Jump to content

User:Kgberg/sandbox: Difference between revisions

From Wikipedia, the free encyclopedia
Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
Kgberg (talk | contribs)
148 edits
No edit summary
Kgberg (talk | contribs)
148 edits
No edit summary
Line 1: Line 1:


{{Infobox scientist
{{Infobox scientist
| name = Edward Amoroso
| name = Edward Amoroso,_American expert in computer security and Distinguished Research Professor at the New York University Tandon School of Engineering in the Computer Science and Engineering Department
| image = Edward_Amoroso.png
| image = Edward_Amoroso.png
| image_size =
| image_size =
| alt =
| alt =
| caption =
| caption =
| birth_date = {{Birth date and age|1977|02|27}}
| birth_date = {{Birth date and age|1961|12|03}}
| birth_place =
| birth_place = [[Brooklyn, New York]]
| death_date = <!-- {{Death date and age|YYYY|MM|DD|YYYY|MM|DD}} (death date then birth date) -->
| death_date = <!-- {{Death date and age|YYYY|MM|DD|YYYY|MM|DD}} (death date then birth date) -->
| death_place =
| death_place =
| residence = [[New York, United States]]
| residence = [[United States]]
| citizenship =
| nationality = American
| nationality = American
| fields = [[Security]], [[operating Systems]], [[networks]]
| fields = [[Computer Science]]
| work_institutions = [[TAG Cyber LLC]] <br> [[New York University]] <br> [[Stevens Institute of Technology]] <br> [[Johns Hopkins University Applied Physics Lab]] <br>
| workplaces =
| alma_mater = [[University of Arizona]]
| alma_mater = [[Columbia University]] <br> [[Stevens Institute of Technology]] <br> [[Dickinson College]]
| thesis_title =
| thesis_title =
| thesis_url =
| thesis_url =
| thesis_year = 2008
| thesis_year =
| doctoral_advisor = John Hartman
| doctoral_advisor =
| doctoral_students =
| doctoral_students =
| Religion =
| Religion =
| known_for =
| known_for = Computer Science
| awards =
| awards =
| signature = <!--(filename only)-->
| signature = <!--(filename only)-->
| signature_alt =
| signature_alt =
| website =
| website = {{URL|http://engineering.nyu.edu/people/justin-cappos}}<br>{{URL|http://isis.poly.edu/~jcappos/index.php}}
| footnotes =
| footnotes =
| spouse =
| spouse =
Line 34: Line 33:
'''[https://engineering.nyu.edu/faculty/edward-amoroso Edward Amoroso]''' Edward Amoroso is an American expert in computer security based in the New York City area. Amoroso is a Distinguished Research Professor [1] at the New York University Tandon School of Engineering in the Computer Science and Engineering Department. He is also Adjunct Professor of Computer Science [2] at the Stevens Institute of Technology, where he has instructed graduate and undergraduate students in the classroom since 1990. Amoroso is the founder of TAG Cyber LLC,[3] which develops cyber security industry advisory and research. In addition to serving as a Senior Advisor to the Johns Hopkins University Applied Physics Laboratory, he is also the author of several books on cyber security and computer science. Amoroso retired from AT&T, [4] as Senior Vice President and Chief Security Officer in 2016 after 31 years of service.
'''[https://engineering.nyu.edu/faculty/edward-amoroso Edward Amoroso]''' Edward Amoroso is an American expert in computer security based in the New York City area. Amoroso is a Distinguished Research Professor [1] at the New York University Tandon School of Engineering in the Computer Science and Engineering Department. He is also Adjunct Professor of Computer Science [2] at the Stevens Institute of Technology, where he has instructed graduate and undergraduate students in the classroom since 1990. Amoroso is the founder of TAG Cyber LLC,[3] which develops cyber security industry advisory and research. In addition to serving as a Senior Advisor to the Johns Hopkins University Applied Physics Laboratory, he is also the author of several books on cyber security and computer science. Amoroso retired from AT&T, [4] as Senior Vice President and Chief Security Officer in 2016 after 31 years of service.


