Search CSRC

This workshop explores innovative and practical applications of pairing-based cryptography. Pairings have been used to create identity-based encryption schemes, but are also a useful tool for solving other cryptographic problems. We hope to encourage the development of new security applications and communication between researchers, developers and users.   Tuesday, June 3, 2008 8:00 am Bus departs Gaithersburg Holiday Inn for NIST 8:30 am - 9:00 am Registration and Continental Breakfast (Sponsored by Trend Micro) 9:00 am - 9:15 am...

(All presentations in .pdf format unless otherwise specified.) Federal Register Notice Announcing Meeting Minutes Wednesday, December 3, 2008 OMB Update Mike Howell, OMB NRC CSTB Report Briefing Herb Lin, NRC CSTB   Thursday, December 4, 2008 ISC2 Software Credentialing Lynn McNulty, Board Member Howard Schmidt, Board Member Metrics & FISMA 08 Board Discussion with GAO Gregory Wilshusen, GAO SCADA Security Sean McGurk, Director of Control Systems Security Program, DHS Lynn McNulty, Board Member Threat Analysis, IC to Civilian Matt Stern, GenDynamics Program Manager to USCERT...

(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes VA Data Breach Follow-Up Adair Martinez, Deputy Assistant Secretary for Information Protection and Risk Management, Department of Veterans Affairs NIST Cryptographic Hash Competition Bill Burr, Computer Security Division, NIST Near Real Time Risk Management Transforming the Certification and Accreditation Process  Dr. Ron Ross, Computer Security Division, NIST Privacy and Security Challenges in the Information Age  John Lee, E-Government and IT, Office of Management and Budget   If you have any...

(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes DHS Cyber Security Center Activities Brief -- Cyber History, Future and Questions Rod Beckstrom, Director, Department of Homeland Security NIST Computer Security Division (CSD) Briefing Donna Dodson, NIST Deputy Cyber Security Advisor and Computer Security Division, Deputy Division Chief, NIST FISMA  Erik Hopkins, Professional Staff Member Senate Committee on Homeland Security and Governmental Affairs Subcommittee on Federal Financial Management, Government Information, Federal Services, and...

A CKM Workshop was held at NIST on June 8-9, 2009. Approximately 100 people participated in the Workshop at NIST on-site and approximately 90 people participated via a Webcast service. The program consisted of five keynote speakers addressing various aspects of future electronic communications, computing, and cryptography. Another twenty-five speakers addressed various technical aspects of current and future key management systems, including key management policies, algorithms, distribution methods, and user control software interfaces. Workshop Agenda and Presentations Cryptographic Key...

On October 13-14, NIST sponsored an End-to-End Voting System Workshop designed to bring together researchers in cryptography, security, and usability and election practitioners including election officials and voting system manufacturers to explore the security and usability properties of this type of innovative voting system. Keynote talks described the fundamental notation of end-to-end voting systems and a State and election official’s perspective on innovative voting systems. A tutorial on how end-to-end voting systems work provided a common background for the workshop participants. A...

Presentations & Speakers at a Glance: Measure More, Spend Less on the Way to Better Security – John Streufert, U.S. Department of State. NOTE:  FORUM MEETINGS ARE OPEN TO ONLY FEDERAL/STATE EMPLOYEES, HIGHER EDUCATION EMPLOYEES, AND THEIR DESIGNATED SUPPORT CONTRACTORS.  REGISTRANTS MUST USE A .GOV, .EDU, OR .MIL ADDRESS FOR SIGN-UP.  SUPPORT CONTRACTORS MUST INDICATE THE AGENCY OR ORGANIZATION THEY SUPPORT.  The Federal Computer Security Program Managers Forum (the "Forum") is an informal group sponsored by the National Institute of Standards and Technology (NIST) to promote the...

The purpose of the SHA-3 Conference was to allow the submitters of the first round candidates to present their algorithms, and for NIST to discuss the way forward with the competition. Selected NIST Presentations: System Priorities, Donna Dodson NIST’s views on SHA-3’s security requirements and Evaluation of attacks, Mridul Nandi NIST's Plan for Handling Tunable Paramters, Souradyuti Paul The Way Forward, Bill Burr

The purpose of the 3-day workshop is to provide a high-level tutorial of the six part standard, ISO/IEC 24727 - Identification cards – Integrated circuit card programming interfaces, a multi-part standard for interoperable identification, authentication, and signature services for credentials and applications. The workshop will also provide sessions on the use of ISO/IEC 24727 to include an overview of NIST IR 7611, Use of ISO/IEC 24727 -- Service Access Layer Interface for Identity (SALII): Support for Development and use of Interoperable Identity Credentials, which describes ISO/IEC 24727...

