Deliverables and assignments

Device Security

v7 December 14th, 2011

Name Affiliation Email Short

Marc Vauclair NXP Marc.Vauclair@nxp.com MVU

René Struik Struik Security Consultancy rstruik.ext@gmail.com RST

Shrinath Eswarahally Infineon Shrinath.Eswarahally@INFINEON.COM SES

James Blaisdell Mocana JBlaisdell@mocana.com JBL

Rohit Khera S&C Electric Rohit.Khera@sandc.com RKH

Chris Gorog Deloitte cgorog@deloitte.com CGO

Wim Nuyts NXP Wim.nuyts@nxp.com WNU

Thierry Gouraud NXP Thierry.Gouraud@nxp.com TGO

Mike Ahmadi GraniteKey Mike.ahmadi@granitekey.com MAH

Sadu Bajekal IBM Sbajekal@US.IBM.COM SBA

Tom Thomassen Symantec Tom_Thomassen@symantec.com TTO

Daniel Thanos GE Daniel.Thanos@GE.COM DTH

David Sequino GHS dsequino@ghs.com DSE

Chris Dunn Safenet chris.dunn@SAFENET-INC.COM CDU

Gib Sorebo SAIC GILBERT.N.SOREBO@saic.com GSO

Steve Dougherty IBM sdougherty@US.IBM.COM SDO

Bora Akyol PNL bora@PNL.GOV BAK

Topic Primary Owner/s

Secondary Owner/s

Start Date / Status Est. Completion

Cryptographic Hardware and Hardware Security

SESRST

CGOMVU

Underway (first draft submitted)All comments included those from Mike A. taken into account.Latest version available on shared drive.Action: request for a specialist review for the hardware security part.

Random Number Generation

JBLWNU

RKHTGO

Contribution from James sent and put on the shared drive. Temporarily Wim Nuyts assigned instead of Thierry Gouraud for primary ownership. Subject to change in January.

Device Identityand Device Authentication

MVUWNUMAH

SBASESTTOCGO

Contribution a draft to be expected in January 2011 3rd week

Ciphers (refer to NISTIR 7628 Crypto Section)

RKHRST

DTH UnderwayMove to device security, already agreed on how to proceed

January 31st, 2012

Secure protocols RKH JBL Draft completed and submitted for review by JBLSomeone from NXP should join the Secondary owners for review

Key Management CGORSTDSE

MVUCDUGSO

This activity is put on hold waiting for finalization of the CSWG design principles working group on key management.

Topic Primary Owner/s

Secondary Owner/s

Start Date / Status Est. Completion

Authorization/Role/Access control/Coarse grain policy

OPEN OPEN OPEN OPEN

Compliance and certification

MAH MVU Ask Mike to prime the pump when the output from the CSWG TCC testing certification and compliance group is available

Use cases SES MVURKH

use cases contributed by SES in draft circulated: request for reviews and more use casesSES will contribute additional uses casesScope: embedded security use cases

Device Mgmt BAK MVUSDOSBA

Put on hold as well because we expected that someone from IBM would contribute but they indicated that don’t have the bandwitdh to participate actively

Device Robustness & Resilience

DTH CGO Bora recommended the incorporation of that category: put it on hold for the time being,