==Early Life and Education==
(born February 27, 1977) is a computer scientist and cybersecurity expert whose data-security software is employed by a number of widely used open-source cloud computing projects.
Edward Amoroso was born in Neptune, New Jersey and attended the Christian Brothers Academy in Lincroft, New Jersey. After receiving the bachelor’s degree in physics in 1983 from Dickinson College in Carlisle, Pennsylvania, he attended the Stevens Institute of Technology in Hoboken, New Jersey, where he received the M.S. degree in computer science in 1986, and the PhD degree in computer science in 1991. Amoroso is also a 1999 graduate of the Columbia Senior Executive Program (CSEP) at the Columbia Business School. Amoroso joined Bell Laboratories in 1985, where he began his career in computer security, working on projects such as integrating security into Unix System V. Amoroso would later become the first Chief Security Officer for AT&T.


==Career==
Cappos is a professor in the department of Computer Science and Engineering at [[New York University Tandon School of Engineering]]. His research centers on systems, software update systems, security, and [[virtualization]], with a focus on real-world security problems, often in large open-source projects.<ref>{{cite web|url=http://doi.acm.org/10.1145/1455770.1455841|title=A Look in the Mirror: Attacks on Package Managers|first1=Justin|last1=Cappos|first2=Justin|last2=Samuel|first3=Scott|last3=Baker|first4=John H.|last4=Hartman|date=1 January 2008|publisher=ACM|pages=565–574|via=ACM Digital Library|doi=10.1145/1455770.1455841}}</ref><ref>{{cite web|url=http://ieeexplore.ieee.org/document/6798970/?arnumber=6798970&tag=1|title=BlurSense: Dynamic fine-grained access control for smartphone privacy|first1=J.|last1=Cappos|first2=L.|last2=Wang|first3=R.|last3=Weiss|first4=Y.|last4=Yang|first5=Y.|last5=Zhuang|date=1 February 2014|publisher=|pages=329–332|via=IEEE Xplore|doi=10.1109/SAS.2014.6798970}}</ref><ref>{{cite journal|url=https://www.usenix.org/conference/nsdi16/technical-sessions/presentation/kuppusamy|title=Diplomat: Using Delegations to Protect Community Repositories|first1=Trishank Karthik|last1=Kuppusamy|first2=Santiago|last2=Torres-Arias|first3=Vladimir|last3=Diaz|first4=Justin|last4=Cappos|date=1 January 2016|publisher=}}</ref>
Amoroso began his career in 1984 writing inertial measurement software for the Space Shuttle while at Singer-Kearfott in Wayne, New Jersey. In 1985, he joined AT&T Bell Laboratories, where he helped develop a secure version of the Unix operating system called System V/MLS, designed to meet the B1 Criteria in the Trusted Computer System Evaluation Criteria (TCSEC), also known as the Orange Book.


Amoroso used System V/MLS as basis for a denial of service model [5] which was included and referenced as the Amoroso Model in the Canadian Trusted Computer Product Evaluation Criteria in 1992. [6] He was also the first researcher to introduce the concept of attack trees [7], which are important in the quantification of risk for cyber threat analysis.
His Ph.D. dissertation in computer science at the University of Arizona was on the [http://www.thestorkproject.org Stork Project],<ref>{{cite journal|last1=Cappos|first1=Justin|title=Stork: Package Management for Distributed VM Environements|journal=Proceedings of the 21st Large Installation System Adminitration Conference (LISA '07)|date=November, 2007|page=79-94|url=https://www.usenix.org/legacy/event/lisa07/tech/full_papers/cappos/cappos_html/}}</ref> a software [[package manager]] he built with John H. Hartman, professor in the department of computer science.


