Thursday, January 28, 2016

:: NIST Requests Comments on Computer Security Publication on Randomness

"The National Institute of Standards and Technology (NIST) is seeking public comment on its latest draft of a publication intended to help computer security experts use randomness to protect sensitive data.
Television with fuzzy screen 
Thermal noise is one of the physical phenomena that can be used as a source of randomness, and it helps to create the visual representation of “snow” that was once a familiar sight to owners of analog televisions.
Credit: ©Shutterstock/trekandshoot
The Second Draft of Special Publication (SP) 800-90B, Recommendation for the Entropy Sources Used for Random Bit Generation, aims to help security specialists judge whether the source of random numbers they use as part of the data encryption process is sufficiently unpredictable. NIST is requesting public comments by May 9, 2016, on the draft document, which is available at NIST’s CSRC website.
Random numbers are a crucial element in cryptography, which is often used to protect private messages by encrypting them into a form that cannot be understood without knowledge of a secret value generated using the random number.
Creating the randomness needed requires the use of an entropy source, which includes a natural source of entropy, often a physical phenomenon such as thermal noise—the random motions of particles due to their temperature. Entropy sources that comply with SP 800-90B are intended to provide assurance that cryptographic algorithms provide the security needed to protect information.
“This draft document proposes a lot of tests that you can use to validate your entropy source to tell you how good a job it is doing,” says NIST’s Elaine Barker, one of the publication’s authors. “When you’re assessing your process for generating randomness, you want to make sure nothing is broken and that it is performing consistently. We would like the public’s input on ways we can improve these tests.”
The document is one of three interrelated publications that NIST has been developing: The first, SP 800-90A Rev. 1, specifies several random-number generation algorithms, all of which require an entropy source to provide a complete random number generator. SP 800-90B helps to assess an entropy source’s performance. The third publication, SP 800-90C, shows users how to combine the algorithms in SP 800-90A and the entropy sources in SP 800-90B into effective random-number generators.
Barker says that the team is also planning a public workshop to discuss both SP 800-90B and -90C. The workshop (preliminary announcement here) will be held on NIST’s Gaithersburg, Md., campus on May 2-3, 2016. Registration will be required. “We hope to have an updated draft version of SP 800-90C posted online before the workshop as well,” she says.
When completed, NIST’s Cryptographic Algorithm Validation Program (CAVP) and Cryptographic Module Validation Program (CMVP) plan to validate entropy sources using the tests and requirements provided in SP 800-90B.
SP 800-90B is available for free download here. To submit comments, use the provided template and send them with subject line “Comments on Draft SP 800-90B” to rbg_comments@nist.gov by May 9, 2016. Submissions received by the deadline will be used to improve the document, which is now undergoing its second public comment review.


Tuesday, January 26, 2016

:: Influence the Future of Cybersecurity Education—Join the NICE Working Group

"Addressing the nation’s rapidly increasing need for cybersecurity employees, the National Initiative for Cybersecurity Education (NICE) is seeking members from the public and private sectors and academia to join its new working group and encourages interested individuals to participate in a kickoff teleconference the afternoon of January 27, 2016.


NICE Logo 
"NICE, which is led by the National Institute of Standards and Technology (NIST), is a public-private partnership that promotes a robust network of cybersecurity education, training and workforce development to meet the nation’s demand for skilled cybersecurity employees to protect information systems. The number of job openings in the field greatly exceeds the number of trained workers. The NICE Working Group will collaborate to develop concepts, design strategies and pursue actions to advance cybersecurity education, including sharing existing education initiatives and identifying new ones.
The working group has chairs representing academia, private industry and government, and will have six subgroups:
  • Collegiate,
  • Competitions,
  • Workforce Framework,
  • Training and Certifications,
  • Career Development and Workforce Planning, and
  • Kindergarten through 12th Grade.
The kickoff teleconference is Wednesday, January 27, from 3:30 to 5 p.m. ET. NICE program leaders will discuss group goals, member roles and responsibilities, meeting schedules and deadlines. The meetings are planned for the fourth Wednesday of each month.
For more information on the public working group, visit the working group page. For call-in numbers for the teleconference, email nice.nist@nist.gov.

http://www.nist.gov/itl/acd/influence-the-future-of-cybersecurity-education-join-nice-working-group.cfm

Friday, January 22, 2016

FCC Meeting Sunshine Notice ~ Jan 28 ~ 2016 Broadband Progress Report ~ EAS ~ Online Public File Obligations Cable and Sat

See links below to the Sunshine Notice announcing the January 28, 2016 Open Commission Meeting

The link(s) for the document are as follows:


For your convenience see the agenda below:


January 21, 2016

FCC TO HOLD OPEN COMMISSION MEETING
THURSDAY, JANUARY 28, 2016

The Federal Communications Commission will hold an Open Meeting on the subjects listed below on Thursday, January 28, 2016, which is scheduled to commence at 10:30 a.m. in Room TW-C305, at 445 12th Street, S.W., Washington, D.C.

