 2001, and the Turing Award in 1992.