Organized by IT Security Certification Center, National Intelligence Service, Korea  
In cooperation with Korea Institute of Information Security & Cryptology, Jeju Special Self-Governing Province, Korean Agency for Technology and Standards, Ministry of Public Administration and Security, Korea Information Security Agency, and Korea Testing Laboratory
Exhibitors at the 9th ICCC


  * A 2-hour CC Tutorial Session was also held for those who are not familiar with Common Criteria. Click here to view its contents.

  23-Sep-08
Time Track A Track B Track C
09:30-09:50 Opening Plenary
IT Security Certification Center
National Intelligence Service
09:50-10:50 Keynote Speech
Cross-Border Collaboration in Security & Privacy (Prof. Tai-Myoung Chung, SungKyunKwan University, KR)
  Security Evaluation of A Moving Target (Prof. Dieter Gollmann, Technischen Universität Hamburg-Harburg, DE)
Enhance Smart Card Business through Common Criteria (Dr. Chilhee Chung, Samsung Electronics, KR)
10:50-11:10 Report from the CC Management Committee
Mats Ohlin, MC Chair (FMV, SE)
11:10-11:30 Coffee Break
11:30-12:30

Panel Session
Common Criteria - Its Value and Future
Moderator
Mats Ohlin, MC Chair (FMV, SE)

Panelists
Ms. Audrey Dale, Director of US Scheme (NSA, US)
Mr. David Martin, CCDB Chair (CESG, UK)
Ms. Irmela Ruhrmann, ES Chair (BSI, DE)
Mr. Miguel Banon, CCMB Chair (representing CCN, SP)
Mr. Pascal Chour, Head of French Scheme (DCSSI, FR)
Mr. Richard Helliwell, Manager of Australian Scheme (DSD, AU)

12:30-14:00 Luncheon
14:00-15:30
CCDB Report and Overview of CC Version 4 Work Areas
David Martin (CCDB Chair)
CCDB Workgroup - Skills and
Interaction
David Martin (CCDB Chair)
CCDB Workgroup - What Tools Do
Evaluators Need?
David Martin (CCDB Chair)
The Assurance Paradigm for Lower
Assurance Levels - Should There Be A
Greater Level of Testing?
David Martin (CCDB Chair)
A New Protection Profile
for NFC Mobile Security
C. Loiseaux, R. Presty, JP. Wary, N.
Helle, M.Eznack (Trusted Labs, FR)
Enterprise Management Solutions
Protection Profiles
Eric Winterton (Booz Allen Hamilton,
US), Joshua Brickman (CA Inc., US)
Protection Profile for E-Voting Systems
Kwangwoo Lee, Yunho Lee, Woongryul
Jeon, Dongho Won, Seungjoo Kim
(Sungkyunkwan University, KR)
Practical Reading of the CC,
Success Stories in the Evaluation
of Complex Products
Miguel Banon, Jose Emilio Rico
(Epoche, SP)
Realising Benefit and Value
from CC Evaluations
Ken Hendrie (Stratsec lab, AU)
Setting Expectations for Common
Criteria in the Software Development
Lifecycle
Ray Potter (Apex Assurance Group, US)
15:30-16:00 Coffee Break
16:00-18:00
 Update on Japanese Scheme
Yasuhide YAMADA (IPA, JP)
 Update on Spanish Scheme
Luis Jimenez (CCN, SP)
 Update on Italian Scheme
Massimiliano Orazi(OCSI, IT)
  Update on Singporian Scheme
Yim Leng WOO (IDA, SG)
 Update on Malaysian Schem
Norhazimah Abdul Malek, Wan Roshaimi
Wan Abdullah (CyberSecurity, MY)
Update on Turkish Scheme
Merve Hatice KARATAŞ (TSE, TR)
  CC in China
Liu Zhuohui (CNCA, CN)
The Next Big Thing: Preparing
A Legacy Infrastructure for
A Paradigm Shift
Jane Medefesser, Vanessa Kong (Sun Microsystems, US), Marilyn Harris (CGI, US)
Common Criteria Testing
in A Common Security Environment
- RACF
Diana Robinson, William Penny (IBM
Corporation, US)
Experience with CC 3.1, Class ALC
(Life Cycle Support) Evaluation
Peter van Swieten (Brightsight, NL)
Time Flies: Examining Timeliness in
ALC_FLR.3
Duncan Harris, Adam O'Brien (Oracle
Corporation, UK)
CCRA - Fragmentation or Cohesion?
Shaun Lee, Petra Manche (Oracle
Corporation, UK)
CC and CMMI - An Approach to
Integrate CC with Development
Wolfgang Peter, Werner Achtert (TUViT,
DE)
Effective Certification Roadmap
Planning for Common Criteria and
FIPS Certification
Portfolio Approaches
Su-Chen Lin, Seyed Safakish (Juniper
Networks, US)
Managing Multiple and Emerging
Standards
William Penny (IBM Corporation, US)

