Well, the fourth day of ACSAC in Hawaii is done. Today started off bad: I overslept after a bad headache night. But after that, things got better…
The morning started with a plenary session that featured a welcoming speech by the tallest mayor in the US, Mayor Mufi Hannemann of Honolulu, who actually discussed computer and physical security efforts in the city. This was followed by a talk from May Ann Davidson of Oracle on the importance of security metrics. I should note that the morning also featured a reporter from Hawaii Public Radio — I’ll link to the audio once we have it on the ACSAC website. Most of the day was spent in the FISMA training sessions, learning all about 800-53 rev 3 and 800-37. Although I know a lot of this stuff, it was actually useful to get the latest from Ron. We then had an interesting debate on the value of the Common Criteria with folks like Paul Karger, Wes from Symantec, Helmut from Atsec, and Chris Salter from CCEVS. I listened to a bit of the second Classic Papers session with Li Gong, which was followed by a poster session.
Dinner was the conference committee dinner at Chuck’s steakhouse. Fun dinner, but something on the walk back triggered more wheezing (which is getting damn annoying). So I think I’ll take another benedryl and go to bed. Goodnight all… and tomorrow is the last half day of the conference (and perhaps some beach time in the afternoon).
