National Cybersecurity Center of Excellence Data Integrity Building Block, 34976-34978 [2016-12860]
Download as PDF
<![CDATA[
sradovich on DSK3TPTVN1PROD with NOTICES
34976
Federal Register / Vol. 81, No. 105 / Wednesday, June 1, 2016 / Notices
recommendation by the Trade, Tax
Policy, and Export Growth
Subcommittee focused on trade
enforcement policies and China
Bilateral Investment Treaty. The final
agenda will be posted on the
Department of Commerce Web site for
the Council at https://www.trade.gov/
manufacturingcouncil/, at least one
week in advance of the meeting.
DATES: Wednesday, June 15, 12:00 p.m.–
1:00 p.m. The deadline for members of
the public to register, including requests
to make comments during the meeting
and for auxiliary aids, or to submit
written comments for dissemination
prior to the meeting, is 5 p.m. EDT on
June 8, 2016.
ADDRESSES: The meeting will be held by
conference call. The call-in number and
passcode will be provided by email to
registrants. Requests to register
(including to speak or for auxiliary aids)
and any written comments should be
submitted to: U.S. Manufacturing
Council, U.S. Department of Commerce,
Room 4043, 1401 Constitution Avenue
NW., Washington, DC 20230; email:
archana.sahgal@trade.gov. Members of
the public are encouraged to submit
registration requests and written
comments via email to ensure timely
receipt.
FOR FURTHER INFORMATION CONTACT:
Archana Sahgal, U.S. Manufacturing
Council, Room 4043, 1401 Constitution
Avenue NW., Washington, DC, 20230,
telephone: 202–482–4501, email:
archana.sahgal@trade.gov.
SUPPLEMENTARY INFORMATION:
Background: The Council advises the
Secretary of Commerce on matters
relating to the U.S. manufacturing
industry.
Public Participation: The meeting will
be open to the public and will be
accessible to people with disabilities.
All guests are required to register in
advance by the deadline identified
under the DATES caption. Requests for
auxiliary aids must be submitted by the
registration deadline. Last minute
requests will be accepted, but may be
impossible to fill. There will be fifteen
(15) minutes allotted for oral comments
from members of the public joining the
call. To accommodate as many speakers
as possible, the time for public
comments may be limited to three (3)
minutes per person. Individuals wishing
to reserve speaking time during the
meeting must submit a request at the
time of registration, as well as the name
and address of the proposed speaker. If
the number of registrants requesting to
make statements is greater than can be
reasonably accommodated during the
meeting, the International Trade
VerDate Sep<11>2014
21:59 May 31, 2016
Jkt 238001
Administration may conduct a lottery to
determine the speakers. Speakers are
requested to submit a written copy of
their prepared remarks by 5:00 p.m.
EDT on June 8, 2016, for inclusion in
the meeting records and for circulation
to the members of the U.S.
Manufacturing Council.
In addition, any member of the public
may submit pertinent written comments
concerning the Council’s affairs at any
time before or after the meeting.
Comments may be submitted to Archana
Sahgal at the contact information
indicated above. To be considered
during the meeting, comments must be
received no later than 5:00 p.m. EDT on
June 8, 2016, to ensure transmission to
the Council prior to the meeting.
Comments received after that date and
time will be distributed to the members
but may not be considered on the call.
Copies of Council meeting minutes will
be available within 90 days of the
meeting.
Dated: May 25, 2016.
Archana Sahgal,
Executive Secretary, U.S. Manufacturing
Council.
[FR Doc. 2016–12843 Filed 5–31–16; 8:45 am]
BILLING CODE 3510–DR–P
DEPARTMENT OF COMMERCE
basis. Collaborative activities will
commence as soon as enough completed
and signed letters of interest have been
returned to address all the necessary
components and capabilities, but no
earlier than July 1, 2016. When the Data
Integrity Building Block has been
completed, NIST will post a notice on
the NCCoE Data Integrity Building Block
Web site at https://nccoe.nist.gov/
projects/building_blocks/data_integrity
announcing the completion of the Data
Integrity Building Block and informing
the public that it will no longer accept
letters of interest for this Data Integrity
Building Block.
