From: rah@shipwright.com (Robert Hettinga)
To: cypherpunks@toad.com
Message Hash: 6261e261906b9d5f31262a76c9d070f725230f73f8793e9600a646cc5540c629
Message ID: <v02120d0dad6f673ddcdc@[199.0.65.105]>
Reply To: N/A
UTC Datetime: 1996-03-16 18:13:03 UTC
Raw Date: Sun, 17 Mar 1996 02:13:03 +0800
From: rah@shipwright.com (Robert Hettinga)
Date: Sun, 17 Mar 1996 02:13:03 +0800
To: cypherpunks@toad.com
Subject: Internet Security Worskhop Call for Papers
Message-ID: <v02120d0dad6f673ddcdc@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain
--- begin forwarded text
X-Sender: reagle@rpcp.mit.edu
Mime-Version: 1.0
Date: Fri, 15 Mar 1996 13:17:08 -0500
To: (Recipient list suppressed)
From: "Joseph M. Reagle Jr." <reagle@mit.edu>
Subject: Internet Security Worskhop Call for Papers
------- Forwarded Message
From: papers@rpcp.mit.edu (Richard J. Solomon)
Date: Fri, 15 Mar 1996 12:17:23 -0500
To: {Recipient List Suppressed}
Cc: reagle@rpcp.mit.edu, execdir@fnc.gov
Reply-To: papers@rpcp.mit.edu
Subject: Internet Security Call for Papers
CALL FOR PAPERS
INTERNET PRIVACY AND SECURITY WORKSHOP
Haystack Observatory, MA
May 20-21, 1996
Privacy and Security Working Group
Federal Networking Council
Research Program on Communications Policy
Center for Technology, Policy, and Industrial Development
Massachusetts Institute of Technology
INVITATION
The Privacy and Security Working Group (PSWG) of the Federal
Networking Council (FNC) and the Research Program on Communications
Policy of the Center for Technology, Policy, and Industrial
Development at the Massachusetts Institute of Technology will
hold an invitational workshop at the Haystack Observatory outside
of Boston, MA, on May 20-21, 1996. This workshop is intended to bring
Federal, academic and private sector participants together in
collaboration to develop strategies and potential solutions related
to Internet privacy and security.
Though a principal focus of the workshop will be on the Federal
portion of the Internet, the FNC recognizes that the Federal
Internet is tightly coupled with the Global Internet, whose security
policies, practices, and goals are complementary to those of the
Federal Government. To define those practices, procedures and goals,
the PSWG has undertaken two major initiatives:
- The Federal Internet Security Plan (FISP), which was
developed as a scalable, continual improvement process, based on
common principles and mechanisms compatible with Internet community
values and needs; and
- The Collaborations in Internet Security (CIS) project, an
effort aimed at testing the strength of agency approaches to
security and moving these technologies beyond individual agency
networking environments and into both inter-agency and
agency-commercial sector communications. The CIS will result in the
development of a new and sustainable process for developing,
integrating, and deploying security technologies that are
interoperable at all levels of the Federal government and within the
commercial and academic sectors.
These initiatives are intended to highlight the critical interface
between Federal and commercial users and developers of Internet
services and technologies.
OBJECTIVES
This workshop will bring together principal players in the Federal
and overall Internet community to discuss the problems and
challenges of privacy and security on the Internet, and will:
- Identify critical issues, requirements, and recommendations
related to future Internet privacy and security research and
development efforts;
- Describe "best practice" approaches to Internet privacy and
security;
- Develop specific strategies for implementing Internet
Security programs involving all sectors of the Internet community;
- Extend the Federal Internet Security Plan (FISP) by
defining specific implementations; and finally,
- Develop specific strategies for the migration of
technologies from the individual RFC unit test stage to the
integration of a complete functional managed system in the CIS
test/demonstration/pilot projects.
SUBMISSIONS
Abstracts or complete paper drafts related to the topics listed
above are welcome. Accepted papers will be a part of the published
record of the workshop. All points of view on Federal policies
affecting Internet privacy and security are welcome. Please make
all electronic submissions in ASCII format.
For further information or to submit an abstract or paper contact:
Internet Security and Privacy Workshop c/o Joseph Reagle
Research Program on Communications Policy
Massachusetts Institute of Technology
One Amherst St. (E40-218)
Cambridge, MA 02139
Voice: (617) 253-4138.
