Steven M. Bellovin Explained

Steven M. Bellovin is a researcher on computer networking and security who has been a professor in the computer science department at Columbia University^[1] since 2005. Previously, Bellovin was a fellow at AT&T Labs Research in Florham Park, New Jersey.^{[2] [3]}

In September 2012, Bellovin was appointed chief technologist for the United States Federal Trade Commission, replacing Edward W. Felten, who returned to Princeton University.^[4] He served in this position from September 2012 to August 2013.^[5]

In February 2016, Bellovin became the first technology scholar for the Privacy and Civil Liberties Oversight Board.^[6]

Career

Bellovin received a BA degree from Columbia University,^[7] and an MS and PhD in computer science from the University of North Carolina at Chapel Hill.

As a graduate student, Bellovin was one of the originators of USENET. He later suggested that Gene Spafford should create the Phage mailing list as a response to the Morris Worm.

Bellovin and Michael Merritt invented the encrypted key exchange password-authenticated key agreement methods. He was also responsible for the discovery that one-time pads were invented in 1882, not 1917, as previously believed.^[8]

Bellovin has been active in the IETF. He was a member of the Internet Architecture Board from 1996–2002. Bellovin later was security area codirector, and a member of the Internet Engineering Steering Group (IESG) from 2002–2004. He identified some key security weaknesses in the Domain Name System; this and other weaknesses eventually led to the development of DNSSEC.

He received 2007 National Computer Systems Security Award by the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA).^[9] In 2001, he was elected as a member into the National Academy of Engineering for his contributions to network applications and security.^[10]

In 2015, Bellovin was part of a team of proponents that included Matt Blaze, J. Alex Halderman, Nadia Heninger, and Andrea M. Matwyshyn who successfully proposed a security research exemption to Section 1201 of the Digital Millennium Copyright Act.^[11]

Bellovin is an active NetBSD user and a NetBSD developer focusing on architectural, operational, and security issues.

He is a two-time recipient of the Usenix Lifetime Achievement Award. In 1995 he and two others received the award “for their work in creating USENET.”. In 2023, he and two others received the award “for a profound and lasting impact on Computer Science, Computer Security, Law, and Public Policy through their groundbreaking research, their influential publications, and their dedication to advancing knowledge that informs public policy.”.^[12]

Selected publications

Bellovin is the author and co-author of several books, RFCs and technical papers, including:

• Firewalls and Internet Security: Repelling the Wily Hacker (with W. Cheswick) – one of the first books on internet security.
  • Firewalls and Internet Security: Repelling the Wily Hacker 2nd edition (with Cheswick and Aviel D. Rubin)
• Thinking Security: Stopping Next Year's Hackers (2015)
• Firewall-Friendly FTP
• Security Concerns for IPng
• On Many Addresses per Host
• Defending Against Sequence Number Attacks
• RFC 3514 The Security Flag in the IPv4 Header (April Fools' Day RFC)
• On the Use of Stream Control Transmission Protocol (SCTP) with IPsec (with J. Ioannidis, A. Keromytis, R. Stewart.)
• Security Mechanisms for the Internet (with J. Schiller, Ed., C. Kaufman)
• Guidelines for Cryptographic Key Management (with R. Housley)

As of October 21, 2020, his publications have been cited 19,578 times, and he has an h-index of 59.^[13]

See also

• Computer security
• Cryptography

External links

• Missing Link: Knotty Privacy – Interview With Steven Bellovin. Heise News, August 4, 2019
• "Steven M. Bellovin", DBLP Bibliography
• "Steven M. Bellovin Publications", ATT
• "Amnesty v. McConnell - Declaration of Steven M. Bellovin", ACLU

Notes and References

1. https://www.cs.columbia.edu/~smb Steve Bellovin's home page
2. Web site: Steven M. Bellovin | InformIT.
3. Web site: AT&T; Labs Research - Bellovin, Steven M . 2010-03-20 . dead . https://web.archive.org/web/20101205012129/http://www.research.att.com/people/Bellovin_Steven_M/index.html . 2010-12-05 .
4. http://www.ftc.gov/opa/2012/08/personnel.shtm "FTC Announces Appointments to Agency Leadership Positions"
5. Web site: 2018-05-01. FTC Chief Technologists. 2021-07-02. Federal Trade Commission. en.
6. https://www.pclob.gov/newsroom/20160211.html "Technology Scholar Appointed by Privacy and Civil Liberties Oversight Board"
7. Web site: Fall 2019. Columbia College Today. December 24, 2020. Columbia College Today. 58.
8. News: John Markoff . John Markoff . Codebook Shows an Encryption Form Dates Back to Telegraphs . . July 25, 2011 . 2011-07-26 .
9. http://www.acsac.org/2006/ncss-pr.html NIST/NSA National Computer Systems Security Award 2007
10. Web site: Dr. Steven M. Bellovin.
11. Web site: Section 1201 Rulemaking: Sixth Triennial Proceeding to Determine Exemptions to the Prohibition on Circumvention.
12. Web site: Flame Award . 6 December 2011 . .
13. Web site: Steven Bellovin - Google Scholar Citations. scholar.google.com. 2020-10-21.