The NCCoE is located at
9700 Great Seneca Highway, Rockville,
MD 20850. Letters of interest must be
submitted to di-nccoe@nist.gov or via
hardcopy to National Institute of
Standards and Technology, NCCoE;
9700 Great Seneca Highway, Rockville,
MD 20850. Organizations whose letters
of interest are accepted in accordance
with the process set forth in the
SUPPLEMENTARY INFORMATION section of
this notice will be asked to sign a
Cooperative Research and Development
Agreement (CRADA) with NIST. A
CRADA template can be found at:
https://nccoe.nist.gov/library/nccoeconsortium-crada-example.
ADDRESSES:
Don
Tobin via email to donald.tobin@
nist.gov, by telephone 301–975–0239, or
by mail to National Institute of
Standards and Technology, NCCoE;
9700 Great Seneca Highway, Rockville,
MD 20850. Additional details about the
Data Integrity Building Block are
available at https://nccoe.nist.gov/
projects/building_blocks/data_integrity.
FOR FURTHER INFORMATION CONTACT:
National Institute of Standards and
Technology
[Docket No.: 160429381–6381–01]
National Cybersecurity Center of
Excellence Data Integrity Building
Block
National Institute of Standards
and Technology, Department of
Commerce.
ACTION: Notice.
Background
The National Institute of
Standards and Technology (NIST)
invites organizations to provide
products and technical expertise to
support and demonstrate security
platforms for the Data Integrity Building
Block. This notice is the initial step for
the National Cybersecurity Center of
Excellence (NCCoE) in collaborating
with technology companies to address
cybersecurity challenges identified
under the Data Integrity Building Block.
Participation in the Data Integrity
Building Block is open to all interested
organizations.
DATES: Interested parties must contact
NIST to request a letter of interest
template to be completed and submitted
to NIST. Letters of interest will be
accepted on a first come, first served
The NCCoE, part of NIST, is a publicprivate collaboration for accelerating the
widespread adoption of integrated
cybersecurity tools and technologies.
The NCCoE brings together experts from
industry, government, and academia
under one roof to develop practical,
interoperable cybersecurity approaches
that address the real-world needs of
complex Information Technology (IT)
systems. By accelerating dissemination
and use of these integrated tools and
technologies for protecting IT assets, the
NCCoE will enhance trust in U.S. IT
communications, data, and storage
systems; reduce risk for companies and
individuals using IT systems; and
encourage development of innovative,
job-creating cybersecurity products and
services.
AGENCY:
SUMMARY:
PO 00000
Frm 00008
Fmt 4703
Sfmt 4703
SUPPLEMENTARY INFORMATION:
E:\FR\FM\01JNN1.SGM
01JNN1
Federal Register / Vol. 81, No. 105 / Wednesday, June 1, 2016 / Notices
Process
NIST is soliciting responses from all
sources of relevant security capabilities
(see below) to enter into a Cooperative
Research and Development Agreement
(CRADA) to provide products and
technical expertise to support and
demonstrate security platforms for the
Data Integrity Building Block. The full
Data Integrity Building Block can be
viewed at: https://nccoe.nist.gov/
projects/building_blocks/data_integrity.
Interested parties should contact NIST
using the information provided in the
FOR FURTHER INFORMATION CONTACT
section of this notice. NIST will then
provide each interested party with a
letter of interest template, which the
party must complete, certify that it is
accurate, and submit to NIST. NIST will
contact interested parties if there are
questions regarding the responsiveness
of the letters of interest to the Data
Integrity Building Block objective or
requirements identified below. NIST
will select participants who have
submitted complete letters of interest on
a first come, first served basis within
each category of product components or
capabilities listed below up to the
number of participants in each category
necessary to carry out this Data Integrity
Building Block. However, there may be
continuing opportunity to participate
even after initial activity commences.
