6TH ICCC 2005
Access Hotels Top Page Japanese
ICCC Overview Program Registration Call for Papers
Sponsor/Exhibitor Opportunities Sponsors/Exhibitors

Program

Wed., Sept. 28th, 2005

10:00 - 10:15

Opening Plenary

Organizer Address:
  Information-technology Promotion Agency, Japan Chairman Buheita Fujiwara
Honored guest Address:
  Ministry of Economy, Trade and Industry (METI)
10:15 - 11:15

Keynote Speech

"Information Security Policy in Government of Japan - Establishment of NISC -"
  Dr. Suguru Yamaguchi 
  Advisor on Information Security National Information Security Center, Cabinet Secretariat

"Significance of the Security Evaluation As the Business Strategy"
  Mr. Yoshiaki Ibuchi 
  Sharp Corporation, Corporate Executive Director
  and Group General Manager of Digital Document Systems Group

11:30 - 18:00

Conference Tracks

Track A:   "Security Evaluation Practice and Business Value"
- Significance of IT security evaluation on the business strategy -
Chair: Dr. Michael J Nash (Gamma Secure Systems Ltd., U.K.)
Vice Chair: Hiroyuki Kaneko (Mizuho Information & Research Institute, Inc., Japan)
Track B:   "Marketing"
- New market for Common Criteria evaluation -
Chair: May-Lis Farnes (Trust2You AB, Sweden)
Vice Chair: Maria Oldegård (SWEDAC, Sweden)
Track C:   "Common Criteria Version 3.0"
- Introduction and discussion of new Common Criteria as they undergo major revision -
Chair: Miguel Bañón (Representing Centro Criptologico Nacional, Spain)
Vice Chair: Akira Shinozaki (Information Technology Promotion Agency, Japan)
19:00 - 21:00

Gala Dinner

Welcome Ceremony for new CCRA Signatories
Awards of CC certificates

* Wed., Sept. 28th, 2005 Conference Tracks

Track A Track B Track C
Business Value of Security Evaluation Introduction of CCRA
and ISO activities
Benefits of CC V3
11:30-12:00
A1-01
The Challenge of Raising Business Value through Objective Evaluation of IT Security, & Japan’s IT Security Policy.
Takefumi Tanabe
(Ministry of Economy, Trade and Industry, Japan)
11:30-12:00
B1-01
Overview of the Common Criteria Recognition Arrangement(CCRA)
Frits Taal
Chairman of CCRA Management Committee
(Netherlands National Communications Security Agency(NLNCSA), Netherlands)
11:30-12:00
C1-01
CC v3.0 Update
David Martin
(CESG, U.K.)
12:00-12:30
A1-02
Business value of the operational system security evaluation for the integrator and the service provider
Hiroyuki Kaneko
(Center for Evaluation of Information Security, Mizuho Information & Research Institute, Inc., Japan)
12:00-12:30
B1-02
International standardization activities in SC 27 regarding Security Assurance and Evaluation
Mats Ohlin
(Swedish Defence Materiel Administration(FMV) & ISO/IEC JTC 1/SC27/WG 3, Sweden)
12:00-12:30
C1-02
CC v3.0 The New Conceptual Framework
Dr. Dirk-Jan Out
(TNO-ITSEF, Netherlands)
12:30-13:00
A1-03
Linux achieves CAPP/EAL4+ Can it achieve EAL5?
K.S. (Doc) Shankar
(IBM Corporation, U.S.A.)
Helmut Kurth
(atsec information security, U.S.A.)
Challenge in CCRA nations
12:30-13:00
C1-03
ASE/APE for CC 3.0
Dr. Dirk-Jan Out
(TNO-ITSEF, Netherlands)
12:30-13:00
B1-03
Canadian Common Criteria Scheme (CCS) Update
Robert B. Morey
(CSE, Canada)
The Italian Certification Body for Commercial IT Systems/Products

Luisa Franchina
(Organismo di Certificazione della Sicurezza Informatica, Italy)

13:00-14:30 Lunch  
Security Evaluation Practice
14:30-15:00
B1-04
U.S. Common Criteria Evaluation & Validation Scheme Update
Audrey M. Dale
(U.S. NIAP CCEVS Validation Body & National Security Agency(NSA), U.S.A.)
Common Criteria in Austria - Overview and Experiences
Herbert Leitold
(Secure Information Technology Center Austria (A-SIT), Austria)
Trial use and CC V3 Part2
14:30-15:00
A1-04
Copier & MFD under ISO 15408 scheme
Takashi Ito
(Konicaminolta Business Technologies, INC, Japan)
14:30-15:00
C1-04
Trial use experiences with ASE and APE for the new CC EAL1 concept
Thomas Borsch
(Bundesant für Sicherheit in der Informationstechnik(BSI), Germany)
15:00-15:30
A1-05
Microsoft Exchange Server 2003 Efficient high level certification for a big product
Michael Grimm
(Microsoft Corporation, U.S.A.)
Wolfgang Peter
(TÜV Informationstechnik GmbH, Germany)
15:00-15:30
B1-05
French evaluation and certification Scheme
Thomas Bousson
(DCSSI - French Certification Body, France)
Netherlands scheme for Certification in the area of IT security (NSCIB)
Rob T.M. Huisman
(Netherlands National Communications Security Agency, Netherlands)
15:00-16:00
C1-05
CC v3.0 The New Part 2
Dr. Dirk-Jan Out
(TNO-ITSEF, Netherlands)
15:30-16:00
A1-06
How to tackle the IT security evaluation in Canon
Nobuhiro Tagashira
(Canon Inc., Japan)
15:30-16:00
B1-06
Introduction of Japanese Scheme
Hideji Suzuki
(Information-technology Promotion Agency, Japan (IPA),Japan)
Australasian Information Security Evaluation Program
Paul Herrick
(Defence Signals Directorate, Australia)
16:00-16:30 break  
Security Evaluation
for Composite Products
16:30-17:00
B1-07
The BSI Certification Scheme and Recent Developments in The German IT Security Market
Irmela Ruhrmann
(Bundesamt für Sicherheit in der Informationstechnik(BSI), Germany)
The Norwegian Certification Scheme - An overview
Kjell W. Bergan
(Norwegian National Security Authority(NONSA) / SERTIT, Norway)
CC V3 ADV and
Composition Issues
16:30-17:00
A1-07
East meets west:
Evaluation experiences of a Japanese company by a Dutch evaluation lab under the German scheme
Noriki Iwasaki
(SHARP, Japan) Wouter Slegers
(TNO-ITSEF BV, Netherlands)
16:30-17:30
C1-06
ADV - v3.0
Ronald Bottomly
(U.S. Common Criteria Evaluation and Validation Scheme, U.S.A.)
17:00-17:30
A1-08
Success of a smartcard composite TOE evaluation performed by NTTDATA
Naohisa Ichihara
(NTTDATA Corporation, Japan)
17:00-17:30
B1-08
Common Criteria Certification in the UK
Nigel H Jones
(CESG, U.K.)
The Spanish Evaluation and Certification Scheme
Luis Jimenez
(Centro Criptologico Nacional, Spain)
17:30-18:00
A1-09
Deriving Security for Mixed IT System Architectures from Evaluated Products
David Ochel
(atsec information security, U.S.A.)
17:30-18:00
B1-09
Swedish Certification Body for IT Security & the Swedish Common Criteria Evaluation and Certification Scheme.
SWEDAC is a public authority under the Ministry for Foreign Affairs and Ministry of Trade.
Maria Oldegård
(SWEDAC, Sweden)
Dag Ströman
(FMV/CSEC, Sweden)
Korea IT Security Evaluation and Certification Scheme
Dae Ho Lee
(National Intelligence Service/ IT Security Certification Center(NIS/ITSCC), Korea)
17:30-18:00
C1-07
ACO Composition in v3.0
AVA updates in v3.0
David Martin
(CESG, U.K.)
▲ top


