Return-Path: <sentto-279987-4368-1011797190-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Wed, 23 Jan 2002 06:57:08 -0800 (PST) Received: (qmail 19711 invoked by uid 510); 23 Jan 2002 14:54:45 -0000 Received: from n28.groups.yahoo.com (216.115.96.78) by all.net with SMTP; 23 Jan 2002 14:54:45 -0000 X-eGroups-Return: sentto-279987-4368-1011797190-fc=all.net@returns.groups.yahoo.com Received: from [216.115.97.162] by n28.groups.yahoo.com with NNFMP; 23 Jan 2002 14:46:31 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_1_3); 23 Jan 2002 14:46:30 -0000 Received: (qmail 77426 invoked from network); 23 Jan 2002 14:46:30 -0000 Received: from unknown (216.115.97.172) by m8.grp.snv.yahoo.com with QMQP; 23 Jan 2002 14:46:30 -0000 Received: from unknown (HELO red.all.net) (12.232.72.98) by mta2.grp.snv.yahoo.com with SMTP; 23 Jan 2002 14:46:30 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g0NEl1Q29858 for iwar@onelist.com; Wed, 23 Jan 2002 06:47:01 -0800 Message-Id: <200201231447.g0NEl1Q29858@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Wed, 23 Jan 2002 06:47:00 -0800 (PST) Subject: [iwar] [fc:Computer.Security,.Biometrics.Dominate.NIST.Agenda] Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Computer Security, Biometrics Dominate NIST Agenda By Brian Krebs, Newsbytes, 1/22/02 <a href="http://www.newsbytes.com/news/02/173706.html">http://www.newsbytes.com/news/02/173706.html> The events of Sept. 11 and the subsequent anthrax attacks have caused a major shift in priorities for the National Institute of Standard & Technology, prompting the agency to double its efforts to develop new standards for everything from security scanners to biometrics to computer security, the agency's new chief said today. NIST Director Arden Bement said while many of the projects were begun prior to Sept. 11, the non-regulatory agency's new role in the Bush administration's Homeland Security initiative has added a sense of urgency to the mix. "September 11 really focused our activities and gave them a sense of immediacy," Bement said in a meeting with reporters today. "Our primary goal now is to take whatever technologies are available for application and to develop standards and test methods (that will) make them available to the public as quickly as possible." Bement said NIST is just a few months away from announcing a new biometric standard that will be used to confirm the identity of people seeking U.S. visas or using a visa to enter the United States. NIST also is working with the Biometric Consortium, which represents hundreds of companies that are developing technologies to identify people by their individual physical characteristics, such as thumbprints, facial recognition technology, iris and retinal scans. The biometric standards chosen by NIST could allow one or two technologies to gain early adoption and a strong foothold in an increasingly crowded market. Bement said biometric identifiers are being considered as a prerequisite for entry into government buildings, and the states are pushing ahead on a plan to link an as yet undetermined biometric technology to identity cards and driver's licenses. NIST also is working to develop more effective security standards for wireless communication networks, and is prepared to assume an even greater role in developing computer security standards for the federal government. "I expect that role will expand significantly," Bement said. NIST recently released an updated standard for encryption technology that will soon be used to beef up security for a range of electronic transactions, from e-mail to e-commerce to ATM withdrawals. The agency also is bracing for more responsibility over the computer security standards adopted by the federal civilian agencies. Rep. Tom Davis, R-Va., chairman of the House Government Reform subcommittee on technology and procurement policy, is drafting legislation to reauthorize the Government Information Security Reform Act, a law passed in November 2000 that requires federal agencies to assess and test the security of their non-classified information systems. Davis plans to add a provision to the bill that would require NIST to establish minimum technology and security standards that all agencies must follow. NIST also is crafting new standards to protect the nation's most critical infrastructures, Bement said. The software that monitors and regulates the distribution of juice over the national power grid, for example, is not yet completely integrated. "Grid control is a major issue now ... because a lot of the monitoring of power flows on the grid is done with different types of software and standards," Bement said. "There's a fair amount of work necessary to raise the level of security so it can't be taken down by hackers or otherwise interrupted." In addition, NIST has helped to re-assess standards for machines that irradiated mail in the wake of last year's anthrax attacks, and is reviewing standards that will govern some 2,000 new metal detectors to be installed at the nation's airports. While NIST is eager to have many of its new security standards adopted by companies in the private sector, the future of the Advanced Technology Program - the Commerce Department arm that provides support for moving experimental technologies from the laboratory into the marketplace - remains in question. Many House lawmakers have for years advocated terminating the ATP, and Commerce Secretary Donald Evans has said he would like to see the ATP recoup more of its investment from private sector companies. Benjamin Wu, deputy undersecretary for technology at Commerce, said Evans has come to recognize that the program has its merits. "He feels strongly that - irrespective of the funding issues - the reforms he would like to propose will help bring stability to the program," Wu said. Bement said he was optimistic that NIST would get all the funding it needs to handle its expanded role. "There are a number of pending bills that not only better define this role with regards to homeland security but also provide additional funding," he said. "So far, we've got a pretty big plate of activities, and we're prepared to even do more." ------------------------ Yahoo! Groups Sponsor ---------------------~--> Sponsored by VeriSign - The Value of Trust When building an e-commerce site, you want to start with a secure foundation. Learn how with VeriSign's FREE Guide. http://us.click.yahoo.com/oCuuSA/XdiDAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2002-12-31 02:15:03 PST