Search CSRC

March 2001 Agenda Meeting Minutes June 2001 Agenda Meeting Minutes December 2001 Agenda  Meeting Minutes   If you have any questions or need information please e-mail Matt Scholl .  

A key establishment scheme definition document and a key management guidance document are currently under development as discussed in the white paper.The workshop versions of the key establishment schemes document and the key management guideline were discussed. A report of the workshop will be available soon. The agenda and presentation slides are provided below. Comments have been received. A list of issues discussed at the workshop is also available. Welcome, History, etc. (notes) - Elaine Barker Key Establishment Schemes Document Overview - Miles Smid Key Establishment Schemes...

The Cryptographic Module Validation Program Conference 2002 will be held on March 26-27, 2002 at the Washington Plaza Hotel in Washington DC. Sponsored by NIST and the Canadian Security Establishment (CSE), this conference will focus on the Cryptographic Module Validation Program (CMVP). The CMVP Conference will include presentations and discussions on the new FIPS 140-2 standard, Security Requirements for Cryptographic Modules, differences between FIPS 140-1 and FIPS 140-2, algorithm testing suites, Common Criteria and the CMVP, a number of panel discussions from Federal and user agencies...

(All presentations in .pdf format.) Federal Regsiter Notice Announcing Meeting Minutes Computer Security: Standards? Recommendations? Guidelines?  Edward Roback, NIST Computer Security Division DMCA and the Effects of Regulating Computer Security Research and Discussion Professor Edward Felton, Department of Computer Science, Princeton University National Information Assurance Education and Training Program Ms. Sherry Borror, National Infosec Education and Training Program, NSA Baseline Information Security Standards: An Audit Perspective  Mr. Russell A. Rau, Assistant Inspector General...

(All presentations in .pdf format.) Federal Regsiter Notice Announcing Meeting Minutes Toward Performance-Based IT Security at Nasa: A Journey  Dr. David B. Nelson, CISSP, NASA Deputy CIO, NASA   If you have any questions or need information please e-mail Annie Sokol .  

(All presentations in pdf format.) Federal Register Notice Announcing Meeting Minutes Briefing on Homeland Security David Howe, Chief of Staff, Office of Homeland Security Update on Activities of the NIST Computer Security Division Ed Roback, Chief, Computer Security Division, NIST OMB Updates Norman Lorentz, Federal Chief Technology Officer, Office of Information and Regulatory Affairs Activities of NARA's Electronic Records Archive Group & Activites, Part 2 L. Reynolds Cahoon, Chief Information Officer, National Archives and Records Administration (NARA) Data Preservation: What's...

(All presentations in .pdf format.) Federal Regsiter Notice Announcing Meeting Minutes GAO Assignments on Privacy and Their Relationship to CSSPAB’s Proposed Recommendations  Alan Stapleton, General Accounting Office (GAO) Liberty Alliance Project  Chris Hankin, Sun Microsystems, Inc. Security and Privacy at the IRS  Len Baptiste, Internal Revenue Service (IRS)   If you have any questions or need information please e-mail Annie Sokol .  

(All presentations are in .pdf format.) Federal Register Notice Announcing Meeting Minutes NIST Computer Security Division Update Mr. Edward Roback, Chief, Computer Security Division, NIST NIST Security Testing & Metrics Group Program Mr. Ray Snouffer, Group Leader, Computer Security Division, NIST NIST Security Technology Group Program Mr. William Burr, Group Leader, Computer Security Division, NIST Briefing on the General Accounting Office's (GAO's) Report on the Privacy Act Ms. Linda Koontz, Director of Information Management, GAO Department of Veterans Affairs Cyber Security Program...

A meeting of the Information Security and Privacy Advisory Board (ISPAB) was held in Rockville, Maryland, on June 10-12, 2003. Federal Register Notice Announcing Meeting Minutes Selected Presentations Large Scale Consumer eAuthentication Khaja Ahmed, Software Architect, Microsoft Corporation An Overview of the National Criminal Justice Index Tim Bouma, Senior Consultant, CGI Managing Consultant Group Security Checklists for Commercial IT Products Tim Grance, Manager, National Institute of Standards and Technology Professional Certification Briefing Hun Kim, U.S. Navy National...