During his career, Amoroso helped develop a new means for measuring trustworthy software development, [8] which was used as the basis for securing software development on the US Strategic Defense Initiative (SDI). He also pioneered concepts related to micro-segmentation with seminal papers that introduced the concept of “rings around things” [9] [10].
==Research and Projects==
While a post-doctoral researcher at the University of Washington in 2009, Cappos developed [https://en.wikipedia.org/wiki/Peer-to-peer peer-to-peer] computing platform [https://seattle.poly.edu/html/ Seattle],<ref>{{cite web|url=http://doi.acm.org/10.1145/1508865.1508905|title=Seattle: A Platform for Educational Cloud Computing|first1=Justin|last1=Cappos|first2=Ivan|last2=Beschastnikh|first3=Arvind|last3=Krishnamurthy|first4=Tom|last4=Anderson|date=1 January 2009|publisher=ACM|pages=111–115|via=ACM Digital Library|doi=10.1145/1508865.1508905}}</ref><ref>http://www.nsf.gov/awardsearch/showAward?AWD_ID=1205415</ref>which allows device-to-device connectivity in a decentralized network. For this and other research "Popular Science" in 2013 recognized Cappos as one of its "Brilliant 10" research scientists under 40.<ref>{{cite web|url=http://www.popsci.com/science/article/2013-09/justin-cappos|title=How Justin Cappos Created A New Way To Cloud Compute|publisher=}}</ref>


During his time at AT&T, Amoroso held a variety of research, development, engineering, management, and leadership roles in cyber security across AT&T, culminating in the Senior Vice President and Chief Security Officer (CSO) role in 2005. His advice and commentary on the cyber security industry is well-documented during that era in articles, interviews, talks, and videos. [11] [12] [13].
In 2010 he developed [https://theupdateframework.com The Update Framework (TUF)],<ref>http://www.nsf.gov/awardsearch/showAward?AWD_ID=1345049&HistoricalAwards=false</ref> a flexible security library designed to be added to software updaters to make them resilient to compromise.<ref>{{cite web|url=https://us.pycon.org/2016/schedule/presentation/2187/|title=Presentation: When the going gets tough, get TUF going - PyCon 2016 in Portland, OR|publisher=}}</ref><ref>http://www.linux-magazine.com/Issues/2014/160/Security-Lessons-TUF</ref>


Amoroso’s teaching career began as Adjunct Professor at the Stevens Institute of Technology in Hoboken, New Jersey, where he has been teaching introductory cyber security to graduate students in the Computer Science Department since 1990. Amoroso also spent time teaching computing security at Monmouth University in the 1990’s, documenting his course at an ACM conference in 1993. [14]
[https://www.docker.com Docker],<ref>{{cite web|url=https://blog.docker.com/2015/08/content-trust-docker-1-8/|title=Introducing Docker Content Trust - Docker Blog|date=12 August 2015|publisher=}}</ref> an [[open-source]] system for deploying Linux containers, integrated TUF in 2015 when it launched [https://blog.docker.com/2015/08/content-trust-docker-1-8/ Docker Content Trust].<ref>http://www.cioreview.com/news/docker-content-trust-protects-integrity-of-dockerized-content-nid-8372-cid-92.html</ref> Docker Content Trust is an implementation of Docker's [[Notary]] project, which is built on TUF<ref>http://thenewstack.io/docker-content-trust-can-run-containers-untrusted-networks/</ref>. Notary can both certify the validity of the sources of Docker images, and encrypt the contents of those images.<ref>http://www.zdnet.com/article/docker-1-8-adds-serious-container-security/</ref>


Amoroso accepted the position of Distinguished Research Professor at the NYU Tandon School of Engineering in the Center for Cyber Security (CCS) in Brooklyn, New York in 2017. [15] He also serves as a Senior Advisor to the Asymmetric Operations Group at the Johns Hopkins University Applied Physics Laboratory in Laurel, Maryland.
[https://flynn.io Flynn], an open-source [[platform as service]] (PaaS) for running applications in production<ref>http://www.infoworld.com/article/3101765/open-source-tools/open-source-flynn-takes-the-headaches-out-of-app-deployment.html</ref> employs TUF for secure distribution of its components.<ref>https://flynn.io/docs/security</ref><ref>{{cite web|url=https://github.com/flynn/go-tuf#install|title=flynn/go-tuf|publisher=}}</ref><ref>{{cite web|url=https://flynn.io/docs/development#the-update-framework-(tuf)|title=Development – Flynn|publisher=}}</ref>.


