National Cybersecurity Center of Excellence (NCCoE) Secure Inter-Domain Routing Building Block, 35931-35933 [2017-16219]
Download as PDF
<![CDATA[
sradovich on DSKBCFCHB2PROD with NOTICES
Federal Register / Vol. 82, No. 147 / Wednesday, August 2, 2017 / Notices
• Hangzhou Cadman Trading Co., Ltd.
(Exporter) Haining Changbei Furniture Co.,
Ltd. (Producer)
• Hualing Furniture (China) Co., Ltd.; Tony
House Manufacture (China) Co., Ltd.;
Buysell Investments Ltd.; Tony House
Industries Co., Ltd.
• Jiangmen Kinwai Furniture Decoration Co.,
Ltd.
• Jiangmen Kinwai International Furniture
Co., Ltd.
• Jiangsu Dare Furniture Co., Ltd.
• Jiangsu Xiangsheng Bedtime Furniture Co.,
Ltd.
• Jiangsu Yuexing Furniture Group Co., Ltd.
• Jiant Furniture Co. Ltd.
• Jiashan Zhenxuan Furniture Co., Ltd
• K Wee & Co., Ltd
• Kunshan Summit Furniture Co., Ltd.
• Nantong Wangzhuang Furniture Co. Ltd.
• Nantong Yangzi Furniture Co., Ltd.
• Nathan International Ltd.; Nathan Rattan
Factory
• Orient International Holding Shanghai
Foreign Trade Co., Ltd.
• Passwell Corporation; Pleasant Wave Ltd.
• Perfect Line Furniture Co., Ltd.
• PuTian Jinggong Furniture Co., Ltd.
• Qingdao Liangmu Co., Ltd.
• Restonic (Dongguan) Furniture Ltd.;
Restonic Far East (Samoa) Ltd.
• Shanghai Jian Pu Export & Import Co., Ltd.
• Shenzhen Diamond Furniture Co., Ltd.
• Shenzhen Forest Furniture Co., Ltd.
• Shenzhen Jiafa High Grade Furniture Co.,
Ltd.; Golden Lion International Trading
Ltd.
• Shenzhen New Fudu Furniture Co., Ltd.
• Shenzhen Wonderful Furniture Co., Ltd.
• Shenzhen Xingli Furniture Co., Ltd.
• Shing Mark Enterprise Co., Ltd.; Carven
Industries Limited (BVI); Carven Industries
Limited (HK); Dongguan Zhenxin
Furniture Co., Ltd.; Dongguan Yongpeng
Furniture Co., Ltd.
• Sunforce Furniture (Hui-Yang) Co., Ltd.;
Sun Fung Wooden Factory; Sun Fung Co.;
Shin Feng Furniture Co., Ltd.; Stupendous
International Co., Ltd.
• Superwood Co., Ltd.; Lianjiang Zongyu Art
Products Co., Ltd.
• Techniwood Industries Ltd.; Ningbo
Furniture Industries Ltd.; Ningbo Hengrun
Furniture Co., Ltd.
• Tradewinds Furniture Ltd. (Successor-InInterest To Nanhai Jiantai Woodwork Co.
Ltd.); Fortune Glory Industrial Ltd. (H.K.
Ltd.)
• Weimei Furniture Co., Ltd.
• Wuxi Yushea Furniture Co., Ltd.
• Xiamen Yongquan Sci-Tech Development
Co., Ltd.
• Yihua Timber Industry Co., Ltd.;
Guangdong Yihua Timber Industry Co.,
Ltd.
• Zhangjiagang Daye Hotel Furniture Co.,
Ltd.
• Zhangzhou Guohui Industrial & Trade Co.,
Ltd.
• Zhejiang Tianyi Scientific & Educational
Equipment Co., Ltd.
• Zhong Shun Wood Art Co.
• Zhongshan Fookyik Furniture Co., Ltd.
