This track will address overarching issues and engage the audience in dialogue on such topics as developing profiles, evaluating the Certificate-Issuing Systems (CISs) of Public Key Infrastructures against a common set of security requirements and the Common Evaluation Methodology, as well as new approaches in evaluating security products and systems viable in a commercial world. 

All presentations, speakers, and times are subject to change. We will do our best to list the most current information.

Track Chairs:
Gene Troy, NIST
Murray Donaldson, CESG, UK

Sessions

Information Assurance Metrics: Prophecy, Process, or Pipedream?, R. Henning, Harris Corp.

Evaluation Scope: Does One Size Fit All?, J. Doody, CESG, UK

Multi-Level Security and Its Evolution To Date, G. Clingan, Impact Innovations Group

A Protection Profile for FIPS 140-2: Lessons Learned, M. Smid, CygnaCom Solutions

The Cryptographic Module Validation Program: FIPS 140-2 …The Next Generation, A. Lee, NIST

Testing of Cryptographic Modules Against FIPS 140-2, Randall Easter, NIST

National Information Assurance Partnership / Common Criteria Scheme Presentations, T. Anderson, NSA

National Information Assurance Partnership Projects-2001, R. Ross, NIST

Common Criteria Tools: A Status and Demonstration, K. Britton, NSA

The Common Criteria Structures - the Healthcare Response to Security Regulation, L. Lorton,  Forum on Privacy and Security in Healthcare

Smart Card Security Users Group Protection Profile and Projects, K. Ayer, Visa

Understanding FIPS 140-2 Validation, J. Morris, Corsec Security, Inc.

Certified vs. Secure, J. David, Lehman Brothers

Innovative Uses of the Common Criteria, T. Losonsky, NSA

The Systems Security Engineering Capability Maturity Model, K. Ferraiolo, Arca Systems, an Exodus Communications Company

Papers

Thoughts and Questions on Common Criteria Evaluations, K. Olthoff, NSA

Using B Method to Formalize the JAVA Card Runtime Security Policy for a Common Criteria Evaluation, Stéphanie Motré, Gemplus, France

Trends in Government-Endorsed Security Product Evaluations, R. Smith, Secure Computing Corporation

Anti-Virus Software Testing for the New Millennium, S. Gordon, IBM

The Open Platform Protection Profile (OP3): Taking the Common Criteria to the Outer Limits, D. Brewer and F. Kashef, Visa International Services Association, and D. Brewer, Gamma Secure Systems Limited (UK)