U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

White Paper (Draft)

[Project Description] Data Classification Practices: Facilitating Data-Centric Security Management

Date Published: May 2021
Comments Due: June 21, 2021
Email Comments to: data-nccoe@nist.gov

Author(s)

Karen Scarfone (Scarfone Cybersecurity), Murugiah Souppaya (NIST)

Announcement

The National Cybersecurity Center of Excellence (NCCoE) has released a new draft project description, Data Classification Practices: Facilitating Data-Centric Security. This begins a process to further identify project requirements, scope, and hardware and software components for use in a laboratory environment. 
 
The NCCoE will solicit participation from industry to develop an approach for defining data classifications and data handling rulesets and for communicating them to others. In addition, this project will attempt a basic proof-of-concept implementation that will include limited data discovery, analysis, classification, and labeling capabilities, as well as a rudimentary method for expressing how data with a particular label should be handled for each use case scenario. This project will result in practice guides and other publications to encourage increased standardization and adoption of data classification methods.
 
Besides providing public comments on the draft, you can join the Community of Interest by sending an email to data-nccoe@nist.gov

Abstract

Keywords

data-centric security management; data classification; data labeling; data protection; zero trust architecture; zero trust security
Control Families

None selected

Documentation

Publication:
Draft Project Description

Supplemental Material:
Submit comments (web)
Project homepage (web)

Document History:
05/19/21: White Paper (Draft)

Topics

Security and Privacy
general security & privacy; zero trust