Meeting of the
Computer System Security and Privacy Advisory Board

March 4-5, 1998 

Lecture Room A
Administration Building
National Institute of Standards and Technology
Gaithersburg, MD


Wednesday, March 4, 1998

 9:00 a.m.		Welcome and  Update
			Ed Roback, CSSPAB Executive Secretary

 9:10 a.m.		Chairman's Remarks
			Willis Ware

 9:20 a.m.		CIO Security Subcommittee Perspectives	
			Mark Boster, Department of Justice 
			Howard Lewis, Department of Energy
			Subcommittee Co-Chairs
		
11:00 a.m.		BREAK		

11:20 p.m.		FedCirc Update
			Marianne Swanson, NIST	

12:00 a.m.		LUNCH

  1:30 p.m.		Status of PCCIP Report Recommendations
			Irwin Pikus
			PCCIP Commissioner
			
  2:15 p.m.		Can Steganography Be Regulated?  Policy Questions about 
                                    Hidden Messages
			Peter Wayner

  3:00 p.m.		BREAK

  3:20 p.m.		Privacy Issues Discussion
			Rick Weingarten, George Trubow
			 
  4:00 p.m.		Board Discussion Time

  5 :00 p.m.		RECESS


Thursday, March 5, 1998


   9:00 a.m. 		Board Discussion Time	

   9:30 a.m.		Information Security:   Lessons Learned from Leading
			Organizations --  GAO Report
			Jean Boltz 
			General Accounting Office

 10:40 a.m.		BREAK

 11:00 a.m.		Systems Certification Briefing
			Fred Tompkins
			International Computer Security Association (ICSA)		

 12:00 p.m.		LUNCH

   1:30 p.m.		Patient ID - -  HHS Perspective
			John Fanning
			Department of Health and Human Services

   2:30 p.m.		U.S. Government Perspective on Privacy Issues
			Barbara Wellbery
			General Counsel 
			National Telecommunications & Information Administration

  3:00 p.m.		BREAK

   3:20 p.m.		Public Participation

   3:45 p.m.		Board Discussion Time

   5:00 p.m.		Adjourn


Dates of Next Meeting
June 2-4, 1998
NIST Headquarters