About the Authors

This book benefits from the contributions of numerous experts in Solaris security technologies. Below are brief biographies of each of the contributing authors.

Glenn Brunette is a Distinguished Engineer, Global Systems Engineering Director, and Chief Security Architect at Sun Microsystems, where he leads a global team focused on information security and assurance. Glenn is the founder of Sun’s Systemic Security approach; an OpenSolaris Security Community Leader; the co-founder of the Solaris Security Toolkit software; and a frequent author, contributor, and speaker at both Sun and industry events. Externally, Glenn has served in leadership positions at the National Cyber Security Partnership, the Enterprise Grid Alliance, and the Center for Internet Security.

Hai-May Chao is a Staff Engineer at Sun Microsystems in the Solaris Security Technologies group. For the past six years, she has been participating in the design and development of the cryptographic framework and key management framework for the Solaris OS. Hai-May started at Sun in the Trusted Solaris group, developing security features for Trusted Solaris software and the Solaris Management Console. Before joining Sun, Hai-May was a firmware developer at Amdahl, working on IBM-compatible features such as the Multiple Domain Facility (MDF).

Martin Englund is a Principal Security Engineer in the Web Engineering organization at Sun Microsystems. He has over sixteen years of experience in data and network security. Web Engineering itself operates the majority of Sun’s external Web presence to the Internet and operationally comes under hourly attack. Martin is responsible for the operational security of over 500 Solaris systems that collectively provide the platform for Sun’s external Web presence. Prior to this role, Martin worked in Java Security Engineering and the Sun IT Security Office, where he was responsible for creating the standards and tools used by Sun IT to secure its servers. He has also authored numerous technical papers on security, including Sun Blueprints. Before joining Sun, Martin completed studies in Computer Science and Mathematics and worked as a research engineer at the University of Umeå in Sweden.

Glenn Faden is a Distinguished Engineer in the Solaris Security Technologies group and has worked at Sun for nineteen years. He is currently the architect for Solaris Trusted Extensions and was one of the architects for the Trusted Solaris OS and role-based access control (RBAC). He designed Sun’s multilevel desktops based on Open Look, CDE, and GNOME and holds a patent for the underlying X11 security policy. Glenn has made extensive contributions to the Solaris security foundation, including access control lists, auditing, device allocation, and OS virtualization. He also developed the RBAC and process rights management tools for the Solaris Management Console. He has authored several articles for Sun’s Blueprints Web site and the Solaris Developer Connection. Glenn previously worked for Qubix, OmniCad, and Gould Computer Systems in Desktop Publishing and OS development. He has a Master of Science in Computer Science from the Florida Institute of Technology.

Mark Fenwick is a Developer in the Solaris Security Technologies group. His current focus is IPsec and IKE. With over two decades of hardware and UNIX software experience, he has extensive knowledge of firewalls, VPN technology, encryption, and networking protocols. Mark has taught technical classes and presented technical papers to Sun support staff and customers. He closely follows key Sun technologies such as ZFS, Sun Ray, and OpenSolaris, both at work and in his UNIX-only home. In his spare time, he enjoys riding one of his many bicycles and cooking.

Valerie Anne Fenwick is a Staff Engineer at Sun Microsystems with over a decade of experience in computer security. She helped to design and develop the cryptographic framework for the Solaris OS. In addition, she chaired the team responsible for code revisions to the Operating System and Networking consolidation for OpenSolaris. Valerie has a Bachelor of Science in Computer Science from Purdue University. In her spare time, she enjoys performing at community theaters, riding her bike, and skiing.

Wyllys Ingersoll is a Senior Staff Engineer at Sun Microsystems in the Solaris Security Technologies group. He has been working in the UNIX security field for thirteen years. Since 2000, he has worked on many of the security features in the Solaris OS: Kerberos, the cryptographic framework, and the key management framework, to name a few. Prior to working at Sun, he developed application firewall software for MCI Worldcom and AOL. He received a Master of Science in Computer Science from Virginia Tech in 1996 and a Bachelor of Science in Computer Engineering from Lehigh University in 1988. He lives and works from his home in northern Virginia today.

Wolfgang Ley received his diploma in computer science at the German Technical University of Clausthal-Zellerfeld. From 1994 to 1999, he worked at the DFN-CERT (German Computer Emergency Response Team) to build up this new service. During that time, he was also active in the Forum of Incident Response and Security Teams (FIRST). He then joined Sun Microsystems, working as Backend Support Engineer and is dealing with network, security, and kernel internals such as crashdump analysis.

