From: Adam Shostack <adam@bwh.harvard.edu>
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Message Hash: ad78be128a9eb6fc52ec0b8d215be11d7a26a6693b45a36e2f29d8ec5c430184
Message ID: <199501152041.PAA10484@bwh.harvard.edu>
Reply To: N/A
UTC Datetime: 1995-01-15 20:42:01 UTC
Raw Date: Sun, 15 Jan 95 12:42:01 PST
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Sun, 15 Jan 95 12:42:01 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: 2 announcements of possible interest
Message-ID: <199501152041.PAA10484@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain
2 announcements (one from PRIVACY, the other from Cyberia.)
second is NII Security Issues Forum to Hold 2 Meetings 01/27/95 NEW
01/12/95
Date: Fri, 13 Jan 95 11:25:27 EST
From: denning@cs.cosc.georgetown.edu (Dorothy Denning)
Subject: INTERNATIONAL CRYPTOGRAPHY INSTITUTE 1995
Call for Participation (Deadline: March 15, 1995)
INTERNATIONAL CRYPTOGRAPHY INSTITUTE 1995: GLOBAL CHALLENGES
September 21-22, 1995
Washington, DC
Presented by
The National Intellectual Property Law Institute
The International Cryptography Institute will focus on the cryptography
challenges associated with meeting the information protection needs of
users and the law enforcement and national security needs of nations.
The Institute will address such topics as:
- national encryption policies and regulations
- meeting user needs for information security and data recovery
- meeting law enforcement and national security needs
- national and global encryption markets and product availability
- international approaches and standards
- creating an international cryptography infrastructure
- the use of encryption technologies in different countries
- cryptography in the financial industry and other industries
- legal and policy issues of digital signatures and digital cash
- new developments in encryption policies and technologies
Persons interested in speaking at the conference are invited to submit
a proposal to the Institute Chair:
Prof. Dorothy E. Denning, Chair ICI '95
Georgetown University
Computer Science Department
225 Reiss Building
Washington DC 20057-0997
ph: 202-687-5703, fax: 202-687-6067
e-mail: denning@cs.georgetown.edu
Proposals must be received by MARCH 15, 1995, and should include the
following:
- Name, title, organization, address, phone, fax, and e-mail address
- Brief biography
- Title of presentation
- Abstract of presentation or paper
- Amount of time requested for presentation and discussion
Notification of acceptance will be made by April 15, 1995. Papers and
materials for the proceedings will be due on August 15, 1995.
Inquiries about registration or the proceedings should be addressed to:
The National Intellectual Property Law Institute
P.O. Box 27913, Washington, DC 20038-7913
ph: 800-301-MIND or 202-962-9494
fax: 800-304-MIND or 202-962-9495
------------------------------
From: Seth Greenstein <sethg@access.digex.net>
Subject: NII Security Issues Forum to Hold 2 Meetings 01/27/95 NEW 01/12/95
OFFICE OF MANAGEMENT AND BUDGET
NOTICE OF PUBLIC MEETING
Agency: Office of Management and Budget
Action: National Information Infrastructure Security Issues
Forum: Notice of Public Meetings and request for public comments
SUMMARY: The National Information Infrastructure Security Issues
Forum will conduct two public meetings to continue a dialogue
between government and the private and public interest sectors on
issues related to the security of information on the National
Information Infrastructure (NII). Interested parties --
especially beneficiaries of Aid to Families with Dependent
Children and Food Stamps, and users of public information, and
participants in the sophisticated communications networks which
support the U.S. transportation and customs systems -- are
invited to submit a 1 - 2 page position statement and request to
testify.
The meetings are sponsored by the NII Security Issues Forum
of the Information Infrastructure Task Force and Mega-Project III
of the U.S. Advisory Council on the NII.
DATES: Both public meetings, "Security of the Electronic
Delivery of Government Information and Services" and "Security
for Intelligent Transportation Systems and Trade Information,"
will be held simultaneously on Friday, January 27, 1995, from
9:00 a.m. to 12:30 p.m. in Raleigh, North Carolina.
Those wishing to testify should submit a 1 - 2 page position
statement and request to participate by January 20, 1995.
Individuals wishing to offer general comments or present
questions may request to do so during the meeting. Written
comments may be submitted on paper or electronically, in ASCII
format, and will be accepted until February 10, 1995.
ADDRESSES: The public meeting, "Security of the Electronic
Delivery of Government Information and Services," will be held in
the Auditorium of the North Carolina Museum of History, 1 East
Edenton Street, Raleigh, North Carolina. The public meeting,
"Security for Intelligent Transportation Systems and Trade
Information," will be held in the Auditorium of the Department of
Cultural Affairs, 109 East Jones Street, Raleigh, North Carolina.
Both buildings are in close proximity to the North Carolina
Capitol Building.
