As Federal agencies migrate applications to cloud environments, a major impediment to broader adoption of cloud technologies is the ability to protect information and virtual assets, and to gain enough visibility to ensure that both the agencies and cloud providers are complying with legal and business requirements. To that end, the National Institute of Standards and Technology (NIST) is working with a consortium of technology vendors via its National Cybersecurity Center of Excellence (NCCoE) to develop a trusted cloud solution that will demonstrate how trusted compute pools leveraging commercial technologies can provide the necessary security capabilities.

It sounds like Greek — derived PIV credentials. But a better approach to managing information on personal identity verification cards can help an ongoing federal challenge, namely how to improve cybersecurity for people using mobile devices. Now the National Cybersecurity Center of Excellence has released fresh guidance on so-called derived credentials. Hildegard Ferraiolo, a computer scientist with the Security Components and Mechanisms Group at the National Institute of Standards and Technology, joined Federal Drive with Tom Temin for what it is and how it works.

A new draft publication from the NIST National Cybersecurity Center of Excellence (NCCoE) takes aim at security concerns about the Border Gateway Protocol (BGP), the default routing protocol to route traffic among Internet domains. The paper, "Protecting the Integrity of Internet Routing: Border Gateway Protocol (BGP) Route Origin Validation," is open for public comment until Oct. 15.

The National Institute of Standards and Technology (NIST) is updating two of its major publications regarding mobile device security, and NIST’s National Cybersecurity Center of Excellence (NCCoE) is expanding into uncharted territory. Representatives from NIST, speaking today at an event hosted by ATARC, discussed why these updates have become so necessary amid an evolving security landscape.