• Zhongshan Golden King Furniture
Industrial Co., Ltd.
VerDate Sep<11>2014
19:43 Aug 01, 2017
Jkt 241001
• Zhoushan For-Strong Wood Co., Ltd.
[FR Doc. 2017–16261 Filed 8–1–17; 8:45 am]
BILLING CODE 3510–DS–P
DEPARTMENT OF COMMERCE
National Institute of Standards and
Technology
[Docket No.: 170707635–7635–01]
RIN 0693–XC075
National Cybersecurity Center of
Excellence (NCCoE) Secure InterDomain Routing Building Block
National Institute of Standards
and Technology, Department of
Commerce.
ACTION: Notice.
AGENCY:
The National Institute of
Standards and Technology (NIST)
invites organizations to provide
products and technical expertise to
support and demonstrate security
platforms for the Secure Inter-Domain
Routing Building Block. This notice is
the initial step for the National
Cybersecurity Center of Excellence
(NCCoE) in collaborating with
technology companies to address
cybersecurity challenges identified
under the Secure Inter-Domain Routing
Building Block. Participation in the
building block is open to all interested
organizations.
DATES: Interested parties must contact
NIST to request a letter of interest
template to be completed and submitted
to NIST. Letters of interest will be
accepted on a first come, first served
basis. Collaborative activities will
commence as soon as enough completed
and signed letters of interest have been
returned to address all the necessary
components and capabilities, but no
earlier than September 1, 2017. When
the building block has been completed,
NIST will post a notice on the NCCoE
Secure Inter-Domain Routing Building
Block Web site at: https://
nccoe.nist.gov/projects/building-blocks/
secure-inter-domain-routing,
announcing the completion of the
building block and informing the public
that it will no longer accept letters of
interest for this building block.
ADDRESSES: The NCCoE is located at
9700 Great Seneca Highway, Rockville,
MD 20850. Letters of interest must be
submitted to sidr-nccoe@nist.gov or via
hardcopy to National Institute of
Standards and Technology, NCCoE;
9700 Great Seneca Highway, Rockville,
MD 20850. Organizations whose letters
of interest are accepted in accordance
with the process set forth in the
SUMMARY:
PO 00000
Frm 00006
Fmt 4703
Sfmt 4703
35931
SUPPLEMENTARY INFORMATION section of
this notice will be asked to sign a
consortium Cooperative Research and
Development Agreement (CRADA) with
NIST. An NCCoE consortium CRADA
template can be found at: https://
nccoe.nist.gov/node/138.
FOR FURTHER INFORMATION CONTACT:
William Haag, Jr. via email to sidrnccoe@nist.gov; by telephone 301–975–
0239; or by mail to National Institute of
Standards and Technology, NCCoE;
9700 Great Seneca Highway, Rockville,
MD 20850. Additional details about the
Secure Inter-Domain Routing Building
Block are available at: https://
nccoe.nist.gov/projects/building-blocks/
secure-inter-domain-routing.
SUPPLEMENTARY INFORMATION:
Background: The NCCoE, part of NIST,
is a public-private collaboration for
accelerating the widespread adoption of
integrated cybersecurity tools and
technologies. The NCCoE brings
together experts from industry,
government, and academia under one
roof to develop practical, interoperable
cybersecurity approaches that address
the real-world needs of complex
Information Technology (IT) systems.
By accelerating dissemination and use
of these integrated tools and
technologies for protecting IT assets, the
NCCoE will enhance trust in U.S. IT
communications, data, and storage
systems; reduce risk for companies and
individuals using IT systems; and
encourage development of innovative,
job-creating cybersecurity products and
services.
