 |
Information System Security
Assurance Architecture
Working
Group (P1700) |
|
|
MINUTES
January 25, 2005
Johns Hopkins University Applied Physics Laboratory, Laurel,
Maryland
USA
|
Presiding & Author of Minutes: Scott Ankrum/Jack Cole
Meeting was called to
order at
9:30 am ET
. Participants introduced themselves, and attendance taken.
ATTENDANCE
T. Scott Ankrum/MITRE
Jack Cole/ARL
Bobby Gallon/Norbeck
Stuart Katzke/NIST
Dan Lindner/DoD
Jim Veneziano/JHUAPL
The agenda was accepted as proposed, and the IEEE Patent Policy was
reviewed using the authorized slide set.
MAIN
BUSINESS
This meeting was intended to:
- Develop
the draft
TOPICS
DISCUSSED
- See
the draft version of 27Jan05 for embedded in the documents
section
RESULTS
OF DISCUSSION
- Discussed
adding a section on system boundaries or scope.
Should be prior to 1.3 Conformance.
- Need
to work on the wording around system of systems – Scott’s addition.
Would be within new system boundaries section.
- In
Security categorization component, change “a single triple” output to a
System Security Categorization Triple (SSCT).
This is input to Security Control Selection Component.
- Scott
will ensure that his latest set of definitions is posted and available for
inclusion in the document.
- Stu
to continue drafting the last 3 components of
ISSAA Functionality (Section 4).
- Group
asked to review/become familiar with NIST SP 800-37 and a soon-to-be-posted
(by Jack) presentation on a FISMA-oriented version of the ISSAA so they are
in a better position to comment on the material Stu will be developing for
the next meeting.
- Before
and after versions of the document will be posted to the web so all can see
recent edits and where future changes will be made (see red font areas).
ACTION
Scott looking for volunteers to "scrub" NIST documents
Stuart continuing to develop draft, place draft out for comment.
Next Meeting:
Tentative ... March 1, 2005, 9:30am-3:30pm at the Johns Hopkins
Applied Physics Laboratory, Laurel, MD
Adjournment at
3:30pm ET
updated Tuesday, February 8, 2005
This site and all contents
(unless otherwise noted) are Copyright
© 2005
Institute of Electrical and Electronics
Engineers, Inc.
All rights reserved.