(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes Biometric Accuracy Standards Charles L. Wilson, Information Access Division, NIST Computer Forensics: Tool Testing & National Software Reference Library Barbara Guttman, Software Diagnostics & Conformance Testing Division, NIST Information Technology Laboratory at NIST Susan Zevin, Information Technology Laboratory, NIST NIST Distributed Testbed for First Responders Nader Moayeri, Advanced Network Technologies Division, NIST Protecting Federal Information Systems: The NIST Strategy for Implementing...

The September 2003 meeting of the Information Security and Privacy Advisory Board. Minutes Selected Presentations Liberty Alliance and "Touching the Browser" Paul Madsen, Entrust and Chair of the Liberty Trust, Security, and Privacy Subteam Browser Extensions and Security Wayne A. Jansen, Computer Security Division, NIST Guideline for Mapping Types of Information and Information Systems to Security Categorization Levels William Curt Barker, Computer Security Division, NIST

The Cryptographic Module Validation Program Symposium 2004 will be held on September 14-15, 2004 at the DoubleTree Hotel & Executive Meeting Center in Rockville, MD. NIST and the Communications Security Establishment (CSE) invite you to this event. The CMVP Symposium will include presentations and discussions on the FIPS 140-2, Security Requirements for Cryptographic Modules, supporting documents such as the Derived Test Requirements and Implementation Guidance, cryptographic algorithm testing suites, expectations, future direction, panel discussions from Federal and user agencies and...

Purpose To discuss federal requirements for a Personal Identity Verification (PIV) standard. Topics PIV credentials, cards, systems. Presentations Personal Identity Verification For Federal Employees and Contractors  Curt Barker, NIST Identity Proofing and Request Process  Donna Dodson, NIST Personal Identity Verification For Federal Employees and Contractors  Tim Grance, NIST Identity Authentication using the PIV Token  Sarbari Gupta, Electrosoft, Inc. PIV Token Issuance  Ketan Mehta, NIST PIV Life Cycle Management: Maintaining Assurance and Enhancing Utility  Tim Polk, NIST

(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes The Way Ahead for the Common Criteria - A Discussion Panel ICCC5 Berlin Stuart Katzke, National Institute of Standards and Technology (NIST) Perspectives on NIAP and the Common Criteria Stuart Katzke, NIST IA Training, Certification and Workforce Management in DoD George Bieber, Defense-wide IA Program at the Department of Defense (DOD) Email Based Identity Theft, Phishing and SPAM. What is the Banking Industry Doing? Stephen Lange Ranzini, University Bank & Michigan Business Development Company U.S....

(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes NIST Special Publication 800-53, Recommended Security Controls for Federal Information Systems Ron Ross, Computer Security Division, NIST Trusted Computing Group Secure Platform Specifications and Implementations Monty Wiseman, Intel Corporation Draft NIST Special Publication 800-58, Security Considerations for Voice Over IP Systems Rick Kuhn, Computer Security Division, NIST   If you have any questions or need information please e-mail Annie Sokol .

(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes NIAP Review Briefing Dr. Gregory N. Larsen, IDA Comments on the First Privacy Trust Survey of the U.S. Government Dr. Larry Ponemon, Ponemon Institute Mr. William J. Ferguson, CIO Institute, Carnegie Mellon University USPS Privacy and CRM Zoe Strickland, Ken Ceglowski and Emily Andrews, USPS   If you have any questions or need information please e-mail Annie Sokol .

(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes Possible Government-Wide Information Security Enhancements Some Informal and Unofficial Thoughts Bruce Brody, ISPAB Board Member Federal Enterprise Architecture Security and Privacy Profile Sallie McDonald, U.S. Department of Homeland Security Cyber Security Practitioner (CSP) Professionalization Program: An Approach for Professional Development - Based on the Program Established at the Department of Veterans Affairs Bruce Brody, ISPAB Board Member A New World of Clues: NIST Provides Resources to...

