Pulse

By GCN Staff

Blog archive
NIST drafts security building blocks

NIST drafts security building blocks

NIST has proposed two new building blocks to improve email security and to provide security services based on personal identity verification (PIV) credentials through mobile devices.

The building blocks cover cybersecurity implementations that apply to multiple industry sectors and will be incorporated into many of the National Cybersecurity Center of Excellence’s sector-specific use cases. Final versions of the building blocks result in NIST Cybersecurity Practice Guides (Special Publication series 1800), which describe the practical steps needed to implement a cybersecurity reference design.

The draft building block "Domain Name System-Based Security for Electronic Mail" proposes using the DNS-based Authentication of Named Entities (DANE) protocol to help prevent unauthorized parties from reading or modifying an organization's email or using it as a vector for malware.

The draft building block "Derived Personal Identity Verification (PIV) Credentials" proposes a way for mobile devices to use two-factor authentication without specialized card readers, which read the identity credentials embedded in on-card computer chips to ensure authorized access to computer systems or facilities. With derived credentials, mobile device users could get the same level of security with their mobile devices that desktop users get with card-reader access.

The comment period for each is open until Aug. 14, 2015.

Posted by GCN Staff on Jul 07, 2015 at 1:00 PM


inside gcn

  • federal blockchain

    How blockchain can transform the public sector

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

resources

HTML - No Current Item Deck
  • Transforming Constituent Services with Business Process Management
  • Improving Performance in Hybrid Clouds
  • Data Center Consolidation & Energy Efficiency in Federal Facilities

More from 1105 Public Sector Media Group