Pulse

By GCN Staff

Blog archive

NIST presents building blocks for mobile security

NIST's National Cybersecurity Center of Excellence has proposed two new cybersecurity building blocks, one to help organizations develop capabilities for attribute-based access control, and the other to help address enterprise security issues that result from the use of mobile devices to access company resources.

Building blocks are cybersecurity implementations that apply to multiple industry sectors and are expected to be incorporated into many of the center's sector-specific use cases, the agency said in its announcement.

The draft Attribute Based Access Control building block proposes an identity management system that allows multiple enterprises to exchange and validate employee attributes such as title, division, certifications and training. This would allow an organization like a disaster recovery team to grant a visiting doctor access to a range of hospital resources using risk-based policy enforcement.

The technology demoed in this building block will use commercially available technologies and be modular, allowing organizations flexibility in their implementations based on their network infrastructures. Comments should be submitted to abac-nccoe@nist.gov by March 28, 2014.

The draft Mobile Device Security for Enterprises building block proposes a system of commercially available technologies that provide enterprise-class protection for mobile platforms that access corporate resources.

The building block will examine security technologies that can enable enterprise risk management for users to work inside and outside the corporate network using a securely configured mobile device. It will also incorporate a layered approach that allows enterprises to tailor solutions to their business needs. Comments should be submitted to mobile-nccoe@nist.gov by March 28, 2014.

Posted by GCN Staff on Feb 26, 2014 at 10:03 AM


Featured

  • Defense

    DOD wants prime contractors to be 'help desk' for new cybersecurity model

    The Defense Department is pushing forward with its unified cybersecurity standard for contractors and wants large companies and industry associations to show startups and smaller firms the way.

  • FCW Perspectives
    tech process (pkproject/Shutterstock.com)

    Understanding the obstacles to automation

    As RPA moves from buzzword to practical applications, agency leaders say it’s forcing broader discussions about business operations

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.