Purpose To evaluate current personal identity verification technologies, systems, components, techniques, and procedures that would satisfy requirements for identifying Federal employees and contractors seeking access to Federal facilities and information systems. Topics Personal identity source document (ISD) authentication; verifying a claim of identity using fingerprint or facial images; use of security tokens such as integrated circuit cards for storing and processing identity credentials; communicating with security token reader/writers via electronic contact and contact-less methods;...

Presentations Introduction to Industry Day Workshop for FIPS 201 Personal Identity Verification For Federal Employees and Contractors Presentation on Special Publication 800-73 (SP 800-73), Integrated Circuit Card for Personal Identity Verification  Jim Dray, NIST Identity Proofing, Registration and Credential Issuance  Donna Dodson, NIST Biometric Data Specification on PIV Card  Ramaswamy (Mouli) Chandramouli, NIST FIPS 201 Cryptography  William (Tim) Polk, NIST

NIST held a Random Number Generation Workshop from July 19-22, 2004 in Gaithersburg, Maryland. See below for the workshop agenda and selected presentations. Workshop Agenda Comments Received on Draft ANS X9.82 Random Number Generation Presentations: Why Random Numbers for Cryptography, Miles Smid, Orion Security Solutions The Strategy Behind the Proposed Random Number Generation Standard, Paul Timmel X9.82 Part 1: Overview and Basic Principles, Don Johnson ANSI X9.82, Part 3: Deterministic Random Bit Generators (DRBGs), Elaine Barker, NIST Five DRBG Algorithms Based on Hash...

Day 1: FIPS 201 MANDATES Day 2: Implementation Schedule   Presentations Requirements of Personal Identity Verification Standards and HSPD#12: OVERVIEW Federal Information Processing Standard (FIPS) 201, Personal Identity, Verification for Federal Employees and Contractors: Control Objectives  Donna Dodson, NIST 2005 Security Industry Association: FIPS 201 Topology Standards on Steroids FIPS 201  Teresa Schwarzhoff, NIST Special Publication 800-73: Interfaces for Personal Identity Verification  Jim Dray, NIST Certification and Accreditation of PIV Card Issuing Organizations  Joan...

On Oct. 31-Nov. 1, 2005, 180 members of the global cryptographic community gathered in Gaithersburg, Maryland to attend the first Cryptographic Hash Workshop. The workshop was organized in response to a recent attack on the NIST-approved Secure Hash Algorithm SHA-1. The purpose of the workshop was to discuss this attack, assess the status of other NIST-approved hash algorithms, and discuss possible near-and long-term options. Call for Papers Workshop Report - The First Cryptographic Hash Workshop Selected Presentations: Where Should We Go From Here, Bill Burr, NIST Herding Hash...

(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes Background and Current Status: Use of Hashing Algorithms in the U.S. Federal Personal Identity Verification Program Biometrics Storage Format Selection for the U.S. Federal Personal Identity Verification Program Curt Barker, Computer Security Division, NIST NIST Hash Function Standards Status and Plans Bill Burr, Computer Security Division, NIST Updates on the Federal Enterprise Architecture Program Dick Burk, Chief Architect and Director of the Federal Enterprise Architecture (FEA) Program at...

(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes USPS: Building a Privacy and Consumer Policy Program Zoe Strickland, Privacy Officer, United States Postal Service NIST Industrial Control System Security Activities Keith Stouffer, National Institute of Standards and Technology Radio Frequency Identification (RFID) Intra-Government Council Handout Role of the Chief Privacy Officer John Fanning Radio Frequency Identification Technology in the Federal Government Douglas Devereaux, Technology Administration for Department of Commerce Presentation on...

(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes Overview of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule and CMS' Implementation Mike Pagals, Director of Privacy Rights and Protection Staff at the Centers for Medicare and Medicaid Services (CMS) RFID: Radio Frequency Identification Nick Tsougas, SRA's Senior Logistics Consultant to the DOD Automatic Identification Technology (AIT) Office Privacy Issues in RFID Applications Anna Slomovic, RAND Corporation and EPIC   If you have any questions or need information please...