CS1/05-0118

INCITS
InterNational Committee for Information Technology Standards
INCITS Secretariat, Information Technology Industry Council (ITI)
1250 Eye St. NW, Suite 200, Washington, DC 20005
Telephone 202-737-8888; Fax 202-638-4922

Date: September 13, 2005

Reply to: Michael Hogan

     Interim Convener, INCITS CS1

Phone: 301-975-2926

Email: m.hogan@nist.gov         


Third Draft Agenda for the Third Meeting of INCITS Technical Committee CS1, Cyber Security

Meeting Number 3
September 27-28, 2005 

Meeting times:

Tuesday, September 27, 2005

8:30 a.m. - 6:00 p.m.

Wednesday, September 28, 2005

8:00 a.m. - 6:00 p.m.


Location:

Information Technology Industry Council (ITI)
1250 Eye Street, NW
Suite 200 - Conference Room 2
Washington, DC 20005


Teleconference Information:

 

USA Toll Free Number:  800-369-1122
PASSCODE:  27219



Membership is open to all interested and materially affected parties.  

Voting rights are obtained in accordance with the INCITS procedures (see http://www.incits.org/rd2/main.htm). 

1.  Administrative

1.1 Call to Order (M. Hogan)

1.2 Introduction of Attendees (M. Hogan) 

1.3 Report on Membership (D. Benigni)

REF:

1.4 Appointment of Recording Secretary (M. Hogan)

1.5 INCITS Antitrust Guidelines

 

REF: http://www.incits.org/inatrust.htm

1.6 Document Distribution

1.7 Approval of Draft Minutes for CS1 Meeting # 1

 

          REF: CS1/05-0026


1.8 Approval of Draft Minutes for CS1 Meeting # 2

 

          REF: CS1/05-0062

2. Convener's Remarks (M. Hogan)

          REF: CS1/05-0095


3. Approval of Draft Agenda

            REF: CS1/05-0118

4. Status of Appointment of CS1 Officers (M. Hogan)

4.1 Appointment of Chair

REF:

4.2 Appointment of International Representative

            REF:

5. US TAG Assignments (M. Hogan)

REF: in050624

6. National

6.1 Project Proposals

6.1.1 For Action  - Project Proposal for Minimum Security Standard for Protecting Sensitive Data on Networked Computers  (A. Paller)

REF: CS1/05-0008 (project proposal), CS1/05-0031 (call for comments), CS1/05-0072 (NIST comments), CS1/05-0094 (X9F comments)


6.1.2 For Action  - Project Proposal for Role Based Access Control (RBAC) Profile for Health Care Applications  (R. Kuhn)

REF: CS1/05-0009 (project proposal), CS1/05-0032 (call for comments), CS1/05-0082 (revised project proposal)

6.1.3 For Action  - Project Proposal for Enterprise Dynamic Access Control (EDAC) (R. Kuhn)

REF: CS1/05-0011 (project proposal), CS1/05-0033 (call for comments)


6.2 Organizational Proposals

6.2.1 For Action  - Proposal for INCITS/CS1 to Establish a Task Group on Role Based Access Control (RBAC) (R. Kuhn)

REF: CS1/05-0010 (proposal), CS1/05-0034 (call for comments), CS1/05-0073 (RSA comments)

6.2.2 Using Task Groups to Progress a TC's Program of Work

REF: CS1/05-0020 (NIST), CS1/05-0035 (call for comments), CS1/05-0074 (RSA comments),  CS1/05-0077 (EWA comments)

7. International

 

7.1 ISO/IEC JTC 1/SC27 Working Group 1 Meeting - November 7-11, 2005 in Kuala Lumpur, Malaysia

7.1.1 For Action - Approval of US WG 1 Delegates' Instructions (F. Pattinson)

REF:

7.1.2 For Action - Approval of US Delegates (F. Pattinson)

           

            REF: SC 27 N4666 (meeting logistics)

7.2 ISO/IEC JTC 1/SC27 Working Group 2 Meeting - November 7-11, 2005 in Kuala Lumpur, Malaysia

7.2.1 For Action - Approval of US WG 2 Delegates' Instructions (D. Wallner)

REF:

7.2.2 For Action - Approval of US Delegates (D. Wallner)

           

            REF: SC 27 N4666 (meeting logistics)

7.3 ISO/IEC JTC 1/SC27 Working Group 3 Meeting - November 7-11, 2005 in Kuala Lumpur, Malaysia

7.3.1 For Action - Approval of US WG 3 Delegates' Instructions (S. Brand)

REF:

7.3.2 For Action - Approval of US Delegates  (S. Brand)

            REF: SC 27 N4666 (meeting logistics)

7.4 For Action - Recommendation of the Ad Hoc Group on 2nd WD 27004  (C. Kreitner)

REF: CS1/05-0064 (AHG meeting report), CS1/05-0071 (AHG recommended contribution), CS1/05-0036 (NIST SP 800-55), CS1/05-0079 (revised CISWG document), CS1/05-0080 (revised ISSEA document)

7.5 Approval of US National Body Votes and Contributions on SC 27 FCDs

7.5.1 For Action - FCD 18028-1, Information technology – Security techniques – IT Network security - Part 1: Network security management

REF: SC 27 N4462 (FCD), CS1/05-0099 (NIST comments)

7.5.2 For Action - FCD 18028-5, Information technology – Security techniques – IT Network security – Part 5: Securing communications across networks using Virtual Private Networks

REF: SC 27 N4468 (FCD), CS1/05-0100 (NIST comments)

7.5.3 For Action - FCD 18043, Information technology – Security techniques – Selection, deployment and operations of intrusion detection systems (IDS)

