4th CACR Information Security Workshop

Speaker
Roland Mueller, TUViT, Inc.

Title
IT Security Evaluation According to Harmonised and Approved Criteria

Abstract
This talk will show in a brief presentation the history of IT security criteria and their harmonisation and will point out, what the major issues in an evaluation process are. The two criteria ITSEC and Common Criteria (CC) will be compared and it will show what components have been evaluated for the German Digital Signature act until today.

Speaker Bio
Roland Mueller is Executive Vice President of TUViT, Inc., a California-based firm, where he leads their IT Security Laboratory and Network group located in Austin, TX. Mr. Mueller was most recently a Technical Manager for Daimler-Benz. In this capacity, Mr. Mueller assumed responsibility for the technical installation, assessment and management of the Daimler-Benz privacy and security policy. Mr. Mueller participated in establishing the privacy and security policy governing local IT managers, which focused on the fulfillment of the technical and operational requirements in starting and supervising technical projects for IT security. Mr. Mueller was a member of a project group responsible for protecting the board of directors and management from IT fraud and increasing awareness of that the risk of IT fraud at every level throughout the organization.

Prior to joining Daimler-Benz, Mr. Mueller worked as a manager for technical security matters in the Department of Data Protection and IT Security of Debis Systemhaus GmbH. Debis Systemhaus is Germany's largest independent information technology (IT) service provider and a subsidiary of Daimler-Benz.

Before his position at Debis Systemhaus, Mr. Mueller was responsible for the research infrastructure and the implementation of the corporate research WAN (wide area network) at Daimler-Benz Research Unit in Stuttgart. The Unit included institutes located in Asia, Europe, Australia and North America, with technology liaison offices of several major cities such as Tokyo, Bangalore, Shanghai, Washington D.C., Palo Alto and Moscow.

After completing his master's degree at Friedrich-Alexander-University in Computer Science, Mr. Mueller served as a scientist at the University of Erlangen Nurnberg where he was responsible for WAN security projects. During his employment with the university, Mr. Mueller implemented a packet switching firewall for public networks which protected a group of networks linked together as a unit form unauthorized access from public networks (such a the Internet). Mr. Mueller also holds a bachelor's degree in Computer Science from Friedrich-Alexander-University in Erlangen Nurnberg, Germany.

Roland Mueller is doing international IT security standardisation for more than eight years, he was editor of a key management standard and is currently editing a standard on time stamping services. He is chairman of the German standardisation body on IT security techniques and was director of the IACR in 1997 when chairing Eurocrypt.