CSL Newsletter May 1995 CSL TO COORDINATE FEDERAL EDI CONVENTIONS As part of the overall federal effort to establish a single face to industry for conducting electronic commerce, CSL has been designated as the organization responsible for coordinating the development of federal Implementation Conventions (ICs) for Electronic Data Interchange (EDI). ICs are defined by functional-area experts who create and select options from standard EDI Transaction Sets to yield the implementations to be used for practical Electronic Data Interchange. We expect the initial set of published ICs to consist of eleven ICs in the procurement and finance areas. As the government's electronic commerce activities escalate, we anticipate the inclusion of many new functional areas such as healthcare, transportation, and personnel. We will make these ICs and related guidance documents available to federal agencies and industry by electronic and paper means. A separate publications series has been established, NIST Publications Series 881, Federal Electronic Data Interchange (EDI), to publish the EDI conventions. When published in paper form, these documents will be available from the Government Printing Office (GPO) or the National Technical Information Service (NTIS) at the addresses given below. New documents will be announced in the CSL Newsletter as they become available. Currently, the ICs are available in electronic form. To access federal EDI information electronically, we offer the following options: WWW via the URL: http://snad.ncsl.nist.gov/dartg/edi/fededi.html FTP: anonymous ftp to snad.ncsl.nist.gov type "cd pub/fededi" type "binary" select a directory of interest and type "mget" E-mail: to "registry@edireg.ncsl.nist.gov" and include the word "help." The Federal Registry of Implementation Conventions will return an information file to the message originator. The Registry can provide federal ICs on request, via e-mail, in ASCII and IMPDEF formats. FEDERAL INFORMATION PROCESSING STANDARDS (FIPS) ACTIVITIES Raster Document Application Profile FIPS Approved FIPS 194, Open Document Architecture (ODA) Raster Document Application Profile (DAP), has been approved for federal agency use. FIPS 194 adopts the International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) 12064-1 International Standard Profile (ISP) FOD112, Open Document Format: Image Applications--Simple Document Structure-- Raster Graphics content architecture, Part 1: Document Application Profile (DAP). The DAP standard supports the interchange of compound documents containing up to three types of contents: character (text), raster graphics, and geometric graphics. Effective September 1, 1995, FIPS 194 allows federal agencies to more effectively produce and manage federal raster graphics applications. FIPS for SQL Environments Approved The Secretary of Commerce recently approved FIPS 193, SQL Environments, for use by federal agencies. Effective February 1, 1995, FIPS 193 is the first step of a continuing effort to define appropriate conformance profiles that can be used by vendors and users to specify exact requirements for how various products fit into an SQL environment. An SQL environment is an integrated data processing environment in which heterogeneous products, all supporting some aspect of FIPS 127, SQL, are able to communicate with one another and provide shared access to data and data operations and methods under appropriate security, integrity, and access control mechanisms. VHSIC Hardware Description Language (VHDL) FIPS Revised FIPS 172, VHSIC Hardware Description Language (VHDL), has been revised and published as FIPS 172-1. The revised standard adopts language specifications contained in ANSI/IEEE 1076-1993, IEEE Standard VHDL Language Reference Manual, which specifies the form and establishes the interpretation of programs expressed in VHDL. FIPS 172-1 enhances the portability of VHDL programs in federal computer systems. UPDATE ON NEW PUBLICATIONS CSL publishes the results of studies, investigations, and research. The reports listed below may be ordered from the following sources as indicated for each: *Superintendent of Documents U.S. Government Printing Office (GPO) Washington, DC 20402 Telephone: (202) 512-1800 Fax: (202) 512-2250 *National Technical Information Service (NTIS) 5285 Port Royal Road Springfield, VA 22161 Telephone: (703) 487-4650 Rush Service: (800) 553-6847 Fax: (703) 321-8547 or (703) 321-9038 A User Study: Informational Needs of Remote National Archives and Records Administration Customers By Judi Moline and Steve Otto NIST Spec. Pub. 500-221 November 1994 SN003-003-03305-7 $7.50 Order from GPO This report describes a project, conducted in the state of Nebraska, which looked at what remote users of the National Archives and Records Administration want in the way of information and materials and how they want to receive the information. Glossary of Software Reuse Terms By Susan Katz, Christopher Dabrowski, Kathryn Miles, and Margaret Law NIST Spec. Pub. 500-222 December 1994 SN003-003-03311-1 $2.75 Order from GPO This report provides a baseline set of recommended definitions for terms commonly used in the software reuse community. A Framework for the Development and Assurance of High Integrity