To amend the National Institute of Standards and Technology Act to enhance the ability of the National Institute of Standards and Technology to improve computer security, and for other purposes.
Computer Security Enhancement Act of 1997 - Amends the National Institute of Standards and Technology Act to require the National Institute of Standards and Technology, in fulfilling its responsibilities under the computer standards program, to: (1) upon request from the private sector, assist in establishing voluntary interoperable standards, guidelines, and associated methods and techniques to facilitate and expedite the establishment of non-Federal public key management infrastructures that can be used to communicate with and conduct transactions with the Federal Government; and (2) provide assistance to Federal agencies in the protection of computer networks, and coordinate Federal response efforts related to unauthorized access to Federal computer systems. Requires the Institute to perform evaluation and tests of: (1) information technologies to assess security vulnerabilities; and (2) commercially available security products for their suitability for use by Federal agencies for protecting sensitive information in computer systems.
(Sec. 5) Requires the Institute to carry out specified activities in the development of uniform standards and guidelines for the cost-effective security and privacy of sensitive information in certain Federal computer systems.
(Sec. 6) Directs the Institute to solicit the recommendations of the Computer System Security and Privacy Advisory Board regarding standards and guidelines that are being considered for submittal to the Secretary of Commerce.
Authorizes separate appropriations for FY 1998 and FY 1999 to enable the Board to identify emerging issues related to computer security, privacy, and cryptography and to convene public meetings on those subjects, receive presentations, and publish reports, digests, and summaries for public distribution on those subjects.
(Sec. 7) Prohibits the Institute from promulgating, enforcing, or otherwise adopting standards, or carrying out activities or policies, for the Federal establishment of encryption standards required for use in computer systems other than Federal Government computer systems.
(Sec. 8) Revises specified requirements, including authorizing (currently, requiring) the Institute, for the purposes of performing research and conducting studies, to draw upon computer system security guidelines developed by the National Security Agency.
(Sec. 9) Amends the Computer Security Act of 1987 to revise requirements regarding Federal computer system security training to require such training to include emphasis on protecting sensitive information in Federal databases and Federal computer sites that are accessible through public networks.
(Sec. 10) Authorizes appropriations for FY 1998 and 1999 for fellowships to support students at institutions of higher learning in computer security.
(Sec. 11) Requires a study by National Research Council of the National Academy of Sciences of public key infrastructures. Authorizes appropriations for carrying out the study.
(Sec. 12) Directs the Under Secretary of Commerce for Technology to: (1) promote the more widespread use of cryptography applications and associated technologies to enhance the security of the Nation's information infrastructure; (2) establish a central clearinghouse for the collection by the Federal Government and dissemination to the public of information to promote awareness of information security threats; (3) promote the development of the national, standards-based infrastructure needed to support commercial and private uses of encryption technologies for confidentiality and authentication; and (4) establish a National Policy Panel for Digital Signatures to serve as a forum for exploring all relevant factors associated with the development of a national digital signature infrastructure based on uniform standards that will enable the widespread availability and use of digital signature systems.
Subcommittee Consideration and Mark-up Session Held.
Forwarded by Subcommittee to Full Committee (Amended) by Voice Vote.
Committee Consideration and Mark-up Session Held.
Ordered to be Reported (Amended) by Voice Vote.
Reported (Amended) by the Committee on Science. H. Rept. 105-243.
Reported (Amended) by the Committee on Science. H. Rept. 105-243.
Placed on the Union Calendar, Calendar No. 139.
Mr. Sensenbrenner moved to suspend the rules and pass the bill, as amended.
Considered under suspension of the rules.
DEBATE - The House proceeded with forty minutes of debate.
At the conclusion of debate, the chair put the question on the motion to suspend the rules. Mr. Condit objected to the vote on the grounds that a quorum was not present. Further proceedings on the motion were postponed. The point of no quorum was withdrawn.
Considered as unfinished business. (consideration: CR H7293-7298, H7321)
checking server…
Ask anything about this bill. The AI reads the full text to answer.
Enter to send · Shift+Enter for new line
Passed/agreed to in House: On motion to suspend the rules and pass the bill, as amended Agreed to by voice vote.
On motion to suspend the rules and pass the bill, as amended Agreed to by voice vote.
Motion to reconsider laid on the table Agreed to without objection.
Received in the Senate and read twice and referred to the Committee on Commerce.
Committee on Commerce. Ordered to be reported without amendment favorably.
Committee on Commerce. Reported to Senate by Senator McCain without amendment. With written report No. 105-412.
Committee on Commerce. Reported to Senate by Senator McCain without amendment. With written report No. 105-412.
Placed on Senate Legislative Calendar under General Orders. Calendar No. 718.