AGENDA

Meeting of the 
Computer System Security and Privacy Advisory Board

December 7-9, 1999

Administration Building, Lecture Room B
Main Campus
National Institute of Standards and Technology
Gaithersburg, MD


Note:  Speakers/times may change without notice.


Tuesday, December 7, 1999

 9:00 a.m.		Welcome and Update
			Ed Roback, CSSPAB Executive Secretary

 9:10 a.m.		Chairman’s Remarks
			Willis Ware, Chairman

 9:20 a.m.		"Security" Metrics Workshop Update & Discussion
			Fran Nielsen
			Computer Security Division
			National Institute of Standards and Technology

10:40 a.m.	  	BREAK

11:00 a.m.	Status of the Computer Security Enhancement Act of 
1999
	Mike Quear
	Committee on Science
	Subcommittee on Technology
	U. S. House of Representatives

12:00 p.m.		LUNCH

 1: 30 p.m.	Access Certificates Electronic Services (ACES), 
                	Electronic Public Key Infrastructure Solutions:
                	Judith Spencer, Director, 
Governmentwide Security, Office of Information Security
General Services Administration
  	
  2:30 p.m.		BREAK
 
  2:50 p.m.	Vulnerabilities in Commercial Software
	Rich Guida, CSSPAB Member
Department of the Treasury  

  3:15 p.m.  	NIAP Healthcare Initiative
	L. Arnold Johnson
	Computer Security Division	
	National Institute of Standards and Technology

  4:00 p.m.	Computer Virus/Hacker Briefing
	Rob Rosenberger
	Consultant/Expert on Computer Virus Myths and Hoaxes

  5:00 p.m.	RECESS


Wednesday, December 8, 1999


 9:00 a.m.		Board Discussion Period
			
10:00 a.m.	Briefing on S. 1993, Government Information Security 
Act of 1999
	Deborah Cohen-Lehrich
			Counsel, Committee on Governmental Affairs
			U.S. Senate

11:00 a.m.		BREAK

11:20 a.m.		CC2  and Cyberspace Situational Awareness
			Tim Bass
			President and CEO
Silk Road

12:00 p.m.		LUNCH

  1:30 p.m.		OMB Updates
			Glenn Schlarman
			Office of Information and Regulatory Affairs
			Office of Management and Budget 

  2:30 p.m.		BREAK
  3:00 p.m.		Trusted Computing Platform Alliance (TCPA) Briefing
		David Chan
		Hewlett Packard			
	
  4:00 p.m.	Computer Security Division Update
	Ed Roback, Acting Chief
	Computer Security Division
			National Institute of Standards and Technology

  4:30 p.m.	Public Participation [5 minutes maximum per person; 
please sign up with Board Secretary]

  5:00 p.m.		RECESS


Thursday, December 9, 1999

9:00 a.m.	Critical Infrastructure Protection:  Toward an Effective 
Research and Development Agenda -- An Update
			Lt. Col. Steve Rinaldi
			Office of Science and Technology Policy
			The White House

10:00 a.m.		Panel Discussion:  Fair Information Practices and
			Privacy Protection
			Robert Gellman, Privacy & Information Policy Consultant
Marc Rotenberg, Executive Director, Electronic Privacy 
Information Center
			George Trubow, CSSPAB Member & Professor of Law,
			The John Marshall Law School
	
12:15 p.m.		LUNCH

1:00 p.m.	Board Discussion of Agenda Topics for March 2000 
Meeting
 
  2:00 p.m.		ADJOURN


Next Meeting Date:	 March 28-30, 2000
Location: 			 NIST Headquarters