Software By Dolores R. Wallace and Laura M. Ippolito NIST Spec. Pub. 500-223 December 1994 SN003-003-03312-0 $5.50 Order from GPO This document provides a technology-independent framework to assist government, industry, and academia in addressing the issues of providing software for high integrity software systems. Stable Implementation Agreements for Open Systems Environment -- Version 8, Edition 1 (supersedes NIST SP 500-214) Ted Landberg, Workshop Chairman; Brenda Gray, Workshop Editor NIST Spec. Pub. 500-224 December 1994 Available on CD-ROM at (202) 371-1013; price is $15.00. This CD-ROM contains stable implementation agreements approved by the Open Systems Environment Implementors' Workshop (OIW) as of December 1994. Keeping Your Site Comfortably Secure: An Introduction to Internet Firewalls By John P. Wack and Lisa J. Carnahan NIST Spec. Pub. 800-10 December 1994 PB95-182275 $19.50 paper Order from GPO $ 9.00 microfiche This publication provides an overview of the Internet and security-related problems. It describes firewall components, the reasoning behind firewall usage, several types of network access policies, and resources for more information. The document assists federal and industry users in planning and purchasing a firewall. The Impact of the FCC's Open Network Architecture on NS/NP Telecommunications Security By Karen Olsen and John Tebbutt NIST Spec. Pub. 800-11 February 1995 SN003-003-03318-9 $3.25 Order from GPO This report provides an overview of the Federal Communications Commission's Open Network Architecture (ONA), describes National Security and Emergency Preparedness (NS/EP) telecommunications security concerns, and details NS/EP telecommunications security concerns that the FCC's ONA requirement introduces into the Public Switched Network (PSN). Comparing Remote Procedure Calls By John Barkley NISTIR 5277 October 1993 PB95-194205 $17.50 paper Order from NTIS $ 9.00 microfiche This report describes the remote procedure call (RPC), a technique to support the development of applications which require processes on different systems to communicate and coordinate their activities. It discusses how the RPC concept is commonly implemented and compares the features and capabilities of three RPCs. ISDN LAN Bridging By Tim Boland NISTIR 5532 November 1994 PB95-154696 $17.50 paper Order from NTIS $12.50 microfiche This paper provides guidance which enables users to properly assimilate Integrated Services Digital Network (ISDN) local area network (LAN) bridging products into the workplace. SGML Parser Validation Procedures By R.B. Wilson NISTIR 5538 January 1995 PB95-174959 $17.50 paper Order from NTIS $ 9.00 microfiche This document establishes operating policy and procedures for NIST's testing program for FIPS 152, Standard Generalized Markup Language (SGML), parsers. The testing methodology is based on ANSI X3.190-1992, Text and Office Systems - Conformance Testing for Standard Generalized Markup Language Systems. Multi-Agency Certification and Accreditation (C&A) Process: A Worked Example By Ellen Flahavin, Annabelle Lee, and Dawn Wolcott NISTIR 5540 December 1994 PB95-171955 $19.50 paper Order from NTIS $ 9.00 microfiche This document describes a worked example of a multi-agency certification and accreditation process. Although it focuses on the Mountain Pass Project implemented for the Drug Enforcement Administration, the document presents lessons learned and provides practical guidance to federal agencies that perform multi-agency C&A. Initial Graphics Exchange Specification (IGES): Procedures for the NIST IGES Validation Test Service By Jacki A. Schneider and Lynne S. Rosenthal NISTIR 5541 December 1994 PB95-171427 $17.50 paper Order from NTIS $ 9.00 microfiche This document presents validation procedures for the IGES preprocessor and postprocessor testing programs. Binary Decision Clustering for Neural Network Based Optical Character Recognition By C.L. Wilson, P.J. Grother, and C.S. Barnes NISTIR 5542 December 1994 PB95-171971 $17.50 paper Order from NTIS $ 9.00 microfiche This report presents a multiple neural network system for handprinted character recognition and outlines a clustering technique for analyzing pattern recognition capabilities. A Perspective on Software Engineering Standards By Dolores R. Wallace and Roger J. Martin NISTIR 5546 December 1994 PB95-171377 $17.50 paper Order from NTIS $ 9.00 microfiche This document provides information about NIST's Federal Information Processing Standards (FIPS) and other standards organizations and presents a perspective on software engineering standards. Asynchronous Transfer Mode Procurement and Usage Guide By Tim Boland NISTIR 5561 December 1994 PB95-174967 $17.50 paper Order from NTIS $ 9.00 microfiche This paper gives guidance on Asynchronous Transfer Mode (ATM) technology which enables users to properly assimilate ATM products into the workplace. An Assessment of the DOD Goal Security Architecture (DGSA) for Non-Military Use By Arthur E. Oldehoeft NISTIR 5570 November 1994 PB95-189510 $17.50 paper Order from NTIS $ 9.00 microfiche This study assesses the potential of the DGSA as a model and framework for the development of non-military computer and information security architectures. Operating Principles