Position statements and requests to appear for the meeting,
"Security of the Electronic Delivery of Government Information
and Services," sent to the Government Information Technology
Services Working Group, marked to the attention of Ms. April
Ramey, U.S. Department of the Treasury, 1425 New York Avenue,
Room 2150 N.W., Washington, D.C. 20220. Position statements may
also be submitted via fax to (202) 622-1595 or through electronic
mail to april.ramey@treas.sprint.com. Electronic mail should be
submitted as unencoded, unformatted, ASCII text.
Position statements and requests to appear for the meeting,
"Security for Intelligent Transportation Systems and Trade
Information," should be sent to the Volpe National Transportation
Systems Center of the Department of Transportation, marked to the
attention of Mr. Gary Ritter, DTS-21, at 55 Broadway, Cambridge,
MA, 02142. Position statements may also be submitted via fax to
(617) 494-2370 or through electronic mail to
"Ritter@volpe1.dot.gov". Electronic mail should be submitted as
unencoded, unformatted, ASCII text.
Parties offering testimony are asked to provide them on
paper, and where possible, in machine-readable format. Machine-
readable submissions may be provided through electronic mail
messages sent over the Internet, or on a 3.5" floppy disk
formatted for use in an MS-DOS based computer. Machine-readable
submissions should be provided as unencoded, unformatted ASCII
text.
Written comments should include the following information:
* Name and organizational affiliation, if any, of the
individual responding;
* An indication of whether comments offered represent views of
the respondent's organization or are the respondent's
personal views; and
* If applicable, information on the respondent's organization,
including the type of organization (e.g., trade association,
private corporation, non-profit organization) and general
areas of interest.
FOR FURTHER INFORMATION CONTACT: For further information
relating to electronic delivery of information and services,
contact Ms. April Ramey of the Treasury Department at (202) 622-
1278.
For further information relating to transportation and trade
issues, contact Mr. Gary Ritter at the Volpe National
Transportation Systems Center by telephone at (617) 494-2716.
SUPPLEMENTARY INFORMATION:
I. Issues for Public Comment
A. Background
The public meetings are part of an ongoing dialogue with the
Administration to assess the security needs and concerns of users
of the National Information Infrastructure (NII). The NII is a
system of high-speed telecommunications networks, databases, and
advanced computer systems that will make electronic information
more widely available and accessible than ever before. For
example, citizens may be able to learn about federal benefits
programs through public kiosks, or may receive their social
security payments through direct deposit to their bank accounts.
As the U.S. transportation infrastructure becomes more complex,
Americans will benefit from the application of information
technologies to such operations as toll collection, motor vehicle
registration, and traffic routing. This increased availability
and accessibility of services and products provided through
information technology will dramatically affect the way in which
individuals conduct their everyday affairs.
Consequently, broad public and commercial use of the NII
hinges upon implementing technologies, policies, and practices
that not only ensure that users of information systems have
access to information when and where they need it, but that
subjects of information records are able to protect themselves
from unauthorized or inappropriate use of information.
"Americans will not use the NII to its full potential unless
they trust that information will go where and when they want it
and nowhere else," declared Sally Katzen, Administrator of the
Office of Information Regulatory Affairs at OMB and chair of the
Forum. "The Federal government is a primary user of the NII and
thus a catalyst for change. Yet the NII will be designed, built,
owned, operated, and used primarily by the private sector, making
it essential that security on the NII be considered in
partnership with the public."
To address these critical issues, the Vice President formed
the Information Infrastructure Task Force (IITF). The IITF is
chaired by Secretary of Commerce Ron Brown and is comprised of
senior Administration officials having expertise in technical,
legal, and policy areas pertinent to the NII. The mission of the
IITF is to articulate and implement the Administration's vision
for the NII.
The NII Security Issues Forum was established within the
IITF to address the cross-cutting issue of security in the NII.
The Forum is chaired by Sally Katzen, Administrator of the Office
of Information and Regulatory Affairs in the Office of Management
and Budget.
In addition to the IITF, the President has established the
U.S. Advisory Council on the National Information Infrastructure.
The Advisory Council represents industry, labor, and public
interest groups, and advises the Secretary of Commerce on issues
relating to the NII. Mega-Project III, one of three work groups
of the Advisory Council, is responsible for addressing security,
intellectual property, and privacy issues as they relate to the
NII.
B. Structure and Content of Public Meeting
Security is linked inextricably to broad public use of the
NII. The technologies, policies, and procedures used to ensure
the confidentiality, availability, and integrity of digitally
produced and transmitted information, information products, and
services on the NII will determine whether, how, and to what
extent digitally linked information services will be broadly used
in such critical applications as providing public information,
supporting the delivery of government services, utilizing
intelligent transportation systems, and conducting trade.
Development of policies and procedures that will ensure the
security of public and private information and communications on
the NII requires study from different perspectives, whether that
of the subject of the information, the user of the information,
or the creator of the information. The Forum and Mega-Project
III seek input from parties representing beneficiaries of federal
information and services and users of intelligent transportation
systems and trade data.