Amoroso’s founding role at TAG Cyber LLC includes publication of the Security Annual, which is freely available [16] for download to enterprise security experts. The material includes research on fifty cyber security controls as well as listings for thousands of commercial cyber security vendors.
In 2013, credit card processing company [https://squareup.com Square] began integrating TUF with the open-source file-server RubyGems in an effort to prevent a repeat of that year's hack<ref>http://venturebeat.com/2013/01/30/rubygems-org-hacked-interrupting-heroku-services-and-putting-millions-of-sites-using-rails-at-risk/</ref> of RubyGems.org, which interrupted the widely used [https://www.heroku.com Heroku] [[cloud application architecture]].<ref>{{cite web|url=https://medium.com/square-corner-blog/securing-rubygems-with-tuf-part-1-d374fdd05d85#.z0s8x1kqg|title=Applying The Update Framework (TUF) to RubyGems to secure it against nefarious activity.|first=Square|last=Engineering|date=6 December 2013|publisher=}}</ref><ref>{{cite web|url=https://www.youtube.com/watch?v=J0GkcToeDiM|title=Atlassian Dev Den Tech Talk Series: "Securing Rubygems with TUF"|first=|last=Atlassian|date=29 January 2014|publisher=|via=YouTube}}</ref>


Amoroso’s board-related appointments include one year as an Independent Director for M&T Bank, in Buffalo, New York, [17] several years as a Board Trustee at the Stevens Institute of Technology, and time spent on the National Security Agency (NSA) Advisory Board (NSAAB). He is holder of ten patents for inventions related to cyber security.
In 2014 Cappos developed PolyPasswordHasher, a password storage scheme that prevents efficient password cracking.<ref>http://www.securityweek.com/new-protection-scheme-makes-weak-passwords-virtually-uncrackable</ref><ref>https://blog.varonis.com/conversation-nyu-polys-professor-justin-cappos-data-security-lessons-tips-companies/</ref>


==Selected Publications==
==Selected Publications==
*
* [https://academic.microsoft.com/#/search?iq=%2540justin%2520cappos%2540&q=justin%20cappos&filters=&from=0&sort=0 List of Publications] from [[Microsoft Academic Search]]
*
* [https://scholar.google.com/citations?user=COE6KUgAAAAJ&hl=en&oi=ao Justin Cappos' Publications] indexed by [[Google Scholar]]


==References==
==References==
Line 73: Line 73:
* Varonis (6 January 2015) [https://blog.varonis.com/conversation-nyu-polys-professor-justin-cappos-data-security-lessons-tips-companies/ Interview With NYU-Poly’s Professor Justin Cappos: Security Lessons From Retail Breaches]
* Varonis (6 January 2015) [https://blog.varonis.com/conversation-nyu-polys-professor-justin-cappos-data-security-lessons-tips-companies/ Interview With NYU-Poly’s Professor Justin Cappos: Security Lessons From Retail Breaches]


{{DEFAULTSORT:Cappos, Justin}}
{{DEFAULTSORT:Amoroso, Edward}}
[[:Category:New York University]]
[[:Category:New York University]]
[[:Category:1977 births]]
[[:Category:1961 births]]
[[:Category:Living people]]
[[:Category:Living people]]

Revision as of 20:59, 12 December 2019

Edward Amoroso
File:Edward Amoroso.png
Born (1961-12-03) December 3, 1961 (age 62)
Brooklyn, New York
NationalityAmerican
Alma materColumbia University
Stevens Institute of Technology
Dickinson College
Known forComputer Science
Scientific career
FieldsComputer Science
InstitutionsTAG Cyber LLC
New York University
Stevens Institute of Technology
Johns Hopkins University Applied Physics Lab

