23rd National Information Systems Security Conference
Overview of the Program
Last update October 13, 2000


Tuesday, October 17
Room(s) Time / Topic for Sessions and Events
8:30 - 10:00 10:30 - 12:00 1:30 - 3:00 3:30 - 5:00
301-303 Aspects of InfoSec:
The UK View
Security in Business-to-Business e-commerce Protection of B2B Exchanges and Vendor Operations Enterprise Security Infrastructure: A Managed Approach
307 Certified vs Secure PKI - Sham or Salvation? Federal Bridge Certification Authority (FBCA) Demonstration and Panel – Part I Federal Bridge Certification Authority (FBCA) Demonstration and Panel – Part II
308 Achieving Global Trust in an e-World Guideline for Implementing Cryptography in the Federal Government Incident Response - Stopping Them Dead in Their Tracks Incident Response – Tracking Them Down –Part II
309 Common Criteria Tools: A Status and Demonstration Innovative Uses of the Common Criteria The Common Criteria Structures: The Healthcare Response to Security Regulation The Healthcare Vertical Turns its Eyes on Security - The Impact of HIPAA and other Legislation on Security Engineering
310 Preparing for Intrusion Detection Privacy in the Information Age Operational Computer Forensics - the New Frontier Information Systems Survivability: Protecting Critical Systems
327-329 Access Certificates for Electronic Services (ACES) - Enabling Government to Citizen Interaction via the Internet Critical Infrastructure Protection for Chief Information Officers or CIP for CIOs Best Security Practices: Lowering Quality's Total Cost of Ownership in an Age of Growing Complexity Progress of the Best Security Practices Subcommittee
330 Papers - Access Control
paper 1:
Push Architectures for User Role Assignment

paper 2:
A Role-Based Delegation Model and Some Extensions

paper 3:
Generalized Role-Based Access Control for Securing Future Applications

Paper Session: Malicious Code
paper 1:
The Evolving Virus Threat

paper 2:
The Cracker Patch Choice: An Analysis of Post Hoc Security Techniques

paper 3:
Anti-Virus Software Testing for the New Millennium

Paper Session: Case Studies
paper 1:
Using B Method to Formalize the Java Card Runtime Security Policy for a Common Criteria Evaluation

paper 2:
Penetration Analysis of a Xerox Docucenter DC 230ST: Assessing the Security of a Multi-Purpose Office Machine

paper 3:
Analysis of Terminal Server Architectures for Thin Clients in a High Assurance Network

Paper Session: Common Criteria Issues
paper 1:
Thoughts and Questions on Common Criteria Evaluations

paper 2:
Towards the Formal Modeling of a Secure Operating System

paper 3:
The Open Platform Protection Profile (OP3): Taking the Common Criteria to the Outer Limits

331-332 Security and Quality of Service Interactions RSA Digital Signature Standards Information Assurance Metrics: Prophecy, Process, or Pipedream? Issues in High Performance Computing Security
To Be Determined     Common Criteria Project: Making the CC Recognition Arrangement a Reality  
Close this Window