From: Chris McDonald STEWS-IM-CM-S (11/17/93) To: orvis@icdc.llnl.gov Mail*Link¨ SMTP Information Systems Securit # 93-25 1. FIREWALLS a. The USENIX Winter 1994 Conference in San Francisco will offer a 1 day tutorial entitled "Achieving Security in an Environment". The instructors will be Tina Darmohray from LLNL and Dr. Rob Kolstad from Berkeley Software Design, Inc. The tutorial will occur on Thursday, January 20, following the Technical Sessions. The cost is $275 prior to December 27, 1993. Add an additional $50 after that date. One may obtain full details on the entire conference by sending e-mail to conference@usenix.org. b. The Firewalls discussion group has been rather cluttered and irregular over the last month. I have chosen to switch to the firewalls-digest, which is the moderated version. If you would like to join, send mail to Majordomo@Great Circle.COM. In the body of the message enter: subscribe firewalls-digest your electronic mail address. 2. Dr. Ravi Sandhu, George Mason University, has an article in the November 1993 edition of the IEEE "Computer" entitled "Lattice-Based Access Control Models. Dr. Sandhu proposes that, although lattice-based access control systems were initially developed for the military sector, "they can be applied in almost any situation where information flow is of concern." His suggestion is that the commercial sector should in effect reconsider lattice- based systems as "one ingredient of information systems security". The National Science Foundation and the National Security Agency partially supported the work. 3. John Barlow, a co-founder with Mitch Kapor of the Electronic Frontier Foundation, has an article in the November 1993 edition of the "Communications of the ACM" entitled "A Plain Text on Crypto Policy". Mr. Barlow brings his unique brand of humor in addressing a serious subject. 4. Michel Kabay, director of education of the National Computer Security Association, has an article in the November 8, 1993, "Network World" entitled "ITAR sticks users with unfair encryption restrictions". One may want to reread the recommendations of the National Research Council "Computers at Risk . . ." document on the issues of export control. Two years after the Council's report it appears that little substantative progress has occurred. 5. GOURD'S AXIOM: A meeting is an event at which the minutes are kept and the hours are lost. (Appearing in the October 1993 in-flight magazine of Southwest Airlines) ------------------ RFC822 Header Follows ------------------ Received: by internetqm.llnl.gov with SMTP;17 Nov 1993 12:46:30 -0800 Return-path: cmcdonal@wsmr-emh34.army.MIL Received: from icdc.llnl.gov by icdc.llnl.gov (PMDF #3384 ) id <01H5F81N98EOBSJ3Q2@icdc.llnl.gov>; Wed, 17 Nov 1993 12:46:09 PST Received: from pierce.llnl.gov by icdc.llnl.gov (PMDF #3384 ) id <01H5F8170XHSBSJ3TL@icdc.llnl.gov>; Wed, 17 Nov 1993 12:45:49 PST Received: by pierce.llnl.gov (4.1/LLNL-1.18/llnl.gov-05.92) id AA03120; Wed, 17 Nov 93 12:46:48 PST Received: from wsmr-emh34.army.mil by pierce.llnl.gov (4.1/LLNL-1.18/llnl.gov-05.92) id AA03097; Wed, 17 Nov 93 12:46:17 PST Date: 17 Nov 1993 13:21:55 -0700 (MST) From: Chris McDonald STEWS-IM-CM-S Subject: Information Systems Security Update, # 93-25 Resent-to: BILL_ORVIS@QUICKMAIL.llnl.GOV To: orvis@icdc.llnl.gov Resent-message-id: <01H5F81NCPSIBSJ3Q2@icdc.llnl.gov> Message-id: <9311172046.AA03097@pierce.llnl.gov> X-Envelope-to: BILL_ORVIS@QUICKMAIL.llnl.gov X-VMS-To: IN%"orvis@icdc.llnl.gov" Content-transfer-encoding: 7BIT [To]: cmcdonal@wsmr-emh34.army.mil [Cc]: krvw@agarne.ims.disa.mil, doria@cobalt.house.gov Apparently-To: orvis@icdc.llnl.gov ======================================================================