(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes Wednesday, April 1 Consensus Audit Guidelines John Gilligan, Gilligan Group, Inc. DNS Sec Report Fiona Alexander, NTIA Tim Polk, NIST Thursday, April 2 NIST Computer Security Division - Update Donna Dodson, NIST Identity Management Framework Alex Popowycz, Board Member Supply Chain Risk Management Marianne Swanson, Computer Security Division, NIST Supply Chain Risk Management Hart Rossman, SAIC Friday, April 3 FISMA – What’s happening on the Hill? Erik Hopkins, Professional Staff Member Senate...

(All presentations in .pdf format.) Federal Register Notice (None Provided for this Meeting) Minutes (None Provided) Wednesday, December 2, 2009 Cloud Computing and the US Government Trusted Internet Connection (TIC) Program Peter Tseronis, Senior Advisor, DOE Peter Mell, NIST Lisa Schlosser, Board Member Health IT Ashley Corbin, CMS/OIS Jodi Daniel, ONC/HHS Gail Belles, VA Kitt Winter, HIT/SSA Jaren Doherty, Board Member Smart Grid Jules Polonetsky, Future of Privacy Forum Dave Dalva, CISCO Lynn McNulty, Board Member Thursday, December 3, 2009 Research and Development for Secure...

(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes Wednesday, July 29 TIC External Connections Sean Donelan, Program Manager, Network and Infrastructure Security, DHS Data.Gov Panel Patrick Stingley, Chief Technology Officer, BLM, DOI Mary Ellen Condon, Principle, Assurance & Resilience, Booz Allen Hamilton Frank Reeder, President, The Reeder Group Thursday, July 30, 2009 CNSS/IC/DOD/NIST Harmonization (SP 800-53, Rev 3) Ron Ross, Project Leader, FISMA Implementation Project, Computer Security Division, NIST Jennifer Fabius Greene, IC CIO IA Senior...

Information Security and Privacy Advisory Board (ISPAB) October 2009 Meeting

NIST and the National Security Agency (NSA) co-hosted the Privilege Management Workshop at NIST in Gaithersburg, Maryland, on September 1-3, 2009. Workshop Results NISTIR 7665, Proceedings of the Privilege Management Workshop, September 1-3, 2009 NISTIR 7657, A Report on the Privilege (Access) Management Workshop  Workshop Materials Vision Statement for the Workshop Risk-Adaptable Access Control (RAdAC) A Survey of Access Control Models Presentations   Tuesday, September 1 Opening Remarks from NIST Ms. Donna Dodson NIST Workshop Overview Ms. Sandi Roddy, NSA Privilege...

To discuss challenges, tips, and techniques for implementing the requirements of the HIPAA Security Rule, with particular focus on strategies for assessing the effectiveness of implemented security controls to support compliance and audit, as well as an organization’s overarching risk management program. HIPAA 2009 Presentations All Powerpoint presentations have been converted to PDF format. Day 1 - Monday, May 18: Keynote Presentation Julie Boughn - CIO and Director, Office of Information Services (OIS), Centers for Medicare and Medicaid Services (CMS) CMS Security Compliance Review...

On Thursday, May 20, 2010, NIST held a 1-day forum & workshop on Cloud Computing. The purpose of this forum & workshop -- The Federal Chief Information Officer is charged with improving performance and lowering the cost of government operations by leveraging cloud computing. The Federal CIO has asked the National Institute of Standards and Technology (NIST) to lead federal efforts on standards for data portability, cloud interoperability, and security. NIST's mission, as a non-regulatory federal agency within the U.S. Department of Commerce, is to promote U.S. innovation and industrial...