Process: NIST is soliciting responses
from all sources of relevant security
capabilities (see below) to enter into a
Cooperative Research and Development
Agreement (CRADA) to provide
products and technical expertise to
support and demonstrate security
platforms for the Secure Inter-Domain
Routing Building Block. The full
building block can be viewed at: https://
nccoe.nist.gov/projects/building-blocks/
secure-inter-domain-routing. Interested
parties should contact NIST using the
information provided in the FOR
FURTHER INFORMATION CONTACT section of
this notice. NIST will then provide each
interested party with a letter of interest
template, which the party must
complete, certify that it is accurate, and
submit to NIST. NIST will contact
interested parties if there are questions
regarding the responsiveness of the
letters of interest to the building block
objective or requirements identified
below. NIST will select participants
who have submitted complete letters of
interest on a first come, first served
basis within each category of product
E:\FR\FM\02AUN1.SGM
02AUN1
sradovich on DSKBCFCHB2PROD with NOTICES
35932
Federal Register / Vol. 82, No. 147 / Wednesday, August 2, 2017 / Notices
components or capabilities listed below
up to the number of participants in each
category necessary to carry out this
building block. However, there may be
continuing opportunity to participate
even after initial activity commences.
Selected participants will be required to
enter into a consortium CRADA with
NIST (for reference, see ADDRESSES
section above). NIST published a notice
in the Federal Register on October 19,
2012 (77 FR 64314) inviting U.S.
companies to enter into National
Cybersecurity Excellence Partnerships
(NCEPs) in furtherance of the NCCoE.
For this demonstration project, NCEP
partners will not be given priority for
participation.
Building Block Objective: The
building block objective is to
demonstrate means for improving interdomain routing security. This project
will result in a NIST Cybersecurity
Practice Guide—a publicly available
description of the solution and practical
steps needed to implement practices
that effectively demonstrate the security
and functionality of Route Origin
Validation (ROV). A detailed
description of the Secure Inter-Domain
Routing Building Block is available at:
https://nccoe.nist.gov/projects/buildingblocks/secure-inter-domain-routing.
Requirements: Each responding
organization’s letter of interest should
identify which security platform
component(s) or capability(ies) it is
offering. Letters of interest should not
include company proprietary
information, and all components and
capabilities must be commercially
available. Components are listed in
section 3 of the Secure Inter-Domain
Routing Building Block (for reference,
please see the link in the Process section
above) and include, but are not limited
to:
• Routers with software that supports
BGP, RPKI–ROV, and RPKI-Router
protocol.
• RPKI Validator Cache (or RPKI VC)
• ROA data
• Operations monitoring and validation
tools
• RIR RPKI repository
• Data storage for operations monitoring
and validation
• BGP updates (minimum routes
received by lab routers)
Each responding organization’s letter
of interest should identify how their
products address one or more of the
following desired solution
characteristics in section 3 of the Secure
Inter-Domain Routing Building Block
(for reference, please see the link in the
Process section above):
VerDate Sep<11>2014
19:43 Aug 01, 2017
Jkt 241001
1. Network
• Enterprise-grade network supporting
servers and security tools
• Router
Æ eBGP enabled
Æ Support for RPKI-Router protocol to
communicate with RPKI VC
Æ Minimum carrier grade router
requirements
Æ Support for IPv4/IPv6 routes
Æ Internet feed to ISP router
• Switches
• Servers
• Internet link from ISP
• Government related requirements
(Managed Trusted Internet Protocol
Services (MTIPS) required or Trusted
Internet Connection (TIC))
• Firewalls
2. RPKI
• Design supports RPKI specifications
described in RFCs 6480–6492
• RPKI VC
Æ System requirements: Refer to the
document of the specific RPKI VC
Æ Rsync, RRDP and RPKI-Router
capabilities
Æ Minimal performance requirements
(as specified by RPKI VC
application vendor)
• Hosted RPKI support from RIR
3. Tools
• Monitoring and management tools for
RPKI–ROV
Æ Functionality monitoring of routers
and RPKI VC
Æ Performance of ROA affecting
routers
Æ Additional tools for securing ROV
Responding organizations need to
understand and, in their letters of
interest, commit to provide:
1. Access for all participants’ project
teams to component interfaces and the
organization’s experts necessary to make
functional connections among security
platform components.
