Assurance / Criteria
/
Testing Track
This track will address overarching issues
and engage the audience in dialogue on such topics as developing profiles,
evaluating the Certificate-Issuing Systems (CISs) of Public Key Infrastructures
against a common set of security requirements and the Common Evaluation
Methodology, as well as new approaches in evaluating security products
and systems viable in a commercial world.
All presentations, speakers, and times
are subject to change. We will do our best to list the most current information.
Track Chairs:
Gene Troy, NIST
Murray Donaldson, CESG, UK
Sessions |
Information
Assurance Metrics: Prophecy, Process, or Pipedream?,
R. Henning, Harris Corp. |
Evaluation
Scope: Does One Size Fit All?,
J. Doody, CESG, UK |
Multi-Level
Security and Its Evolution To Date,
G. Clingan, Impact Innovations Group |
A
Protection Profile for FIPS 140-2: Lessons Learned,
M. Smid, CygnaCom Solutions |
The
Cryptographic Module Validation Program: FIPS 140-2 …The Next Generation,
A. Lee, NIST |
Testing
of Cryptographic Modules Against
FIPS
140-2,
Randall Easter, NIST |
National
Information Assurance Partnership / Common Criteria Scheme Presentations,
T. Anderson, NSA |
National
Information Assurance Partnership Projects-2001,
R. Ross, NIST |
Common
Criteria Tools: A Status and
Demonstration,
K. Britton, NSA |
The
Common Criteria Structures - the Healthcare Response to Security Regulation,
L. Lorton, Forum on Privacy and
Security in Healthcare |
Smart
Card Security Users Group Protection Profile and Projects,
K. Ayer, Visa |
Understanding
FIPS 140-2 Validation,
J. Morris, Corsec Security, Inc. |
Certified
vs. Secure,
J. David, Lehman Brothers |
Innovative
Uses of the Common Criteria,
T. Losonsky, NSA |
The
Systems Security Engineering Capability Maturity Model,
K. Ferraiolo, Arca Systems, an Exodus
Communications Company |
Papers |
Thoughts
and Questions on Common Criteria Evaluations,
K. Olthoff, NSA |
Using
B Method to Formalize the JAVA Card Runtime Security Policy for a Common
Criteria Evaluation,
Stéphanie Motré, Gemplus,
France |
Trends
in Government-Endorsed Security Product Evaluations,
R. Smith, Secure Computing Corporation |
Anti-Virus
Software Testing for the New Millennium,
S. Gordon, IBM |
The
Open Platform Protection Profile (OP3): Taking the Common Criteria to the
Outer Limits,
D. Brewer and F. Kashef, Visa International
Services Association, and D. Brewer, Gamma Secure Systems Limited (UK) |
|
|