Fax: (617) 253-7326
papers@rpcp.mit.edu
SCHEDULE and DEADLINES
Call for papers - March 14, 1996
Abstracts Due - April 14, 1996
Invitations to Participants - April 20, 1996
Revised/Completed papers due - May 19, 1996
Workshop - May 20-21, 1996
PARTICIPANTS
Participation in the workshop is by invitation, based primarily on
submitted papers and abstracts. Additional individuals may be
invited to ensure that participation reflects a broad cross-section
of the Internet community.
PROGRAM COMMITTEE
Dennis Branstad - Trusted Information Systems (TIS)
Rich Pethia - Computer Emergency Response Team (CERT)
Jeffrey Schiller - Massachusetts Institute of Technology (MIT)
Richard Solomon - Massachusetts Institute of Technology (MIT)
Rick Stevens - Department of Energy /Argonne National Labs (DOE)
STEERING COMMITTEE
Stephen Squires, Defense Advanced Research Projects Agency
(FNC/PSWG Co-Chair)
Dennis Steinauer, National Institute of Standards and Technology
(FNC/PSWG Co-Chair)
Tice DeYoung, National Aeronautics and Space Administration (NASA)
Phillip Dykstra, Army Research Laboratory (ARL)
Mike Green, National Security Agency (NSA)
George Seweryniak, Department of Energy (DOE)
Walter Wiebe, Federal Networking Council (FNC)
*********************
BACKGROUND
Federal Internet Security Plan: In September 1995, the PSWG
published the draft Federal Internet Security Plan (FISP). The FISP
is oriented toward a scalable, continual improvement process, based
on common principles and mechanisms compatible with Internet
community values and needs. See <http://www.fnc.gov/SWG.html>. The
plan addresses Internet security requirements, including
interoperability, from the perspective of the goals and objectives
outlined in the National Performance Review (NPR),
http://www.npr.gov/. The Federal Networking Council developed
this framework in conjunction with its Advisory Committee which
represents industry, academia, and non-profit sectors.
Action Items, from the FISP, to be addressed during the Workshop:
Internet Security Policy and Policy Support Activities
* Establish overall Internet security policies
* Address security in all Federally supported NII pilots
* Coordinate Internet community involvement
* Establish an ongoing Internet threat database and assessment
capability
* Identify legal and law enforcement issues
Internet Security and Technology Development
* Develop an Internet security maturity model
* Develop Internet security architecture
* Enhance Internet security services and protocols
* Develop a "Secure-Out-of-the-Box" endorsement
* Enhance application security
Internet Security Infrastructure
* Establish a set of Internet security interoperability testbeds
* Support privacy, authentication, certificate, and security
services pilots
* Establish Internet security testing and evaluation capabilities
* Improve security incident handling capabilities
* Develop security self-assessment capabilities
* Establish effective secure software and document distribution
mechanisms
Education and Awareness
* Compile Internet user and site profiles
* Encourage use of available security technologies
* Establish an Internet security information server
* Establish an Internet security symposium/workshop series
* Establish an Internet security fellowship program
Collaborations in Internet Security: With the Federal government's
ever-increasing dependency on computers and distributed systems,
there is great urgency for it to develop and employ enhanced
information system security technologies and practices. At the same
time, these Federal technologies must interoperate with those of the
broader Internet community (encompassing the private and academic
sectors, along with the Federal sector).
In recognition of these needs, the Federal Networking Council's
Privacy & Security Working Group (FNC/PSWG) has been awarded a
National Performance Review (NPR) Innovation Fund grant to compare
and validate agency approaches to security. This Collaborations in
Internet Security (CIS) project aims to test the strength of these
technologies beyond individual agency networking environments,
emphasizing the inter-agency and agency-commercial sector
communications. The CIS will result in the development of a new and
sustainable process for developing, integrating, and deploying
security technology that is interoperable at all levels of the
Federal Government and within the commercial and academic sectors.
The governing principles behind the Security Testbeds include:
employment of an open process (with the activities and results open
to participation and comment by both public and private sector
participants); a focus on multivendor technologies; an emphasis on
testing and experimentally deploying security technologies emerging
from research and private sectors as well as security technologies
currently in use in the commercial environment; and an underlying
objective to ensure interoperability among the broad Internet
community (federal, private, and academic). Initial tests will
include demonstrations of Kerberos v.5, testing of single-use
passwords, and digital signatures. For more information, please see
(http://www.fnc.gov/cis_page.html)
--- end forwarded text
-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://thumper.vmeng.com/pub/rah/
Return to March 1996
Return to “rah@shipwright.com (Robert Hettinga)”
1996-03-16 (Sun, 17 Mar 1996 02:13:03 +0800) - Internet Security Worskhop Call for Papers - rah@shipwright.com (Robert Hettinga)