P.G. Neumann, Efficient Error-Limiting Variable-Length Codes, IRE Transactions on Information Theory IT-8, pp. 292-304, July 1962.
P.G. Neumann, On a Class of Efficient Error-Limiting Variable-Length Codes, IRE Transactions on Information Theory IT-8, pp. S260-266, September 1962.
P.G. Neumann, Error-Limiting Coding Using Information-Lossless Sequential Machines, IEEE Transactions on Information Theory IT-10, p. 108-115, April 1964.
R.C. Daley and P.G. Neumann, A General-Purpose File System for Secondary Storage, AFIPS Conference Proceedings, Fall Joint Computer Conference, pp. 213-229, November 1965.
P.G. Neumann, The Role of Motherhood in the Pop Art of System Programming, Proceedings of the ACM Second Symposium on Operating Systems Principles, Princeton NJ, pp. 13-18, October 1969.
P.G. Neumann and T.R.N. Rao, Error Correction Codes for Byte-Organized Arithmetic Processors, IEEE Transactions on Computers C-24, 3, pp. 226-232, March 1975.
R.J. Feiertag and P.G. Neumann, The Foundations of a Provably Secure Operating System (PSOS), AFIPS Conference Proceedings (NCC 79), NY, NY, pp. 329-334, June 1979. http://www.csl.sri.com/~neumann/psos.pdf
P.G. Neumann, R.S. Boyer, R.J. Feiertag, K.N. Levitt, and L. Robinson, A Provably Secure Operating System: The System, Its Applications, and Proofs, Second Edition, Computer Science Laboratory, SRI International, Menlo Park, California, May 7, 1980, issued as Report CSL-116. The first major report defining the system was dated June 13, 1975, and the final report was February 11, 1977. The 1980 second edition was prepared in preparation for the Ford/Honeywell implementation study contract, which eventually led Honeywell and SCC to the Secure Ada Target, LOgical Coprocessor Kernel (LOCK) and SideWinder.
P.G. Neumann, Experiences with Formality in Software Development, in Theory and Practice of Software Technology, D. Ferrari, M. Bolognani, and J. Goguen, editors, North-Holland Publishing Company, pp. 203-219, 1983.
P.G. Neumann, Psychosocial Implications of Computer Software Development and Use: Zen and the Art of Computing, in Theory and Practice of Software Technology, D. Ferrari, M. Bolognani, and J. Goguen, editors, North-Holland Publishing Company, pp. 221-232, 1983.
P.G. Neumann, On Hierarchical Design of Computer Systems for Critical Applications, IEEE Transactions on Software Engineering, SE-12 9, September 1986, pp. 905-920.
P.G. Neumann, Rainbows and Arrows: How the Security Criteria Address Computer Misuse, Proc. 13th National Computer Security Conference, Baltimore MD, 1-4 October 1990.
P.G. Neumann, Beauty and the Beast of Software Complexity -- Elegance versus Elephants, in Beauty is our Business, A Birthday Salute to Edsger W. Dijkstra, pp. 346-351, Edited by W.H.J. Feijen, A.J.M. van Gasteren, D. Gries, J. Misra, published 11 May 1990, Springer Verlag (ISBN 0-387-97299-4).
D. Clark et al., Computers at Risk: Safe Computing in the Information Age, National Research Council, National Academy Press, 5 December 1990. (Authored by the 16 members of the NRC System Security Study Committee, 1989-1991.)
S. Landau, S. Kent, C. Brooks, S. Charney, D. Denning, W. Diffie, A. Lauck, D. Miller, P. Neumann, and D. Sobel, Crypto Policy Perspectives, Communications of the ACM, 37, 8, August 1994, pp. 115-121.
P.G. Neumann, Computer-Related Risks, Addison-Wesley and ACM Press, 1995.
K. Dam et al., Cryptography's Role In Securing the Information Society (a.k.a. the CRISIS report), Final Report of the National Research Council Cryptographic Policy Study Committee, National Academy Press, 2101 Constitution Ave., Washington, D.C. 20418, 1996.
Hal Abelson, Ross Anderson, Steven M. Bellovin, Josh Benaloh, Matt Blaze, Whitfield Diffie, John Gilmore, Peter G. Neumann, Ronald L. Rivest, Jeffrey I. Schiller, Bruce Schneier, The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption, 27 May 1997 (ftp://research.att.com/dist/mab/key_study.txt or .ps; http://www.crypto.com/key_study). This article appears in the World Wide Web Journal (Web Security: A Matter of Trust) 2, 3, O'Reilly & Associates, Summer 1997, 241-257. Reissued with an incremental preface assessing what happened in the intervening year, http//www.cdt.org/crypto/risks98/, 8 June 1998.
