>

Program

Agenda

Agenda At-A-Glance Day 1 Day 2 Day 3

ICCC Day 2: 11 September 2013

7:00-8:45 Breakfast
09:00-09:30 Keynote Speaker: CCUF Perspective: Mrs. Alicia Squires, Cisco, CCUF Chair
09:30-11:00

Panel Discussion: “Marketing the New CC”

Moderator: Mark Loepker, NIAP, CCES Chair

Panelists: Joshua Brickman, Oracle; Jen Gilbert, Cisco; Matt Keller, Corsec; Eric Winterton, Booz Allen Hamilton;

Synopsis: At the CCMC 1st quarter meeting this year in Ottawa Canada the Common Criteria community recognized the need to market the CC brand. The CCUF has been a critical partner in this effort. This panel will discuss not only their efforts but other ideas from the schemes, vendors, and other audience members.
11:00-11:30 Coffee Break
Track 1: Reforming the Use of CC Track 2: Technology Track 3: Collaboration
11:30-12:00
Trifon Gimenez: Side channels analysis under AVA.VAN.5: scoring the attack potential (Epoche&Espri) Ashit Vora (Cisco Systems, Inc)/Chris Brych (Safenet Inc.): Cryptography and Common Criteria Dag Stroman: The USB cPP WG - The Collaborative Protection Profile Frontrunner (FMV/CSEC)
12:00-12:30
David Cerezo: A Proposal for Certificate Validity (CCN) Fritz Bollmann: Modeling of Cryptographically Secured Channels (Ipsec, SSH, TLS, DTLS) in ST/PP (Federal Office for Information Security (BSI)) Igor Furgel: How to Create a Slim and Comprehensive PP (T-Systems International)
12:30-1:00
Jose Francisco Ruiz: Lower EALs evaluations: Are you kidding me? (Epoche&Espri) Ulkuhan Guler: A New Evaluation Method for RNG used in Smartcards, RFIC and NFC Tags (TÜBITAK) Kim Frawley Braun/Greg Lague: Adjusting to the New CC PPs (EWA-Canada)
1:00-2:00 Lunch
2:00-2:30
Simon Milford: A CPA Update - Supporting the Development of CC (SiVenture) Fumiaki Manabe: Vulnerability-Centric Assurance Activities for MFP PP as a Candiate cPP (IPA) Jose Emilio Rico: Single Site Security Target. How to. (Epoche & Espri)
2:30-3:00
James Arnold: Exact Conformance (Gossamer Security Solutions) Michael Grimm: Evaluating Windows: Something Old, Something New, Something Borrowed (Microsoft Corp.) Matthias Intemann: Operating System Protection Profile and Community - One Face of the New Approach to PPs(Federal Office for Information Security (BSI)
3:00-3:30
Stephanie Motre: Secure Application Deployment for Mobile Devices on a Global Scale Christophe Bouly: ALC Mutualization (Thales ITSEF) Ahmad Dahari Jarno: Collaborative Efforts in Malaysia to Produce Protection Profile for Internet Banking Application (CyberSecurity Malaysia)
3:30-4:00 Coffee Break
4:00-4:30
Karsten Klohs: Managing Product Configuration Complexity in CC Evaluations Dirk-Jan Out: The Advantages of Using TOE Type Specific Assurance Methodology (Brightsight) Michael Grimm: Update from the Supply Chain Technical Working Group (Microsoft Corp.)
4:30-5:00
Monique Bakker: Enhancing the Well-Defined and Successful ETR for Composition Approach (Brightsight) Dr. Sergey Tverdyshev: Compositional Assurance: EURO-MILS ST/PP for Separation Kernel Based Virtualization (SYSGO AG) Jinseok Park: How the CC Harmonizes with Secure Software Development Lifecycle (Center for Information Security Technologies(CIST) Korea University)
5:00-5:30
Flavia Paiva Agostini : Common Criteria Applications on Software Assessment Infrastructure for Legal Metrology in Brazil (Inmetro) Dr. Hongsong Shi: A Systematic Approach to Eliminating the Vulnerabilities in Smart Cards Evaluations (China Information Technology Security Evaluation Center) Fiona Pattinson (atsec)/ Andras Szakal (IBM): Supply Chain Security for COTS: The Bigger Picture. (For The Open Group)
6:00 Bus Pick-Up from Caribe to Margaritaville
7:00-10:00 Awards Ceremony and Dinner at Margaritaville