About me
Research staff member
Research lab: Watson Research Center (Hawthorne)
Education:
PhD Computer Science, Texas A&M University, December 1990
MS Computer Science, California State, Chico, January 1984
BS Aerospace Engineering, Rice University, May 1975
Experience:
1996 to date:
Research Staff Member, IBM T.J Watson Research Center, Yorktown Heights, NY.
Peforms research in security topics, including high assurance hardware and software, security analysis tools, security engineering, Linux security, wireless security, ethical hacking, security hardware tokens and coprocessors, and cryptography. Member of IBM team which developed a finalist in NIST's Advanced Encryption Standard competition. Develos IBM's Linux software for the Trusted Computing Group's Trusted Platform Module on IBM computers, including kernel modules for file verification and integrity based mandatory access control for improved client security. Led development of IBM's internal security engineering course. Led security analysis and review of major internal and customer architectures and applications.
1990 to 1996:
Director of Computing, Texas A&M University, College Station, TX
Responsible for campus networking and supercomputing for the campus with fifty thousand faculty staff and students, and twenty thousand networked computers. In 1992, led research and development of the first university oriented firewall, intrusion detection, and security auditing systems, which could scale to class A networks at T3 speeds. Taught graduate classes in optimization and security.
1984 to 1990:
Research Associate and PhD candidate, Texas A&M University, College Station, TX.Led a team of sixteen graduate students in a large research project in distributed fault tolerance in autonomic, embedded control systems.
1975 to 1984:
A-7 Weapons System Test Pilot, US Navy, Naval Weapons Center, China Lake, CA.Led flight validation test programs for numerous weapons systems, including all A-7 software, AGM-123a "Skipper" missile, HARM missile, FLIR, and Night Vision systems. Qualified as Diving Officer on USS Robert E Lee Polaris Missile Submarine.
Publications/Presentations:
“Trusted Computing and Open Source”, D. Safford, M. Zohar, Elsevier Information Security Technical Report, Volume 10 Issue 2, pp 74-82 2005.
“Open Source Support for Trusted Computing”, D. Safford, GovSec 2005, https://www.trustedcomputinggroup.org/downloads/tcg_presentations/GovSec_Presentation_052505.pdf
“Open Source Support for Trusted Computing”, RSA Conference, San Francisco, February 2005.
“Trusted Linux Client”, ACSAC, Tucson, AZ, December 2004.
"Autonomic 802.11 Wireless LAN Security Auditing", Joel Branch, Nick Petroni, Leendert van Doorn, David Safford, IEEE Security and Privacy, May 2004.
"Taking Control of TCPA", David Safford, Jeff Kravitz, Leendert van Doorn, Linux Journal, August 2003.
"Trusted Computing Panel", 12th USENIX Security Conference, Washington, DC. August 2003.
"MARS", David Safford, RSA Data Security Conference, San Francisco, CA1997.
"Texas A&M University Anarchistic Key Authorization", David Safford, Douglas Schales, David Hess, Sixth USENIX Security Conference, San Jose, CA, July 1996.
"Secure RPC Authentication (SRA) for TELNET and FTP", David Safford, Douglas Schales, David Hess, 4th USENIX Security Conference, Santa Clara, CA, Oct 1993.
"The TAMU Security Package: An Ongoing Response to Internet Intruders in an Academic Environment", David Safford, Douglas Schales, David Hess, 4th USENIX Security Conference, Santa Clara, CA, Oct 1993.
Patents:
WO04027610A2 SELF-MANAGING COMPUTING SYSTEM 2004-04-01
US20040059704A1 Self-managing computing system 2004-03-25
US20030229802A1 Computer system apparatus and method for improved assurance of authentication 2003-12-11
WO03083601A3 METHODS APPARATUS AND PROGRAM PRODUCTS FOR WIRELESS ACCESS POINTS 2003-10-09
WO03083601A2 METHODS APPARATUS AND PROGRAM PRODUCTS FOR WIRELESSACCESS POINTS 2003-10-09
US20030188179A1 Encrypted file system using TCPA 2003-10-02
US6535607 Method and apparatus for providing interoperability between key recovery and non-key recovery systems 2003-03-18
US20030041254A1 Securing sensitive configuration data remotely 2003-02-27
US20020166055A1 Secure pin entry into a security chip 2002-11-07
US6311270 Method and apparatus for securing communication utilizing a security processor 2001-10-30
EP0916209B1 CRYPTOGRAPHIC KEY RECOVERY SYSTEM 2001-09-19
US6243470 Method and apparatus for advanced symmetric key block cipher with variable length key and block 2001-06-05
US6192129 Method and apparatus for advanced byte-oriented symmetric key block cipher with variable length key and block 2001-02-20
US6189095 Symmetric block cipher using multiple stages with modified type-1 and type-3 feistel networks 2001-02-13
US6185679 Symmetric block cipher using multiple stages with type-1 and type-3 feistel networks2001-02-06
US6185304 Method and apparatus for a symmetric block cipher using multiple stages 2001-02-06
US6058188 Method and apparatus for interoperable validation of key recovery information in a cryptographic system 2000-05-02
US6052469 Interoperable cryptographic key recovery system with verification by comparison 2000-04-18
HU9902892AB METHOD AND APPARATUS FOR PROVIDING FOR THE RECOVERY OF A CRYPTOGRAPHIC KEY 1999-12-28
KR0233979B1 TWO-PHASE CRYPTOGRAPHIC KEY RECOVERY SYSTEM 1999-12-15
US5937066 Two-phase cryptographic key recovery system 1999-08-10
PL0331313A1 CRYPTOGRAPHIC KEY RECOVERY SYSTEM 1999-07-05
US5907618 Method and apparatus for verifiably providing key recovery information in a cryptographic system 1999-05-25
EP0916209A1 CRYPTOGRAPHIC KEY RECOVERY SYSTEM 1999-05-19
US5796830 Interoperable cryptographic key recovery system 1998-08-18
WO9805143A1 CRYPTOGRAPHIC KEY RECOVERY SYSTEM
Last updated 22 Oct 2009