Mez's Home Page
Mez Vita
Mez Vita

Mary Ellen Zurko


Specializing in the cusp of research and development; research with practical impact, or "version 0" development. Over two decades of work in user-centered security, in research, early product prototyping, and product development. Experience across the entire lifecycle of software products, from technology transfer, to initial product definition and delivery, to mature product maintenance.


IBM Software Group, Littleton, MA

Security Architecture for LotusLive Cloud Offerings

January 2007 to present

Security architect for LotusLive brand of Software as a Service collaboration offerings. Defined and delivered security features, value proposition and test approach in file sharing, social networking, instant messaging, emeetings and other collaboration services and their infrastructure. Worked with components entirely developed within the team, integrated from other parts of IBM, and components from acquisitions. Led engineers in design and implemention of security features, protocols, integration, and deployment. Created security quality processes and goals. Engaged in customer presentations and discussions. Set direction and plans for security features based on customer, market, and business needs. Drove security partner relations. Authored whitepapers on LotusLive security. Set priorities and trade offs around security requirements. Addressed potential vulnerabilities, including Web 2.0 and social networking vulnerabilities, phishing, and spam. Created and led community of cross cutting security experts that functions as decision making body. Outstanding Technical Achievement Award for Security Leadership for LotusLive.


Innovation leader through patent invention and direction. Master Inventor (recognizing mentorship, engagement in the Intellectual Property process, and patenting). Lead of Security Patent Review Board for IBM Software Group, determining direction of patent inventions from North America. Four patents issued. 31 patent applications filed over 9 years.


Security Architecture and Strategy for Workplace, Portal and Collaboration Software (WPLC, aka Lotus) division
September 2004 to December 2007

Security strategy definition and execution as part of the WPLC CTO office. Special projects on user-centered security, antispam, content protection, digital rights management, code security in Java/Eclipse, data leak prevention, security as a system quality and software as a service. Experience working with partner companies and all internal stake holders of software products, including business development, product management, acquisition teams, sales, support and services. Successful technology transfer of security research into product. Defined security architecture and plans for Connections 2.0, IBM's social networking product. Introduced vulnerability discovery and tracking processes to Workplace, Connections, and other IBM products.

WPLC Patent Innovation Architect and Brand Lead, and Patent Review Board Chair. Operational responsibility for the processing of over 1/5 of IBM SWG North America patent disclosures, with strategic oversight of over 1/2. Cooperation with intellectual property lawyers internationally. Approximately 12 patent applications filed. Awards for patent disclosure quality, Master Inventor, and lead of WPLC Master Inventor selection team. Defined patent strategy Led team identifying top issued patents from WPLC.

Extensive mentoring across geographies and diversity categories.

Workplace products Security Architect
October 2001 to September 2004

Lead Security Architect for all of Lotus Workplace Collaboration Services and Workplace Managed Client. Defined security goals, requirements, and architecture of Lotus Workplace Messaging v1.0, Lotus Workplace v1.1, Lotus Workplace v2.0 and IBM Lotus Managed Client and Workplace 2.5 products, including the areas of authentication, network protection, authorization, active content, encryption, anti-spam. Team lead of Workplace Infrastructure Security team (11 members, spanning US and India). Security architect responsibilities spanned entire development team. Founder and Chair of Lotus Security Working Group. Lotus representative on many corporate security and privacy task forces. Responsible for selecting Lotus funded security and privacy research and technology transfer of the results. Steering committee of IBM Massachusetts Women’s diversity organization and co-chair of survey subgroup.

Iris Associates, Westford, MA
Security Architect
June 1998 to October 2001

Security team lead responsible for iNotes Web Access. Defined, designed and implemented active content filter for malicious mail dynamic content. Architected and led design of support of encrypted mail. Security Group team member responsible for active content security for client agents (Workstation Execution Control Lists) and authorization (ACLs) in Lotus Notes/Domino.

Team facilitator, architect and implementer on Jonah project, a freeware reference code base for PKIX, a public-key infrastructure IETF standard. Designed and developed core policy modules, certificate cutting code, certificate revocation lists, and registration authority enrollment. Two IBM awards for teamwork, at the division and SWG levels.

