[ISN] Roger Needham, Computer Security Expert, Dies at 68

From: InfoSec News (isnat_private)
Date: Thu Mar 06 2003 - 03:00:18 PST

  • Next message: InfoSec News: "[ISN] Cybercrime Follows Money Trail"

    March 6, 2003  
    Roger M. Needham, a leading computer scientist who did pioneering work
    on security software, led Cambridge University's computer science
    laboratory for 15 years and started Microsoft's first overseas
    research lab, died Friday at his home in Coton, England. He was 68.
    The cause was cancer, said Maurice Wilkes, a friend and colleague.
    In a career that spanned more than four decades, Mr. Needham made
    contributions to a range of computing disciplines, including systems
    design, operating systems and networking. Still, his most enduring
    research was done in computer security.
    In 1967, he devised a method for encrypting password files in a secure
    way. In 1978, Mr. Needham in collaboration with another computer
    scientist, Michael Schroeder, published his research for identifying
    users by exchanging data, usually in passwords, in computer systems
    with many users. The technology, widely known in computer security, is
    called the Needham-Schroeder protocol for authentication.
    Anyone sitting at a personal computer today, typing a password into a
    corporate network or a Web site, is probably using security software
    that makes use of Mr. Needham's inventions.
    "When you sign on with a password, the technology you are using owes a
    debt to the work that Roger did, dating back to the 1960's," said
    Richard Rashid, a computer scientist and senior vice president for
    research at Microsoft. "That's how powerful his ideas have been."
    Mr. Needham came to computer security as a byproduct of working on
    systems and early high-speed local networks like the Cambridge Ring
    and Fast Ring projects with university colleagues, including Mr.  
    Wilkes, David Wheeler and Andrew Hopper. The Cambridge Ring projects
    were research forerunners of today's commercial networks like
    automated teller machine networks.
    It was thinking about a system for allowing many people to gain access
    to a network that prompted Mr. Needham to address the problems of
    security, identity and authentication. "Roger Needham was one of the
    first people to recognize that computer security was important," said
    Matt Blaze, a computer security expert at AT&T Labs.
    Indeed, despite his contributions to computing theory, Mr. Needham
    always thought of himself mostly as an engineer, trying to solve one
    practical problem after another. Colleagues say he did not care much
    for the term computer scientist, regarding it as a bit of a misnomer.
    "I think the whole of computer science is engineering," Mr. Needham
    said two years ago. "Not everyone agrees with me, of course."
    Cambridge was known for its pragmatic approach to computing long
    before Mr. Needham arrived in the early 1960's. Under Mr. Wilkes, the
    Cambridge lab is widely credited with getting the first working
    stored-program computer, the Edsac, up and running. In 1951, Mr.  
    Wilkes, Mr. Wheeler and Stanley Gill, wrote the first textbook for
    computer programming, "The Preparation of Programs for an Electronic
    Digital Computer."
    Mr. Needham, who became a researcher at the Cambridge lab in 1963 and
    succeeded Mr. Wilkes as director in 1980, carried on and reinforced
    the emphasis on practical work. He would always tell his graduate
    students to do research that really mattered. "Good research is done
    with a shovel, not with tweezers," Mr. Needham once said. "You should
    find an area where you can get a lot out of it fast."
    His message was delivered to his students through constant contact. He
    was a scholar who roamed the lab, former students say, instead of
    working from an office. He ate lunch with the students most days. He
    paced as he talked during his impromptu tutorials, which frequently
    continued during evenings over a pint of beer at the Eagle Tavern.
    "Once he got started talking to you he couldn't help himself and he
    couldn't sit down," said Bjarne Stroustrup, who went on to Bell Labs
    and created the C++ computer language, one of the most popular
    programming tools in use today. "And Roger Needham certainly
    reinforced my practical bent, that what you should do is work on ideas
    for making things better."
    At a gathering for Mr. Needham last month, a couple of dozen leading
    computer scientists delivered papers in Cambridge as a tribute to
    their colleague. Frail and in a wheelchair, Mr. Needham put a
    workman's hardhat on his head, saying that he was very much a
    practical engineer, to the end. "It was quite effective," Mr. Wilkes
    Born on Feb. 9, 1935, Mr. Needham grew up in Doncaster in northern
    England, the son of an engineer who designed coal-making machinery.  
    Mr. Needham won a scholarship to Cambridge, where he received his
    Ph.D. in 1961. In 1958, he married Karen Sparck Jones, another
    graduate student at Cambridge. While working on their Ph.D. theses,
    the couple built the house they lived in for the next 40 years. Ms.  
    Sparck Jones, a Cambridge professor, survives her husband.
    Around Cambridge, Mr. Needham was known for his unassuming ways - his
    means of transport was a battered old bicycle - and his left-wing
    politics, having been a Labor Party district councilor for 15 years.
    His socialist sympathies certainly made no difference to Microsoft, a
    paragon of capitalism, when it recruited him to set up a corporate
    research lab in Cambridge, which opened in 1997. For his part, Mr.  
    Needham saw the job as another way to encourage the kind of pragmatic
    computing research he preferred.
    "If there wasn't an industry concerned with making and using computers
    the subject wouldn't exist," he explained. "It's not like physics 
    physics was made by God, but computer science was made by man. It's
    there because the industry's there."
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Thu Mar 06 2003 - 05:36:47 PST