ITL Newsletter for November-December 2018

ITL Newsletter for November-December 2018

ISSUE 155

November - December 2018

VIEW AS WEBPAGE

information technology laboratory

 CULTIVATING TRUST IN IT AND METROLOGY

IN THIS ISSUE

Privacy

DEPARTMENT OF COMMERCE LAUNCHES COLLABORATIVE PRIVACY FRAMEWORK EFFORT

Innovative technologies such as the “internet of things” (IoT) and artificial intelligence enhance convenience, efficiency and economic growth. At the same time, these and other technologies increasingly require complex networking environments and use detailed data about individuals that can make protecting their privacy harder.

To help meet this challenge, the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) announced today that it has launched a collaborative project to develop a voluntary privacy framework to help organizations manage risk.

READ MORE

NEWS UPDATES

DATABASE OF SOFTWARE "FINGERPRINTS" EXPANDS TO INCLUDE COMPUTER GAMES

fingerprint

One of the largest software libraries in the world just grew larger. The National Software Reference Library (NSRL), which archives copies of the world’s most widely installed software titles, has expanded to include computer game software from three popular PC gaming distribution platforms—Steam, Origin and Blizzard. 

READ MORE

SOFTWARE USABILITY

software

Companies in every industry need software that their employees and customers can easily learn to use without error, but for years there was no way for them to evaluate the usability of software before or after purchase. NIST usability experts brought together hundreds of organizations to develop an international reporting standard to improve software usability.

 

READ MORE

BIOMETRICS STANDARDS FOR LAW ENFORCEMENT

biometric fingerprint

Law enforcement agencies and identity management organizations are increasingly using automated biometric technologies to help identify or verify personal identities. To effectively exchange biometric data across jurisdictional lines or between dissimilar systems made by different manufacturers, a standard is needed to specify a common format for the data exchange.


READ MORE

PROFILES OF ITL DIVISIONS

Computer Security Division
Matthew Scholl, Chief

The Computer Security Division (CSD) develops cybersecurity standards, guidelines, tests, and metrics to protect federal information systems. CSD helps to develop innovative security technologies that enhance the nation’s ability to address current and future computer and information security challenges. CSD’s research focuses on cryptography, automation, identity and access management, the Internet of Things, and public safety networks. The Division maintains a Computer Security Resource Center (CSRC), which provides access to NIST's cybersecurity- and information security-related projects, publications, news, and events. CSRC supports stakeholders in government, industry, and academia—both in the United States and internationally.

READ MORE

Matt Scholl

STAFF ACCOMPLISHMENTS

George Awad

Congratulations to George Awad who was jointly awarded the 2018 IEEE Computer Society PAMI Mark Everingham Prize. The prize was jointly awarded to Alan Smeaton (Dublin City University, Ireland), Wessel Kraaij (Leiden University, Netherlands), Paul Over (NIST, retired) and George Awad.  The prize is in recognition of NIST’s TRECVID program (http://trecvid.nist.gov).


SELECTED NEW PUBLICATIONS

2017 NIST/ITL Cybersecurity Program: Annual Report (NIST Special Publication 800-203)

Title III of the E-Government Act of 2002, entitled the Federal Information Security Management Act (FISMA) of 2002, requires NIST to prepare an annual public report on activities undertaken in the previous year, and planned for the coming year, to carry out responsibilities under this law. The primary goal of the NIST s Information Technology Laboratory (ITL) Cybersecurity Program, is to provide standards and technology that protects information systems against threats to the confidentiality, integrity, and availability of information and services. During Fiscal Year 2017 (FY2017), ITL Cybersecurity Program successfully responded to numerous challenges and opportunities in fulfilling that mission. Through ITL's diverse research agenda and engagement in many national priority initiatives, high-quality, cost-effective security and privacy mechanisms were developed and applied that improved information security across the Federal Government and the greater information security community. This annual report highlights the research agenda and activities in which ITL Cybersecurity Program was engaged during FY 2017.

Blockchain Technology Overview (NISTIR 8202)

Blockchains are tamper evident and tamper resistant digital ledgers implemented in a distributed fashion (i.e., without a central repository) and usually without a central authority (i.e., a bank, company, or government). At their basic level, they enable a community of users to record transactions in a shared ledger within that community, such that under normal operation of the blockchain network no transaction can be changed once published. This document provides a high-level technical overview of blockchain technology. It discusses its application to cryptocurrency in depth, but also shows its broader applications. The purpose is to help readers understand how blockchain technology works, so that they can be applied to technology problems.

Iris Camera Selection Guidance (NIST Technical Note 2018)

This paper is a summary of our current recommendations for iris camera selection. NIST is developing these recommendations in collaboration with the FBI, other US Government entities with interests in the use of iris recognition technology, and the larger iris recognition community. It is intended to give brief, practical guidance to persons planning to purchase iris recognition cameras, particularly for use in law enforcement activities. It is also intended as a basis for an ongoing discussion on camera selection that began at the Iris Expert Group meeting in June 2018. The primary focus of these recommendations is compliance with standards and processes that enable interchange of data between government entities, as permitted by regulation and policy, and that enable cost effective improvements as technology advances.

IT Asset Management (NIST Special Publication 1800-5)

While a physical asset management system can tell you the location of a computer, it cannot answer questions like, “What operating systems are our laptops running?” and “Which devices are vulnerable to the latest threat?” An effective IT asset management (ITAM) solution can tie together physical and virtual assets and provide management with a complete picture of what, where, and how assets are being used. ITAM enhances visibility for security analysts, which leads to better asset utilization and security. 

CONFERENCE CALENDAR

NOVEMBER-DECEMBER 2018

November 6-7

2018 NICE Conference and Expo

READ MORE

November 7-9

NIST Cybersecurity Risk Management Conference

READ MORE

December 3-4

2018 NICE K12 Cybersecurity Education Conference

READ MORE


for more events click on calendar