Selected participants will be required to
enter into a consortium CRADA with
NIST (for reference, see ADDRESSES
section above). NIST published a notice
in the Federal Register on October 19,
2012 (77 FR 64314) inviting U.S.
companies to enter into National
Cybersecurity Excellence Partnerships
(NCEPs) in furtherance of the NCCoE.
For this demonstration project, NCEP
partners will not be given priority for
participation.
sradovich on DSK3TPTVN1PROD with NOTICES
Data Integrity Building Block Objective
The goal of this project is to mitigate
the impacts of data corruption when
recovering systems from backup storage.
The solution will provide guidance for
incorporating post-attack data
corruption detection and recovery
strategies into a corporate IT
architecture. The project will explore
methods to address the integrity of
commodity components (operating
systems, applications, and software
configurations), custom applications,
and data (database and files) and
provide corruption indicators and
activity logs to the security analysts to
identify the malicious activity. It will
produce an architecture that includes
components that will integrate
notification of data corruption events
VerDate Sep<11>2014
21:59 May 31, 2016
Jkt 238001
coupled with approaches to automate
recovery from such events.
A detailed description of the Data
Integrity Building Block is available at:
https://nccoe.nist.gov/projects/building_
blocks/data_integrity.
Requirements
Each responding organization’s letter
of interest should identify which
security platform component(s) or
capability(ies) it is offering. Letters of
interest should not include company
proprietary information, and all
components and capabilities must be
commercially available. Components are
listed in the High-level Architecture
section of the Data Integrity Building
Block (for reference, please see the link
in the PROCESS section above) and
include, but are not limited to:
• File integrity monitors
• File versioning systems
• File integrity testing capabilities
• User activity monitoring tools
• Configuration management systems
• Database rollback tools
• Virtual machine integrity/
snapshots/versioning capabilities
• Versioning file systems
• Journaling file systems
Each responding organization’s letter
of interest should identify how their
products address one or more of the
following desired solution
characteristics in the High Level
Architecture section of the Data
Integrity Building Block (for reference,
please see the link in the PROCESS
section above):
• Automated data corruption testing
• Automated data corruption
detection
• Automated data corruption event
logging
• Secure data integrity monitoring
and alerting information (checksums,
off-site, hard-copy)
• Automated detection and reporting
of all file modifications/creations/
deletions
• Automated detection and reporting
of all database modifications/creations/
deletions
• Automated correlation of file
changes and users
• Automated user activity recording
• Automated anomalous user activity
detection
• Automated configuration
management monitoring
Responding organizations need to
understand and, in their letters of
interest, commit to provide:
1. Access for all participants’ project
teams to component interfaces and the
organization’s experts necessary to make
functional connections among security
platform components
PO 00000
Frm 00009
Fmt 4703
Sfmt 4703
34977
2. Support for development and
demonstration of the Data Integrity
Building Block in NCCoE facilities
which will be conducted in a manner
consistent with Federal requirements
(e.g., FIPS 200, FIPS 201, SP 800–53,
and SP 800–63)
Additional details about the Data
Integrity Building Block are available at:
https://nccoe.nist.gov/projects/building_
blocks/data_integrity.
NIST cannot guarantee that all of the
products proposed by respondents will
be used in the demonstration. Each
prospective participant will be expected
to work collaboratively with NIST staff
and other project participants under the
terms of the consortium CRADA in the
development of the Data Integrity
Building Block. Prospective
participants’ contribution to the
collaborative effort will include
assistance in establishing the necessary
interface functionality, connection and
set-up capabilities and procedures,
demonstration harnesses, environmental
and safety conditions for use, integrated
platform user instructions, and
demonstration plans and scripts
necessary to demonstrate the desired
capabilities. Each participant will train
NIST personnel, as necessary, to operate
its product in capability
demonstrations. Following successful
demonstrations, NIST will publish a
description of the security platform and
its performance characteristics sufficient
to permit other organizations to develop
and deploy security platforms that meet
the security objectives of the Data
Integrity Building Block. These
descriptions will be public information.
