Roger Needham, Computer Security Expert, Dies at 68

[InfoSec News <isn () c4i org>]

http://www.nytimes.com/2003/03/06/obituaries/06NEED.html

By STEVE LOHR
March 6, 2003  

Roger M. Needham, a leading computer scientist who did pioneering work
on security software, led Cambridge University's computer science
laboratory for 15 years and started Microsoft's first overseas
research lab, died Friday at his home in Coton, England. He was 68.

The cause was cancer, said Maurice Wilkes, a friend and colleague.

In a career that spanned more than four decades, Mr. Needham made
contributions to a range of computing disciplines, including systems
design, operating systems and networking. Still, his most enduring
research was done in computer security.

In 1967, he devised a method for encrypting password files in a secure
way. In 1978, Mr. Needham in collaboration with another computer
scientist, Michael Schroeder, published his research for identifying
users by exchanging data, usually in passwords, in computer systems
with many users. The technology, widely known in computer security, is
called the Needham-Schroeder protocol for authentication.

Anyone sitting at a personal computer today, typing a password into a
corporate network or a Web site, is probably using security software
that makes use of Mr. Needham's inventions.

"When you sign on with a password, the technology you are using owes a
debt to the work that Roger did, dating back to the 1960's," said
Richard Rashid, a computer scientist and senior vice president for
research at Microsoft. "That's how powerful his ideas have been."

Mr. Needham came to computer security as a byproduct of working on
systems and early high-speed local networks like the Cambridge Ring
and Fast Ring projects with university colleagues, including Mr.  
Wilkes, David Wheeler and Andrew Hopper. The Cambridge Ring projects
were research forerunners of today's commercial networks like
automated teller machine networks.

It was thinking about a system for allowing many people to gain access
to a network that prompted Mr. Needham to address the problems of
security, identity and authentication. "Roger Needham was one of the
first people to recognize that computer security was important," said
Matt Blaze, a computer security expert at AT&T Labs.

Indeed, despite his contributions to computing theory, Mr. Needham
always thought of himself mostly as an engineer, trying to solve one
practical problem after another. Colleagues say he did not care much
for the term computer scientist, regarding it as a bit of a misnomer.

"I think the whole of computer science is engineering," Mr. Needham
said two years ago. "Not everyone agrees with me, of course."

Cambridge was known for its pragmatic approach to computing long
before Mr. Needham arrived in the early 1960's. Under Mr. Wilkes, the
Cambridge lab is widely credited with getting the first working
stored-program computer, the Edsac, up and running. In 1951, Mr.  
Wilkes, Mr. Wheeler and Stanley Gill, wrote the first textbook for
computer programming, "The Preparation of Programs for an Electronic
Digital Computer."

Mr. Needham, who became a researcher at the Cambridge lab in 1963 and
succeeded Mr. Wilkes as director in 1980, carried on and reinforced
the emphasis on practical work. He would always tell his graduate
students to do research that really mattered. "Good research is done
with a shovel, not with tweezers," Mr. Needham once said. "You should
find an area where you can get a lot out of it fast."

His message was delivered to his students through constant contact. He
was a scholar who roamed the lab, former students say, instead of
working from an office. He ate lunch with the students most days. He
paced as he talked during his impromptu tutorials, which frequently
continued during evenings over a pint of beer at the Eagle Tavern.

"Once he got started talking to you he couldn't help himself and he
couldn't sit down," said Bjarne Stroustrup, who went on to Bell Labs
and created the C++ computer language, one of the most popular
programming tools in use today. "And Roger Needham certainly
reinforced my practical bent, that what you should do is work on ideas
for making things better."

At a gathering for Mr. Needham last month, a couple of dozen leading
computer scientists delivered papers in Cambridge as a tribute to
their colleague. Frail and in a wheelchair, Mr. Needham put a
workman's hardhat on his head, saying that he was very much a
practical engineer, to the end. "It was quite effective," Mr. Wilkes
said.

Born on Feb. 9, 1935, Mr. Needham grew up in Doncaster in northern
England, the son of an engineer who designed coal-making machinery.  
Mr. Needham won a scholarship to Cambridge, where he received his
Ph.D. in 1961. In 1958, he married Karen Sparck Jones, another
graduate student at Cambridge. While working on their Ph.D. theses,
the couple built the house they lived in for the next 40 years. Ms.  
Sparck Jones, a Cambridge professor, survives her husband.

Around Cambridge, Mr. Needham was known for his unassuming ways - his
means of transport was a battered old bicycle - and his left-wing
politics, having been a Labor Party district councilor for 15 years.

His socialist sympathies certainly made no difference to Microsoft, a
paragon of capitalism, when it recruited him to set up a corporate
research lab in Cambridge, which opened in 1997. For his part, Mr.  
Needham saw the job as another way to encourage the kind of pragmatic
computing research he preferred.

"If there wasn't an industry concerned with making and using computers
the subject wouldn't exist," he explained. "It's not like physics —
physics was made by God, but computer science was made by man. It's
there because the industry's there."



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.