Computer Security in the Real World

What people want from computer security is to be as secure with computers as they are in the real world. Real-world security is about value, locks, and police. When it works, you get good enough locks (not too many break-ins), good enough police (so break-ins aren't a paying business), and minimum interference with daily life. Computer security is hard because people don't trust new things (especially when they don't understand them), and computers are fast and complicated. The kind of computer break-ins most people care about are vandalism or sabotage that damages information or disrupts service, theft of money or information, and loss of privacy. Some people think that because computers are precise, perfect computer security should be possible. I'll explain why this is wrong, and talk about what kind of security is practical and how to get it.

Butler Lampson is an Architect at Microsoft Research, and has previously worked at MIT, Berkeley, Xerox PARC and Digital's System Research Centre. Over the last thirty years he has influenced computing research through his part in the design of several landmark systems; in fields as diverse as local area networks, page printers, programming languages, personal workstations and the electronic book. His work on computer security ranges from the hardware in a patented ethernet encryption chip to a high level infrastructure for security on the internet.

This is a public lecture, open to all, and will be followed by a reception at 5pm in room 2511 of the James Clerk Maxwell Building. Please tell Janet Lee if you intend to come to the reception. This is one of a range of events comprising the University of Edinburgh Informatics Jamboree, 24-28 May 1999.

The annual Milner Lecture was founded by a donation from Robin Milner "to keep a live connection between theory and application in computer science".