Information System Security
Assurance Architecture
Working Group (P1700)

MINUTES
May 5, 2004
Johns Hopkins University Applied Physics Laboratory, Laurel, Maryland USA  

Presiding, Author of Minutes: Jack Cole

Meeting was called to order at 9:30 am ET . Participants introduced themselves, and attendance taken.

ATTENDANCE (9)

T. Scott Ankrum/MITRE
Alicia Clay/NIST
Jack Cole/ARL
Stuart Katzke/NIST
Charles Kennedy/ARL
John Sforza/ISRisk
David Silberberg/JHUAPL
Paul Vale/JB Cubed
Jim Veneziano/JHUAPL

The agenda was accepted as proposed, and the IEEE Patent Policy was reviewed using the authorized slide set.

Operating procedures were discussed.
ACTION: Jack still has not written these, but will circulate proposed procedures to the group before June meeting.

MAIN BUSINESS

The first draft of the standard was examined, prompting a great deal of discussion about needed content for various sections. This draft was a skeleton with very little meat on it, but it served as a starting point and its examination lead to members volunteering to develop the needed sections.

ACTION - Members accepted assignments to develop these sections:

Chuck Kennedy, section “1.0”
Stu, Purpose
Alicia, Scope
Stu and/or Alicia: Model Functionality
Scott, Conformanace
John, Definitions/Abbreviations

TOPICS DISCUSSED

Environments in which multiple organizations or entities are joined into a single realm of trust (connecting to peers, to the internet, to strange businesses, etc);

Evidence of conformance (security plan, other documents);

Levels of security and how these are accommodated by this standard;

Chicken and egg aspect of development architecture and its companion standards;

Risk analysis.

Dynamic accreditation (e.g., autonomic systems)

 

RESULTS OF DISCUSSION

Respecting conformance, the question arose about IEEE’s enforcement of its mark, assessment of conformance.

ACTION: Jack will investigate.

Respecting security levels, at present the NIST special publication (SP) 800-60 drives controls (low/medium/high) for other processes. No conclusion was reached about an expressed need for metrics of security controls versus subjective evaluations. Confidence arises from trust, and trust is not easily defined.

Respecting timing of companion standards, it was decided that this would proceed in parallel for those components that can readily be built from existing NIST documents.

The first documents to look at are: FIPS 199 (Categorization), SP 800-30 (Risk Analysis), SP 800-18 (Security Plans), SP 800-37 (C&A).

ACTION:

Jack will examine FIPS 199 for “degovernmentalization” and get IEEE to reformat as IEEE standard.
John will similarly examine SP 800-30.
Scott, SP 800-60
These documents are available at http://csrc.nist.gov/sec-cert/ca-process.html

No decisions arose about the discussion on risk analysis, but the process of risk analysis was examined. A point was made that selection of controls should be just as adjustable downward as upward under changing analysis of risk. Also, it is recognized that third party evaluations are valuable when an organization or individual does not wish to reveal details of vulnerabilities to his potential trust partner.

The topic of dynamic accreditation (e.g., autonomic systems) was entertained without assigned action or decisions other than to include this topic among others to be continually re-examined during development of this draft standard. This is a difficult area with no clear solutions at this time, and it is a little out of the immediate scope of this standard. Nevertheless, it is an important topic that needs to be considered.


Next Meeting: Same time and location on June 22, 2004
Meeting adjourned at 3:30pm ET


updated Monday, May 17, 2004
Contact Webmaster

This site and all contents (unless otherwise noted) are Copyright © 2004
Institute of Electrical and Electronics Engineers, Inc.
All rights reserved.