Todd C. Miller 410-***-**** (phone)
**** ********* *** abpau1@r.postjobfree.com
Baltimore, MD 21230 http://www.courtesan.com/todd
Education
University of Colorado Boulder, CO
Bachelor of Science in Computer Science Sep. 1989 - Dec. 1997
Senior Thesis: Scienti c Visualization Tool for Chemical Engineering Data
Work Experience
Quest Software, Inc. Lindon, UT
Software Developer 4 May 2010 - Present
Added support for I/O (keystroke) logging to the Sudo privilege delegation utility and implemented a
utility to search and replay the I/O logs.
Designed and implemented a plugin architecture for the Sudo privilege delegation utility to support
third-party policy and logging modules.
Added support for sudoers policy evaluation to the Quest Privilege Manager product.
Responsibilities also included development and maintenance of Sudo including release engineering.
Message Systems, Inc. Columbia, MD
Lead Software Engineer August 2009 - April 2010
Team lead for the Momentum mail transport agent project.
Responsibilities include design, development and testing of the MTA, as well as release engineering,
mentoring of other team members and interfacing with support sta .
Message Systems, Inc. Columbia, MD
Email Infrastructure Software Engineer March 2008 - August 2009
Part of a small team developing the Momentum mail transport agent.
Responsibilities include general development and testing of the MTA as well as release engineering.
Tresys Technology, LLC. Columbia, MD
Principal Engineer May 2007 - March 2008
Principal Engineer of the Funded Research & Development team.
Responsible for oversight of multiple projects within the FR&D group, which specializes in
researching techniques to increase the usability of Security Enhanced Linux (SELinux).
Provide technical oversight and guidance for research tasks.
SPARTA, Inc. Columbia, MD
Principal Engineer Sep. 2005 - Mar. 2007
Led a small team of developers responsible for the production of a security-enhanced version of
Apple s Mac OS X operating system, utilizing type enforcement and mandatory access controls.
Extended the SELinux FLASK architecture to secure Mach inter-process communication as present in
Mac OS X.
Extended and enhanced the TrustedBSD MAC Framework for the Darwin kernel, portions of which
appear in Mac OS 10.5 (Leopard).
Looking Glass Systems, LLC. Boulder, CO
Senior Programmer and System Administrator Feb. 2005 - Sep. 2005
Served as part of a team to design and develop an agent-based monitoring system for Windows and
UNIX systems.
Responsible for the design and implementation of an agent for UNIX-like systems that interoperates
with the LG Vision server software.
Was also responsible for the installation and maintenance of network and computing resources.
GratiSoft, Inc. Boulder, CO
President Oct. 2003 - Feb. 2005
GratiSoft provided commercial support for the Sudo root privilege control package as well as
consulting services for OpenBSD and other Open Source software.
Distributed Systems Lab, University of Pennsylvania Philadelphia, PA
Sr. Systems Programmer Dec. 2001 - Oct. 2003
Added KeyNote trust-management support to the Apache web server.
Continued to enhance the OpenBSD operating system on a daily basis.
Computer Science Operations Group, University of Colorado Boulder, CO
Sr. System Administrator Oct. 1993 - Dec. 2001
One of three full-time UNIX system and network administrators in charge of the UNIX computing
resources for the Computer Science Department.
Managed a network of approximately 350 UNIX workstations and X-terminals located in
undergraduate, masters, and research labs as well as in faculty o ces.
Responsible for day-to-day operation of department-wide computer resources and computer support.
Undergraduate Operations Group Boulder, CO
Manager Sep. 1992 - Apr. 1993
Assigned as Manager and Senior System/Network Administrator for a lab of 70 workstations.
Supervised four part-time student employees and several student volunteers.
Responsible for day-to-day operation of the lab, including user support.
UUNET Technologies Falls Church, VA
Assistant Postmaster May 1992 - Aug. 1992
Helped administer mail, news, and UUCP on Sun SPARC workstations.
Wrote a database to track information requests from potential customers.
Ported programs from BSD Networking Release 2 to SunOS 4.1.2.
Implemented secure versions of Kermit, xmodem, ymodem, and zmodem for UUNET s dial-up
software archive.
Undergraduate Computer Lab, University of Colorado Boulder, CO
System Administrator Jan. 1991 - Apr. 1992
Responsibilities included hardware and software installations, network troubleshooting, and user
support.
Assisted in the administration of the Computer Science Department s research network of UNIX
workstations.
Skills
Languages: C/C++, Perl, Java, Bourne Shell, Korn Shell, C Shell, Sed, Awk
Operating Systems: OpenBSD, FreeBSD, Mac OS X, Solaris, Tru64 UNIX, HP-UX, IRIX, Linux, SELinux
Security: Extensive experience writing secure code and auditing code for security-related errors
Workstations: Sun Microsystems, Digital, Hewlett-Packard, Silicon Graphics, IBM, Apple
Miscellaneous: Excellent troubleshooting and debugging skills
Open Source Projects
2007 Present One of four upstream maintainers of the SELinux tool chain.
2001 Present Major contributor to ISC cron (formerly Vixie cron).
1996 Present Core member of the OpenBSD operating system project. Participated in multiple security
audits of the OpenBSD code base. Responsible for the OpenBSD C library and large portions of the
OpenBSD user space.
1993 Present Lead developer of the Sudo root privilege control package.
1993 Present Contributor to other various and sundry Open Source projects.
Publications
Security-Enhanced Darwin: Porting SELinux to Mac OS X, Proceedings from the Third Annual
Security Enhanced Linux Symposium in Baltimore, MD, 2007.
UNIX System Administration Handbook, Third Edition, contributing author.
strlcpy and strlcat: Consistent, Safe, String Copy and Concatenation, Proceedings from the
USENIX Annual Technical Conference in Monterey, CA, 1999.
satool: A System Administrators Cockpit, Proceedings from the USENIX LISA VII Conference (Large
Installation Systems Administration) in Monterey, CA, 1993.