Steven M. Bellovin
smb @cs.columbia.edu
(larger picture of smb)

I'm a professor in the Computer Science department at Columbia University. I joined the faculty here after many years at AT&T  Labs Research in Florham Park, New Jersey. I do research on networks, security and why the two don't get along.

In 2001, I was elected to the National Academy of Engineering. I was awarded the 2007 NIST/NSA National Computer Systems Security Award.

I'm the co-author, with Bill Cheswick, of the book Firewalls and Internet Security: Repelling the Wily Hacker. The second edition, with Aviel D. Rubin as an additional author, is now out.

I earned a B.A. from Columbia University; following that, I wandered south and managed an M.S. and Ph.D. in computer science from the University of North Carolina at Chapel Hill.

While a graduate student, I helped create USENET. For this, the statute of limitations having expired, I and two others perpetrators (Tom Truscott and Jim Ellis) were awarded the 1995 Usenix Lifetime Achievement Award, known, appropriately enough, as "The Flame". The Usenix Lifetime Achievement Award recognizes and celebrates singular contributions to the Unix community in both intellectual achievement and service. USENET was an experiment started in 1979 to create an electronic bulletin board to facilitate the posting and reading of news messages and notices. Today it has more than 10,000 discussion groups, known as newsgroups, on a wide variety of subjects, tens of thousands of USENET sites, and many millions of participants.

I've been very active in the IETF, especially the Security Area.  I was a member of the Internet Architecture Board from 1996-2002; I was Security Area co-director, and hence a member of the Internet Engineering Steering Group (IESG) from 2002-2004.

I'm the co-chair of the 2008 Applied Cryptography and Network Security conference.

I have been a member of the Science and Technology Advisory Committee of the Department of Homeland Security since 2005. I am also a member of the Technical Guidelines Development Committee of the Election Assistance Commission. Starting in September 2012 I will be Chief Technologist of the Federal Trade Commission.

I spend a lot of my time writing papers (electrons?). Most of them are available electronically. You can find a few of my talks, too. In real life, I enjoy trains , making sawdust , and spending time with my family. But a persistent sense of unreality sometimes intervenes....

Worried about people reading your mail? That's not an unreasonable fear...  See some notes I've written on what you should -- and shouldn't -- do about it.

I served on a National Research Council committee on Information System Trustworthiness. The final report is online, if you're interested. I was also a member of a study committee on Authentication Technologies and Their Privacy Implications. We released an interim report on nationwide identity systems. Most recently, I was a member of a study committee on Improving Cybersecurity Research in the United States. I'm a member of the the Academies' Computer Science and Telecommunications Board.

I've become very interested in nuclear weapons command and control. Apart from the relevance of the subject to the history of public key cryptography, I've done a fair amount of research on how permissive action links -- the cryptographic unlocking mechanisms for nuclear weapons -- work.

Sometimes, bureaucracy can be simultaneously cool and preposterous. (Yes, the document is genuine.)

To reach me, it's best to send email to me at the address given at the top of the page. For other contact mechanisms, see my university directory page.  If it's Secret Stuff for me, you can find my PGP key here. (That's a new key; the old one, which was used to sign the new one, is here.)

I'm an informal sort of guy, but if you want, you can find my formal bio here, as well as my CV here.

Updated 03 Aug 12