1 / 28

P2600 Hardcopy Device and System Security June 2006 Working Group Meeting

Get updates on IEEE patent policy, review and approve agenda and minutes, discuss merged document review and document review of PPs, and more.

acaro
Download Presentation

P2600 Hardcopy Device and System Security June 2006 Working Group Meeting

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. P2600Hardcopy Device and System SecurityJune 2006 Working Group Meeting Don Wright Director of Standards Lexmark International don@lexmark.com

  2. Agenda Items • Monday/Tuesday, June 19-20 • Welcome & Introductions • Update and Approve Agenda • Review and approve May Minutes • IEEE Patent Policy Review • 2006 Meeting Schedule • Update on TCG • Update on INCITS CS1 Working Group • Review of Action Items from May Meeting • Topics from e-mail

  3. Agenda Items • Monday/Tuesday, June 19-20 • Merged Document Review – page turner • Document Review of PPs • A (High) PP • B (Enterprise) PP • C (Public) PP • D (SoHo) PP • Other items • Benefits of providing funding for the evals • Next meeting details • Summarize and record action items

  4. Minutes from May Meeting • Minutes were published shortly after the meeting. • They are available at:http://grouper.ieee.org/groups/2600/minutes/P2600-minutes-May2006.pdf • Any corrections or changes?

  5. Instructions for the WG Chair • At Each Meeting, the Working Group Chair shall: • Show slides #1 and #2 of this presentation • Advise the WG membership that: • The IEEE’s patent policy is consistent with the ANSI patent policy and is described in Clause 6 of the IEEE-SA Standards Board Bylaws; • Early disclosure of patents which may be essential for the use of standards under development is encouraged; • Disclosures made of such patents may not be exhaustive of all patents that may be essential for the use of standards under development, and that neither the IEEE, the WG, nor the WG Chairman ensure the accuracy or completeness of any disclosure or whether any disclosure is of a patent that, in fact, may be essential for the use of standards under development. • Instruct the WG Secretary to record in the minutes of the relevant WG meeting: • That the foregoing advice was provided and the two slides were shown; • That an opportunity was provided for WG members to identify or disclose patents that the WG member believes may be essential for the use of that standard; • Any responses that were given, specifically the patents and patent applications that were identified (if any) and by whom. (Not necessary to be shown) Approved by IEEE-SA Standards Board – March 2003 (Revised March 2005)

  6. IEEE-SA Standards Board Bylaws on Patents in Standards 6. Patents IEEE standards may include the known use of essential patents and patent applications provided the IEEE receives assurance from the patent holder or applicant with respect to patents whose infringement is, or in the case of patent applications, potential future infringement the applicant asserts will be, unavoidable in a compliant implementation of either mandatory or optional portions of the standard [essential patents]. This assurance shall be provided without coercion. The patent holder or applicant should provide this assurance as soon as reasonably feasible in the standards development process. This assurance shall be provided no later than the approval of the standard (or reaffirmation when a patent or patent application becomes known after initial approval of the standard). This assurance shall be either: a) A general disclaimer to the effect that the patentee will not enforce any of its present or future patent(s) whose use would be required to implement either mandatory or optional portions of the proposed IEEE standard against any person or entity complying with the standard; or b) A statement that a license for such implementation will be made available without compensation or under reasonable rates, with reasonable terms and conditions that are demonstrably free of any unfair discrimination. This assurance is irrevocable once submitted and accepted and shall apply, at a minimum, from the date of the standard's approval to the date of the standard's withdrawal. Slide #1 Approved by IEEE-SA Standards Board – March 2003 (Revised February 2006)

  7. Inappropriate Topics for IEEE WG Meetings • Don’t discuss the validity/essentiality of patents/patent claims • Don’t discuss the cost of specific patent use • Don’t discuss licensing terms or conditions • Don’t discuss product pricing, territorial restrictions, or market share • Don’t discuss ongoing litigation or threatened litigation • Don’t be silent if inappropriate topics are discussed… do formally object.If you have questions, contact the IEEE-SA Standards Board Patent Committee Administrator at patcom@ieee.org or visit http://standards.ieee.org/board/pat/index.htmlThis slide set is available at http://standards.ieee.org/board/pat/pat-slideset.ppt Slide #2 Approved by IEEE-SA Standards Board – March 2003 (Revised March 2005)

  8. Officers • Chair: Don Wright, Lexmark • Vice Chair: Lee Farrell, Canon • Secretary: Brian Smithson, Ricoh • Editors: • Non-PP clauses: Jerry Thrasher, Lexmark • PP clauses: Brian Smithson, Ricoh