ITEM NO.
BUREAU
SUBJECT
1
MEDIA
TITLE:  Expansion of Online Public File Obligations to Cable and Satellite TV Operators and Broadcast and Satellite Radio Licensees (MB Docket No. 14-127)
SUMMARY:  The Commission will consider a Report and Order which modernizes the public inspection file rules by requiring cable and satellite TV operators and broadcast and satellite radio companies to post public inspection files on the FCC’s online database.
 
2
PUBLIC SAFETY
& HOMELAND SECURITY
TITLE:  Amendment of Part 11 of the Commission's Rules Regarding the Emergency Alert System (PS Docket No. 15-94) and Wireless Emergency Alerts (PS Docket No. 15-91)
SUMMARY:  The Commission will consider a Notice of Proposed Rulemaking to strengthen the Emergency Alert System (EAS) by promoting participation on the state and local levels, supporting greater testing and awareness of EAS, leveraging technological advances, and bolstering EAS security.
 
3
WIRELINE COMPETITION
AND
WIRELESS TELE-COMMUNICATIONS
TITLE:  Inquiry Concerning the Deployment of Advanced Telecommunications Capability to All Americans in a Reasonable and Timely Fashion, and Possible Steps to Accelerate Such Deployment Pursuant to Section 706 of the Telecommunications Act of 1996, as Amended by the Broadband Data Improvement Act (GN Docket No. 15-191)
SUMMARY:  The Commission will consider the 2016 Broadband Progress Report examining whether advanced telecommunications capability is being deployed to all Americans in a reasonable and timely fashion, pursuant to Section 706 of the Telecommunications Act of 1996.
 
            *                        *                                 *                               *
CONSENT AGENDA
The Commission will consider the following subjects listed below as a consent agenda and these items will not be presented individually:

1
GENERAL COUNSEL
TITLE:  Mitchell F. Brecher Request for Inspection of Records (FOIA Control No. 2014-338)
SUMMARY:  The Commission will consider a Memorandum Opinion and Order concerning the Application for Review filed by Mitchell F. Brecher regarding the denial of his request for inspection of records under the Freedom of Information Act.
 
2
GENERAL COUNSEL
TITLE:  SMS/800 Inc. Request for Inspection of Records (FOIA Control No. 2015-044)
SUMMARY:  The Commission will consider a Memorandum Opinion and Order concerning the Application for Review filed by SMS/800 Inc. regarding the release of records pertaining to SMS/800 Inc. in response to a request for inspection of records under the Freedom of Information Act filed by Mark Lewyn.
 
3
GENERAL COUNSEL
TITLE:  Rachel A. Avan Request for Inspection of Records (FOIA Control No. 2014-572)
SUMMARY:  The Commission will consider a Memorandum Opinion and Order concerning the Application for Review filed by Rachel A. Avan regarding the denial of her request for inspection of records under the Freedom of Information Act.
 
4
GENERAL COUNSEL
TITLE:  Russell Carollo Request for Inspection of Records (FOIA Control No. 2015-553)
SUMMARY:  The Commission will consider a Memorandum Opinion and Order concerning the Application for Review filed by Russell Carollo regarding the partial denial of his request for inspection of records under the Freedom of Information Act.

5
MEDIA
TITLE:  Application of The KBOO Foundation for a New NCE(FM) Station in Chehalis, Washington
SUMMARY:  The Commission will consider a Memorandum Opinion and Order concerning an Application for Review filed by CVEF challenging the grant of an application and waiver requests filed by KBOO Foundation for a new NCE FM station.

6
MEDIA
TITLE:  Application for Renewal of License and Request for Extension of Special Temporary Authorization for Class A Television Station WEBR-CD in Manhattan, New York
SUMMARY:  The Commission will consider a Memorandum Opinion and Order concerning an Application for Review filed by Jose Luis Rodriguez seeking review of the grant of a license renewal and STA of WEBR-CD, Manhattan, New York. 

The meeting site is fully accessible to people using wheelchairs or other mobility aids.  Sign language interpreters, open captioning, and assistive listening devices will be provided on site.  Other reasonable accommodations for people with disabilities are available upon request.  In your request, include a description of the accommodation you will need and a way we can contact you if we need more information.  Last minute requests will be accepted, but may be impossible to fill.  Send an e-mail to: fcc504@fcc.gov or call the Consumer & Governmental Affairs Bureau at 202-418-0530 (voice), 202-418-0432 (TTY).

Additional information concerning this meeting may be obtained from the Office of Media Relations, (202) 418-0500; TTY 1-888-835-5322.  Audio/Video coverage of the meeting will be broadcast live with open captioning over the Internet from the FCC Live web page at www.fcc.gov/live.

For a fee this meeting can be viewed live over George Mason University's Capitol Connection.  The Capitol Connection also will carry the meeting live via the Internet. To purchase these services, call (703) 993-3100 or go to www.capitolconnection.gmu.edu.


                                                                         -FCC-