Security - overview

Security has been a focus for IBM Research since the early days when we built the first commercially available crypto system, developed anti-virus scanning and used hardware to make more secure systems.

Security researchers recognize that it is no longer sufficient to safeguard trusted IT systems against malware from a single point of attack. Nor is it realistic to prevent connections between the untrusted outside world and the trusted company domain. IBM's security and privacy computer scientists must address these and many other factors.

At IBM Research-Tokyo, for example, world-class cryptographers, networking and operating system gurus and skilled middleware and application security & privacy experts are promoting data security technologies in the area of log management and analysis, data security & privacy and smarter mobility security.

At IBM Research-Zurich, researchers concentrate on many aspects of information security including, secure identity cards and ID systems; data storage security; identity governance, security policies and cloud computing security

IBM has a long history of helping clients address the challenges of securing their people, data, applications and infrastructure. In the 1960s, IBM chairman Thomas J. Watson, Jr. set up a cryptography research group in the Yorktown Heights, NY, laboratory. The group created an encryption method named Lucifer to protect the data for a cash-dispensing system that IBM had developed for Lloyds Bank in the United Kingdom. In 1971, Lloyds Bank bought the code, and IBM worked to turn Lucifer into a commercial product.

More recently, IBM researchers are using big data technique to uncover security problems.


  1. 1972:  DES - Data Encryption Standard
  2. 1976:  Penetrating an Operating System: Seminal Paper on Hacking
  3. 1977:  Universal Hash Functions and Application to Cryptography
  4. 1984:  Quantum Cryptography
  5. 1985:  Use of Elliptic Curves in Cryptography
  6. 1987:  ABYSS - Trusted Architecture for Software Protection
  7. 1991:  Computer Virus Epidemiology
  8. 1993:  First Fully Automated Anti-Virus System
  9. 1996:  HMAC - Keying Hash Functions for Message Authentication
  10. 1997:  Public-Key Cryptosystem with Worst-Case/Average-Case Equivalence (early use of Lattices for Crypto)
  11. 1999:  Postfix - Secure, Scalable Replacment for Sendmail
  12. 1999:  Javacard and Its Deployment in Millions of Credit Cards and Other Devices
  13. 2001:  IPSec/Internet Key Exchange Protocols
  14. 2006:  SecureBlue - Secure CPU Technology
  15. 2007:  Detecting Trojan Circuits in Chips via Side-Channel Analysis
  16. 2009:  Homomorphic Encryption

Image credit: IBM | LinkedIn