The Open Group Research Institute, Cambridge, MA
Senior Research Fellow
August 1994 to June 1998

Project Leader of Adage, a user-centered authorization research project. Directly responsible for proposals that led to approximately $2 million in contracts for related work (including Pledge, a follow-on project to deploy Adage in the DoD’s Next Generation Information Infrastructure). Security consultant for many more successful contracts. Led and mentored teams staffed up to 11 engineers. Produced initial high level Adage architecture, designed and helped implement graphical user interface and authorization policy language, specified mapping from authorization language to underlying engine data structures. Led design of deployment enhancements under Pledge, including access control on authorization information and expanded query facilities. Wrote high and low level design of Map, a prototype of rule-based authorization engine for a DCE Web server. Implemented server-side management of rules and related structures and client side management function through a proxy interface. Designed model for trust relationships between authorization service and authentication and attribute sources, including amount of trust, type of trust, and distrust. Designed, administered, and documented results and recommendations of contextual inquiry and formal usability tests.

Founding member of the DCE Web project that designed and implemented World Wide Web servers, browsers, and gateways that took advantage of DCE security and naming. Designed and implemented access control list manager and callbacks, and toolkit/server integration of initial prototype.

Digital Equipment Corporation, Littleton, MA
Distributed Processing Engineering
September 1992 to August 1994

Project leader for first GUI tool on Digital’s DCE platforms (a Visual DCE ACL Editor). Created and designed the product, coded the UI (in Visual C++), ran usability tests. Shared project leader responsibilities for DCE Client for Windows. Technical lead in researching graphical DCE management tools, and in integration with other management tools at Digital and with Windows/NT.

Early adopter of Visual C++ v1.0. Taught classes in Visual C++ to other members of my organization.

Responsible for testing first port of OSF DCE to OpenVMS.

Digital Equipment Corporation, Littleton, MA
Secure Systems Group
June 1986 to August 1990

Privacy-Enhanced Mail, May 1990 to August 1990

Designed and implemented new user interface to PEMail prototype.

VAX Secure Virtual Machine Monitor, June 1986 to April 1990

Project leader of design and implementation of user interface, and of design and development of user interface tests and testing process. Designed look and feel of confirmation displays for secure-attention commands, and untrusted command support (patented). Implemented command processing infrastructure. Designed reference monitor for subjects.

Co-owner of full system functional specification. General resource for usability, security, and product functionality, both inside this group and to other organizations (customers, NCSC (aka NSA)).

Prime, Framingham, MA
CAD/CAM User Interface Group
November 1984 to June 1986

Designed end user interface of Prime’s first internally developed CAD/CAM product, PrimeDesign (including menus, windows, and advanced graphics). Designed application programmer’s interface to the user interface modules. Designed and implemented menu manager, message manager, and help system.

Digital Equipment Corporation, Nashua, NH
Office Automation Performance Evaluation
June 1982 to November 1984

Evaluated resource utilization, bottlenecks, and code. Set performance goals, ran workloads, and proposed enhancements for office automation products. Created group’s first study of user perceived performance.


Massachusetts Institute of Technology
Cambridge, MA

Master of Science, Computer Science, August 1992

Coursework -- Technology Strategy, Engineering Risk/Benefit Analysis, Distributed Algorithms, Object-Oriented Databases, Knowledge-Based Systems, Programming Languages, Theory of Computation.

Bachelor of Science, Computer Science, June 1982


 To Market, To Market: Human-Centered Security and LotusLive”, Security and Privacy Usability Technology Transfer: Emerging Research Workshop, 2010.

“Adaptive Security Dialogs for Improved Security Behavior of Users”, INTERACT 2009.

“Using Recommenders for Discretionary Access Control”, Web 2.0 Security and Privacy 2009 (W2SP).

User-Centered Security: Stepping Up To The Grand Challenge”, Invited Essay and keynote speech, proceedings of Annual Computer Security Applications Conference (ACSAC), December 2005. Follow up invited talks at MIT, WPI, Nokia Research, University of Newcastle, Carleton University.

 “Embedding Security in Collaborative Applications: A Notes/Domino Perspective”, chapter of Security and Usability: Designing Secure Systems That People Can Use, O’Reilly, 2005.

