Source
Automatically imported from: http://commons.somewhere.com:80/rre/1996/Internet.Privacy.and.Sec.html
Content
This web service brought to you by Somewhere.Com, LLC.
Internet Privacy and Security, Call for Papers
``` ---
This message was forwarded through the Red Rock Eater News Service (RRE). Send any replies to the original author, listed in the From: field below. You are welcome to send the message along to others but please do not use the "redirect" command. For information on RRE, including instructions for (un)subscribing, send an empty message to rre-help@weber.ucsd.edu
---
Date: Tue, 19 Mar 96 12:09:20 PST
From: RISKS List Owner
RISKS-LIST: Risks-Forum Digest Tuesday 19 March 1996 Volume 17 : Issue 91
---
Date: Fri, 15 Mar 1996 12:17:23 -0500
From: "Joseph M. Reagle Jr."
CALL FOR PAPERS INTERNET PRIVACY AND SECURITY WORKSHOP Haystack Observatory, MA May 20-21, 1996 Privacy and Security Working Group Federal Networking Council Research Program on Communications Policy Center for Technology, Policy, and Industrial Development Massachusetts Institute of Technology
INVITATION
The Privacy and Security Working Group (PSWG) of the Federal Networking Council (FNC) and the Research Program on Communications Policy of the Center for Technology, Policy, and Industrial Development at the Massachusetts Institute of Technology will hold an invitational workshop at the Haystack Observatory outside of Boston, MA, on May 20-21, 1996. This workshop is intended to bring Federal, academic and private sector participants together in collaboration to develop strategies and potential solutions related to Internet privacy and security.
Though a principal focus of the workshop will be on the Federal portion of the Internet, the FNC recognizes that the Federal Internet is tightly coupled with the Global Internet, whose security policies, practices, and goals are complementary to those of the Federal Government. To define those practices, procedures and goals, the PSWG has undertaken two major initiatives:
These initiatives are intended to highlight the critical interface between Federal and commercial users and developers of Internet services and technologies.
OBJECTIVES
This workshop will bring together principal players in the Federal and overall Internet community to discuss the problems and challenges of privacy and security on the Internet, and will:
SUBMISSIONS
Abstracts or complete paper drafts related to the topics listed above are welcome. Accepted papers will be a part of the published record of the workshop. All points of view on Federal policies affecting Internet privacy and security are welcome. Please make all electronic submissions in ASCII format.
For further information or to submit an abstract or paper contact:
Internet Security and Privacy Workshop c/o Joseph Reagle Research Program on Communications Policy Massachusetts Institute of Technology One Amherst St. (E40-218) Cambridge, MA 02139 Voice: (617) 253-4138. Fax: (617) 253-7326 papers@rpcp.mit.edu
SCHEDULE and DEADLINES
Call for papers - March 14, 1996 Abstracts Due - April 14, 1996 Invitations to Participants - April 20, 1996 Revised/Completed papers due - May 19, 1996 Workshop - May 20-21, 1996
PARTICIPANTS
Participation in the workshop is by invitation, based primarily on submitted papers and abstracts. Additional individuals may be invited to ensure that participation reflects a broad cross-section of the Internet community.
PROGRAM COMMITTEE
Dennis Branstad - Trusted Information Systems (TIS) Rich Pethia - Computer Emergency Response Team (CERT) Jeffrey Schiller - Massachusetts Institute of Technology (MIT) Richard Solomon - Massachusetts Institute of Technology (MIT) Rick Stevens - Department of Energy /Argonne National Labs (DOE)
STEERING COMMITTEE
Stephen Squires, DARPA (FNC/PSWG Co-Chair) Dennis Steinauer, NIST (FNC/PSWG Co-Chair) Tice DeYoung, NASA Phillip Dykstra, Army Research Laboratory (ARL) Mike Green, NSA George Seweryniak, Department of Energy (DOE) Walter Wiebe, Federal Networking Council (FNC) BACKGROUND
Federal Internet Security Plan: In September 1995, the PSWG published the
draft Federal Internet Security Plan (FISP). The FISP is oriented toward a
scalable, continual improvement process, based on common principles and
mechanisms compatible with Internet community values and needs. See
Action Items, from the FISP, to be addressed during the Workshop:
Internet Security Policy and Policy Support Activities- Establish overall Internet security policies- Address security in all Federally supported NII pilots- Coordinate Internet community involvement- Establish an ongoing Internet threat database and assessment capability- Identify legal and law enforcement issues
Internet Security and Technology Development- Develop an Internet security maturity model- Develop Internet security architecture- Enhance Internet security services and protocols- Develop a "Secure-Out-of-the-Box" endorsement- Enhance application security
Internet Security Infrastructure- Establish a set of Internet security interoperability testbeds- Support privacy, authentication, certificate, and security services pilots- Establish Internet security testing and evaluation capabilities- Improve security incident handling capabilities- Develop security self-assessment capabilities- Establish effective secure software and document distribution mechanisms
Education and Awareness- Compile Internet user and site profiles- Encourage use of available security technologies- Establish an Internet security information server- Establish an Internet security symposium/workshop series- Establish an Internet security fellowship program
Collaborations in Internet Security: With the Federal government's ever-increasing dependency on computers and distributed systems, there is great urgency for it to develop and employ enhanced information system security technologies and practices. At the same time, these Federal technologies must interoperate with those of the broader Internet community (encompassing the private and academic sectors, along with the Federal sector).
