Building Blocks

Building blocks address broad technology gaps that affect multiple sectors. These projects rely on insight and passion from members of various industries who share a common goal of meeting a particular cybersecurity need. Below are the NCCoE's building block projects. If you're interested in learning more about a building block, or you would like to engage with the center to help develop a new building block, contact us today.

Attribute-Based Access Control (ABAC)

An attribute exchange platform that provides fine-grained access control to data, systems, and networks— both in and among enterprises—based on a person’s title, division, certifications, and other characteristics. Learn more about this project.

Continuous Monitoring for IT Infrastructure

Explores capabilities that can effectively, efficiently and automatically detect when a malicious actor attempts to perform an action in an organization’s IT infrastructure that could result in financial, reputational, and operational impacts to the organization. Learn more about this project.

Data Integrity

Recovers operating systems, databases, user files, applications, and software/system configurations from malware, malicious insider attacks, or honest mistakes; also explores the issues of auditing and reporting to support recovery and investigations. Learn more about this project.

Derived PIV Credentials

Enables personal ientity verification (PIV) -based access to secured information and resources on mobile devices. Learn more about this project.

DNS-Based Secured Email

Prevents unauthorized parties from reading or modifying an organization's email, or using it as a vector for malware, by using the Domain Name System (DNS)-Based Authentication of Named Entities (DANE) protocol. Learn more about this project.

Aims to improve the resiliency of IoT devices against distributed attacks and improve the service availability characteristics of the internet by mitigating the propagation of attacks across the network. Learn more about this project.

Enterprise-class protection for organization-issued and personally owned mobile platforms that access corporate networks. Learn more about this project.

Patching the Enterprise

Examines how commercial and open source tools can be used to aid with the most challenging aspects of patching general IT systems. Learn more about this project.

Privacy-Enhanced Identity Brokers

Integrates privacy-enhancing technologies into identity broker solutions to meet the privacy objectives of users and organizations. Learn more about this project.

Secure Inter-Domain Routing

Implementing BGP Route Origin Validation (ROV) based upon the Resource Public Key Infrastructure (RPKI) can mitigate accidental and malicious attacks associated with route hijacking. Learn more about this project.

Security for IoT Sensor Networks

Explores common components of sensor networks and the associated security requirements of those components for the secure functioning of the IoT sensor network. Learn more about this project.

TLS Server Certificate Management

Demonstrates how medium and large enterprises that rely on TLS to secure customer-facing and internal applications can better manage TLS server certificates Learn more about this project.

Trusted Geolocation in the Cloud

A way to determine the physical location of cloud computing servers to monitor and control workloads, anticipate and mitigate risks, and reduce the likelihood that unauthorized parties will obtain data. Learn more about this project.