Preliminary AGENDA Meeting of the Computer System Security and Privacy Advisory Board March 29-30, 2000 Administration Building, Lecture Room D Main Campus National Institute of Standards and Technology Gaithersburg, MD Note: Speakers/times may change without notice. Wednesday, March 29, 2000 9:00 a.m. Welcome and Introduction of New Members Ed Roback, CSSPAB Executive Secretary 9:10 a.m. Chairman’s Remarks Willis Ware, Chairman 9:20 a.m. "Security" Metrics Workshop Update & Discussion Fran Nielsen Computer Security Division National Institute of Standards and Technology 10:40 a.m. BREAK 11:00 a.m. Systems Security Engineering-Capability Maturity Model Briefing Karen Ferraiolo, Technical Director International Systems Security Engineering Association 12:00 p.m. LUNCH 1: 30 p.m. Access Certificate Electronic Services (ACES) – An Update Judith Spencer, Director Governmentwide Security, Office of Information Security General Services Administration 2:30 p.m. BREAK 2:50 p.m. Computer Security Division Updates Ed Roback, Acting Chief Computer Security Division National Institute of Standards and Technology 3:15 p.m. Public Participation [5 minutes maximum per person; please sign up with Board Secretary] 3:45 p.m. Board Discussion Period 5:00 p.m. RECESS Thursday, March 30, 2000 9:00 a.m. Board Discussion Period [also holding for potential Congressional and/or maturity matrix briefings] 11:00 a.m. BREAK 11:20 a.m. EU Signature Directives Updates Mark Bohannon, Chief Counsel Technology Administration Department of Commerce 12:00 p.m. LUNCH 1:30 p.m. Administration Privacy Update Lauren Steinfeld, Deputy Chief Privacy Counselor OMB Updates Daniel J. Chenok and Glenn Schlarman Office of Information and Regulatory Affairs 2:30 p.m. BREAK 3:00 p.m. Best Practices Update Jim Craft U.S. Agency for International Development 4:00 p.m. Board Discussion of Agenda Topics for June 2000 Meeting 5:00 p.m. ADJOURN Next Meeting Date: June 13-15, 2000 Location: NIST Headquarters