  24-Sep-08
Time Track A Track B Track C
09:00-10:30 CCDB Workgroup - Evidence-based Approach
Steve LaFountain (NIAP, US)
AVA_VAN.2 - Performing Vulnerability Analysis under CC v3.1
Eve Pierre, James L. Arnold Jr. (SAIC, US)
Scoping the TOE
Nithya Rachamadugu (CygnaCom, US)
CCDB Workgroup - Predictive Assurance
Irmela Ruhrmann (BSI, DE)
Circular Reasoning: Venn Will We Agree on a Common SoF Analysis Method?
Nathan Lee, Amy Nicewick (Corsec Security, US)
Developer Documentation - A Who to Guide
Erin Connor (EWA, CA)
CCDB Working Group - Writing a More Meaningful Certification/Validation Report
Robert Harland (CSE, CA)
Attack Potential: Using it Properly and Evolving it for the Future
Tony Boswell (SiVenture, UK)
An analysis of the coverage of some cryptographic aspects in the Common Criteria
Massimiliano Orazi, Vittorio Bagini, Renato Menicocci, Franco Guida (Fondazione Ugo Bordoni, IT)
10:30-11:00 Coffee Break
11:00-12:30 Challenging the Concept of One Evaluation Assurance Level per Evaluation
Miriam Serowy (BSI, DE), Nils Tekampe (TÜViT, DE)
About the World-first CC smart card Certificate using Formal Assurances
Boutheina Chetali (Gemalto, FR)
Should and How CC be Used to Evaluate RFID based Passports or Banknotes?
Chia Hung Lin (Telecom Technology Center, TW)
EAL1: Resuscitate or Euthanize? The Low Assurance Problem
Julian Straw (BT, UK)
Smartcard Security Development using Formal Method Tool SPIN
Naohisa ICHIHARA (NTTDATA, JP)
Security Domain Separation as a Prerequisite for Business Flexibility
Igor Furgel (T-Systems, DE)
Proposal for a COTS Software Assurance Package
Wesley H. Higaki (Symantec Corporation, US)
Towards Modelling and Evaluating SPM for XML Access Control
Il-gon Kim, Hee-Jun Yoo, Won-Tae Sim, Byung-kyu Noh (KISA, KR)
Integration of Architectural Requirements into the CC Structure
Helmut Kurth (atsec, US), Susanne Pingel (BSI, DE)
12:30-14:00 Luncheon
14:00-15:30 CC V4 - Proposed Approaches
Anthony J. Apted, James L. Arnold Jr. (SAIC, US)
Consistency Verification Method Between TSFI and SPM on High Level Evaluation
Hee-Jun Yoo, Il-Gon Kim, Gyu-Min Cho, Byung-Gue Noh (KISA, KR)
IT Security Starts Here: At the Building Structure and Its Mission Critical Infrastructure
Joachim Faulhaber, Wolfgang Peter (TÜViT, DE)
Common Criteria from a Commercial Perspective - and options for improvement with version 4.0
Simon Milford (SiVenture, UK)
Designing the Trusted Service Bus for EAL5
David Ochel (atsec, US), Brian Vetter (BlueSpace Software, US)
Secure System Integration Methodology
Satoshi HARUYAMA, Toshiya YOSHIMURA, Naohisa ICHIHARA (NTTDATA, JP)
Multi-Level Certifications - Using Lower EALs as Project Milestones
Bertolt KrÜger (SRC Security Research & Consulting, DE), Christian Tabias (Utimaco Safeware AG, DE)
High Assurance Evaluations - Challenges in Formal Security Policy Modeling and Covert Channel Analysis
Sai Pulugurtha (CygnaCom, US)
Measuring the Effectiveness of a Security Development Process
Michael Grimm (Microsoft, US), Helmut Kurth (atsec, US)
15:30-16:00 Coffee Break
16:00-18:00 Introducing Usability to the Common Criteria
Matthew Nicolas Kreeger, Marcus Streets (nCipher, UK)
High Assurance Product Development and the Common Criteria: Rethinking EAL7
Rance DeLong, John Rushby (LynuxWorks, US)
Site Certification - Another Step to Improve the CC Process and to Reduce Costs
Hans-Gerd Albersten (NXP Semiconductors, DE), Juergen Noller (Infineon Technologies AG, DE)
Introducing Assurance Measures for Security Target
Yi Mao (atsec, US)
Biometrics in Common Criteria 2008: The big Picture
Nils Tekampe (TÜViT, DE)
Site Evaluation according to the Site Certification Process
Thomas Schroder (T-Systems, DE)
Common Criteria and Source Code Analysis Tools: Competitors or Complements
Adam O'Brien (Security Assurance Group, UK)
New Challenges on Biometric Vulnerability Analysis on Fingerprint Devices
Marino Tapiador (CCN, SP)
The Centrality of Common Criteria in a World of Advanced Technologies
Lior Carmi (SII, IL)
Software Design Complexity Assurance using Automated Tools
Tim Huntley (Juniper Networks, US)
Evaluation Methodology Based on CEM for Testing Environmental Influence
in Biometric Devices
Belen Fernandez-Saavedra, Raul Sanchez-Reillo, Raul Alonso-Moreno (University Carlos III of Madrid, SP)
Maximising the Benefits of Assurance Continuity
David MacFarlane (Research In Motion, CA)
19:00-22:10 Gala Dinner
Awards of CC certificates
Korean Music Performance