Under the terms of the consortium
CRADA, NIST will support
development of interfaces among
participants’ products by providing IT
infrastructure, laboratory facilities,
office facilities, collaboration facilities,
and staff support to component
composition, security platform
documentation, and demonstration
activities.
The dates of the demonstration of the
Data Integrity Building Block capability
will be announced on the NCCoE Web
site at least two weeks in advance at
https://nccoe.nist.gov/. The expected
outcome of the demonstration is to
improve data integrity within the
enterprise. Participating organizations
will gain from the knowledge that their
products are interoperable with other
participants’ offerings.
For additional information on the
NCCoE governance, business processes,
and NCCoE operational structure, visit
E:\FR\FM\01JNN1.SGM
01JNN1
34978
Federal Register / Vol. 81, No. 105 / Wednesday, June 1, 2016 / Notices
the NCCoE Web site https://
nccoe.nist.gov/.
Threatened CCC Steelhead (O.
mykiss).
Kevin Kimball,
NIST Chief of Staff.
Permits Issued
[FR Doc. 2016–12860 Filed 5–31–16; 8:45 am]
BILLING CODE 3510–13–P
DEPARTMENT OF COMMERCE
National Oceanic and Atmospheric
Administration
RIN 0648–XE221
Endangered and Threatened Species;
Take of Anadromous Fish
National Marine Fisheries
Service (NMFS), National Oceanic and
Atmospheric Administration (NOAA),
Commerce.
ACTION: Issuance of one enhancement of
survival permit.
AGENCY:
Notice is hereby given that
NMFS has issued Permit 20032 to
Sonoma County Water Agency.
ADDRESSES: The application, issued
permit, and supporting documents are
available upon written request or by
appointment: California Coastal Office,
NMFS, 777 Sonoma Avenue, Room 325,
Santa Rosa, CA 95404, ph: (707)-387–
0737, fax: (707) 578–3435).
FOR FURTHER INFORMATION CONTACT: Dan
Wilson, Santa Rosa, CA (ph.: 707–578–
8555, Fax: 707–578–3435, email:
dan.wilson@noaa.gov).
SUPPLEMENTARY INFORMATION:
The issuance of permits and permit
modifications, as required by the
Endangered Species Act of 1973 (16
U.S.C. 1531–1543) (ESA), is based on a
finding that such permits/modifications:
(1) Are applied for in good faith; (2)
would not operate to the disadvantage
of the listed species which are the
subject of the permits; and (3) are
consistent with the purposes and
policies set forth in section 2 of the
ESA. Authority to take listed species is
subject to conditions set forth in the
permits. Permits and modifications are
issued in accordance with and are
subject to the ESA and NMFS
regulations (50 CFR parts 222–226)
governing listed fish and wildlife
permits.
sradovich on DSK3TPTVN1PROD with NOTICES
SUMMARY:
Species Covered in This Notice
The following listed species are
covered in this notice:
Threatened California Coastal (CC)
Chinook salmon (Oncorhynchus
tshawytscha), Endangered Central
California Coast (CCC) Coho salmon (O.
kisutch), and
VerDate Sep<11>2014
21:59 May 31, 2016
Jkt 238001
Permit 20032
A notice of receipt of an application
for an enhancement of survival permit
(20032) was published in the Federal
Register on November 18, 2015 (80 FR
72047). Permit 20032 was issued to the
Permit Holder, Sonoma County Water
Agency, on March 3, 2016, and expires
on March 3, 2051.
Permit 20032 facilitates the
implementation of the Dry Creek Valley
Programmatic Safe Harbor Agreement
(Agreement) that is expected to promote
the recovery of the Covered Species on
non-federal properties within Dry Creek
below Warm Springs Dam, a tributary to
the Russian River in Sonoma County,
California. The duration of the
Agreement and Permit 20032 is 35
years.
