Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST SP 800-164 (Initial Public Draft)

Guidelines on Hardware-Rooted Security in Mobile Devices

Date Published: October 2012
Comments Due: December 14, 2012 (public comment period is CLOSED)
Email Questions to:


Lily Chen (NIST), Joshua Franklin (NIST), Andrew Regenscheid (NIST)


NIST announces the public comment release of the draft NIST SP 800-164, Guidelines on Hardware-Rooted Security in Mobile Devices . The guidelines in this document are intended to provide a common baseline of security technologies that can be implemented across a wide range of mobile devices to help secure organization-issued mobile devices as well as devices brought into an organization, such as personally-owned devices used in enterprise environments (e.g., Bring Your Own Device, BYOD). It focuses on providing three security capabilities- device integrity, isolation, and protected storage- through the use of hardware-based roots of trust.

The intended audience for this document includes mobile Operating System (OS) vendors, device manufacturers, security software vendors, carriers, application software developers and information system security professionals who are responsible for managing the mobile devices in an enterprise environment.



mobile device security; root of trust; smartphone; information security; tablet
Control Families

System and Information Integrity


Draft SP 800-164 (pdf)

Supplemental Material:
None available

Document History:
10/31/12: SP 800-164 (Draft)





communications & wireless