  9. 2006 Meeting Schedule • July 26-27, Rochester, NY @ Xerox • September 6-7, Boulder, CO @ IBM • October 23-24, Lexington KY @ Lexmark • December 11-12, Orange County @ Canon

  10. Schedule • Schedule • Clauses 1-9, Informative Annex • Ready for merging • May & June meeting reviews • Protection Profiles • Waiting for July draft of CCV3 • into the PPs by Sept? • PPs reviewed and iterate 1 or 2 times • Complex changes: who knows? • Complete draft out of December meeting

  11. Schedule • Schedule • January 2007 • Form IEEE ballot body • Engage with CC Eval Labs • February • Start Balloting • Start Evaluation of PPs • March • April -- (Will need group meeting) • Reconcile comments from IEEE and Eval Labs • May – June - July • Recirculations • September • RevCom / Standards Board Approval

  12. Trusted Computing Group Update

  13. INCITS CS1 : Cyber-Security Update

  14. Group General Action Items from May • Update web site with July meeting details – done • Convert PP-A to CIM Medium @ EAL 3 – (due in July) • Harmonize Subject/Object implementation – (waiting for CCV3, part 2) • Company funding of Evaluations: • DAPS: $10 – 20K • Lexmark: $5K (possibly more) • Ricoh, HP – not immediately rejected • Canon, Sharp, Oki, Océ, Toshiba – wants to better understand the benefits of paying versus not paying

  15. Action Items from Previous Meetings • Any update on CCV3 plans from NIAP? • Discussion on “Standard” versus “Recommended Practice” • Presentation from the PP team on mandating of encryption in PP-A and PP-B. (AI #198) • Review entries in P2600-action-items excel spreadsheet

  16. Issues raised on e-mail • T.UD.PHY.OUTPUT objectives (Smithson) • Tentative decisions: • O.Access also needed for PP-A & PP-B • O.I&A also needed for PP-A • OE.Location & OE.Train are also needed (except OE.Location for PP-C?) • Secure Fax (Sameer) • Won’t attempt to protect user data across fax lines • Will address issue of accessing the network via connecting through fax port (“T.EA.FAX_BRIDGE”?) • PP Clause 1.2 compliance with NIAP Policy Letter #13 (Sukert) • “The Target of Evaluation (TOE) of this Protection Profile is the entire Hardcopy Device (HCD) as available to end customers, i.e., the compliant configuration.”

  17. Issues raised on e-mail • Elevation of DOS threats in PPs (Smithson) • Update tables 61 and 63 as per Smithson’s note • PP-A/PP-B proposals (Smithson) • Concerns expressed about removing .UD.SALVAGE from DAPS. Others expressed a concern about .UD.SNIFF.NET. • Everyone should review this proposal in detail and be prepared to make a decision in July. Position papers from everyone are encouraged. • No great concern about removing .AUD.ACCESS • Look at new clause 3.1 in PP-A (Smithson) • Other PPs should take basic robustness text (unmodified) from CIM instruction #3 and insert as clause 3.1.

  18. Document Section Status Editors Assigned: • Clauses 1-9 & non-PP Annexes: Jerry Thrasher • Protection Profiles: Brian Smithson • PP-A -- Ron Nevo • PP-B -- Brian Smithson • PP-C -- Nancy Chen, Alan Sukert • PP-D -- Carmen Aubry

  19. Document Review • Drafts needing most review • Merged Draft • Result of meeting posted as version 20b • Others?

  20. Document Review: PP-A • Review Draft number 20a • Now Protection Profile A, EAL 3 Not Reviewed - Insufficient Time

  21. Document Review: PP-B • Review Draft number 20a • Now Protection Profile B, EAL 2 Not Reviewed - Insufficient Time

  22. Document Review: PP-C • Review Draft number 20a • Now Protection Profile C, EAL 2 Not Reviewed - Insufficient Time

  23. Document Review: PP-D • Review Draft number ?? • Now Protection Profile D, EAL1 Not Reviewed - Insufficient Time

  24. Next Meeting Details • July 26-27 • Xerox Building 855855 Publishers ParkwayWebster NY 14580 • Map: http://maps.google.com/maps?f=q&hl=en&q=855+Publishers+Parkway+Webster+NY+14580+++&ie=UTF8&om=1

  25. Next Meeting Details

  26. Next Meeting Details

  27. Backup Slides

  28. Mailing List and Web Site • Web Site: http://grouper.ieee.org/groups/2600 • Mailing list: • Listserv run by the IEEE • An archive is available on the web site • Subscribe via a note to: listserv@listserv.ieee.orgcontaining the line:subscribe stds-2600 • Only subscribers may send e-mail to the mailing list. No Change

More Related