Permit 20032 authorizes the
incidental taking of the Covered Species
associated with routine viticulture
activities and the potential future return
of any property included in the
Agreement to the Elevated Baseline
Condition. Under this Agreement,
individual landowners (Cooperators)
may include their properties by entering
into a Cooperative Agreement with the
Permit Holder. Each Cooperative
Agreement will specify the restoration
and/or enhancement, and management
activities to be carried out on that
specific property and a timetable for
implementing those activities. All
Cooperative Agreements will be
reviewed by NMFS to determine
whether the proposed activities will
result in a net conservation benefit for
the Covered Species and meet all
required standards of the Safe Harbor
Policy (64 FR 32717). Upon NMFS
approval, the Permit Holder will issue a
Certificate of Inclusion to the
Cooperator. Each Certificate of Inclusion
will extend the incidental take coverage
conferred by the Enhancement of
Survival permit to the Cooperator.
Certificates of Inclusion will be valid for
a minimum of 10 years, but no longer
than the term of Permit 20032. The
Agreement requires that each enrolled
property adopt an Elevated Baseline
Condition. Elevated Baseline levels for
the Covered Species will be determined
by completing the Elevated Baseline
Habitat Worksheet (Table 1 in
Attachment 3 of the Agreement), which
will be completed by the Permit Holder.
NMFS will review each Elevated
Baseline determination prior to the
Permit Holder issuing a Certificate of
Inclusion to the Cooperator. The
PO 00000
Frm 00010
Fmt 4703
Sfmt 4703
Agreement also contains a monitoring
component that requires the Permit
Holder to ensure that the Cooperators
are in compliance with the terms and
conditions of the Agreement, and that
the Elevated Baseline levels of habitat
for the Covered Species occur on the
Enrolled Property. Results of these
monitoring efforts will be provided to
NMFS by the Permit Holder in annual
reports for the duration of the 35-year
permit term.
Permit 20032 authorizes those
Cooperators who have been issued a
Certificate of Inclusion to take Covered
Species incidental to the
implementation of the management
activities specified in the Agreement,
incidental to other lawful uses of the
property including routine viticulture
activities, and to return to Elevated
Baseline Conditions if desired.
Dated: May 26, 2016.
Angela Somma,
Chief, Endangered Species Division, Office
of Protected Resources, National Marine
Fisheries Service.
[FR Doc. 2016–12825 Filed 5–31–16; 8:45 am]
BILLING CODE 3510–22–P
DEPARTMENT OF COMMERCE
National Oceanic and Atmospheric
Administration
RIN 0648–XE468
Takes of Marine Mammals Incidental to
Specified Activities; Seabird and
Pinniped Research Activities in Central
California, 2016–2017
National Marine Fisheries
Service (NMFS), National Oceanic and
Atmospheric Administration (NOAA),
Commerce.
ACTION: Notice; issuance of an incidental
harassment authorization.
AGENCY:
In accordance with the
Marine Mammal Protection Act
(MMPA) regulations, we hereby give
notification that the National Marine
Fisheries Service (NMFS) has issued an
Incidental Harassment Authorization
(IHA) to Point Blue Conservation
Science (Point Blue), to take marine
mammals, by Level B harassment,
incidental to conducting seabird and
pinniped research activities in central
California, May, 2016 through May,
2017.
SUMMARY:
Effective May 16, 2016 through
May 15, 2017.
ADDRESSES: The public may obtain an
electronic copy of the Point Blue’s
application, supporting documentation,
the authorization, and a list of the
DATES:
E:\FR\FM\01JNN1.SGM
01JNN1
]]>Agencies
[Federal Register Volume 81, Number 105 (Wednesday, June 1, 2016)]
[Notices]
[Pages 34976-34978]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2016-12860]
-----------------------------------------------------------------------
DEPARTMENT OF COMMERCE
National Institute of Standards and Technology
[Docket No.: 160429381-6381-01]
National Cybersecurity Center of Excellence Data Integrity
Building Block
AGENCY: National Institute of Standards and Technology, Department of
Commerce.
ACTION: Notice.
