News & Updates

NIST has published NIST Internal Report (NIST IR) 8403, Blockchain for Access Control Systems.

The Secretary of Commerce has approved the publication of FIPS 201-3, NIST latest revision of "Personal Identity Verification (PIV) of Federal Employees and Contractors."

Draft NISTIR 8403, “Blockchain for Access Control Systems,” is open for comment through February 7, 2022.

NIST has published NISTIR 8360, "Machine Learning for Access Control Policy Verification."

NIST has published Special Publication (SP) 800-204B, "Attribute-based Access Control for Microservices-based Applications using a Service Mesh."

Draft NISTIR 8356, "Considerations for Digital Twin Technology and Emerging Standards," is now available for public comment through June 16, 2021.

Draft NISTIR 8360, "Machine Learning for Access Control Policy Verification," is available for comment through May 7, 2021.

The National Cybersecurity Center of Excellence has released a Draft Project Description on Trusted IoT Device Network-Layer Onboarding and Lifecycle Management. The public comment period is open through April 21, 2021.

Draft SP 800-204B, "Attribute-based Access Control for Microservices-based Applications Using a Service Mesh," is available for comment through February 24, 2021.

Draft FIPS 201-3, "Personal Identity Verification (PIV) of Federal Employees and Contractors," is now available for public comment through February 1, 2021. 

NIST SP 800-209, "Security Guidelines for Storage Infrastructure," has been published.

NIST has published Special Publication (SP) 800-210, "General Access Control Guidance for Cloud Systems."

NIST has released Draft Special Publication (SP) 800-209, "Security Guidelines for Storage Infrastructure," for public comment.  The comment period is open through August 31, 2020.

NIST announces the publication of SP 800-204A, "Building Secure Microservices-based Applications Using Service-Mesh Architecture."

NIST has released Draft Special Publication (SP) 800-210, "General Access Control Guidance for Cloud Systems," for public comment. The comment period is open through May 15, 2020.

NIST has released Draft SP 800-124 Revision 2, "Guidelines for Managing the Security of Mobile Devices in the Enterprise," for public comment. The comment period ends June 26, 2020.

The NCCoE has released Draft SP 1800-24, "Securing Picture Archiving and Communication System (PACS): Cybersecurity for the Healthcare Sector," for public comment. The comment period ends November 18, 2019.

NIST has published NIST SP 800-204, Security Strategies for Microservices-based Application Systems.

NIST has published Cybersecurity Practice Guide Special Publication (SP) 1800-17, "Multifactor Authentication for E-Commerce: Risk-Based, FIDO Universal Second Factor Implementations for Purchasers"

NIST has published Special Publication 800-205, "Attribute Considerations for Access Control Systems."

The NCCoE has posted two draft Project Descriptions for public comment. Detecting and protecting against data integrity attacks in industrial control systems (ICS) closes July 25th. Continuous Monitoring (for small and medium...

A new release of the Access Control Policy Tool (ACPT) is now available for download.

The NCCoE has release a preliminary draft of Special Publication (SP) 1800-15 for public comment. Comments are due by June 24, 2019.

NIST is releasing Draft Special Publication (SP) 800-204, "Security Strategies for Microservices-based Application Systems." Public comments are due by April 26, 2019.

NIST publishes an errata update for SP 800-162, "Guide to Attribute Based Access Control (ABAC) Definition and Considerations."