Date Published: February 2021
Comments Due:
Email Questions to:
Author(s)
W. Polk (NIST), Murugiah Souppaya (NIST), William Barker (Dakota Consulting)
Announcement
The National Cybersecurity Center of Excellence (NCCoE) has released a new draft project description, Addressing Visibility Challenges with TLS 1.3. Publication of this draft project description begins a process to solicit feedback about the project scope, demonstration scenarios, and high-level architecture.
The NCCoE will solicit participation from industry to build one or more visibility solution examples using commercially available technology, which will address a set of cybersecurity challenges. These challenges impact the ability of some organizations to meet their regulatory, security, and operational requirements due to loss of visibility into the content of communications within their enterprise environments. The project will demonstrate various approaches and practices, which will result in a freely available NIST Cybersecurity Practice Guide that documents a range of approaches for enterprises to regain visibility into the content of TLS-protected information being exchanged within the enterprise environment.
The public comment period for this draft is open through March 29, 2021. You can also help shape and contribute to this project. Join the Community of Interest by sending an email to applied-crypto-visibility@nist.gov.
Enterprises use encryption—a cryptographic technique—to protect data transmission and storage. While encryption in transit protects data confidentiality and integrity, it also reduces the organization’s visibility into the data flowing through their systems. The NCCoE initiated a project to address enterprise challenges to compliance, operations, and security when deploying modern encrypted protocols, and TLS 1.3 in particular. This effort is an element of the NCCoE’s cryptographic applications program, and it follows successful completion of a TLS certificate management project. This project description documents the project background, scenarios demonstrating efficacy of solutions, a high-level demonstration platform architecture that includes a list of desired components, and standards and guidance to be followed in project development and execution. This project will result in a freely available NIST Cybersecurity Practice Guide.
Enterprises use encryption—a cryptographic technique—to protect data transmission and storage. While encryption in transit protects data confidentiality and integrity, it also reduces the organization’s visibility into the data flowing through their systems. The NCCoE initiated a project to address...
See full abstract
Enterprises use encryption—a cryptographic technique—to protect data transmission and storage. While encryption in transit protects data confidentiality and integrity, it also reduces the organization’s visibility into the data flowing through their systems. The NCCoE initiated a project to address enterprise challenges to compliance, operations, and security when deploying modern encrypted protocols, and TLS 1.3 in particular. This effort is an element of the NCCoE’s cryptographic applications program, and it follows successful completion of a TLS certificate management project. This project description documents the project background, scenarios demonstrating efficacy of solutions, a high-level demonstration platform architecture that includes a list of desired components, and standards and guidance to be followed in project development and execution. This project will result in a freely available NIST Cybersecurity Practice Guide.
Hide full abstract
Keywords
application; compliance; cryptography; encryption; forensics; forward secrecy; protocol; transport layer; visibility
Control Families
None selected
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
