[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ISN] Passing of Computing and Information Security Pioneer


By Prof. Eugene Spafford
January 2nd, 2008  

On November 18, 2007, noted computer pioneer James P. Anderson, Jr., 
died at his home in Pennsylvania. Jim, 77, had finally retired in 

Jim, born in Easton, Pennsylvania, graduated from Penn State with a 
degree in Meteorology. From 1953 to 1956 he served in the U.S. Navy as a 
Gunnery Officer and later as a Radio Officer. This later service sparked 
his initial interest in cryptography and information security.

Jim was unaware in 1956, when he took his first job at Univac 
Corporation, that his career in computers had begun. Hired by John 
Mauchly to program meteorological data, Dr. Mauchly soon became a family 
friend and mentor. In 1959, Jim went to Burroughs Corporation as manager 
of the Advanced Systems Technology Department in the Research Division, 
where he explored issues of compilation, parallel computing, and 
computer security. While there, he conceived of and was one of the 
patent holders of one of the first multiprocessor systems, the D-825. 
After being manager of Systems Development at Auerbach Corporation from 
1964 to 1966, Jim formed an independent consulting firm, James P. 
Anderson Company, which he maintained until his retirement.

Jims contributions to information security involved both the abstract 
and the practical. He is generally credited with the invention and 
explication of the reference monitor (in 1972) and audit trail-based 
intrusion detection (in 1980). He was involved in many broad studies in 
information security needs and vulnerabilities. This included 
participation on the 1968 Defense Science Board Task Force on Computer 
Security that produced the Ware Report, defining the technical 
challenges of computer security. He was then the deputy chair and editor 
of a follow-on report to the U.S. Air Force in 1972. That report, widely 
known as The Anderson Report, defined the research agenda in information 
security for well over a decade. Jim was also deeply involved in the 
development of a number of other seminal standards, policies and over 
200 reports including BLACKER, the TCSEC (aka The Orange Book), TNI, and 
other documents in The Rainbow Series.

Jim consulted for major corporations and government agencies, conducting 
reviews of security policy and practice. He had long- standing 
consulting arrangements with computer companies, defense and 
intelligence agencies and telecommunication firms. He was a mentor and 
advisor to many in the community who went on to prominence in the field 
of cyber security. Jim is well remembered for his very practical and 
straightforward analyses, especially in his insights about how 
operational security lapses could negate strong computing safeguards, 
and about the poor quality design and coding of most software products.

Jim eschewed public recognition of his many accomplishments, preferring 
that his work speak for itself. His accomplishments have long been known 
within the community, and in 1990 he was honored with the NIST/NCSC 
(NSA) National Computer Systems Security Award, generally considered the 
most prestigious award in the field. In his acceptance remarks Jim 
observed that success in computer security design would be when its 
results were used with equal ease and confidence by average people as 
well as security professionals - a state we have yet to achieve.

Jim had broad interests, deep concerns, great insight and a rare 
willingness to operate out of the spotlight. His sense of humor and 
patience with those earnestly seeking knowledge were greatly admired, as 
were his candid responses to the clueless and self-important.

With the passing of Jim Anderson the community has lost a friend, mentor 
and colleague, and the field of cyber security has lost one of its 
founding fathers.

Jim is survived by his wife, Patty, his son Jay, daughter Beth and three 
grandchildren. In lieu of other recognition, people may make donations 
to their favorite charities in memory of Jim.

Visit InfoSec News