Bio: Bennet Yee joined the UCSD faculty in 1996, after one year as a cryptographer and software design engineer at Microsoft. He received his Ph.D. in Computer Science from Carnegie Mellon University in 1994. While working on his thesis, Yee also worked with the Secure Coprocessor group at IBM Research. He won an NSF CAREER Award in 1998, and was an inaugural recipient of faculty development awards from National Semiconductor in 1996. He has been the chair or program committee member for various international conferences, including NDSS 2001 (February 2001) and the Fifth ACM Conference on Computer and Communications Security (November 1998). At UCSD, he is part of the Systems Security Group within the CSE department. He recently was awarded $1 million over five years from the Office of Naval Research for a project on 'Understanding Mobile Code and Secure Execution Environments.'
Research: In the computer-security arena, Professor Yee works in electronic commerce, intellectual property protection, electronic payment protocols, secure hardware engineering, and mobile code security. Mobile code is attractive for distributed systems because it can help hide communications latency and mask transient faults or loss of connectivity. A mobile code system, however, is also a new source of security weaknesses: a malicious or compromised mobile code execution engine can easily cause mobile code to generate invalid results. Yee's solution: a combination of physical security, cryptography, and trust management to allow users of those systems to remotely run their agent code securely. Yee is also an authority on cryptography and its application to operating system security. His research has explored the practical limitations of cryptographic techniques, and he is an expert on authentication, encryption, key distribution, as well as integrity and privacy of computation. In his research, Yee has examined how the ability to compute securely with the cryptographic keys may be grounded in distributed systems by using a secure coprocessor, adding physically secure hardware (tamper-detecting and responding) to conventional computing systems.