2. Support for development and
demonstration of the Secure InterDomain Routing Building Block in
NCCoE facilities which will be
conducted in a manner consistent with
the following standards and guidance:
FIPS 200; FIPS 201; OMB Circular A–
130; FIPS 140–2; SP 800–37 Rev. 1; SP
800–53 Rev. 4; SP 800–54; SP 800–57
Part 1; SP 800–130; SP 800–152; SP
800–160; NIST Framework for
Improving Critical Infrastructure
Cybersecurity; and RFCs 793, 3882,
4012 5280, 5575, 6092, 6472, 6480,
6481–6493, 6811, 7115, 7318, 7454,
7674, 7908, 7909, and 8097 . The project
will also be informed by an in-progress
draft 800-series NIST Special
Publication (Secure Interdomain Traffic
PO 00000
Frm 00007
Fmt 4703
Sfmt 4703
Exchange) and two internet draft BGP
RFCs (BGPsec Protocol Specification
and BGPsec Operational
Considerations).
Additional details about the Secure
Inter-Domain Routing Building Block
are available at: https://nccoe.nist.gov/
projects/building-blocks/secure-interdomain-routing.
NIST cannot guarantee that all the
products proposed by respondents will
be used in the demonstration. Each
prospective participant will be expected
to work collaboratively with NIST staff
and other project participants under the
terms of the consortium CRADA in the
development of the Secure Inter-Domain
Routing Building Block. Prospective
participants’ contribution to the
collaborative effort will include
assistance in establishing the necessary
interface functionality, connection and
set-up capabilities and procedures,
demonstration harnesses, environmental
and safety conditions for use, integrated
platform user instructions, and
demonstration plans and scripts
necessary to demonstrate the desired
capabilities. Each participant will train
NIST personnel, as necessary, to operate
its product in capability
demonstrations. Following successful
demonstrations, NIST will publish a
description of the security platform and
its performance characteristics sufficient
to permit other organizations to develop
and deploy security platforms that meet
the security objectives of the Secure
Inter-Domain Routing Building Block.
These descriptions will be public
information.
Under the terms of the consortium
CRADA, NIST will support
development of interfaces among
participants’ products by providing IT
infrastructure, laboratory facilities,
office facilities, collaboration facilities,
and staff support to component
composition, security platform
documentation, and demonstration
activities.
The dates of the demonstration of the
Secure Inter-Domain Routing, Building
Block capability will be announced on
the NCCoE Web site at least two weeks
in advance at https://nccoe.nist.gov/. The
expected outcome of the demonstration
is to improve Secure Inter-Domain
Routing within the enterprise.
Participating organizations will gain
from the knowledge that their products
are interoperable with other
participants’ offerings.
For additional information on the
NCCoE governance, business processes,
and NCCoE operational structure, visit
E:\FR\FM\02AUN1.SGM
02AUN1
Federal Register / Vol. 82, No. 147 / Wednesday, August 2, 2017 / Notices
the NCCoE Web site https://
nccoe.nist.gov/.
Phillip A. Singerman,
Associate Director for Innovation and
Industry Services.
[FR Doc. 2017–16219 Filed 8–1–17; 8:45 am]
BILLING CODE 3510–13–P
DEPARTMENT OF COMMERCE
National Oceanic and Atmospheric
Administration
Proposed Information Collection;
Comment Request; Atlantic Highly
Migratory Species (HMS) Individual
Bluefin Tuna Quota Tracking
National Oceanic and
Atmospheric Administration (NOAA),
Commerce.
ACTION: Notice.
AGENCY:
The Department of
Commerce, as part of its continuing
effort to reduce paperwork and
respondent burden, invites the general
public and other Federal agencies to
take this opportunity to comment on
proposed and/or continuing information
collections, as required by the
Paperwork Reduction Act of 1995.