  25-Sep-08
Time Track A Track B Track C
09:00-11:00 FMEA for Improving Vulnerability Prevention
Byeonggak Ko (KTL, KR)
Common Criteria Works! (How the Smartcard Industry uses the CC)
Tyrone Stodart (ISCI, UK)
Guidelines for Evaluation Reports according to CC 3.1
Christian Krause (BSI, DE)
Tool for Supporting a Common Criteria Evaluation
Maria Soraya (CESTI, SP)
Experience of Smart Card Evaluation under Japanese Scheme
Masashi Tanaka, Kazuo Morimura, Yasuhiro Hosoda, Takahiro Yamamoto (NTT, JP)
How to write Protection Profiles and Security Targets - ISO/IEC TR 15446, The PP/ST Guide
Michael Nash (Gamma Secure Systems Ltd, UK)
Tools and Techniques for Evidence Production Supporting Tools for
CC Evaluation
Ismael Kane (LGAI-APPLUS, SP)
The Complete(d) CC v3.1 Experience on a Smart Card IC with Cryptolibrary
Wouter Slegers (Brightsight, NL)
Lessons Learnt in Writing PP/ST
Wolfgang Killmann (T-Systems, DE)
EPM (Enterprise Project Management) Construction for Evaluating Progress Management
Nam-kyun Baik, Won-Tae Sim, Byung-kyu Noh (KISA, KR)
The Functional Verification of AES RTL Design using the H/W Assisted Co-Emulation
Jae-Deok Ji, Byung-Kwon Lee, Byung-kyu Noh (KISA, KR)
Further Streamlining of PPs and STs
Dirk-Jan Out (Brightsight, NL)
11:00-11:30 Coffee Break
11:30-12:00 Closing Remark
Mats Ohlin, MC Chair
12:00-12:10 Closing Address
IT Security Certification Center
12:10-12:30 Announcement of 10th ICCC
12:30-14:00 Luncheon

