The Role of the National Institute of Standards and Technology in Mobile Security



This paper will present an overview of the work of the National Institute of Standards and Technology (NIST) in security and privacy for mobile technology as well as an overview on how NIST standards and guidelines can be applied in the mobile environment.

Earlier this year the President signed a Memorandum issuing the Digital Government Strategy, which was designed to build a 21st Century digital government that delivers better services to the American people. The strategy recognizes the potential for mobile devices to be increasingly vulnerable to malicious or accidental security and privacy breaches, and the resulting need to continually review new technologies to ensure protections are sufficiently put into place.

As a part of the strategy, NIST was asked to report on its ongoing work in mobility, including the applicability of NIST’s standards and guidelines to mobile devices and platforms. As a non-regulatory agency of the Department of Commerce, NIST has the responsibility to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.

As a part of that mission, NIST has responsibilities under the Federal Information Security Management Act of 2002 (FISMA) to develop mandatory standards and guidelines for federal agencies information and information systems. These standards (also known as Federal Information Processing Standards or FIPS) and guidelines, which are developed collaboratively with partners in industry, government, and academia, are reviewed and updated to ensure they remain consistent with technological innovation and security practices. The documents that are created through this process can also be used voluntarily by industry and other organizations to benefit from this collaborative work.

NIST’s work is conducted to ensure that industry is able to accommodate the security needs of federal agencies – and that NIST can work with industry collaboratively when gaps exist.

Source:
http://csrc.nist.gov/documents/nist-mobile-security-report.pdf

0 yorum: