SIGSAC ANNUAL REPORT
July 1994 - June 1995
Submitted by: Daniel P. Faigin
This report summarizes the activities of ACM/SIGSAC during
the past year. It is written as part of ACM/SIGSAC's annual
reporting requirements. It presents our technical highlights
and successes, as well as our plans for the future.
The scope of ACM/SIGSAC is the control of access to
computing resources, user and resource authentication, risk
analysis, testing and certification of computer systems,
transaction logging, data reduction, data encryption,
control over program development and operation, multilevel
security systems, and architectural foundations for secure
systems.
ACM/SIGSAC supports the overall goals of the ACM by
providing activities that support advancement of the art of
Computer Security and serve to improve the competence of
Computer Security Practitioners, while promoting the free
interchange of ideas. SIGSAC does this through special
projects, publications, and conferences.
2. NEWSLETTER
The ACM/SIGSAC Newsletter, SIGSAC Review, was published on a
regular schedule during this period under the able
editorship of Catherine Meadows of the Naval Research
Laboratory. Paper topics have included the following:
- Adams, J. and Luther, D. The Evolution of MaxSix Trusted
Networking
- Gong, Li. Summary of the 7th IEEE Computer Security
Foundations Workshop
- Guinier, Daniel. Oriented Scenario Dynamics in
Information Systems Safety.
- Guynes, C.S. and Thorn, R.G. Network Security in a
Client\/Server Environment.
- Huber, G. CMW Introduction.
- Levine, Diane. Report on ISSA Metropolitan Chapter
One-Day Conference.
- Nessett, Dan. Report on the ISOC Symposium on Network and
Distributed System Security.
- Neumann, Peter. Risks Archive.
- Rubinowitz, H. S. Issues Associated With Porting
Applications to the Compartmented Mode Workstation.
- Sidwell, D. and Ehrsam, T. CMW Information Labels: A DBMS
Perspective.
- Scudamore, Scott. MultiSIX: How it Improves
Interoperability in a Multi-Vendor Network.
We've also had numerous conference reviews and calls for
papers published.
3. SPECIAL PROJECTS
ACM/SIGSAC has been involved with two primary special
projects: Computer Security Day, and the Security Criteria
Development.
3.1. Computer Security Day
Computer Security Day (CSD) is an initiative started in 1988
by the Washington DC SIGSAC Chapter to make the community
aware of Computer Security. It has since been adopted as a
ACM/SIGSAC activity. It is observed the first working day of
December. By writing a letter to the CSD coordinator,
participants receive a poster and suggestions for ways to
observe the day. Official participants in the CSD included
organizations from 11 different countries and a majority of
the states. We also had a number of mayoral declarations for
CSD.
It should be highlighted that the Washington DC Chapter of
SIGSAC received a Quality Chapter Award from the Local
Activities Board in 1995.
The coordinator of this activity is Lee Ohringer
(Ohringer@dockmaster.ncsc.mil).
3.2. Security Criteria Development
No new criteria have been developed during the reporting
period.
4. CONFERENCES AND WORKSHOPS
One of the goals of ACM/SIGSAC was to improve its visibility
in the conference and workshop area. We feel that we have
done this with our new conferences.
During this reporting period, ACM/SIGSAC was involved in a
sponsorship capacity with four conferences/workshops, and an
in-cooperation category with one other conference:
- Computers, Freedom and Privacy 5 (25% Sponsorship).
Held in Burlingame in March 1995.
- Second ACM Conference on Computers and Communication
Security. (100% Sponsorhip) VERY Successful. Held in
Washington DC in November 1994. It will be held next
in New Delhi, INDIA, in March 1996.
- Third New Security Paradigms Workshop (100%
Sponsorship). Held in Little Compton RI in August
1994. This conference had a small loss, and will be
co-sponsored next year with The Aerospace Institute.
It will be held in San Diego in August 1995.
- Issues '94 Workshop at the Annual Computer Security
Applications Conference. (100% Sponsorship).
- Annual Computer Security Applications Conference (In
cooperation with). Held in Orlando Florida in December
1994. The next conference will be in New Orleans,
Louisiana in December 1995.
SIGSAC plans to continue to be involved in these conferences
in the future.
5. AWARDS
None.
6. EDUCATIONAL ACTIVITIES
ACM/SIGSAC had no special educational activities during the
year.
7. ADMINISTRATION
Four years ago, SIGSAC had a negative fund balance on the
order of ($30,000). Through prudent fiscal management and
successful conferences, the SIG currently has a fund balance
in the range of $12,000 to $15,000.
In terms of officers, the SIG fielded a full slate (two
candidates for each office) of qualified
candidates for the term beginning July 1, 1995.
Back to SIG Board Report
Back to SIGSAC Page
To ACM Page