 

Time CC Tutorial Session
24-Sep-08
14:00-15:30
Overview of CC and Part I
Mr. Jose Emilio Rico (Epoche, SP)
Overview of Part II
Dr. Michael Nash (Gamma Secure Systems Ltd, UK)
Overview of Part III and CEM
Dr. Su-en Yek (DSD, AU)


Prof. Tai-Myoung Chung
Vice Chair of OECD Working Party on Information Security & Privacy, Korea
Prof. Chung has been a faculty member & director of the Information Management Technology Lab. of the School of Information and Communications, Sungkyunkwan University in Korea since 1995. Before coming to Sungkyunkwan University, he had been a staff scientist of network technology department at BBN Labs., Cambridge, Massachusetts, and a systems manager at Waldner & Co., Oak Brook, Illinois all in the USA. Prof. Chung graduated from Purdue University with his Ph.D. in computer engineering. Currently, his research interests are Information Security, Network & Information Management, and Mobile Security. He has published 9 technical books and more than 500 refereed research papers. Also, he has served as program chairs of several international conferences and workshops.
Prof. Chung is actively involved in professional and social activities related to his expertise. He is now a vice chair of Working Party on Information Security & Privacy, OECD, senior member of IEEE, vice president of Korea Information Processing Society, chair of the Consortium of Computer Emergency Response Teams(CONCERTs), and the chair of Chief Privacy Officers Forum of Korea. He previously served as a Presidential Committee member of Korean e-government, expert member of Presidential Advisory Committee on Science & Technology of Korea, and advisory committee members of several public and private organizations such as Prime Minister’s Office, National Intelligence Service of Korea, National Security Council, Ministry of Information & Communications, Internet Crime Investigation Center of Seoul Public Prosecutor's Office, Electronic and Telecommunication Research Institute(ETRI), and SK Telecom, etc.
Prof. Dieter Gollmann
Head of Institute for Security in Distributed Applications, Technischen Universitat Hamburg-Harburg, Germany
Prof. Dieter Gollmann received his Dipl.-Ing. in Engineering Mathematics (1979) and Dr.tech. (1984) from the University of Linz, Austria, where he was a research assistant in the Department for System Science. He was a Lecturer in Computer Science at Royal Holloway, University of London, and later a scientific assistant at the University of Karlsruhe, Germany, where he was awarded the 'venia legendi' for Computer Science in 1991. He rejoined Royal Holloway in 1990, where he was the first Course Director of the MSc in Information Security.
He was a Visiting Professor at the Technical University of Graz in 1991, an Adjunct Professor at the Information Security Research Centre, QUT, Brisbane, in 1995, and has acted as a consultant for HP Laboratories Bristol. He joined Microsoft Research in Cambridge in 1998. In 2003, he took the chair for Security in Distributed Applications at Hamburg University of Technology, Germany. He is a Visiting Professor with the Information Security Group at Royal Holloway, a Visiting Professor with the School of Software at Tsinghua University, Beijing, and an Adjunct Professor at the Technical University of Denmark. Dieter Gollmann is one of the editors-in-chief of the International Journal of Information Security and an associate editor of the IEEE Security & Privacy Magazine. His textbook on 'Computer Security' has now appeared in its second edition.
Dr. Chilhee Chung
Senior Vice President & General Manager, Samsung Electronics, Korea
Dr. Chilhee Chung is a Senior Vice President & General Manger of the System LSI Division at Samsung Electronics. He is in charge of LSI Product and Technology which includes product development and advanced logic process technology for display driver IC, Smart Card IC and imaging solutions. He has been with Samsung Electronics, Semiconductor Business, since 1979, and has worked in various technology and product development area, such as SRAM, flash memory, LSI products. He was appointed as a vice president in 1998, and was responsible for System LSI Product Technology group. Since year 2000, he has worked as general manager of C&M (Chipcard and Microcontroller) Team, and he was promoted as Senior Vice President in January, 2005. From 2008, he is in charge of LSI Product and Technology.
As recognition of his dedicated research work, Dr. Chung was awarded the “Jangyoungsil-prize”, the prize for recognizing advanced smart card product and technology developments, from Korea Industrial Technology Association in 2002. He also awarded the Grand Prize of technology development from Samsung Electronics in 1984 for recognizing 256k DRAM product development. Dr. Chung has received a bachelor of science in Physics from Seoul National University, a master of science in Physics from KAIST (Korea Advanced Institute of Science and Technology), and a PhD in Physics from Michigan state University.