DATES: Written comments must be
submitted on or before October 2, 2017.
ADDRESSES: Direct all written comments
to Jennifer Jessup, Departmental
Paperwork Clearance Officer,
Department of Commerce, Room 6616,
14th and Constitution Avenue NW.,
Washington, DC 20230 (or via the
Internet at pracomments@doc.gov).
FOR FURTHER INFORMATION CONTACT:
Requests for additional information or
copies of the information collection
instrument and instructions should be
directed to Margo Schulze-Haugen,
(301) 427–8503 or Margo.SchulzeHaugen@noaa.gov.
SUPPLEMENTARY INFORMATION:
SUMMARY:
sradovich on DSKBCFCHB2PROD with NOTICES
I. Abstract
Amendment 7 to the 2006
Consolidated HMS Fishery Management
Plan (79 FR 71510, December 2, 2014)
implemented individual bluefin tuna
quota (IBQ) shares and allocations for
vessels permitted in the Atlantic Tunas
Longline Category and Atlantic Tunas
Purse Seine Category. IBQs are intended
to fairly and effectively allocate limited
quota for incidental capture of bluefin
tuna among vessels in the Longline
category, while minimizing dead
discards and discouraging interactions
with bluefin tuna, and better utilizing
the Purse seine category quota. An online system developed by the NOAA
VerDate Sep<11>2014
19:43 Aug 01, 2017
Jkt 241001
National Marine Fisheries Service
(NMFS) tracks allocations and
allocation leases, and reconciles leases
with bluefin tuna catches for quota
monitoring. The extension of this
collection of information will allow
NMFS to continue to account for the
reporting burden associated with
allocation and lease tracking. There are
no new requirements.
First-time vessel permit holders in the
affected categories must obtain and set
up an IBQ account in the online ‘‘Catch
Shares Online System’’ in order to be
issued IBQ shares and resultant
allocation, and to lease IBQ. To use the
electronic IBQ System, first-time
participants will need to request an
account and set their account up with
background information. The
information collected during account
issuance and set-up will be used by
NMFS to verify the identity of the
individual/business and whether they
qualify for IBQ allocation leasing.
The lease monitoring information
collected by the online system will be
used by each permit holder to keep
track of their individual IBQ allocation,
and document allocation leases with
other IBQ participants. NMFS will use
these data to ensure proper accounting
of allocations among participants, and
to track use of quota allocations and
reconcile allocation usage with bluefin
tuna catch and landings.
Atlantic HMS fisheries are managed
under the dual authority of the
Magnuson-Stevens Fishery
Conservation and Management Act
(MSA) and the Atlantic Tunas
Convention Act (ATCA). Under the
MSA, management measures must be
consistent with ten National Standards,
and fisheries must be managed to
maintain optimum yield, rebuild
overfished fisheries, and prevent
overfishing. Under ATCA, the Secretary
of Commerce shall promulgate
regulations, as necessary and
appropriate, to implement measures
adopted by the International
Commission for the Conservation of
Atlantic Tunas (ICCAT).
II. Method of Collection
Information will be collected on line
using the electronic IBQ System.
III. Data
OMB Control Number: 0648–0677.
Form Number(s): None.
Type of Review: Regular (extension of
a current information collection).
Affected Public: Businesses or other
for-profit organizations; individuals or
households; and State, Local, or Tribal
government.
PO 00000
Frm 00008
Fmt 4703
Sfmt 4703
35933
Estimated Number of Respondents:
120.
Estimated Time per Response: 10
minutes for initial application for IBQ
account; 15 minutes per IBQ allocation
lease.
Estimated Total Annual Burden
Hours: 29.
Estimated Total Annual Cost to
Public: $1,100 in recordkeeping/
reporting costs (total annualized
expense for 5% of respondents who may
not have a computer and choose to
purchase one).
