The IEEE Symposium on Security and Privacy, in Retrospect

SRI Authors: Peter Neumann

Abstract

racing the history of computer security and privacy is a mammoth undertaking, somewhat resembling efforts to combine archaeology and ethnology with a compendium of past and foreseen risks— and how different courses of history might have affected those risks in different ways. (For example, the University of Minnesota’s NSF-funded collection of oral histories from infl uential people in this area is a wonderful eff ort to capture some this information; htt ps://wiki. umn.edu/CBI_ComputerSecurity/WebHome.) Tracing the history of the IEEE Symposium on Security and Privacy (SSP), the longest-running computer security research meeting, is considerably easier—and quite relevant to the somewhat shorter history of IEEE Security & Privacy magazine. Indeed, a previous article writt en for the proceedings of the 31st SSP did exactly that,1 so it seems unnecessary to duplicate it here. Instead, we focus more on SSP’s evolution and its vital relevance to the research and development communities along its path from community gathering to premier security research meeting. We highlight some of the technological and engineering paradigms that SSP stimulated or were refl ected in intense discussions that ensued, and also to some extent SSP’s potential impact on the world at large.