| Thread Links | Date Links | ||||
|---|---|---|---|---|---|
| Thread Prev | Thread Next | Thread Index | Date Prev | Date Next | Date Index |
Gentle People,
Members of the IASC (C/IA) have unanimously elected a chair and vice chair to begin their two-year period of office on July 4th. A list of members is appended.
The new officers are Jim Hughes/Huawei Technologies, IASC Chair, and Eric Hibbard/Hitachi Data Systems, IASC Vice Chair. Jim Hughes’ web page is http://www.cryptoclarity.com/James_P_Hughes/James_P_Hughes.html. A short summary of Eric Hibbard’s background is attached. Jim was the founding chair of P1619, and Eric is vice chair of P1619.
I will remain a member of IASC and chair of the Information System Security Assurance Architecture (ISSAA, P1700) Working Group, and may seek a position as an IASC officer again in two years.
IASC has accomplished a great deal, and a short list of recent highlights is appended. Many individuals in the IASC working groups deserve awards for incredibly great achievements, and work to get these awards will proceed.
Very respectfully, Jack
Scope of the IASC (Contained in Procedures)
http://standards.ieee.org/board/aud/C-IA.pdf
IASC Working Groups
P1700 – Information System Security Assurance Architecture WG
P2200 – Baseline Operating System Security WG
P1667 – Dynamically Attached Devices and Device Interfaces WG
P2600 – Hardcopy Device and System Security WG
P1619 – Security in Storage WG
Recent Highlights of the Working Groups
IEEE 1667, “Standard Protocol for Authentication in Host Attachments of Transient Storage Devices” was approved and published in 2007, and work immediately began on a revision to incorporate more features. This revision is in ballot now with closing July 5. In November 2008 Microsoft announced that Windows 7 will adhere to IEEE 1667. This of course affects data at rest devices like USB Flash Drives, but also all other portable devices with removable storage.
IEEE P2600.1, "Standard for a Protection Profile in Operational Environment A", concerns hardcopy devices in restrictive commercial information processing environments that need a relatively high level of document security, operational accountability and information assurance. Approved by IEEE in May 2009, this standard was published in June 2009, with NIAP accepting it as a validated PP at the same time (see http://www.niap-ccevs.org/cc-scheme/pp/).
In May 2009, NIST accepted the XTS-AES encryption algorithm (as defined by IEEE 1619) as an Approved Mode of Operation for encryption of sensitive U.S. government information. NIST will produce a new document (SP 800-38) referencing IEEE 1619-2007: "Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices".
In development, but not ballot is IEEE 1700, Standard for Information System Security Assurance Architecture. This is a standard that will become an umbrella for associated standards based on NIST guidance written to satisfy their requirements under the Federal Information Security Management Act (FISMA), but the IEEE standard targets the private sector, describing a risk management framework based on NIST Special Publications and IPS Publications.
Members of IASC
Matt Ball, SUN (P1619 Chair)
James Borden, Microsoft (P1667 Chair)
Jack Cole, US Army Research Laboratory (IASC Chair, P1700 Chair)
Stephen Wolthusen, Royal Holloway, University of London
Don Wright, Lexmark (P2600 Chair)
Yuliang Zheng, UNCC
IASC members are working group chairs, whose membership has been automatic. Drs Stephen Wolthusen and Yuliang Zheng are founding members of IASC and the Task Force on IA.
Attachment:
Eric_Hibbard-Summary.090428.docx
Description: application/vnd.openxmlformats-officedocument.wordprocessingml.document