[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Call for Papers: Internet Privacy and Security
Sorry if this has been on here before.
-Allen
From: Phil Agre <[email protected]>
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
This message was forwarded through the Red Rock Eater News Service (RRE).
Send any replies to the original author, listed in the From: field below.
You are welcome to send the message along to others but please do not use
the "redirect" command. For information on RRE, including instructions
for (un)subscribing, send an empty message to [email protected]
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Date: Tue, 19 Mar 96 12:09:20 PST
From: RISKS List Owner <[email protected]>
Subject: RISKS DIGEST 17.91
RISKS-LIST: Risks-Forum Digest Tuesday 19 March 1996 Volume 17 : Issue 91
----------------------------------------------------------------------
Date: Fri, 15 Mar 1996 12:17:23 -0500
From: "Joseph M. Reagle Jr." <[email protected]>
Subject: Internet Privacy and Security, Call for Papers
CALL FOR PAPERS
INTERNET PRIVACY AND SECURITY WORKSHOP
Haystack Observatory, MA
May 20-21, 1996
Privacy and Security Working Group
Federal Networking Council
Research Program on Communications Policy
Center for Technology, Policy, and Industrial Development
Massachusetts Institute of Technology
INVITATION
The Privacy and Security Working Group (PSWG) of the Federal Networking
Council (FNC) and the Research Program on Communications Policy of the
Center for Technology, Policy, and Industrial Development at the
Massachusetts Institute of Technology will hold an invitational workshop at
the Haystack Observatory outside of Boston, MA, on May 20-21, 1996. This
workshop is intended to bring Federal, academic and private sector
participants together in collaboration to develop strategies and potential
solutions related to Internet privacy and security.
Though a principal focus of the workshop will be on the Federal portion of
the Internet, the FNC recognizes that the Federal Internet is tightly
coupled with the Global Internet, whose security policies, practices, and
goals are complementary to those of the Federal Government. To define those
practices, procedures and goals, the PSWG has undertaken two major
initiatives:
- The Federal Internet Security Plan (FISP), which was developed as a
scalable, continual improvement process, based on common principles
and mechanisms compatible with Internet community values and needs; and
- The Collaborations in Internet Security (CIS) project, an effort aimed
at testing the strength of agency approaches to security and moving these
technologies beyond individual agency networking environments and into
both inter-agency and agency-commercial sector communications. The CIS
will result in the development of a new and sustainable process for
developing, integrating, and deploying security technologies that are
interoperable at all levels of the Federal government and within the
commercial and academic sectors.
These initiatives are intended to highlight the critical interface between
Federal and commercial users and developers of Internet services and
technologies.
OBJECTIVES
This workshop will bring together principal players in the Federal
and overall Internet community to discuss the problems and
challenges of privacy and security on the Internet, and will:
- Identify critical issues, requirements, and recommendations related
to future Internet privacy and security research and development efforts;
- Describe "best practice" approaches to Internet privacy and security;
- Develop specific strategies for implementing Internet Security programs
involving all sectors of the Internet community;
- Extend the Federal Internet Security Plan (FISP) by defining specific
implementations; and finally,
- Develop specific strategies for the migration of technologies from the
individual RFC unit test stage to the integration of a complete functional
managed system in the CIS test/demonstration/pilot projects.
SUBMISSIONS
Abstracts or complete paper drafts related to the topics listed
above are welcome. Accepted papers will be a part of the published
record of the workshop. All points of view on Federal policies
affecting Internet privacy and security are welcome. Please make
all electronic submissions in ASCII format.
For further information or to submit an abstract or paper contact:
Internet Security and Privacy Workshop c/o Joseph Reagle
Research Program on Communications Policy
Massachusetts Institute of Technology
One Amherst St. (E40-218)
Cambridge, MA 02139
Voice: (617) 253-4138.