P.G. Neumann, Review of Privacy on the Line, by Whitfield Diffie and Susan Landau, Notices of the American Mathematics Society, June-July 1998, pp. 709, 711-712.
P.G. Neumann and P.A. Porras, Experience with EMERALD to Date, 1st USENIX Workshop on Intrusion Detection and Network Monitoring, Santa Clara, California, 11-12 April 1999. Best Paper Award. http://www.csl.sri.com/~neumann/det99.html .)
P.G. Neumann, Robust Nonproprietary Software, Proceedings of the 2000 Symposium on Security and Privacy, IEEE Computer Society, Oakland, California, May 2000, pp. 122--123. http://www.csl.sri.com/neumann/ieee00.pdf
P.G. Neumann, Certitude and Rectitude, position paper for IEEE International Conference on Requirements Engineering, Schaumberg, Illinois, June 20, 2000. http://www.csl.sri.com/neumann/icre00+.ps, and .pdf
P.G. Neumann, Practical Architectures for Survivable Systems and Networks: Phase Two Final Report, for the ARL project, available at http://www.csl.sri.com/neumann/survivability.ps (and .pdf and .html), dated June 30, 2000. This report represents the main effort of the three-year project.
P.G. Neumann, Security Risks in the Computer-Communication Infrastructure, written testimony for the U.S. Permanent Subcommittee on Investigations of the Senate Committee on Governmental Affairs, 25 June 1996, included in Security in Cyberspace, Hearings, S. Hrg. 104-701 (see http://www.csl.sri.com/~neumann/senate.html). ISBN 0-16-053913-7, 1996, pp. 350-363. My oral testimony is on pages 106-111 of that volume, and there are several other references to me elsewhere.
PGN attended the fifth government-sponsored Highlands Forum at the U.S. Naval Academy, 3 Dec 1996, and served on a panel on vulnerabilities in the information infrastructure. Several members of the President's Commission on Critical Infrastructures were present.
P.G. Neumann, Computer Security in Aviation: Vulnerabilities, Threats, and Risks, Gore Commission Conference on Aviation Safety and Security, 13-15 Jan 1997 (http://www.csl.sri.com/~neumann/air.html).
PGN participated on 10-11 Mar 1997 in a Workshop on Protecting and Assuring Critical National Infrastructure, at the Center for International Security and Arms Control at Stanford. PGN was on a panel with the President's Commission on Critical Infrastructure Protection (PCCIP) Commissioner Brenton Greene and Ray Leadabrand. Several other PCCIP Commissioners were also on the program including the Chairman Tom Marsh.
P.G. Neumann, The Social Security Internet Website: Technology and Privacy Implications, written testimony for the House Ways and Means subcommittee on the Social Security Administration hearing on 6 May 1997. (http://www.csl.sri.com/~neumann/ssa.html). Also, appeared on a Social Security Administration panel relating to computer security and risks related to SSA databases, 28 May 1997, at San Jose State. See ``The Social Security Administration: PEBES, Identity Theft, and Related Risks'' (http://www.csl.sri.com/~neumann/ssaforum.html).
PGN testified on 6 Nov 1997 for the House Subcommittee on Technology, Committee on Science, chaired by Connie Morella, on the subject of protecting the information infrastructure. (The written testimony, oral testimony, and ensuing responses to written questions are published by the Government Printing Office, ISBN 0-16-056151-5; the written testimony is also on-line at http://www.csl.sri.com/~neumann/house97.html and the responses to questions at http://www.csl.sri.com/~neumann/house97.ans .) More recent House testimonies are noted on my main Web pages.
PGN testified on 19 May 1998 for the U.S. Senate Governmental Affairs Committee, Computer-Related Infrastructure Risks for Federal Agencies. www.csl.sri.com/neumann/senate98.html. More recent Senate testimonies are noted on my main Web pages.
Steve Bellovin, Matt Blaze, Dave Farber, P.G. Neumann, and Eugene Spafford, Comments on the Carnivore System Technical Review, 3 December 2000, submitted to the Department of Justice at their request. http://www.crypto.com/papers/carnivore_report_comments.html
P.G. Neumann (ed). Inside Risks. Communications of the ACM (inside back cover), regular monthly column since July 1990. http://www.csl.sri.com/~neumann/insiderisks.html .
P.G. Neumann. Quarterly sections on Risks to the Public in the Use of Computers and Related Systems and editorials on related subjects, in the regular issues of the ACM SIGSOFT Software Engineering Notes.