Darren Moffat is a Senior Staff Engineer at Sun Microsystems in the Solaris Security Technologies group. Darren is the architect for the Solaris cryptographic framework and Solaris encrypted storage projects. He is also involved in various other OpenSolaris security-related technologies and features. He is an OpenSolaris Security Community leader. Before joining Solaris engineering, Darren worked in SunServices supporting the Trusted Solaris OS, NFS, name services, and Kerberos. Before joining Sun, Darren worked as an analyst/programmer for the UK Ministry of Defence. He is a graduate of the Computing Science Department of Glasgow University.

Pravas Kumar Panda received his engineering degree from Biju Patnayak University of Technology in Orissa, India, in 2003 and joined Sun Microsystems soon after that. He has been working on security technologies for the past three years. During this time, he has focused on Kerberos, SSH, PAM, and packet capturing. He has delivered talks on OpenSolaris, secure programing, and security technologies at various universities in India. Pravas enjoys playing the keyboard. He lives in Bangalore with his wife Bobby and their young daughter Avishi.

Jan Pechanec works at Sun Microsystems in the Solaris Security Technologies group. At the moment, he works mostly with technologies around the SSH protocol and the PKCS #11 standard. He graduated in 2001 from the Faculty of Mathematics and Physics at Charles University in Prague, where he majored in operating systems and computer networks. For the last few years, he has also been working at Charles University, lecturing on UNIX and UNIX C programming.

Mark Phalan works at the Prague office of Sun Microsystems for the Solaris Security Technologies group. He works on Kerberos-related technologies for the Solaris OS and for OpenSolaris. He graduated in 2003 from the Computer Science department of Trinity College Dublin with a BA(Mod) in Computer Science.

Scott Rotondo is a Principal Engineer at Sun Microsystems who works as a security architect for the Solaris operating system. He also serves as President of the Trusted Computing Group (TCG), an industry consortium that defines open standards for hardware-enabled trusted computing. In addition to his work on other security features, Scott leads Sun’s development effort to support TCG technologies in Solaris. Scott has over twenty years of technical and management experience in UNIX operating system development. For more than a decade, his focus has been on security issues and features in the Solaris operating system.

Christoph Schuba studied mathematics and management information systems at the Universität Heidelberg and at the Universität Mannheim in Germany. As a Fulbright scholar, he earned his Master of Science and Doctor of Philosophy degrees in Computer Science from Purdue University in 1993 and 1997, respectively, performing most of his dissertation research in the Computer Science Laboratory at the Xerox Palo Alto Research Center (PARC). Christoph has taught undergraduate and graduate courses in computer and network security, cryptography, operating systems, and distributed systems at San Jose State University, USA; at the Universtität Heidelberg, Germany; at the International University in Bruchsal, Germany; and at Linkopings universitet in Linköping, Sweden, where he held the chair in information security. Since 1997, Christoph has been working at Sun Labs and most recently in the Solaris Software Security Organization at Sun Microsystems, Inc. He holds 13 patents and is author and co-author of numerous scientific articles in computer and network security.

Sharon Read Veach is a Technical Writer at Sun. She specializes in documenting inherent security features of the Solaris OS, such as auditing, cryptography, and IPsec. As part of a team of writers, she worked on the Trusted Solaris OS, the predecessor to the Trusted Extensions software in the Solaris 10 release.

Darren Reed is a Senior Systems Engineer in the Solaris Networking group. He is the principal engineer for IPfilter in Solaris.

Joep Vesseur is a Staff Engineer working for the Solaris Security Technologies group. His main focus areas are PAM, secure programming practices, and OS and network security in general. He has co-authored Solaris 9 and Solaris 10 Security exams, several Sun Blueprints, and he is a leader of the Dutch OpenSolaris User Group. His background is in digital forensic science and high-performance computing.

Paul Wernau is a member of the Solaris Security Technologies group. He started his career in Sun Microsystems doing technical support over the phone for enterprise customers, specializing in networking, firewalls, encrypting gateways, and VPNs. Now an IPsec developer, he tries to remember to focus on observability and meaningful error messages, keeping in mind his experience with debugging problems with system administrators.