            REF: SC27 N4470rev1 (FCD), CS1/05-0083 (Zygma comments), CS1/05-0101 (NIST comments),CS1/05-0105 
            (NSA comments)

7.5.4 For Action - FCD 14888-3, Information technology - Security techniques - Digital signatures with appendix - Part 3: Discrete logarithm based mechanisms

            REF: SC 27 N4523  (FCD), CS1/05-0102 (NSA comments)

7.6 Approval of US National Body Votes and Contributions on SC 27 CDs

7.6.1 For Action - 1st CD 14888-1, Information technology – Security techniques – Digital signatures with appendix – Part 1: General Project: 14888-1 (revision)

            REF: SC 27 N4519  (CD), CS1/05-0103 (NSA comments)

7.7 Approval of US National Body Votes and Contributions on SC 27 WDs

7.7.1 For Action - Request for Comments, Text for ISO/IEC 1st WD 24745 - Information technology - Security techniques – Biometric template protection

            REF: SC 27 N4545 (WD)

7.7.2 For Action - Request for Comments, Text for ISO/IEC 4th WD 19792 - Information technology - Security techniques - A framework for security evaluation and testing of biometric technology

            REF: SC 27 N4499 (WD), CS1/05-0117 (Griffin Consulting Comments)

7.7.3 For Action - Request for Comments, Text for ISO/IEC 1st WD 18014-1 - Information technology - Security techniques - Time-stamping services - Part 1: Framework

            REF: SC 27 N4537 (WD), CS1/05-0104 (NSA comments)

7.7.4 For Action - Request for Comments, Text for ISO/IEC 1st WD 15946-1 - Information technology - Security techniques – Cryptographic techniques based on elliptic curves – Part 1: General

            REF: SC 27 N4535 (WD)

7.7.5 For Action - Request for comments, Text for ISO/IEC 1st WD 24761 - Information technology - Security techniques - Biometric authentication context (BAC)

            REF: SC 27 N4547 (WD), CS1/05-0109 (Griffin Consulting comments), CS1/05-0110 (Griffin
            Consulting comments),  CS1/05-0111 (Griffin Consulting comments), CS1/05-0113 (Griffin Consulting
            comments), CS1/05-0114 (Griffin Consulting comments)

7.8 Approval of Recommended US National Body Votes on ISO/IEC FDISs and FDAMs

7.8.1 For Action - ISO/IEC Final DIS 19790 Information technology - Security techniques - Security requirements for cryptographic modules

            REF: SC 27 N4497rev1 (FDIS text)

7.8.2 For Action - Text for ISO/IEC Final DAM to 10118-3:2004 (3rd edition)
Information technology - Security techniques - Hash-functions - Part 3: Dedicated hash-functions - AMENDMENT 1

            REF: SC 27 N4525 (FDAM text)

7.9 For Action - Request for comments, TC68/SC 2/WG 10 contribution to JTC 1/SC 27 on Text for ISO/DIS 19092-1 - Financial Services - Biometrics - Part 1: Security framework SOURCE: JTC 1/SC 27 Liaison Officer to TC 68/SC/2

            REF: SC 27 N4654 (text), CS1/05-0108 (Griffin Consulting comments)

7.10 WG 2 Experts Review and Comments of 15444-8: Information technology -- JPEG 2000 image coding system: Secure JPEG 2000

 

REF: SC27 N4652 (text)


7.11 US NB Contributions in Support of Recently Approved SC 27 NPs

 

7.11.1 For Action  - New work item on Information security management system implementation guidance

 

REF: SC27 N4478 (NP Ballot), CS1/05-0106 (NIST SP 800-37), CS1/05-0116 (CIS Contribution), CS1/05-0098 (CIS Contribution)

 

7.11.2 For Action - Proposal for a new work item on Guidelines for information and communications technology disaster recovery services

 

REF: SC27 N4479 (NP Ballot)

 

7.11.3 For Action - Proposal for a new work item on Biometric authentication context

 

            REF: SC27 N4574rev1 (NP Ballot)

 

 

7.11.4 For Action - Proposal for a new work item on Test requirements for cryptographic modules

 

            REF: SC27 N4479 (NP Ballot)

 

 

7.11.5 For Action - Proposal for a new work item on A framework for identity management

 

            REF: SC27 N4581 (NP Ballot)


7.12 Briefing on ISSEA and its Work within SC27 (N. Bartol)

REF: CS1/05-0081 (ISSEA Overview)

7.13 Contribution on the Establishment of a New JTC 1 Subcommittee on Privacy Technology

            REF: JTC 1 N7898 (Contribution to JTC1 for Information), CS1/05-0096 (JTC 1  Secretariat)


8. Liaisons Activities (M. Hogan)

8.1 Open Group (E. Kuiper)

REF:

8.2 For Action - Establishing Liaison with IEEE Project 1700 - Standard for Information System Security Assurance Architecture


         REF: CS1/05-0013 (presentation at CS1 Meeting # 1)

 8.3 For Action - Establishing Liaison with INCITS M1 (M. Hogan)

            REF: CS1/05-0017 (Request for Liaison)


 8.4 For Action - Establishing Liaison with X9F (S. Brand)

REF:

 

8.5 For Action - Clarification of CS1 Program of Work with Respect to INCITS T10 & T11

 

REF: CS1/05-0006 (T11 and T10 Work in Security)



 8.6 ANSI Homeland Security Standards Panel (HSSP) (M. Hogan)

            REF: CS1/05-0075 (ANSI HSSP draft agenda - Fourth Plenary Meeting September 29-30, 2005)

9. New Business


9.1 Contribution on International voting rules for CS1
 
            REF: CS1/05-0115 (HP Contribution)

10. Future Meetings

            REF: CS1/05-00107 (M. Hogan)

11. Review of Action Items from This Meeting

12. Adjournment