News & Updates

NIST CSWP 42, Towards Automating IoT Security: Implementing Trusted Network -Layer Onboarding, is available for public comment. The comment period is open through May 29, 2025.

The NIST National Cybersecurity Center of Excellence (NCCoE) has released the draft of the practice guide, Implementing a Zero Trust Architecture (NIST SP 1800-35), for public comment. The public comment period is open through January 31, 2025.

The initial public draft (ipd) of SP 800-79r3 (Revision 3), Guidelines for the Authorization of PIV Card and Derived PIV Credential Issuers, provides appropriate and useful guidelines for assessing the reliability of PIV Card and derived PIV credential issuers. Comment deadline is January 29, 2024.

The NCCoE has released the second preliminary drafts of NIST SP 1800-36, Vols. A and D, “Trusted Internet of Things (IoT) Device Network-Layer Onboarding and Lifecycle Management.” The comment period is open now through November 10, 2023.

NIST has published NIST Internal Report (IR) 8450, Overview and Considerations of Access Control Based on Attribute Encryption.

NIST Internal Report (IR) 8450, Overview and Considerations of Access Control Based on Attribute Encryption, is now available for public review and comment. The deadline to submit comments is June 23, 2023.

The NCCoE has released the preliminary public drafts of NIST SP 1800-36, Vols. B –E, Trusted Internet of Things (IoT) Device Network-Layer Onboarding and Lifecycle Management. The comment period is open now through June 20, 2023.

NIST has published NIST Internal Report (NIST IR) 8403, Blockchain for Access Control Systems.

Draft NISTIR 8403, “Blockchain for Access Control Systems,” is open for comment through February 7, 2022.

NIST has published NISTIR 8360, "Machine Learning for Access Control Policy Verification."

NIST has published Special Publication (SP) 800-204B, "Attribute-based Access Control for Microservices-based Applications using a Service Mesh."

The National Cybersecurity Center of Excellence has published a final Project Description on "Trusted IoT Device Network-Layer Onboarding and Lifecycle Management. This project will result in a NIST Cybersecurity Practice Guide.

NIST's NCCoE has published Cybersecurity Practice Guide SP 1800-27, "Securing Property Management Systems."

Draft NISTIR 8360, "Machine Learning for Access Control Policy Verification," is available for comment through May 7, 2021.

The National Cybersecurity Center of Excellence has released a Draft Project Description on Trusted IoT Device Network-Layer Onboarding and Lifecycle Management. The public comment period is open through April 21, 2021.

Draft SP 800-204B, "Attribute-based Access Control for Microservices-based Applications Using a Service Mesh," is available for comment through February 24, 2021.

Draft FIPS 201-3, "Personal Identity Verification (PIV) of Federal Employees and Contractors," is now available for public comment through February 1, 2021. 

NIST SP 800-209, "Security Guidelines for Storage Infrastructure," has been published.

The National Cybersecurity Center of Excellence has released Draft NIST Cybersecurity Practice Guide (SP 1800-27), "Securing Property Management Systems," for public comment. The comment period closes on October 28, 2020.

NIST has released Draft Special Publication (SP) 800-209, "Security Guidelines for Storage Infrastructure," for public comment.  The comment period is open through August 31, 2020.

The NCCoE has release a preliminary draft of Special Publication (SP) 1800-15 for public comment. Comments are due by June 24, 2019.

NIST is seeking comments on Draft SP 1800-18, a practice guide demonstrating Privileged Account Management (PAM) solutions that use commercially available products to appropriately secure and enforce organizational policies. Public comments are due by November 30, 2018.

NIST has published Special Publication (SP) 800-116 Revision 1, Guidelines for the Use of PIV Credentials in Facility Access.