Pulse

By GCN Staff

Blog archive
NIST drafts security building blocks

NIST drafts security building blocks

NIST has proposed two new building blocks to improve email security and to provide security services based on personal identity verification (PIV) credentials through mobile devices.

The building blocks cover cybersecurity implementations that apply to multiple industry sectors and will be incorporated into many of the National Cybersecurity Center of Excellence’s sector-specific use cases. Final versions of the building blocks result in NIST Cybersecurity Practice Guides (Special Publication series 1800), which describe the practical steps needed to implement a cybersecurity reference design.

The draft building block "Domain Name System-Based Security for Electronic Mail" proposes using the DNS-based Authentication of Named Entities (DANE) protocol to help prevent unauthorized parties from reading or modifying an organization's email or using it as a vector for malware.

The draft building block "Derived Personal Identity Verification (PIV) Credentials" proposes a way for mobile devices to use two-factor authentication without specialized card readers, which read the identity credentials embedded in on-card computer chips to ensure authorized access to computer systems or facilities. With derived credentials, mobile device users could get the same level of security with their mobile devices that desktop users get with card-reader access.

The comment period for each is open until Aug. 14, 2015.

Posted by GCN Staff on Jul 07, 2015 at 1:00 PM


Featured

  • Social Media
    Editorial credit: pcruciatti / Shutterstock.com

    They took all the tweets and put 'em in a tweet museum

    Twitter cancelled @realdonaldtrump, but the National Archives will bring presidential tweets back via the Trump library website.

  • Workforce
    Avril Haines testifies SSCI Jan. 19, 2021

    Haines looks to restore IC workforce morale

    If confirmed, Avril Haines says that one of her top priorities as the Director of National Intelligence will be "institutional" issues, like renewing public trust in the intelligence community and improving workforce morale.

Stay Connected