-----------------------------------------------------------------------
SUMMARY: The National Institute of Standards and Technology (NIST)
invites organizations to provide products and technical expertise to
support and demonstrate security platforms for the Data Integrity
Building Block. This notice is the initial step for the National
Cybersecurity Center of Excellence (NCCoE) in collaborating with
technology companies to address cybersecurity challenges identified
under the Data Integrity Building Block. Participation in the Data
Integrity Building Block is open to all interested organizations.
DATES: Interested parties must contact NIST to request a letter of
interest template to be completed and submitted to NIST. Letters of
interest will be accepted on a first come, first served basis.
Collaborative activities will commence as soon as enough completed and
signed letters of interest have been returned to address all the
necessary components and capabilities, but no earlier than July 1,
2016. When the Data Integrity Building Block has been completed, NIST
will post a notice on the NCCoE Data Integrity Building Block Web site
at https://nccoe.nist.gov/projects/building_blocks/data_integrity
announcing the completion of the Data Integrity Building Block and
informing the public that it will no longer accept letters of interest
for this Data Integrity Building Block.
ADDRESSES: The NCCoE is located at 9700 Great Seneca Highway,
Rockville, MD 20850. Letters of interest must be submitted to di-nccoe@nist.gov or via hardcopy to National Institute of Standards and
Technology, NCCoE; 9700 Great Seneca Highway, Rockville, MD 20850.
Organizations whose letters of interest are accepted in accordance with
the process set forth in the SUPPLEMENTARY INFORMATION section of this
notice will be asked to sign a Cooperative Research and Development
Agreement (CRADA) with NIST. A CRADA template can be found at: https://nccoe.nist.gov/library/nccoe-consortium-crada-example.
FOR FURTHER INFORMATION CONTACT: Don Tobin via email to
donald.tobin@nist.gov, by telephone 301-975-0239, or by mail to
National Institute of Standards and Technology, NCCoE; 9700 Great
Seneca Highway, Rockville, MD 20850. Additional details about the Data
Integrity Building Block are available at https://nccoe.nist.gov/projects/building_blocks/data_integrity.
SUPPLEMENTARY INFORMATION:
Background
The NCCoE, part of NIST, is a public-private collaboration for
accelerating the widespread adoption of integrated cybersecurity tools
and technologies. The NCCoE brings together experts from industry,
government, and academia under one roof to develop practical,
interoperable cybersecurity approaches that address the real-world
needs of complex Information Technology (IT) systems. By accelerating
dissemination and use of these integrated tools and technologies for
protecting IT assets, the NCCoE will enhance trust in U.S. IT
communications, data, and storage systems; reduce risk for companies
and individuals using IT systems; and encourage development of
innovative, job-creating cybersecurity products and services.
[[Page 34977]]
Process
NIST is soliciting responses from all sources of relevant security
capabilities (see below) to enter into a Cooperative Research and
Development Agreement (CRADA) to provide products and technical
expertise to support and demonstrate security platforms for the Data
Integrity Building Block. The full Data Integrity Building Block can be
viewed at: https://nccoe.nist.gov/projects/building_blocks/data_integrity.
Interested parties should contact NIST using the information
provided in the FOR FURTHER INFORMATION CONTACT section of this notice.
NIST will then provide each interested party with a letter of interest
template, which the party must complete, certify that it is accurate,
and submit to NIST. NIST will contact interested parties if there are
questions regarding the responsiveness of the letters of interest to
the Data Integrity Building Block objective or requirements identified
below. NIST will select participants who have submitted complete
letters of interest on a first come, first served basis within each
category of product components or capabilities listed below up to the
number of participants in each category necessary to carry out this
Data Integrity Building Block. However, there may be continuing
opportunity to participate even after initial activity commences.
Selected participants will be required to enter into a consortium CRADA
with NIST (for reference, see ADDRESSES section above). NIST published
a notice in the Federal Register on October 19, 2012 (77 FR 64314)
inviting U.S. companies to enter into National Cybersecurity Excellence
Partnerships (NCEPs) in furtherance of the NCCoE. For this
demonstration project, NCEP partners will not be given priority for
participation.