Mr. Mats Ohlin (Moderator)
CCRA Management Committee Chair, FMV, Sweden
Mats Ohlin has been involved in the computer security area since the beginning of the 80-ies working for the Swedish National Defence Research Establishment, the Swedish Defence Staff and the Swedish Defence Materiel Administration (FMV) where he currently holds a position as Strategic Specialist in the area of Information and IT Security. Joining FMV in 1989, he became involved in the Swedish National IT programme, which involved assessment of IT security evaluation criteria and the potential of a Swedish Certification Scheme. Mats Ohlin has been active in the international subcommittee within ISO/IEC ISO/IEC JTC 1/SC 27 (IT Security), and in particular in its WG 3 (Security evaluation criteria), since its start in 1990. Since October 1999 he convenes this Working Group.
Mats Ohlin was in the 90-ies one of the two Swedish officials in the Senior Officials Group - Information Security (SOG-IS) at the EU Commission and was active in establishing the European Mutual Recognition framework for IT security certification. He then became active in the harmonisation work leading to the international Arrangement for mutual recognition of IT security certificates (CCRA). He has been an expert 2003-2005 in the Cabinet Office’s Commission investigating Information Security policy and priorities on the national level and an advisor for the establishment of the Swedish IT Security Certification Body. Mats Ohlin is currently the chair of the Management Committee of the CCRA. He holds a M. Sc. from the Royal Institute of Technology in Stockholm.
Ms. Audrey M. Dale
Director, U.S. Common Criteria Scheme, National Security Agency, USA
Ms. Dale has held numerous technical positions in the Information Assurance arena focusing on Information Systems Security Engineering and the evaluations of a wide variety of Information Assurance products. She also served 20 years in the United States Air Force as a Communications Computer Systems Officer in a variety of positions all over the world. Ms. Dale is a Certified Information Systems Security Professional, holds a Masters Degree from Texas A&M University and is a graduate of the University of Maryland.
Mr. David Martin
Chair of CC Development Board, CESG, UK
David Martin has worked in a number of areas of IT security including development work (such as the earliest UK commercial use of public key cryptography), and software/hardware for security in banking, as well as a wide variety of consultancy projects. For many years he ran a security consultancy company and during this time was involved in a number of high assurance development projects for UK Government.
He was a member of the BSI (the UK standards agency) security coordination committee, and is a chartered engineer and a member of the British Computer Society. He has also contributed to a number of books, articles and conferences in the field. He is currently the UK's Scheme Director for international Common Criteria development and is particularly keen to focus upon work that increases the efficiency, effectiveness and relevance of Common Criteria standards and methodology.
Ms. Irmela Ruhrmann
Chair of Executive Subcommittee, BSI, Germany
Irmela Ruhrmann holds a degree in mathematics from the University of Stuttgart, Germany. After having occupied various positions in industry and in the Canadian university environment, she joined the Certification Body of BSI in 1993. Since then she has been involved with increasing responsibilities in the management of certification projects, in the international harmonization of certification, in the introduction of Common Criteria in the certification scheme and in the negotiation of mutual recognition agreements.
In 1998, Mrs. Ruhrmann was appointed head of BSI Certification section, in June 2006 she was tasked with leading the division Certification, Approval and Conformity Testing. With BSI signature of the Common Criteria Recognition Arrangement (CCRA), she became the BSI representative in the Executive Subcommittee of the CCRA, taking on the responsibilities of the Chair in April 2006.
Mr. Miguel Bañón
Chair of CC Maintenance Board, representing CCN, Spain
Graduated in computer science, UPM 1990, Miguel Banon has worked in a number of areas related to safety and security IT certification. Project Editor for ISO/IEC 18045, the ISO equivalent of the CEM, and for ISO/IEC 15408, part 3, the ISO equivalent of CC, and chairman of the CCMB. He is currently CEO of Epoche and Espri, an evaluation laboratory based in Spain, and represents the Centro Criptologico Nacional in a number of forums.
Mr. Pascal Chour
Head of Certification Body, DCSSI, France
Mr. Pascal Chour works at DCSSI (French national security agency) where he is the head of the certification body since 2004. From 1992 to 2004, he was in charge of the security activity in a consultancy company and also, the director of the ITSEF of this company.
In 1987, he co-founded a company in the area of smart-card applications, security product analysis and cryptography. Previously, he was teacher and researcher in an engineer school in the area of networks, proof of communication protocols and security.
Mr. Pascal Chour is a graduate of SUPELEC and EFREI (engineer schools).
Mr. Richard Helliwell
Manager of the Australasian Scheme, DSD, Australia
Richard is the Manager of the Australasian Information Security Evaluation Program (AISEP) Certification Scheme and is its Principle Certifier. He has over five years experience in the AISEP and is responsible for the oversight of Scheme evaluation tasks.
Richard has participated at all levels of Common Criteria committee management and is currently the AISEP representative to the CCDB. He holds a Bachelor of Engineering (Systems).