Edward Amoroso Edward Amoroso is an American expert in computer security based in the New York City area. Amoroso is a Distinguished Research Professor [1] at the New York University Tandon School of Engineering in the Computer Science and Engineering Department. He is also Adjunct Professor of Computer Science [2] at the Stevens Institute of Technology, where he has instructed graduate and undergraduate students in the classroom since 1990. Amoroso is the founder of TAG Cyber LLC,[3] which develops cyber security industry advisory and research. In addition to serving as a Senior Advisor to the Johns Hopkins University Applied Physics Laboratory, he is also the author of several books on cyber security and computer science. Amoroso retired from AT&T, [4] as Senior Vice President and Chief Security Officer in 2016 after 31 years of service.

Early Life and Education

Edward Amoroso was born in Neptune, New Jersey and attended the Christian Brothers Academy in Lincroft, New Jersey. After receiving the bachelor’s degree in physics in 1983 from Dickinson College in Carlisle, Pennsylvania, he attended the Stevens Institute of Technology in Hoboken, New Jersey, where he received the M.S. degree in computer science in 1986, and the PhD degree in computer science in 1991. Amoroso is also a 1999 graduate of the Columbia Senior Executive Program (CSEP) at the Columbia Business School. Amoroso joined Bell Laboratories in 1985, where he began his career in computer security, working on projects such as integrating security into Unix System V. Amoroso would later become the first Chief Security Officer for AT&T.

Career

Amoroso began his career in 1984 writing inertial measurement software for the Space Shuttle while at Singer-Kearfott in Wayne, New Jersey. In 1985, he joined AT&T Bell Laboratories, where he helped develop a secure version of the Unix operating system called System V/MLS, designed to meet the B1 Criteria in the Trusted Computer System Evaluation Criteria (TCSEC), also known as the Orange Book.

Amoroso used System V/MLS as basis for a denial of service model [5] which was included and referenced as the Amoroso Model in the Canadian Trusted Computer Product Evaluation Criteria in 1992. [6] He was also the first researcher to introduce the concept of attack trees [7], which are important in the quantification of risk for cyber threat analysis.

During his career, Amoroso helped develop a new means for measuring trustworthy software development, [8] which was used as the basis for securing software development on the US Strategic Defense Initiative (SDI). He also pioneered concepts related to micro-segmentation with seminal papers that introduced the concept of “rings around things” [9] [10].

During his time at AT&T, Amoroso held a variety of research, development, engineering, management, and leadership roles in cyber security across AT&T, culminating in the Senior Vice President and Chief Security Officer (CSO) role in 2005. His advice and commentary on the cyber security industry is well-documented during that era in articles, interviews, talks, and videos. [11] [12] [13].

Amoroso’s teaching career began as Adjunct Professor at the Stevens Institute of Technology in Hoboken, New Jersey, where he has been teaching introductory cyber security to graduate students in the Computer Science Department since 1990. Amoroso also spent time teaching computing security at Monmouth University in the 1990’s, documenting his course at an ACM conference in 1993. [14]

Amoroso accepted the position of Distinguished Research Professor at the NYU Tandon School of Engineering in the Center for Cyber Security (CCS) in Brooklyn, New York in 2017. [15] He also serves as a Senior Advisor to the Asymmetric Operations Group at the Johns Hopkins University Applied Physics Laboratory in Laurel, Maryland.

Amoroso’s founding role at TAG Cyber LLC includes publication of the Security Annual, which is freely available [16] for download to enterprise security experts. The material includes research on fifty cyber security controls as well as listings for thousands of commercial cyber security vendors.

Amoroso’s board-related appointments include one year as an Independent Director for M&T Bank, in Buffalo, New York, [17] several years as a Board Trustee at the Stevens Institute of Technology, and time spent on the National Security Agency (NSA) Advisory Board (NSAAB). He is holder of ten patents for inventions related to cyber security.

Selected Publications

References


Media Citations and Commentary


Category:New York University Category:1961 births Category:Living people

Retrieved from "https://en.wikipedia.org/w/index.php?title=User:Kgberg/sandbox&oldid=930488293"