Tag Archives: NIST

REGISTER NOW – Privacy Risk Assessment: Prerequisite for Privacy Risk Management Workshop

We are pleased to announce the next workshop in NIST’s ongoing series on privacy engineering and risk management – Privacy Risk Assessment: A Prerequisite for Privacy Risk Management, to be held in Gaithersburg, Maryland, on June 5, 2017. Registration is open now! Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , | Leave a comment

A minor plot twist: Comment period extended for PART of SP 800-63-3

Let’s get this out of the way right up front: this is not an early April Fools Day prank!

Granted, government blogs aren’t the typical medium for getting emotional. But we (Paul and Mike), and the rest of our incredible team at NIST, have truly been moved by the support, encouragement, and engagement you’ve provided as we embarked simultaneously on this major update to the document and – perhaps even bigger – updating our community engagement process to achieve a better result on this document. Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , | Leave a comment

From public preview to public draft: SP 800-63 is open for comment!

Don’t recognize us? We have a new blog theme! The NSTIC Notes blog is now I Think, Therefore IAM: a digital identities blog. Check out our latest post, below!

Last summer’s efforts on draft SP 800-63-3: Digital Identity Guidelines paved the way for a lot of positive changes – thanks to all who provided feedback. Today we are excited to announce the next step: the official public draft of SP 800-63-3 is out, open for public comment, and we’re anxiously awaiting more great feedback. The public draft will have a 60-day open comment period, closing on March 31st. Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , | Leave a comment

SOFA Talk: Strength of Function for Authenticators Framework Now Open for Comment!

Back in January, NIST’s Applied Cybersecurity Division hosted the “Applying Measurement Science in the Identity Ecosystem” workshop. Among the knotty issues under consideration, 220+ participants discussed the concept of measuring the strength of authentication. Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , | Leave a comment

Got trust? Seeking public comment on new NIST publication for developing trust frameworks to support identity federation

Some communities and organizations that share common user bases and transaction types are addressing challenges to users’ privacy and security by allowing users to access multiple services through common login processes. This approach – known as federated identity management – enables users to access multiple online organizations and services through shared authentication processes, instead of authenticating separately with each service provider. Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , , , , , | Leave a comment

Many thanks for a successful 800-63-3 public preview!

As summer has flown by, you have kept us very busy reviewing your comments on GitHub to Special Publication (SP) 800-63-3 and engaged in a dialog about how this material can be enhanced to better support the public and private sectors. The response we’ve received to SP 800-63-3 – and this new approach – has been phenomenal and inspiring. And now, we’re excited to transition from the public preview period for draft NIST SP 800-63-3: Digital Authentication Guideline to the next critical phase – the 60-day public comment period. But before we do that, I’d like to explain what we learned this summer and where we are headed next… Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , , , , | 2 Comments

Citius, Altius, Fortius: Announcing 6 new pilot projects across 10 states (and D.C.!)

As the sun was setting on the thirtieth modern Olympiad in London, NIST was preparing to announce our very first set of NSTIC pilot projects. As the flame goes out in Rio, we’re setting new records. In our largest pilot announcement to date, today NIST is proud to add six new projects to our ranks and bring the total number of projects to 24. Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

REGISTER NOW: Privacy Controls Workshop on next steps for NIST SP 800-53, Appendix J!

We’re pleased to announce that on September 8, 2016, NIST and the Department of Transportation will hold a technical workshop on the next steps for NIST Special Publication 800-53, Appendix J…and registration is now open! Workshop participation from security and privacy engineers, privacy subject matter experts, and Senior Agency Officials for Privacy (SAOPs) is imperative for this workshop to be a success, so we encourage experts in these areas to register and attend. However, everyone is welcome so please feel free to join us if you are interested in the design of privacy protections in federal information systems. Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , | 2 Comments

Calling all 800-63-3 comments!

Have you done your summer reading yet? We’re approaching this summer’s halfway point – which means we’re halfway through the public preview of draft NIST Special Publication 800-63-3: Digital Authentication Guideline. Don’t let the dog days of summer get you down – we still need your feedback and expert opinions! For a refresher on some of the major changes to 800-63-3 and why we’re using GitHub to solicit comments, see our announcement blog. Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , | Leave a comment

Out with the old, in with the new: making MFA the norm

It seems it’s finally multi-factor authentication’s (MFA) time in the limelight. A recent Wells Fargo commercial touts a movement beyond the password with strong authentication. Bank of America enabled passcode-free mobile login with fingerprint. The White House released the Cybersecurity National Action Plan (CNAP), expanding upon Executive Order 13681, with a focus on securing accounts with MFA. Betty White’s on board, too. Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , , , | Leave a comment