Dr. Marino Tapiador
Centro Criptologico Nacional, Spain
In the Spanish IT Security Evaluation and Certification Scheme, Marino Tapiador is responsible of the technical management of the Spanish CB that is the organization in charge of Common Criteria, ITSEC and other IT Security evaluations in Spain. Marino Tapiador contributes to the development of IT Security evaluation standards as Common Criteria, he is member of the CC Development Board, CC Maintenance Board and JIL working groups. The interest of Marino Tapiador is focused on research areas related to IT Security evaluation methodologies and electronic identification technologies e.g. smartcards, biometric devices, or PKI systems. Previously Marino has worked for IBM Spain as IT Architect, and as Associate Professor in the Autonomous University of Madrid where he obtained a Ph.D. on Computer Engineering.
Ms. Miriam Serowy
BSI, Germany
After her studies of Computer Science at the University of Applied Sciences of Cologne Miriam joined the Common Criteria Certification Body at the BSI in 2005.
There she works on the certification of large software products like operating systems or firewalls and on the certification of systems conforming to ISO 27001.
She is also representing the BSI in the Common Criteria Maintenance Board, the German Institute for Standardization and ISO SC27 WG 3, following and supporting the further development of the Common Criteria and their standardization
Mr. Rob Huisman
NLNCSA, Ministry of the Interior and Kingdom Relations, Netherlands
Rob Huisman joined the Netherlands National Communications Security Agency(NLNCSA) in 2000 and works as a senior policy(-making) official in the area of information security. Within the Netherlands Scheme for Evaluation and Certification of IT security products (NSCIB), he is acting as the technical manager responsible for managing the technical oversight on behalf of the Certification Body.
As a member of the Common Criteria Development Board (DB) he is also involved in maintaining and updating the Common Criteria standard. Furthermore he is representing the Netherlands in the European Schemes Joint Interpretation Working Group (JIWG) and is involved in the international development of CC Supporting Documents e.g. for smartcard evaluations. Rob Huisman graduated in electrical engineering in 1985 and followed a post graduate course in computer sciences. Before joining the NLNCSA, Rob Huisman worked as a project manager and consultant in a number of areas related to ICT within the Netherlands Ministry of Defense.
Mr. Shaun H. Gilmore
U.S. Common Criteria Scheme, National Security Agency, US
As the NIAP Common Criteria Evaluation and Validation Scheme Chief Validator, Shaun Gilmore provides technical, CC, and managerial oversight for the US national program for the evaluation of Information Technology products. Mr. Gilmore serves as the primary US representative on the Common Criteria Maintenance Board and is a routine and active member of the Common Criteria Development Board. In this capacity, Mr. Gilmore influences the future advancement of the CC standard and criteria. Mr. Gilmore is a Certified Information Systems Professional, holds a Masters Degree from Carnegie Mellon University, and is a graduate from the University of Scranton.
Mr. Wan Roshaimi Wan Abdullah
Head of Department, CyberSecurity Malaysia, Malaysia
Wan Roshaimi is currently a Head of Department at CyberSecurity Malaysia. He is a Certified Information Systems Security Professional(CISSP) and also an ISMS Lead Auditor. He has been in information security industry for many years especially in security consulting and advisory. His other area of interest includes wireless security and SCADA security.
Mr. Wan Suk Yi
Korea Information Security Agency, Korea
He worked mainly in setting up Korean Evaluation and Certification Scheme, developing Korean criteria and PPs, providing education and training programs for evaluators for last twelve years. Since joining CCRA in 2006, he has been representing Korean Scheme at CCRA ES and CCDB meetings.
Before starting his career in the field of CC evaluation and certification in 1996, he was a consultant at Hyundai Information Technology. He also, worked in Korean Air Force as an aid de camp CINC, ROK/US Combined Forces Command. He majored in Computer Science from Virginia Polytechnic Institute and State University in USA and Computer Engineering from DongGuk University and SungKyunKwan University in Korea.


