Cloud Key Management

NIST/NCCoE Issue an invitation to Address Visibility Challenges With TLS 1.3 project.

  • 1.  NIST/NCCoE Issue an invitation to Address Visibility Challenges With TLS 1.3 project.

    Posted Sep 28, 2021 10:13:00 AM
    Hi All,

    Collaborate With NIST On The Latest Applied Cryptography Project


    The National Institute of Standards and Technology's (NIST's) National Cybersecurity Center of Excellence (NCCoE) has issued a Federal Register Notice (FRN) inviting industry participants and other interested parties to participate in the NCCoE's Addressing Visibility Challenges With TLS 1.3 project.

    This project aims to demonstrate practical and implementable approaches to help organizations adopt Transport Layer Security (TLS) protocol version 1.3 in their data centers and hybrid cloud environments while maintaining the visibility into communications needed for regulatory compliance, security, and operations purposes. The project focuses on the security implications of TLS 1.3 protocol implementations that provide system and application administrators and users the necessary visibility into the content of the information being exchanged. Approaches that restore visibility into encrypted data in transit, such as alternative key establishment and management approaches or approaches involving tunneling visibility-supporting protocol versions through TLS 1.3, are of initial interest. Other approaches, such as analysis of encrypted data, enhanced auditing, and novel network architectures, will also be considered.

    Join Us
    There are two ways to engage with the TLS Visibility team on this project:
    • NCCoE Collaborator-Collaborators are members of the project team and work alongside NCCoE staff to build the demonstration by contributing products, services, and technical expertise. Collaborators are expected to participate in regularly scheduled conference calls, and to help build and document the demonstration.

    • Get Started Today-If you are interested in becoming an NCCoE collaborator for the TLS Visibility project, first review the requirements identified in the Federal Register Notice which is based on the final project description. Once you have a good understanding about this project, please complete this form and you will receive instructions and a Letter of Interest (LOI) where you can present your capabilities. Completed LOIs are considered on a first-come, first-served basis within each category of components or characteristics listed in the Federal Register Notice, up to the number of participants in each category necessary to carry out the project build.

    • Collaborator Selection-The TLS Visibility project team will review all LOIs and may follow up with respondents with questions or to discuss your capabilities. If selected, the TLS Visibility project team will notify you via email. Next, you will receive a Cooperative Research and Development Agreement (CRADA)for review and signature. Once the CRADA has been signed, participants can begin working with the NCCoE to develop an example solution for eventual publication in an NCCoE practice guide. This process can take anywhere from several weeks to a few months. If you submit an LOI and are not selected, the project team will notify you via email.

    • Community of Interest (COI) Membership-COI members receive periodic updates and the opportunity to share your expertise and help shape this project. 
    You can contact the project team at [email protected].

    @Paul Rich
    @Jason A. Garbis 

    ​​​

    ------------------------------
    Michael Roza CPA, CISA, CIA, MBA, Exec MBA
    ------------------------------