All presentations, speakers, and times are subject to change. We will do our best to list the most current information. 
 

1:30-3:00 Sessions for Tuesday October 17

Rooms: 301-303 Protection of B2B Exchanges and Vendor Operations Chair: Mr. Charlie Baggett, Risk Management Associates, Inc.   Tim Ehrsam, Oracle Corporation Nick Piazzola, VeriSign Gary Secrest, Johnson & Johnson

Room: 307 Federal Bridge Certification Authority (FBCA) Demonstration and Panel – Part I Chair: Richard A. Guida, Federal PKI Steering Committee Tim Polk, NIST Stanley Choffrey, GSA Dave Fillingham, NSA

Room: 308 Incident Response - Stopping Them Dead in Their Tracks Chair: Jon David, Lehman Brothers   Robert Stone, UUNET Technologies Jim Duncan, Cisco Bill Hancock, Exodus Communications Richard Reybok, Merrill Lynch

Room: 309 The Common Criteria Structures: The Healthcare Response to Security Regulation Chair: Dr. Lewis Lorton, Forum on Privacy & Security in Healthcare   Lisa A. Gallagher, Exodus Security Services Paul Zatychec, EWA-Canada Ltd. Leslie Spiece, University of Wisconsin Alan Brown, McKenna & Cuneo

Room: 310 Operational Computer Forensics - the New Frontier Michael J. Corby, CCP, CISSP, Netigy Corporation

Room: To Be Announced Common Criteria Project: Making the CC Recognition Arrangement a Reality Chair: Murray Donaldson, CESG, UK   Lynne Ambuel, Decisive Analytics Corporation Frank Belvin, Mitre Corporation Ron Ross, NIST

Rooms: 327-329 Best Security Practices: Lowering Quality's Total Cost of Ownership in an Age of Growing Complexity Chair: James P. Craft, United States Agency for International Development (USAID)   Tom Burke, GSA Jack L. Brock, Jr., GAO Guy L. Copeland, Computer Sciences Corporation (CSC) Robert E. Giovagnoni, Infrastructure Defense, Inc. (iDEFENSE)

Room: 330 Paper Session: Case Studies Chair: Jim Tippett, Independent Consultant paper 1: Using B Method to Formalize the Java Card Runtime Security Policy for a Common Criteria Evaluation Stéphanie Motré, Gemplus, France paper 2: Penetration Analysis of a Xerox Docucenter DC 230ST: Assessing the Security of a Multi-Purpose Office Machine Benjamin A. Kuperman, Purdue University paper 3: Analysis of Terminal Server Architectures for Thin Clients in a High Assurance Network Cynthia Irvine, Naval Postgraduate School

Rooms: 331-332 Information Assurance Metrics: Prophecy, Process, or Pipedream? Chair: Ronda R. Henning, Harris Corporation Michael J. Skroch, DARPA John McHugh , Carnegie Mellon Center for Survivable Systems John Michael Williams, JMW Trading Company