Thu., Sept. 29th, 2005

9:00 - 17:00

Conference Tracks

Track A:   "Security Evaluation Practice and Business Value"
- Significance of IT security evaluation on the business strategy -
Chair: Dr. Michael J Nash (Gamma Secure Systems Ltd., U.K.)
Vice Chair: Hiroyuki Kaneko (Mizuho Information & Research Institute, Inc., Japan)
Track B:   "Marketing"
- New market for Common Criteria evaluation -
Chair: May-Lis Farnes (Trust2You AB, Sweden)
Vice Chair: Maria Oldegård (SWEDAC, Sweden)
Track C:   "Common Criteria Version 3.0"
- Introduction and discussion of new Common Criteria as they undergo major revision -
Chair: Miguel Bañón (Representing Centro Criptologico Nacional, Spain)
Vice Chair: Akira Shinozaki (Information Technology Promotion Agency, Japan)
17:30 - 18:00

Closing Plenary

Closing Address: Yusaku Nakata
  (Executive Director, Information-technology Promotion Agency, Japan)
Invitation to the next ICCC

*Thu., Sept.29th, 2005 Conference Tracks

Track A Track B Track C
Developers’ view on Security Evaluation Challenge for Smartcard Evaluation CC V3 ALC/AGD and CEM
09:00-09:30
A2-01
Software component evaluation
Albert Dorofeev
(Sony Secure Communications Europe, Belgium)
09:00-09:30
B2-01
Overview of Common Criteria Smart Card Evaluation Activities
Dr. Bertolt Krüger
(SRC Security Research and Consulting GmbH, Germany)
09:00-09:30
C2-01
ALC- & AGD-Revision
Dr. Frank Sonnenberg
(Bundesant für Sicherheit in der Informationstechnik(BSI), Germany)
09:30-10:00
A2-02
Application of the Common Criteria to a Terminal for Banking Services
Yukio Izumi
(Mitsubishi Electric Corporation, Japan)
09:30-10:00
B2-02
Smart Card Evaluation and Certification in France
Thomas Bousson
(DCSSI - French Certification Body, France)
09:30-10:00
C2-02
The Common Evaluation Methodology
Miguel Bañón
(Representing Centro Criptológico Nacional, Spain)
10:00-10:30
A2-03
Fully Utilizing the Threat Model
Adam O’Brien
(Corsec Security, Inc., U.S.A.)
10:00-10:30
B2-03
Smart card CC evaluation - Paradigm, issues, what is at stake
Philippe Bouchet
(Axalto & Head of French Delegation at ISO/SC27, France)
10:00-10:30
C2-03
Porting ST and PP to CC 3.0: Problems and some answers
Axel Boness
(ITSEF of CEA-LETI, France)
10:30-11:00 break  
Support for Security Evaluation Challenge for Crypto and Biometrics Evaluation Impact of CC V3
11:00-11:30
A2-04
Lowering Developer Costs Through Developer Certification
Anthony Hall
(CSC Australia, Australia)
11:00-11:30
B2-04
FIPS-US Cryptographic Testing Standard
Nithya Rachamadugu
(CygnaCom Solutions, U.S.A.)
11:00-11:30
C2-04
CC V3.0 How it affects Smart Card evaluation
Hans-Gerd Albertsen
(ISCI-WG1)
Tyrone Stodart
(ISCI-WG1)
11:30-12:00
A2-05
Analysis of SOF(Strength of Function) and vulnerability on Fingerprint Authentication System
Jun Woo Park
(Korea Information Security Agency (KISA)、Korea)
11:30-12:00
B2-05
A FIPS 140-2 evaluation could authorize CC-like tests
Axel Boness
(ITSEF of CEA-LETI, France)
11:30-12:00
C2-05
