Projects
https://csrc.nist.gov/projects/zero-trust
[Redirect to https://www.nccoe.nist.gov/projects/implementing-zero-trust-architecture] Conventional network security has focused on perimeter defenses, but many organizations no longer have a clearly-defined perimeter. To protect a modern digital enterprise, organizations need a comprehensive strategy for secure “anytime, anywhere” access to their corporate resources (e.g., applications, legacy systems, data, and devices) regardless of where they are located.
Projects
https://csrc.nist.gov/projects/redactable-distributed-ledger
Hyperledger Fabric drop-in component for data block matrix is now available. Privacy laws increasingly require some types of data to be erased at user request, according to GDPR and related regulations. We have developed a secure distributed trust solution for networks using Next-Generation Database Access Control (NDAC) and the Data Block Matrix (DBM), with an open source implementation of the DBM using Hyperledger Fabric. This Hyperledger Fabric component solves the conflict between conventional blockchain use and privacy regulations, by using a data structure that provides hash-based...
Projects
https://csrc.nist.gov/projects/auto-cybersecurity-coi
The automotive industry is facing significant challenges from increased cybersecurity risk and adoption of AI and opportunities from rapid technological innovations. NIST is setting up this community of interest (COI) to allow the industry, academia, and government to discuss, comment, and provide input on the potential work that NIST is doing which will affect the automotive industry. Topics of interest include, but are not limited to: Cryptography Cryptographic agility Migration to secure algorithms, e.g., quantum resistant cryptography Supply chain Code integrity and...
Projects
https://csrc.nist.gov/projects/sfds
Secure Federated Data Sharing (SFDS) is a standards-based approach to facilitate the sharing of data through access control. The ability to share data among collaborating organizations is highly desirable, however, challenges persist regarding interoperability and security in the exchange of resources among organizations. Data can be from different systems, in different formats, organized under different schemas, and protected under different access control policies. SFDS solves both the interoperability and security problems by providing policy preserving access to data where it currently...
Publications
SP 800-57 Part 1 Rev. 3 (Final) (Withdrawn)
July 10, 2012
Withdrawn on January 28, 2016.
https://csrc.nist.gov/pubs/sp/800/57/pt1/r3/final
Abstract: This Recommendation provides cryptographic key management guidance. It consists of three parts. Part 1 provides general guidance and best practices for the management of cryptographic keying material. Part 2 provides guidance on policy and security planning requirements for U.S. government agencies....