Solutions to these concerns will come via technical
solutions, as well as legal and policy mechanisms. The Forum and
Mega-Project III seek input in this area as well. Specifically,
what legal measures, policy mechanisms, and technological
solutions, or combinations thereof, can be used to effectively
protect the security of federal benefits information or
transportation or trade data, delivered or made accessible on the
NII?
A panel of witnesses drawn from the public will be assembled
to discuss the following topics with a panel of senior
Administration officials, members of the Security Issues Forum,
members of the Advisory Council, and policy makers at the State
level, and to field questions and comments from other members of
the public.
Position statements for the meeting, "Security in the
Delivery of Electronic Information and Services," should address
four principal questions:
1. How do you envision the NII being used to provide services
and information electronically to citizens? Specifically,
what types of services and information should be delivered
or made available?
2. What risks and threats do you foresee in making services and
information available via the NII? Such threats might
include fraud, unauthorized access, breach of
confidentiality or privacy, breach of integrity, and system
performance.
3. What legal, policy, and ethical issues do you foresee
affecting usage of the NII? Such issues may include
liability, information/property rights, access,
document/records management, legal admissibility/evidentiary
requirements, and auditability. Do some issues, such as
privacy and open access, tend to countervene each other?
4. What kinds of administrative or technical solutions should
be developed or promoted to address security, legal, and
ethical concerns? Such solutions may include verifying
recipient and/or vendor eligibility, ensuring operational
and systems security, and establishing means to facilitate
settlement, detection, and prosecution.
Position statements for the meeting, "Security for
Intelligent Transportation Systems and Trade Information," should
address five principal questions:
1. Who should be permitted access to sensitive trade and
transportation information systems? How can inappropriate
access and use be prevented?
2. What technical and institutional safeguards in electronic
data transmission, storage, and retrieval are needed to
protect the security of trade and transportation data? Such
risks might include: disclosure of proprietary and
confidential business information, criminal access to trade
and cargo records, disclosure of individual travel patterns
or vehicle locations, or disclosure of transportation
dispatch communications regarding sensitive cargo shipment
routes, itineraries, and locations.
3. What does an "appropriate level of security" consist of? Is
there a "one-size-fits-all" solution, or can policies be
established which flexibly meet diverse needs?
4. Do certain systems merit greater degrees of security
protection, such as traffic signal control systems, variable
message signs, fleet location monitoring, electronic toll
collection, international trade data, and motor vehicle
registration records?
5. Who should establish and enforce security policies? How can
government and the private sector work together to support a
secure National Information Infrastructure?
II. Guidelines for Participation in the Public Hearing
Individuals who would like to participate on a panel must
request an opportunity to do so no later than January 20, 1995,
by submitting a brief, 1 - 2 page summary position statement. If
approved, each participant will be allowed to present brief
opening remarks. Primary participation, however, shall be during
the general discussion to follow, according to the format
described above.
Participants in the public meeting will testify before and
participate in discussions with a panel consisting of members of
the Advisory Council, members of the Security Issues Forum, and
other Administration officials.
Individuals not selected as panel participants may offer
comments or ask questions of the witnesses by requesting an
opportunity to do so and being recognized during the meeting by
the chairs of the meetings. Oral remarks offered in this fashion
should not exceed three minutes. No advance approval is required
to attend the public meetings, offer comments, or present
questions.
The public meeting on "Security of the Electronic Delivery
of Information and Services" will be chaired by Mr. Jim Flyzik,
Chair of the Government Information Technology Services Working
Group of the IITF.
The public meeting on "Security for Intelligent
Transportation Systems and Trade Information," will be co-chaired
by Ms. Ana Sol Gutierrez, Deputy Administrator of the Research
and Special Programs Administration of the U.S. Department of
Transportation, and Ms. Christine Johnson, Director of the
Intelligent Transportation Systems Joint Program Office of the
U.S. Department of Transportation.
More information about the Clinton Administration's National
Information Infrastructure initiative can be obtained from the
IITF Secretariat. Inquiries may be directed to Yvette Barrett at
(202) 482-1835, by e-mail to ybarrett@ntia.doc.gov, or by mail to
U.S. Department of Commerce, IITF Secretariat, NTIA, Room 4892,
Washington, D.C., 20230.
For inquiries over the Internet to the IITF Gopher Server,
gopher, telnet (login = gopher), or anonymous ftp to
iitf.doc.gov. Access is also available over the World-Wide-Web.
Questions may be addressed to nii@ntia.doc.gov.
For access by modem, dial (202) 501-1920 and set modem
communication parameters at no parity, 8 data bits, and one stop
(N,8,1). Modem speeds of up to 14,400 baud are supported.
Sally Katzen
Administrator, Office of Information and Regulatory Affairs
Certified to be a true copy of the original by John B. Arthur,
Associate Director for Administration
Return to January 1995
Return to “Adam Shostack <adam@bwh.harvard.edu>”
1995-01-15 (Sun, 15 Jan 95 12:42:01 PST) - 2 announcements of possible interest - Adam Shostack <adam@bwh.harvard.edu>