Reference Monitor Concept in the CC
Kristina C. Rogers
(CygnaCom Solutions, U.S.A.)
12:00-12:30
A2-06
Development of Informal Security Policy Models
Erin Connor
(EWA-Canada, Canada)
12:00-12:30
B2-06
Introduction of Security Profile for staff verification by Token based biometoric authentication.
Takashi Shirakata
(NTT DATA Corporation, Japan)
12:00-12:30
C2-06
Writing and Updating of Protection Profiles conform to CC Version 3.0
Wolfgang Killmann
(T-Systems GEI GmbH, Germany)
12:30-14:00 Lunch  
Production of PP/ST Expanding the CC market - Market experiences and market needs Challenge for Next
14:00-14:30
A2-07
Designing ST of Passport Application Examination System
Yoshifumi Asai
(Fujitsu Hokuriku Systems Limited, Japan)
14:00-14:30
B2-07
Does Common Criteria need marketing?
Maria Oldegård
(SWEDAC, Sweden)
May-Lis Farnes
(Trust2You AB, Sweden)
14:00-14:30
C2-07
ISMS Aspects in Common Criteria Certificates for Development Sites
Dr. Bertolt Krüger
(SRC Security Research and Consulting GmbH, Germany)
14:30-15:00
A2-08
Cultural Issues and their impact on Evaluations
Simon Milford
(LogicaCMG UK Limited, U.K.)
14:30-14:50
B2-08
Lessons Learned in Market Adoption of the Common Criteria
Steven B. Lipner
(Microsoft Corporation, U.S.A.)
14:30-15:00
C2-08
A Note on High Robustness Requirements for Separation Kernels
Thuy D. Nguyen
(Department of Computer Science, Naval Postgraduate School, U.S.A.)
15:00-15:30
A2-09
Vendors and Government Cooperate to Produce a Practical Protection Profile
Roger French
(Microsoft Corporation, U.S.A.)
Shaun Lee
(Oracle Corporation, U.S.A)
John Kendrick
(Sybase, Inc., U.S.A.)
14:50-15:10
B2-09
Challenges of CC Evaluations
Soheila Amiri
(CyberGuard Corporation, U.S.A.)
15:00-15:30
C2-09
Evaluation of application systems by ISO/IEC TR 19791
Hirohisa Nakamura
(Japan Electronics and Information Technology Industries Association (JEITA), Japan)
15:10-15:30
B2-10
Is the Common Criteria the only way?
Dr. David Brewer
(Gamma Secure Systems Limited, U.K.)
15:30-16:00 break  
Guidance/Tools for Security Evaluation Panel discussion Next CC?
16:00-16:30
A2-10
The ISO PPST Guide - Tool or Irrelevance?
Dr. Michael J Nash
(Gamma Secure Systems Ltd., U.K.)
16:00-17:00
B2-11
Welcome to the panel discussion on Marketing
Chair: May-Lis Farnes(Trust2You AB, Sweden)
Panelist:
Steven B. Lipner (Microsoft Corporation, U.S.A.),
Soheila Amiri (CyberGuard Corporation, U.S.A.),
Dr. David Brewer (Gamma Secure Systems Limited, U.K.),
Maria Oldegård (SWEDAC, Sweden)
16:00-16:30
C2-10
First Results from the Site Certification / ALC-Reusability-Project
Dr.Frank Sonnenberg
(Bundesant für Sicherheit in der Informationstechnik(BSI), Germany)
16:30-17:00
A2-11
Guidance for the Production of Evaluation Evidence
Yune Gie Sung
(Korea Information Security Agency (KISA), Korea)
16:30-17:00
C2-11
Common Criteria- Where next?
David Martin
(CESG, U.K.)
▲ top


Copyright(C) IPA:Information-technology Promotion Agency,JAPAN All Rights Reserved. ICCC2005