In recognition of these needs, the Federal Networking Council's Privacy & Security Working Group (FNC/PSWG) has been awarded a National Performance Review (NPR) Innovation Fund grant to compare and validate agency approaches to security. This Collaborations in Internet Security (CIS) project aims to test the strength of these technologies beyond individual agency networking environments, emphasizing the inter-agency and agency-commercial sector communications. The CIS will result in the development of a new and sustainable process for developing, integrating, and deploying security technology that is interoperable at all levels of the Federal Government and within the commercial and academic sectors.
The governing principles behind the Security Testbeds include: employment of an open process (with the activities and results open to participation and comment by both public and private sector participants); a focus on multivendor technologies; an emphasis on testing and experimentally deploying security technologies emerging from research and private sectors as well as security technologies currently in use in the commercial environment; and an underlying objective to ensure interoperability among the broad Internet community (federal, private, and academic). Initial tests will include demonstrations of Kerberos v.5, testing of single-use passwords, and digital signatures. For more information, please see (http://www.fnc.gov/cis_page.html)
---
Date: 18 March 1996 (LAST-MODIFIED) From: RISKS-request@csl.sri.com Subject: ABRIDGED info on RISKS (comp.risks)
The RISKS Forum is a moderated digest. Its USENET equivalent is comp.risks.
SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) on
your system, if possible and convenient for you. BITNET folks may use a
LISTSERV (e.g., LISTSERV@UGA): SUBSCRIBE RISKS or UNSUBSCRIBE RISKS. [...]
DIRECT REQUESTS to
CONTRIBUTIONS: to risks@csl.sri.com, with appropriate, substantive Subject:
line, otherwise they may be ignored. Must be relevant, sound, in good taste,
objective, cogent, coherent, concise, nonrepetitious, and without caveats
on distribution. Diversity is welcome, but not personal attacks. [...]
ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY.
Particularly relevant contributions may be adapted for the RISKS sections
of issues of ACM SIGSOFT Software Engineering Notes or SIGSAC Review.
* Submissions: By submitting an item that is accepted for publication
in RISKS, the author grants permission for unlimited public distribution
and redistribution in electronic or other form.* Reuse: Blanket permission is hereby granted for reuse of all materials
in RISKS, under the following conditions. All redistributed items must
include the Risks-Forum masthead line. All reuse must be accompanied by
the following statement:
Reused without explicit authorization under blanket permission
granted for all Risks-Forum Digest materials. The author(s), the
RISKS moderator, and the ACM have no connection with this reuse.
As a courtesy, reusers of individual items (as opposed to forwardings of
entire issues) should notify the authors, and should pay particular
attention to any subsequent corrections.RISKS ARCHIVES: "ftp ftp.sri.com
The ftp.sri.com site risks directory also contains the most recent PostScript copy of PGN's comprehensive historical summary of one liners: get illustrative.PS
PRIVACY: For info on the PRIVACY Forum Digest and Computer PRIVACY Digest, see the unabridged INFO file at RISKS-Request (send one-line message INFO to risks-request@CSL.sri.com as noted above).
---
End of RISKS-FORUM Digest 17.91
--- ```
This web service brought to you by Somewhere.Com, LLC.