Data Integrity Building Block Objective
The goal of this project is to mitigate the impacts of data
corruption when recovering systems from backup storage. The solution
will provide guidance for incorporating post-attack data corruption
detection and recovery strategies into a corporate IT architecture. The
project will explore methods to address the integrity of commodity
components (operating systems, applications, and software
configurations), custom applications, and data (database and files) and
provide corruption indicators and activity logs to the security
analysts to identify the malicious activity. It will produce an
architecture that includes components that will integrate notification
of data corruption events coupled with approaches to automate recovery
from such events.
A detailed description of the Data Integrity Building Block is
available at: https://nccoe.nist.gov/projects/building_blocks/data_integrity.
Requirements
Each responding organization's letter of interest should identify
which security platform component(s) or capability(ies) it is offering.
Letters of interest should not include company proprietary information,
and all components and capabilities must be commercially available.
Components are listed in the High-level Architecture section of the
Data Integrity Building Block (for reference, please see the link in
the PROCESS section above) and include, but are not limited to:
File integrity monitors
File versioning systems
File integrity testing capabilities
User activity monitoring tools
Configuration management systems
Database rollback tools
Virtual machine integrity/snapshots/versioning
capabilities
Versioning file systems
Journaling file systems
Each responding organization's letter of interest should identify
how their products address one or more of the following desired
solution characteristics in the High Level Architecture section of the
Data Integrity Building Block (for reference, please see the link in
the PROCESS section above):
Automated data corruption testing
Automated data corruption detection
Automated data corruption event logging
Secure data integrity monitoring and alerting information
(checksums, off-site, hard-copy)
Automated detection and reporting of all file
modifications/creations/deletions
Automated detection and reporting of all database
modifications/creations/deletions
Automated correlation of file changes and users
Automated user activity recording
Automated anomalous user activity detection
Automated configuration management monitoring
Responding organizations need to understand and, in their letters
of interest, commit to provide:
1. Access for all participants' project teams to component
interfaces and the organization's experts necessary to make functional
connections among security platform components
2. Support for development and demonstration of the Data Integrity
Building Block in NCCoE facilities which will be conducted in a manner
consistent with Federal requirements (e.g., FIPS 200, FIPS 201, SP 800-
53, and SP 800-63)
Additional details about the Data Integrity Building Block are
available at: https://nccoe.nist.gov/projects/building_blocks/data_integrity.
NIST cannot guarantee that all of the products proposed by
respondents will be used in the demonstration. Each prospective
participant will be expected to work collaboratively with NIST staff
and other project participants under the terms of the consortium CRADA
in the development of the Data Integrity Building Block. Prospective
participants' contribution to the collaborative effort will include
assistance in establishing the necessary interface functionality,
connection and set-up capabilities and procedures, demonstration
harnesses, environmental and safety conditions for use, integrated
platform user instructions, and demonstration plans and scripts
necessary to demonstrate the desired capabilities. Each participant
will train NIST personnel, as necessary, to operate its product in
capability demonstrations. Following successful demonstrations, NIST
will publish a description of the security platform and its performance
characteristics sufficient to permit other organizations to develop and
deploy security platforms that meet the security objectives of the Data
Integrity Building Block. These descriptions will be public
information.
Under the terms of the consortium CRADA, NIST will support
development of interfaces among participants' products by providing IT
infrastructure, laboratory facilities, office facilities, collaboration
facilities, and staff support to component composition, security
platform documentation, and demonstration activities.
The dates of the demonstration of the Data Integrity Building Block
capability will be announced on the NCCoE Web site at least two weeks
in advance at https://nccoe.nist.gov/. The expected outcome of the
demonstration is to improve data integrity within the enterprise.
Participating organizations will gain from the knowledge that their
products are interoperable with other participants' offerings.
For additional information on the NCCoE governance, business
processes, and NCCoE operational structure, visit
[[Page 34978]]
the NCCoE Web site https://nccoe.nist.gov/.
Kevin Kimball,
NIST Chief of Staff.
[FR Doc. 2016-12860 Filed 5-31-16; 8:45 am]
BILLING CODE 3510-13-P