Did You Ever Have to Make Up Your Mind? What Notes Users Do When Faced With a Security Decision”, Proceedings of Annual Computer Security Applications Conference (ACSAC), December 2002.

“Performance Considerations in Web Security”, invited paper to International Workshop on Certification and Security in E-Services and IBM Technical Report, 2002.

 “Tracking Influence Through Citation Index Comparisons and Preliminary Case Studies”, invited paper and panelist, proceedings of New Security Paradigms Workshop, 2001.

 “Jonah: Experience Implementing PKIX Freeware”, Proceedings of Usenix Security Symposium, August 1999.

“A User-Centered, Modular Authorization Service Built on an RBAC Foundation”, Proceedings of the IEEE Computer Society Symposium on Security and Privacy, May 1999.

“Separation of Duty in Role-based Environments”, Proceedings of IEEE Computer Security Foundations Workshop, June 1997.

“User-Centered Security”, Proceedings of New Security Paradigms Workshop, September 1996 (also in NSPW Highlights of the First Five Years).

HTTP 1.0 and HTTP 1.1 specifications in the IETF HTTP working group (acknowledged contributor).

The DCE Web Project: Providing Authorization and Other Distributed Services to the World Wide Web,” Poster paper for the Second International World-Wide Web Conference, October 1994.

“What are the Foundations of Computer Security?,” Proceedings of IEEE Computer Security Foundations Workshop, June 1993 (Panel Chair).

“Attribute Support for Inter-Domain Use”, Proceedings of 5th IEEE Computer Security Foundations Workshop, June 1992.

“A User Attribute Service Supporting Least Privilege in Distributed Applications”, MIT Master’s Thesis, August 1992.

“A Retrospective on the VAX VMM Security Kernel”, IEEE Transactions on Software Engineering, Vol. 17, No. 11, November 1991.

“A VMM Security Kernel for the VAX Architecture”, Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy, May 1990 (Best Paper award).

Patents and Patent Applications

7,926,112 System for protecting a computing system from harmful active content in documents

7,853,471 Instance messaging auto-scheduling

7,697,551 System for instant message to telephone speech and back

7,607,172 Method of protecting a computing system from harmful active content in documents

7,036,022 Verification of trusted-path commands

6,871,283 Processing trusted commands in trusted and untrusted environments

6,507,909 Method for executing trusted-path commands

31 patent applications filed while at IBM

Invited Posts, Talks and Awards

“User-Centered Security: From Grand Challenge to Technology Transfer”, invited talk, MIT’s Lincoln Laboratory, September 2011.

“Web Security Context: User Interface Guidelines” short talk, Workshop on Usable Security Indicator Conventions (WUSIC), Invited panelist, “Obstacles to Adopting UX Indicators as Conventions/Standards”, WUSIC co-chair. SOUPS 2011.

“We Are All Watchers On This Bus: Can Social Network Transparency Substitute for Traditional Business Oversight?”, lightning talk, SOUPS 2011.

“Usability in Development: Perspectives from Lotus and LotusLive”, invited talk, Software and Usable Security Aligned for Good Engineering Workshop, April 2011.

Speaker at Lotusphere, the IBM Collaboration Service division's top customer event, 2011, 2010, 2007 - 2003. “Trusting Your Data to IBM LotusLive and IBM LotusLive Notes” in 2011. “Lotus Brings Security to the Cloud with IBM LotusLive” in 2010. "New Java Security Standards in the IBM Lotus Notes 8 Client" at 2007.

“An Introduction to Usable Security”, tutorial, ACSAC 2010.

Security & Privacy Usability Technology Transfer: Emerging Research Workshop, creator and co-chair, SOUPS 2010.

“LoutsLive Notes Security” whitepaper, 2010.

“LotusLive iNotes Security” whitepaper, 2010.

Chair of W3C Web Security Context (WSC) working group, October 2006 – August 2010. Produced the W3C Recommendation Web Security Context: User Interface Guidelines. Invited talk on standards and usable security at Usability, Psychology and Security, 2008. Discussion session on standardizing usable security at SOUPS 2007.

Steering committee member for Symposium On Usable Privacy and Security (SOUPS), 2010 – present. Paper chair, 2005. Program committee member from inception to the present.

“LotusLive Engage Security” whitepaper, 2009.

“Unyte Meetings Security” whitepaper, 2009.

Invited Panelist, “Usability meets access control: challenges and research opportunities”. SACMAT 2009.

Lead of discussion session, “Technology transfer of successful usable security research into product”, SOUPS 2009.

Invited panelist at RSA on the topic of Usable Security, 2008.

Panel organizer and moderator, “Usable Cryptography: Manifest Destiny or Oxymoron?”, Financial Cryptography 2008.

General co-chair of WWW2007.

Invited Panelist, Security Issues, speaking on "Authentication, Trust, and Risk in Web-based Business", WWW2006.

Program Committee, W3C Workshop on Transparency and Usability of Web Authentication, 2005.

Usability of Security Administration vs. Usability of End-User Security”, Panel speaker, SOUPS 2005.

 “Web Security – why is it so darn hard?”, Keynote, AusWeb 2004.

Chair of IW3C2, (2008 – present), member (1997 to present). Program chair of WWW10 (WWW2001). Ecommerce and security vice chair for WWW8 and WWW9 and WWW2002. Industrial Track Vice Chair WWW2003. Program committee member for WWW4, WWW5, and WWW6 and WWW2003. Invited member of Security Panel for WWW4 and WWW3. Organized and chaired Security BOF for WWW2.

 “Security Evaluation and Assurance Lessons from Business, Marketing, and HCI”, Panel speaker on The Relationshop of System and Product Specifications and Evaluation, ACSAC 2004.

Applied Computer Security Associates (ACSA) Fellow; steering committee for Annual Computer Security Applications Conference and sister conferences, 2004 – present.

Electronic Commerce Research special issue on Electronic Commerce, Security, and Privacy, Volume 5, Number 1, January 2005, co-editor.

Women to Watch 2004 award from Mass High Tech.

Member of NRC panel assessing the National Institute of Standards and Technology Measurement and Standards Laboratories, 2000 –2005. Co-author of 2001 and 2002 reports. Chair of security sub-panel, 2003 - 4.

Editor of Springer's International Journal of Information Security (IJIS) (2000 – 2006).

General chair for New Security Paradigms Workshop, 2000. Vice chair ’99. Program chair ‘97 and ‘98. Program committee member 2001 – 2003. Steering committee 1997 – present.

Expert Panel: What’s Missing in Web Services Security?, W3C/OASIS forum on Web Services Security, 2002.

Computer Networks Special Issue on XML, co-editor, 2002.

Program committee member and reviewer, Annual Computer Security Applications Conference (ACSAC), 2000 – 2003.

Ecommerce Vice Chair, Symposium on Applications and the Internet (SAINT), 2001.

Program Committee of IFIP Workshop on Internet Technologies, Applications, and Societal Impact (2002).

Member of IFIP Working Group 6.4 on Internet Applications Engineering (2000 – 2004).

Regular contributor to and Associate Editor of Cipher, the electronic newsletter of the IEEE Computer Society’s Technical Committee on Security and Privacy (1997 to 2001).

Panelist, Getting Involved in Technical Standards Organizations, Grace Hopper Celebration of Women in Computing, 2000.

Member of NRC panel on Library of Congress Information Technology Strategy (1999). Co-author of results.

Chair of W3C P3P Preferences Interchange Language Working Group (1998 - 1999).

Invited talk at Digital Commerce Society of Boston, “Oh Jonah, He lived in a whale, Or, How IBM decided to win in ecommerce by embracing standards and donating code”.

Program committee member for Agent Systems and Applications/Mobile Agents, ’99 – ‘00. Program committee member of HICCS ‘98 and WETICE ‘98 agents session.

Program committee member for IEEE Symposium on Security and Privacy 96 - 98

Invited speaker at the Fourth Computer Misuse and Anomaly Detection (CMAD) workshop on the topic of New Ideas in CMAD (1997).

Invited lectures on Authorization and the DCE Web to the Stanford Distributed Libraries Group and on DCE and DCE Web at W3C (1996).

Advisory committee representative to W3C and member of W3C security working group (1997 – 1998).

“Secure Authorization Issues On The Web”, Tutorial at for the Third International World-Wide Web Conference, April 1995.