Prof. Hyoung-Kee Choi (Coordinator)
School of Information & Communication Engineering, SungKyunKwan University
Hyoung-Kee Choi received his B.S. degree from Sungkyunkwan University in Korea (1992), his M.S. degree from Polytechnic University in Brooklyn, NY (1996) and his Ph.D. degree from Georgia Institute of Technology in Atlanta, GA (2001), respectively. The title of his Ph.D. dissertation is "Measurement, Characterization and Modeling of World Wide Web Traffic". He is an assistant professor at the school of information and communication engineering in Sungkyunkwan University. He serves as a director at the education center for mobile communications. His research interests span network security and interne traffic modeling. He joined Lancope in 2001 and remained until 2004 where he guided, and contributed to research in the Internet security.
Mr. Jose Emilio Rico (Overview of CC and PartI)
Technical Manager, Epoche and Espri(Spanish Evaluation Lab.)
Jose Emilio Rico, graduated in computer science, has worked in areas related to the information systems development, safety software certification in the scope of aerospace technologies and IT systems and products security evaluation under ITSEC and CC standards. He is currently Technical Manager of Epoche and Espri, a security evaluation laboratory based in Spain.
Dr. Michael Nash (Overview of PartII)
Director, Gamma Secure Systems Ltd, UK
Mike Nash has a long background in security evaluation criteria. He helped develop the UK national criteria, the ITSEC and finally the Common Criteria. Currently, his main involvement with the CC comes from advising major vendors and customers on how to prepare for and successfully achieve evaluation - and when not to bother trying. He is the Project Editor for Part 2 of ISO/IEC 15408, the ISO equivalent of the Common Criteria. Dr. Nash is a Director of Gamma Secure Systems Limited.
Dr. Su-en Yek (Overview of PartIII)
Australasian Scheme, DSD, Australia
Su-en is a Certifier for the Australasian Information Security Evaluation Program (AISEP) and is the AISEP representative to the CC Maintenance Board and working groups. Su-en holds a PhD in Computer Science and as a part of her academic tenure, published numerous journal and conferences papers in information security.


© 2008  IT Security Certification Center, National Intelligence Service