IV. Request for Comments
Comments are invited on: (a) Whether
the proposed collection of information
is necessary for the proper performance
of the functions of the agency, including
whether the information shall have
practical utility; (b) the accuracy of the
agency’s estimate of the burden
(including hours and cost) of the
proposed collection of information; (c)
ways to enhance the quality, utility, and
clarity of the information to be
collected; and (d) ways to minimize the
burden of the collection of information
on respondents, including through the
use of automated collection techniques
or other forms of information
technology.
Comments submitted in response to
this notice will be summarized and/or
included in the request for OMB
approval of this information collection;
they also will become a matter of public
record.
Dated: July 27, 2017.
Sarah Brabson,
NOAA PRA Clearance Officer.
[FR Doc. 2017–16193 Filed 8–1–17; 8:45 am]
BILLING CODE 3510–22–P
DEPARTMENT OF COMMERCE
National Oceanic and Atmospheric
Administration
RIN 0648–XF532
Northwest Atlantic Fisheries
Organization Consultative Committee
Nominations and Meeting
Announcement
National Marine Fisheries
Service (NMFS), National Oceanic and
Atmospheric Administration (NOAA),
Commerce.
ACTION: Notice calling for nominations
and announcing meeting.
AGENCY:
NOAA is soliciting
nominations for individuals to serve as
members of the Northwest Atlantic
Fisheries Organization (NAFO)
Consultative Committee. This action is
SUMMARY:
E:\FR\FM\02AUN1.SGM
02AUN1
]]>Agencies
[Federal Register Volume 82, Number 147 (Wednesday, August 2, 2017)]
[Notices]
[Pages 35931-35933]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2017-16219]
-----------------------------------------------------------------------
DEPARTMENT OF COMMERCE
National Institute of Standards and Technology
[Docket No.: 170707635-7635-01]
RIN 0693-XC075
National Cybersecurity Center of Excellence (NCCoE) Secure Inter-
Domain Routing Building Block
AGENCY: National Institute of Standards and Technology, Department of
Commerce.
ACTION: Notice.
-----------------------------------------------------------------------
SUMMARY: The National Institute of Standards and Technology (NIST)
invites organizations to provide products and technical expertise to
support and demonstrate security platforms for the Secure Inter-Domain
Routing Building Block. This notice is the initial step for the
National Cybersecurity Center of Excellence (NCCoE) in collaborating
with technology companies to address cybersecurity challenges
identified under the Secure Inter-Domain Routing Building Block.
Participation in the building block is open to all interested
organizations.
DATES: Interested parties must contact NIST to request a letter of
interest template to be completed and submitted to NIST. Letters of
interest will be accepted on a first come, first served basis.
Collaborative activities will commence as soon as enough completed and
signed letters of interest have been returned to address all the
necessary components and capabilities, but no earlier than September 1,
2017. When the building block has been completed, NIST will post a
notice on the NCCoE Secure Inter-Domain Routing Building Block Web site
at: https://nccoe.nist.gov/projects/building-blocks/secure-inter-domain-routing, announcing the completion of the building block and
informing the public that it will no longer accept letters of interest
for this building block.
ADDRESSES: The NCCoE is located at 9700 Great Seneca Highway,
Rockville, MD 20850. Letters of interest must be submitted to sidr-nccoe@nist.gov or via hardcopy to National Institute of Standards and
Technology, NCCoE; 9700 Great Seneca Highway, Rockville, MD 20850.
Organizations whose letters of interest are accepted in accordance with
the process set forth in the SUPPLEMENTARY INFORMATION section of this
notice will be asked to sign a consortium Cooperative Research and
Development Agreement (CRADA) with NIST. An NCCoE consortium CRADA
template can be found at: https://nccoe.nist.gov/node/138.
