About Lance Hoffman

Resume (pdf)

Selected Articles and Papers

· (with Kim Lawson and Jeremy Blum), “Trust Beyond Security: An Expanded Trust Model”, Communications of the ACM 49, 7 (July 2006), pp. 94–101.

· (with Tim Rosenberg) "Taking Networks on the Road: Portable Solutions for Security Educators," IEEE Security & Privacy, Jan.-Feb. 2006, pp. 64-67.

· (with Cynthia Cicalese, Janine DeWitt, and Timothy Rosenberg) “An Integrated Approach to Computer Security Instruction Using Case Study Modules and a Portable Network Laboratory”, Proc. 4th World Information Security Education Conference, Moscow, May 2005.

· (with Ronald Dodge, Timothy Rosenberg, and Dan Ragsdale) “Exploring a National Cyber Security Exercise for Universities”, IEEE Security & Privacy, vol. 3, No.5, Sept.-Oct. 2005, pp. 27-33.

· (with Lorrie Cranor), “Internet Voting for Public Officials: Introduction”, Communications of the ACM, 44, 1 (January 2001), pp. 69-71.

· (with Rachna Dhamija and Rachelle Heller) "Teaching E-Commerce to a Multidisciplinary Class: Lessons Learned", Communications of the ACM 42, 9 (September 1999), pp. 50-55.

· “Data Security and Privacy in Health Information Systems”, Topics in Emergency Medicine 17, 4 (December 1995), pp. 24-26

· (with P. C. Clark) "BITS: A Smartcard Protected Operating System", Communications of the ACM 37, 11 (November 1994), pp. 66-94.

· (with F. Ali, S. Heckler, and A. Huybrechts) "Cryptography Policy", Communications of the ACM 37, 9 (September 1994), pp. 109-117.

· "Clipping Clipper", Communications of the ACM 36, 9 (September 1993).

· (with J. Fitch) "A Shortest Path Network Security Model", Computers and Security 12, 2 (March 1993), Elsevier, Oxford, U.K., pp. 169-189

· (with P. C. Clark) "Imminent Policy Considerations in the Design and Management of National and International Computer Networks", IEEE Communications Magazine, Vol. 29, No. 2, (February 1991), pp. 68-74.

· (with W. F. Miller) "Getting a Personal Dossier from a Statistical Data Bank", Datamation, May 1970.

· "Computers and Privacy: A Survey", Computing Surveys, Vol. 1, No. 2 (June 1969), pp. 85-103.

Consulting Clients

U. S. Navy: Developed and presented turnkey offsite courses and workshops on information policy and on electronic commerce.

· U.S. Internal Revenue Service: Privacy implications of new system design.

· U. S. Army. Advice on computer virus characteristics and implications.

· U.S. Secret Service: Hands-on training and development of models specific to participant needs for expert systems and risk analysis.

· U. S. Congress’ Office of Technology Assessment: Security and privacy considerations for a national research and education network.

· U.S. Social Security Administration: Convened and managed a task force of lawyers, auditors, and computer specialists on privacy and security.

· U.S. National Institute of Standards and Technology (NIST): Technology analysis for federal risk assessment standards.

· U.S. Federal Trade Commission: Consultant to an investigatory team.

· U. S. Treasury: Expert panel on computer system security.

· SEARCH Group: Developed audit procedures for criminal justice

· Riptech: Member of Technical Advisory Board.

· International Technology Consultants: Expert technical and strategic advice on worldwide encryption market study.

· Principal Financial Group: Security and privacy awareness training for IT staff members.

· Bankers Roundtable: Consultant on strategic security planning.

· IBM Internet Emergency Response Service: Strategic planning.

· American Association of University Women: Evaluation of computer system security.

· Equifax: Made recommendations on strategic planning, required elements of secure e-commerce, and external support related to the Internet

· Software Productivity Consortium: Produced a white paper on encryption policy.

· CyberCash: Produced a white paper and presentations on privacy issues related to cyberpayments; developed a privacy code.

· CyberMark: Analysis of legislative, regulatory, and technical aspects of computer systems privacy and security related to planned product offerings.

· Software Publishers Association: Produced a study of foreign and domestic availability of cryptography; gave strategic advice regarding lobbying

· Major California Bank: Analyzed privacy problems and recommended appropriate confidentiality and security measures.

· Ernst and Whinney: Made technical recommendations on generalized risk analysis and on contingency planning.

Expert Witness Activities

Consultant in computer-related theft case for the Public Defender Service for the District of Columbia.

· Expert witness for the law firm of Brown & Bain.

· Consultant in intellectual property cases for law firms in California, Washington, and Massachusetts.

· Expert witness in a software intellectual property case for a California law firm.

· Consultant to the Wilson Sonsini law firm in an intellectual property case related to computer software.

· Consultant to a D.C. law firm in a cryptography matter.

· Expert witness in computer fraud case for a Washington law firm.

· Expert witness in computer risk analysis intellectual property case for a Washington law firm.

· Testified several times before the U.S. Congress on computer security and privacy matters.

Media Experience

· Television appearances on Nightline, CBS News, Fox Morning News, CNN, CNBC, and others.

· Radio appearances on ABC Radio, KQED, and numerous local radio shows.

· Quoted in articles in The New York Times, Washington Post, Los Angeles Times, National Journal, Associated Press, Scientific American, Scientist, Omni, Popular Science, and many other publications.

Page updated

Google Sites

Report abuse