NIST was in the process of developing a DRAFT Special Publication on the Cryptographic Key Management Design Framework. The draft was scheduled for release for an initial public comment period in June 2010. The development of the document was discussed at this workshop and included preliminary discussions about a U.S. government profile of the design framework document. The format of the workshop included general sessions on Monday morning and Tuesday afternoon, and two breakout sessions on Monday afternoon and Tuesday morning. Full Workshop Details

The Governor of Maryland, Martin O’Malley, hosted a Cyber Maryland Summit at NIST on January 11, 2010. The purpose of the CyberMaryland Summit was to: Release an inaugural Cyber Security Report and unveil the Maryland State’s action plan to increase Maryland jobs; Acknowledge partners and industry leaders; Communicate State assets and economic impact; Recognize Congressional delegation; and Connect with NIST Director and employees. Summit Content Welcome / Opening Statement Webcast recording Presentations Scroll to bottom of this page for links to Selected Presentations...

Presentations & Speakers at a Glance: An Enterprise Continuous Monitoring Technical Reference Architecture, Peter Mell, NIST; and  Information Security Continuous Monitoring (Ongoing Monitoring in Support of Organizational Risk Management), NIST SP 800-137, Arnold Johnson, NIST.  NOTE:  FORUM MEETINGS ARE OPEN TO ONLY FEDERAL/STATE EMPLOYEES, HIGHER EDUCATION EMPLOYEES, AND THEIR DESIGNATED SUPPORT CONTRACTORS.  REGISTRANTS MUST USE A .GOV, .EDU, OR .MIL ADDRESS FOR SIGN-UP.  SUPPORT CONTRACTORS MUST INDICATE THE AGENCY OR ORGANIZATION THEY SUPPORT.  The Federal Computer Security...

Presentations & Speakers at a Glance: Federal Virtual Training Environment (FedVTE) & Federal Cybersecurity Training Exercise (FedCTE), Benjamin Scribner, DHS; and  Supply Chain Risk Management, Marianne Swanson. NOTE:  FORUM MEETINGS ARE OPEN TO ONLY FEDERAL/STATE EMPLOYEES, HIGHER EDUCATION EMPLOYEES, AND THEIR DESIGNATED SUPPORT CONTRACTORS.  REGISTRANTS MUST USE A .GOV, .EDU, OR .MIL ADDRESS FOR SIGN-UP.  SUPPORT CONTRACTORS MUST INDICATE THE AGENCY OR ORGANIZATION THEY SUPPORT.  The Federal Computer Security Program Managers Forum (the "Forum") is an informal group sponsored by...

WELCOME to FISSEA’s 23rd Annual Conference:  "Unraveling the Enigma of Role-Based Training" March 23 - 25, 2010 Location:   NIH National Institutes of Health Natcher Conference Center Bethesda, Maryland

The HHS Office for Civil Rights (OCR) enforces the HIPAA Privacy Rule, which protects the privacy of individually identifiable health information; the HIPAA Security Rule, which sets national standards for the security of electronic protected health information; the confidentiality provisions of the Patient Safety Rule, which protect identifiable information being used to analyze patient safety events and improve patient safety; and, the Breach Notification regulations requiring HIPAA covered entities and their business associates to notify individuals when their health information is...

(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes NIST Issues – SCAP—Security Automation and Vulnerability Management John Banghart, NIST Health IT David McDaniel, VHA Adam Greene, HHS/OCR Joy Pritts, HHS/ONC Gail Belles, VA Office of Science and Technology Policy (OSTP) R&D Chris Greer, OSTP Cloud Computing Implementations Earl Crane, DHS Daniel Burton, Senior Vice President, Global Public Policy, Salesforce.com   If you have any questions or need information please e-mail Annie Sokol .

(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes Usability Research in Support of Cyber Security: A Password Policy Taxonomy Kevin Killhoury, NIST NASA Continuous Monitoring Program Information System Security: The Path Forward with Automated Continuous Monitoring Jerry L. Davis, Deputy CIO IT Security Division (ITSD), NASA Federal Risk and Authorization Management Program (FedRAMP) Katie Lewin, GSA Kurt Garbars, GSA Dawn Leaf, NIST Challenges to VA Information Protection in the 21st Century; Medical Device Security Jaren Doherty, Veteran Affairs...

(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes Research Priorities of Moving Targets, Economic Incentives, Trusted Spaces Pat Muoio, ODNI US Cert – National Vulnerability Database Chris Johnson, NIST Usability and Security Ellen Cram Kowalczyk, Principle Security Strategist, Microsoft, Trusted User eXpereince (TUX) Mary Francis Theofanos, NIST Domain Name System Security (DNSSec) Doug Montgomery, NIST Scott Rose, NIST National Strategy for Trusted Identity in Cyberspace and Privacy Naomi Lefkovitz, Federal Trade Commission   If you have any...