House calls for NIST to establish standards for security products

House calls for NIST to establish standards for security products

The Computer Security Enhancement Act of 2001, passed last month by the House of Representatives, calls for standards in commercial security products used by the government.

HR 1259 expands the responsibilities of the National Institute of Standards and Technology to set guidelines for securing federal systems, particularly through encryption and authentication. Such standards would be technology-neutral and focus on commercial offerings.

The bill currently is before the Senate Committee on Commerce, Science and Transportation.
Rep. Sherwood Boehlert (R-N.Y.), chairman of the House Science Committee, said the bill is the first of several that will deal with cybersecurity.

NIST already is responsible for developing guidelines for security and privacy of federal systems. It would take on further responsibilities for improving compliance with existing guidelines and promoting use of commercial products. The standards agency would maintain a list of authentication products that have passed evaluation by private laboratories.

NIST also would assess agencies' information security when asked. Congress would receive the results of the assessments.

The bill also would set up a fellowship program to provide $10 million over two years for students of computer security.

About the Author

William Jackson is a Maryland-based freelance writer.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.