Pulse

By GCN Staff

Blog archive

NIST presents building blocks for mobile security

NIST's National Cybersecurity Center of Excellence has proposed two new cybersecurity building blocks, one to help organizations develop capabilities for attribute-based access control, and the other to help address enterprise security issues that result from the use of mobile devices to access company resources.

Building blocks are cybersecurity implementations that apply to multiple industry sectors and are expected to be incorporated into many of the center's sector-specific use cases, the agency said in its announcement.

The draft Attribute Based Access Control building block proposes an identity management system that allows multiple enterprises to exchange and validate employee attributes such as title, division, certifications and training. This would allow an organization like a disaster recovery team to grant a visiting doctor access to a range of hospital resources using risk-based policy enforcement.

The technology demoed in this building block will use commercially available technologies and be modular, allowing organizations flexibility in their implementations based on their network infrastructures. Comments should be submitted to [email protected] by March 28, 2014.

The draft Mobile Device Security for Enterprises building block proposes a system of commercially available technologies that provide enterprise-class protection for mobile platforms that access corporate resources.

The building block will examine security technologies that can enable enterprise risk management for users to work inside and outside the corporate network using a securely configured mobile device. It will also incorporate a layered approach that allows enterprises to tailor solutions to their business needs. Comments should be submitted to [email protected] by March 28, 2014.

Posted by GCN Staff on Feb 26, 2014 at 10:03 AM


Featured

  • People
    Federal CIO Suzette Kent

    Federal CIO Kent to exit in July

    During her tenure, Suzette Kent pushed on policies including Trusted Internet Connection, identity management and the creation of the Chief Data Officers Council

  • Defense
    Essye Miller, Director at Defense Information Management, speaks during the Breaking the Gender Barrier panel at the Air Space, Cyber Conference in National Harbor, Md., Sept. 19, 2017. (U.S. Air Force photo/Staff Sgt. Chad Trujillo)

    Essye Miller: The exit interview

    Essye Miller, DOD's outgoing principal deputy CIO, talks about COVID, the state of the tech workforce and the hard conversations DOD has to have to prepare personnel for the future.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.