Stephen Whitlock, Chief Security Architect for The Boeing Company, is an internationally recognized specialist in the field of information security. His background includes the development of tools for testing system and network security. He has also written numerous papers and presented information on cryptography, UNIX systems, and network security to a wide variety of audiences.

Whitlock developed an encryption strategy for large, multi-platform enterprise environments, which was presented to the U.S. Office of Science and Technology Policy, the National Security Council, and the FBI.

He has authored numerous articles on information security and has been instrumental in the development of technical standards relating to computing security technologies.

Whitlock has been an active participant in the security activities of the Internet Engineering Task Force, Key Recovery Alliance, Jericho Forum, and The Open Group. As the chair of the Open Group's Security and Electronic Commerce Program Group, he led the development of several standards, including the Common Data Security Architecture, and Advanced Authorization API. He is currently the Vice-Chair of the Open Group Security Forum and a member of the Board of Management of the Jericho Forum.

Presentation

Gemini Dream: Can the Twins Save Our Data?
In his keynote presentation in our Budapest Conference (Oct 2007), Steve gave his vision of future infrastructure security services, and their information-centric nature for access control. He also summarized his vision of the future direction for access control in what he called "Whitlock’s Laws for Access", namely access that is policy-driven, automated, dis-intermediated, standardized, and integrated. In this presentation, Steve will give an update on his "Laws for Access", with a focus on the dual need for rights management standards and information metadata/tagging standards that Policy Decision Points could use to control information access.

return to program