FOR FURTHER INFORMATION CONTACT: William Haag, Jr. via email to sidr-nccoe@nist.gov; by telephone 301-975-0239; or by mail to National
Institute of Standards and Technology, NCCoE; 9700 Great Seneca
Highway, Rockville, MD 20850. Additional details about the Secure
Inter-Domain Routing Building Block are available at: https://nccoe.nist.gov/projects/building-blocks/secure-inter-domain-routing.
SUPPLEMENTARY INFORMATION: Background: The NCCoE, part of NIST, is a
public-private collaboration for accelerating the widespread adoption
of integrated cybersecurity tools and technologies. The NCCoE brings
together experts from industry, government, and academia under one roof
to develop practical, interoperable cybersecurity approaches that
address the real-world needs of complex Information Technology (IT)
systems. By accelerating dissemination and use of these integrated
tools and technologies for protecting IT assets, the NCCoE will enhance
trust in U.S. IT communications, data, and storage systems; reduce risk
for companies and individuals using IT systems; and encourage
development of innovative, job-creating cybersecurity products and
services.
Process: NIST is soliciting responses from all sources of relevant
security capabilities (see below) to enter into a Cooperative Research
and Development Agreement (CRADA) to provide products and technical
expertise to support and demonstrate security platforms for the Secure
Inter-Domain Routing Building Block. The full building block can be
viewed at: https://nccoe.nist.gov/projects/building-blocks/secure-inter-domain-routing. Interested parties should contact NIST using the
information provided in the FOR FURTHER INFORMATION CONTACT section of
this notice. NIST will then provide each interested party with a letter
of interest template, which the party must complete, certify that it is
accurate, and submit to NIST. NIST will contact interested parties if
there are questions regarding the responsiveness of the letters of
interest to the building block objective or requirements identified
below. NIST will select participants who have submitted complete
letters of interest on a first come, first served basis within each
category of product
[[Page 35932]]
components or capabilities listed below up to the number of
participants in each category necessary to carry out this building
block. However, there may be continuing opportunity to participate even
after initial activity commences. Selected participants will be
required to enter into a consortium CRADA with NIST (for reference, see
ADDRESSES section above). NIST published a notice in the Federal
Register on October 19, 2012 (77 FR 64314) inviting U.S. companies to
enter into National Cybersecurity Excellence Partnerships (NCEPs) in
furtherance of the NCCoE. For this demonstration project, NCEP partners
will not be given priority for participation.
Building Block Objective: The building block objective is to
demonstrate means for improving inter-domain routing security. This
project will result in a NIST Cybersecurity Practice Guide--a publicly
available description of the solution and practical steps needed to
implement practices that effectively demonstrate the security and
functionality of Route Origin Validation (ROV). A detailed description
of the Secure Inter-Domain Routing Building Block is available at:
https://nccoe.nist.gov/projects/building-blocks/secure-inter-domain-routing.
Requirements: Each responding organization's letter of interest
should identify which security platform component(s) or capability(ies)
it is offering. Letters of interest should not include company
proprietary information, and all components and capabilities must be
commercially available. Components are listed in section 3 of the
Secure Inter-Domain Routing Building Block (for reference, please see
the link in the Process section above) and include, but are not limited
to:
Routers with software that supports BGP, RPKI-ROV, and RPKI-
Router protocol.