of MultiKron II Performance Instrumentation for MIMD Computers By Alan Mink NISTIR 5571 December 1994 PB95-189486 $17.50 paper Order from NTIS $ 9.00 microfiche This report provides a background discussion about performance measurement and describes the features of the MultiKron II and its processor interface. Validated Products List 1995 No. 1 (2 Volumes) Judy B. Kailey, Editor NISTIR 5585 (supersedes NISTIR 5510) January 1995 PB95-937301 $36.50 paper Order from NTIS $146.00 subscription This two-volume document, published quarterly, identifies the COBOL, FORTRAN, Pascal, C, MUMPS, and Ada programming language processors with current validation certificates and the SQL language processors with registered test reports. Also included are NIST POSIX Testing Laboratories and Validated Products, Graphics, and Computer Security testing programs. Volume 2 presents GOSIP Conformance Testing Registers. UPCOMING TECHNICAL CONFERENCES Applications Portability Profile (APP)/Open Systems Environment (OSE) Workshop This workshop is designed as a user's forum to discuss the latest developments in the APP/OSE. Dates: May 9-11, 1995 November 7-8, 1995 Place: NIST, Gaithersburg, MD Contact: Joe Hungate (301) 975-3368 E-mail: hungate@sst.ncsl.nist.gov Federal Wireless Users Forum (FWUF) This users group was established to address wireless digital interface issues in the federal government. Although focusing on the requirements of federal wireless telecommunication users, the forum encourages the participation of state and local government, other interested users, product providers, and service providers. Sponsors: NIST and the National Communications System (NCS) Dates: May 15-18, 1995; this workshop co-sponsored by WINForum. Place: Holiday Inn Crown Plaza, Rockville, MD Contact: Mary Ruhl (301) 975-2983 E-mail: mruhl@nist.gov 8th Annual Data Administration Management Association (DAMA) Symposium This symposium will disseminate knowledge and experience about data administration and provide a forum for the exchange of ideas and resolution of problems. Sponsors: NIST and DAMA Date: May 16-17, 1995 Place: NIST, Gaithersburg, MD Contact: Judith Newton (301) 975-3256 E-mail: newton@speckle.ncsl.nist.gov Lecture Series on Applied Information Technology Co-sponsored by the NIST Center for Applied Information Technology (CAIT), Advanced Technology Program (ATP), and Electronic Commerce Integration Facility, this new lecture series will present leaders in industry, academia, and government speaking on topics such as electronic commerce, collaborative engineering, virtual enterprise, health care information infrastructure, manufacturing information infrastructure, nationwide multimedia libraries, and education. Date: May 18, 1995, 2:00p.m. Speaker: Stanley Su, University of Florida Place: NIST Green Auditorium Contact: Sharon Reeves (301) 975-4411 E-mail: reeves@snad.ncsl.nist.gov Lecture Series on High Integrity Systems This lecture series addresses problems and solutions for developing and operating high integrity systems. Date: May 22, 1995, 2:00p.m. Speaker: Pamela Zave, AT&T Bell Labs Topic: Formal Specification of Telecommunications Software Place: NIST Green Auditorium Contact: Dolores Wallace (301) 975-3340 E-mail: wallace@sst.ncsl.nist.gov North American ISDN Users' Forum (NIUF) The NIUF addresses many concerns over a broad range of Integrated Services Digital Network (ISDN) issues and seeks to reach consensus on ISDN Implementation Agreements. Participants include ISDN users, implementors, and service providers. Dates: June 5-9, 1995 November 13-17, 1995 Place: NIST Contact: Sara Caswell (301) 975-2937 E-mail: sara@isdn.ncsl.nist.gov Open System Environment (OSE) Implementors Workshop (OIW) This workshop is part of a continuing series to develop implementation specifications from international standard design specifications for computer network protocols. Sponsors: NIST and the IEEE Computer Society Dates: June 13-15, 1995 September 12-14, 1995 December 5-7, 1995 Place: NIST, Gaithersburg, MD Contact: Brenda Gray (301) 975-3664 E-mail: bgray@sst.ncsl.nist.gov COMPASS '95 Tenth Annual Conference on Computer Assurance COMPASS '95 will bring together researchers, developers, and evaluators from industry, government, and academia who work on problems related to specifying, building, and certifying high- assurance computer systems. Sponsors: IEEE and the IEEE Aerospace and Electronic Systems Society, in cooperation with the British Computer Society Date: June 26-30, 1995 Place: NIST, Gaithersburg, MD Contact: Laura Ippolito (301) 975-5248 E-mail: ippolito@sst.ncsl.nist.gov 18th National Information Systems Security Conference This large national conference (formerly the National Computer Security Conference) provides a forum for addressing traditional security concerns, as well as security issues associated with the emerging National Information Infrastructure (NII). Five tracks cover topics such as directions of IT security, network security, viruses, risk management, contingency planning, and privacy. Sponsors: NIST and the National Computer Security Center Date: October 10-13, 1995 Place: Baltimore Convention Center Contact: Irene Gilbert-Perry (301) 975-3360 E-mail: igilbert@csmes.ncsl.nist.gov