Joshua Guttman and John Ramsdell have long been involved in applying
rigorous techniques to compiler correctness and information security.
In the early 1990s, they collaborated together with Wand, Swarup, and
Oliva on the Vlisp project; it was the first comprehensive
verification of the design of a Scheme compiler and run-time
environment, or indeed any programming language in actual use. More
recently, they have worked on analyzing the information flows
permitted by SELinux policies. This has led to methods for analyzing
existing policies and generating policies covering new applications.
Their paper on the SELinux Analysis Tools (SLAT) will appear in the
Journal of Computer Security early in 2005.
Dr. Guttman heads MITRE's research program in Information Assurance,
and publishes frequently on rigorous security management,
cryptographic protocol analysis, and trust management. He holds
degrees from the University of Chicago and Princeton University.
Dr. Ramsdell works on security for computer-based collaboration
programs and their underlying protocols as well as operating system
security and cryptographic protocols and their applications. He holds
degrees from Harvard University and Cornell University.