Fax: (617) 253-7326
[email protected]
SCHEDULE and DEADLINES
Call for papers - March 14, 1996
Abstracts Due - April 14, 1996
Invitations to Participants - April 20, 1996
Revised/Completed papers due - May 19, 1996
Workshop - May 20-21, 1996
PARTICIPANTS
Participation in the workshop is by invitation, based primarily on
submitted papers and abstracts. Additional individuals may be
invited to ensure that participation reflects a broad cross-section
of the Internet community.
PROGRAM COMMITTEE
Dennis Branstad - Trusted Information Systems (TIS)
Rich Pethia - Computer Emergency Response Team (CERT)
Jeffrey Schiller - Massachusetts Institute of Technology (MIT)
Richard Solomon - Massachusetts Institute of Technology (MIT)
Rick Stevens - Department of Energy /Argonne National Labs (DOE)
STEERING COMMITTEE
Stephen Squires, DARPA (FNC/PSWG Co-Chair)
Dennis Steinauer, NIST (FNC/PSWG Co-Chair)
Tice DeYoung, NASA
Phillip Dykstra, Army Research Laboratory (ARL)
Mike Green, NSA
George Seweryniak, Department of Energy (DOE)
Walter Wiebe, Federal Networking Council (FNC)
BACKGROUND
Federal Internet Security Plan: In September 1995, the PSWG published the
draft Federal Internet Security Plan (FISP). The FISP is oriented toward a
scalable, continual improvement process, based on common principles and
mechanisms compatible with Internet community values and needs. See
<http://www.fnc.gov/SWG.html>. The plan addresses Internet security
requirements, including interoperability, from the perspective of the goals
and objectives outlined in the National Performance Review (NPR),
http://www.npr.gov/. The Federal Networking Council developed this
framework in conjunction with its Advisory Committee which represents
industry, academia, and non-profit sectors.
Action Items, from the FISP, to be addressed during the Workshop:
Internet Security Policy and Policy Support Activities
* Establish overall Internet security policies
* Address security in all Federally supported NII pilots
* Coordinate Internet community involvement
* Establish an ongoing Internet threat database and assessment capability
* Identify legal and law enforcement issues
Internet Security and Technology Development
* Develop an Internet security maturity model
* Develop Internet security architecture
* Enhance Internet security services and protocols
* Develop a "Secure-Out-of-the-Box" endorsement
* Enhance application security
Internet Security Infrastructure
* Establish a set of Internet security interoperability testbeds
* Support privacy, authentication, certificate, and security services pilots
* Establish Internet security testing and evaluation capabilities
* Improve security incident handling capabilities
* Develop security self-assessment capabilities
* Establish effective secure software and document distribution mechanisms
Education and Awareness
* Compile Internet user and site profiles
* Encourage use of available security technologies
* Establish an Internet security information server
* Establish an Internet security symposium/workshop series
* Establish an Internet security fellowship program
Collaborations in Internet Security: With the Federal government's
ever-increasing dependency on computers and distributed systems, there is
great urgency for it to develop and employ enhanced information system
security technologies and practices. At the same time, these Federal
technologies must interoperate with those of the broader Internet community
(encompassing the private and academic sectors, along with the Federal
sector).
In recognition of these needs, the Federal Networking Council's Privacy &
Security Working Group (FNC/PSWG) has been awarded a National Performance
Review (NPR) Innovation Fund grant to compare and validate agency approaches
to security. This Collaborations in Internet Security (CIS) project aims to
test the strength of these technologies beyond individual agency networking
environments, emphasizing the inter-agency and agency-commercial sector
communications. The CIS will result in the development of a new and
sustainable process for developing, integrating, and deploying security
technology that is interoperable at all levels of the Federal Government and
within the commercial and academic sectors.
The governing principles behind the Security Testbeds include: employment of
an open process (with the activities and results open to participation and
comment by both public and private sector participants); a focus on
multivendor technologies; an emphasis on testing and experimentally
deploying security technologies emerging from research and private sectors
as well as security technologies currently in use in the commercial
environment; and an underlying objective to ensure interoperability among
the broad Internet community (federal, private, and academic). Initial tests
will include demonstrations of Kerberos v.5, testing of single-use
passwords, and digital signatures. For more information, please see
(http://www.fnc.gov/cis_page.html)