Date: 09 Sep 1994 09:57:17 -0600 (MDT) From: Chris McDonald Subject: Information Systems Security Update, # 94-15 To: orvis@icdc.llnl.gov To: cmcdonal@wsmr-emh34.army.mil Apparently-To: orvis@icdc.llnl.gov # 94-15 Contents ACM Position on Clipper NIDES Training Available Secure WWW Firewalls Tutorial in Print Firewalls Tutorial in the Flesh 1. The September 1994 edition of the "Communications of the ACM" contains two items of security interest: (1) the USACM position on the Escrowed Encryption Standard; and (2) a succinct overview of "Cryptography Policy" written by Lance Hoffman, Farz Ali, Steven Heckler and Ann Huybrechts. 2. SRI International will present a FREE NIDES training course at SRI International, Menlo Park, CA, on November 1-4, 1994. One may contact Debra Anderson for details at debra@csl.sri.com or (415) 859-3177. 3. The August 1994 edition of the IEEE "Computer" contained a news brief on a joint venture between RSA Data Securities and Enterprise Integration Technologies to develop security toolkits based on World Wide Web and NCSA Mosaic. The initial products are to be a SecureWeb Viewer Developer's Toolkit and the SecureWeb Server Developer's Toolkit. Both toolkits, according to the news brief, should be available during the fourth quarter. 4. The September 1994 edition of "Open Computing" has a tutorial on "Internet Firewall Protection" written by Marcus Ranum, Trusted Information Systems. Since TIS has an Internet Firewall Toolkit, Mr. Ranum's discussion of software modules to implement firewall strategies references proxies from the TIS Toolkit. 5. Great Circle Associates has several Internet Security Firewalls Tutorials scheduled for the fourth quarter: San Jose, October 7; Denver, October 21; Seattle, November 4; and Anaheim, November 18. The cost is $545.00 per student, with $50.00 discounts if one meets a registration deadline. For further information, contact Great Circle Associates at info@greatcircle.com or (800) 270-2562. [Disclaimer: Information Systems Security Updates represent the opinions and views of the author, not his employer. Recipients are free to quote all/parts of the ISSU with credit/blame to the author.]