Curriculum Vitae Derek Atkins ---------------------------------------------------------------------------- Career Overview Derek Atkins has been active in the Internet and security communities since 1989, as a student, researcher, software engineer, systems architect, and consultant. Since 1994 he has specialized in architecting, designing, developing, and deploying network and systems security applications. Mr. Atkins currently serves as President of IHTFP Consulting, Inc., a Boston based consulting firm he founded in 2001 to provide expert services in Internet and computer system security. In this capacity Mr. Atkins has implemented all aspects of network infrastructure and security for his clients, including firewall systems, global email systems, World Wide Web infrastructure, and cryptographic network and email security systems (including Pretty Good Privacy). In this role he has provided expert advice analyzing security protocols, designing and implementing secure systems in numerous programming languages, and performing post-mortem assessments of security system failures. Publications authored by Mr. Atkins include "The Magic Words are Squeamish Ossifrage" in AsiaCrypt '94, "Scaling the Web of Trust: Combining Kerberos and PGP to Provide Large Scale Authentication" published at Usenix 1995, "Media Bank: Access and Access Control" published in 1995 by the MIT Media Lab. Mr. Atkins is also the creator of US Patents 6,374,402, "Method and apparatus for installation abstraction in a secure content delivery system" (April 16, 2002) and 6,763,370, "Method and apparatus for content protection in a secure content delivery system" (July 13, 2004). Mr. Atkins is extremely active in the Internet Engineering Task Force (IETF), the Internet standardization body. As a member of the IETF, Mr. Atkins was instrumental in the design and standardization of several major Internet protocols, including the OpenPGP and Instant Messaging protocols. Mr. Atkins currently serves as chairman of the Kerberized Internet Negotiation of Keys Working Group, the Instant Messaging and Presence Protocol Working Group, and the OpenPGP working group. He also serves on the IETF's Security Directorate and formerly served on the IETF's Domain Name System Directorate in the role of security guru. Previously Mr. Atkins was a member of the PacketCable Security focus group of CableLabs, standardizing security measures to protect Voice over IP systems designed for cable systems. All cable operators will only buy VoIP products that meet the standards from this focus group. Mr. Atkins frequently speaks in public and regularly gives presentations and tutorials on the subject of systems and network security, cryptography, PGP, and Internet protocols. ---------------------------------------------------------------------------- Brief Employment History 2001 to Present -- President, IHTFP Consulting. Founded and managed Boston based consulting firm specializing in Internet and systems security practices, especially focusing on auditing, architecting, and designing secure applications, infrastructure, and distributed systems. 1998-2001 -- Telcordia Technologies (formerly Bellcore). A Senior Scientist in the Network Security Research Group studying numerous methods and protocols for Internet Security based on IPsec, DNSSec, Kerberos, RPC, etc. Examined practical methods to protect network systems such as Voice over IP, Enterprise, and Internet Infrastructures. 1997-1998 -- Arepa, Inc (now Into Networks). A co-founder and Chief Technology Officer, architected, designed, and implemented a Digital Rights Management system for real-time software distribution and click-to-run access from a distributed, secure network infrastructure. 1995-1997 -- Sun Microsystems. Designed and implemented security systems and applications including Security Dynamic DNS Update, GSSAPI, GSS_RPC, and Pretty Good Privacy 3.0/5.0. 1989-1995 -- Massachusetts Institute of Technology. Researched the application, implementation, and limitations of various security systems including Kerberos, PGP, and Digital Rights Management systems. Discovered the limitations of RSA by leading the RSA-129 factoring effort in 1993-1994. Joined the PGP development team, eventually becoming the lead engineer. ----------------------------------------------------------------------------