Building blocks address broad technology gaps that affect multiple sectors. These projects rely on insight and passion from members of various industries who share a common goal of meeting a particular cybersecurity need. Below are the NCCoE's building block projects. If you're interested in learning more about a building block, or you would like to engage with the center to help develop a new building block, contact us today.
Demonstrates how the components of 5G architectures can be used securely to mitigate risks and meet industry sectors’ compliance requirements for a number of 5G use case scenarios Learn more about this project.
Aims to secure applications of Artifical Intelligence, specifically Adversarial Machine Learning, and features a taxonomy of concepts and terminologies. Learn more about this project.
An attribute exchange platform that provides fine-grained access control to data, systems, and networks— both in and among enterprises—based on a person’s title, division, certifications, and other characteristics. Learn more about this project.
Provides data-driven cybersecurity information about the state of the consumer smart home market in addition to technical security reviews of consumer home IoT products, with the aim of identifying security capabilities and recommendations for IoT device manufacturers. Learn more about this project.
Explores capabilities that can effectively, efficiently and automatically detect when a malicious actor attempts to perform an action in an organization’s IT infrastructure that could result in financial, reputational, and operational impacts to the organization. Learn more about this project.
Consists of a series of projects that work together to identify, protect, detect, respond to and recover from critical events. Learn more about this project.
Enables personal identity verification (PIV) -based access to secured information and resources on mobile devices. Learn more about this project.
Prevents unauthorized parties from reading or modifying an organization's email, or using it as a vector for malware, by using the Domain Name System (DNS)-Based Authentication of Named Entities (DANE) protocol. Learn more about this project.
Provides managed service providers with informed guidance that will enable them to adopt cybersecurity technologies and techniques that result in better security for themselves and their small business customers.Learn more about this project.
Aims to improve the resiliency of IoT devices against distributed attacks and improve the service availability characteristics of the internet by mitigating the propagation of attacks across the network. Learn more about this project.
Enterprise-class protection for organization-issued and personally owned mobile platforms that access corporate networks. Learn more about this project.
Developing practices to ease the migration from the current set of public-key cryptographic algorithms to replacement algorithms that are resistant to quantum computer-based attacks. Learn more about this project.
Integrates privacy-enhancing technologies into identity broker solutions to meet the privacy objectives of users and organizations. Learn more about this project.
Implementing BGP Route Origin Validation (ROV) based upon the Resource Public Key Infrastructure (RPKI) can mitigate accidental and malicious attacks associated with route hijacking. Learn more about this project.
Explores common components of sensor networks and the associated security requirements of those components for the secure functioning of the IoT sensor network. Learn more about this project.
Demonstrates how organizations can verify that the internal components of their purchased computing devices are genuine and have not been altered during the manufacturing and distribution processes. Learn more about this project.
Demonstrates how medium and large enterprises that rely on TLS to secure customer-facing and internal applications can better manage TLS server certificates Learn more about this project.
A way to determine the physical location of cloud computing servers to monitor and control workloads, anticipate and mitigate risks, and reduce the likelihood that unauthorized parties will obtain data. Learn more about this project.
Supports a design approach to architecting an information technology environment that could reduce an organization’s risk exposure in a “perimeterless” world. Learn more about this project.