RPKI Validator Cache (or RPKI VC)
ROA data
Operations monitoring and validation tools
RIR RPKI repository
Data storage for operations monitoring and validation
BGP updates (minimum routes received by lab routers)
Each responding organization's letter of interest should identify
how their products address one or more of the following desired
solution characteristics in section 3 of the Secure Inter-Domain
Routing Building Block (for reference, please see the link in the
Process section above):
1. Network
Enterprise-grade network supporting servers and security tools
Router
[cir] eBGP enabled
[cir] Support for RPKI-Router protocol to communicate with RPKI VC
[cir] Minimum carrier grade router requirements
[cir] Support for IPv4/IPv6 routes
[cir] Internet feed to ISP router
Switches
Servers
Internet link from ISP
Government related requirements (Managed Trusted Internet
Protocol Services (MTIPS) required or Trusted Internet Connection
(TIC))
Firewalls
2. RPKI
Design supports RPKI specifications described in RFCs 6480-
6492
RPKI VC
[cir] System requirements: Refer to the document of the specific
RPKI VC
[cir] Rsync, RRDP and RPKI-Router capabilities
[cir] Minimal performance requirements (as specified by RPKI VC
application vendor)
Hosted RPKI support from RIR
3. Tools
Monitoring and management tools for RPKI-ROV
[cir] Functionality monitoring of routers and RPKI VC
[cir] Performance of ROA affecting routers
[cir] Additional tools for securing ROV
Responding organizations need to understand and, in their letters
of interest, commit to provide:
1. Access for all participants' project teams to component
interfaces and the organization's experts necessary to make functional
connections among security platform components.
2. Support for development and demonstration of the Secure Inter-
Domain Routing Building Block in NCCoE facilities which will be
conducted in a manner consistent with the following standards and
guidance: FIPS 200; FIPS 201; OMB Circular A-130; FIPS 140-2; SP 800-37
Rev. 1; SP 800-53 Rev. 4; SP 800-54; SP 800-57 Part 1; SP 800-130; SP
800-152; SP 800-160; NIST Framework for Improving Critical
Infrastructure Cybersecurity; and RFCs 793, 3882, 4012 5280, 5575,
6092, 6472, 6480, 6481-6493, 6811, 7115, 7318, 7454, 7674, 7908, 7909,
and 8097 . The project will also be informed by an in-progress draft
800-series NIST Special Publication (Secure Interdomain Traffic
Exchange) and two internet draft BGP RFCs (BGPsec Protocol
Specification and BGPsec Operational Considerations).
Additional details about the Secure Inter-Domain Routing Building
Block are available at: https://nccoe.nist.gov/projects/building-blocks/secure-inter-domain-routing.
NIST cannot guarantee that all the products proposed by respondents
will be used in the demonstration. Each prospective participant will be
expected to work collaboratively with NIST staff and other project
participants under the terms of the consortium CRADA in the development
of the Secure Inter-Domain Routing Building Block. Prospective
participants' contribution to the collaborative effort will include
assistance in establishing the necessary interface functionality,
connection and set-up capabilities and procedures, demonstration
harnesses, environmental and safety conditions for use, integrated
platform user instructions, and demonstration plans and scripts
necessary to demonstrate the desired capabilities. Each participant
will train NIST personnel, as necessary, to operate its product in
capability demonstrations. Following successful demonstrations, NIST
will publish a description of the security platform and its performance
characteristics sufficient to permit other organizations to develop and
deploy security platforms that meet the security objectives of the
Secure Inter-Domain Routing Building Block. These descriptions will be
public information.
Under the terms of the consortium CRADA, NIST will support
development of interfaces among participants' products by providing IT
infrastructure, laboratory facilities, office facilities, collaboration
facilities, and staff support to component composition, security
platform documentation, and demonstration activities.
The dates of the demonstration of the Secure Inter-Domain Routing,
Building Block capability will be announced on the NCCoE Web site at
least two weeks in advance at https://nccoe.nist.gov/. The expected
outcome of the demonstration is to improve Secure Inter-Domain Routing
within the enterprise. Participating organizations will gain from the
knowledge that their products are interoperable with other
participants' offerings.
For additional information on the NCCoE governance, business
processes, and NCCoE operational structure, visit
[[Page 35933]]
the NCCoE Web site https://nccoe.nist.gov/.
Phillip A. Singerman,
Associate Director for Innovation and Industry Services.
[FR Doc. 2017-16219 Filed 8-1-17; 8:45 am]
BILLING CODE 3510-13-P
