Back to Table of contents

Primeur weekly 2011-07-25

Exascale supercomputing

High-Tech Consortium launches European Technology Platform for High Performance Computing ...

The Cloud

Acer to acquire US-based iGware with US$320 million for mid- to long-term investment in Cloud technology ...

Citrix acquires Cloud.com ...

Dell announces intent to acquire data centre networking expert Force10 Networks ...

IBM Federal Community Cloud to speed agency adoption of social collaboration technologies ...

State of Vermont transforms business operations with Cloud technology from IBM and Silanis ...

LEAD Technologies releases LEADTOOLS V17.5 ...

Capgemini and Microsoft plan to offer accelerated Cloud services in 22 countries ...

NIST proposes new privacy controls for federal information systems and organisations ...

Oracle buys Ksplice ...

Therap Services expands health services infrastructure with Oracle servers ...

Oracle announces Oracle Unified Directory 11g ...

Oracle introduces Oracle VM VirtualBox 4.1 ...

Oracle WebLogic Server selected by Choice Hotels to power its Cloud infrastructure and choiceADVANTAGE SaaS application ...

Desktop Grids

8th IDGF Workshop to issue Call for Participation ...

Einstein@OSG to use resources from Open Science Grid and D-Grid ...

EuroFlash

transtec and Bright Computing enter into partnership for European HPC market ...

Bull technology supporting the University of Perpignan Via Domitia ...

Cosmological evolution of dark matter is similar to that of visible matter ...

Budding engineers build a supercomputer with the Smallpeice Trust ...

USFlash

Emerson Network Power research highlights the progress of data centre infrastructure management initiatives in the U.S. ...

New line of embedded computers from Emerson Network Power offer fast, cost-effective and lower risk solutions ...

Gigamon Solutions monitors National Center for Supercomputing Applications ...

HP helps Desjardins General Insurance Group reduce costs and risk by migrating off mainframe technology ...

HP helps enterprises advance development for the Cloud ...

HP helps enterprises scale up ...

Researchers demonstrate breakthrough storage performance for big data applications ...

Next generation IBM XIV Storage System improves efficiency for demanding application workloads ...

New IBM zEnterprise mainframe server advances smarter computing for companies and governments in emerging markets and mid-size clients around the world ...

Intel to acquire Fulcrum Microsystems ...

Jaryba and Vinetech enter into a reseller agreement to sell Jaryba SmartSuspend throughout Korea ...

Polk transforms Analytic Solutions as a Service with Oracle Exadata Database Machine and Oracle Business Intelligence Foundation ...

OSC lifts OSU land speed racer toward 400-mph goal ...

SAS' 'big analytics' tackles big data, speeds problem solving ...

CSC selects SGI to advance climate forecast modelling at NOAA ...

VMware partners embrace VMware vSphere 5 and comprehensive Cloud infrastructure suite ...

NIST proposes new privacy controls for federal information systems and organisations

19 Jul 2011 Gaithersburg - With increasing dependency on information systems and advances in Cloud computing, the smart grid and mobile computing, maintaining the confidentiality and integrity of citizens' personally identifiable information is a growing challenge. A new draft document from the National Institute of Standards and Technology (NIST) addresses that challenge by adding privacy controls to the catalog of security controls used to protect federal information and information systems.

Personally identifiable information (PII) is information that is unique to an individual, such as a social security number, birth information, fingerprints and other biometrics. In the wrong hands, PII can be used in identity theft, fraud or other criminal activities. Today, more than ever, citizens are concerned that their personal information is protected as it is processed, stored and transmitted across computing Clouds or mobile devices in the federal government and in other areas such as health care and banking. Protecting PII is a key goal of the federal government.

"Strong normalized privacy controls are an essential component in the ongoing effort to build measurable privacy compliance", stated NIST Senior Internet Policy Advisor Ari Schwartz. "Certainty in controls and measures can help promote privacy, trust and greater confidence in new standards."

The new document, Privacy Control Catalog, will become Appendix J of Security Controls for Federal Information Systems and Organizations (NIST Special Publication 800-53, Revision 4). One of the foundational Federal Information Security Management Act (FISMA) documents, SP 800-53 is being updated to Revision 4 in December, 2011. SP 800-53 is also one of the Joint Task Force Transformation Initiative documents that NIST produces with the Department of Defense and the Intelligence Community.

"Privacy and security controls in federal information systems are complementary and mutually reinforcing in trying to achieve the privacy and security objectives of organisations", stated NIST Fellow Ron Ross, project leader of the FISMA Implementation Project and Joint Task Force.

Incorporating privacy controls into SP 800-53 and taking advantage of established security controls to provide a solid foundation for information security helps to ensure that privacy requirements will be satisfied in a comprehensive, cost-effective, and risk-based manner.

The new privacy appendix:

  • Provides a structured set of privacy controls, based on international standards and best practices, that help organisations enforce requirements deriving from federal privacy legislation, policies, regulations, directives, standards and guidance;
  • Establishes a linkage and relationship between privacy and security controls for purposes of enforcing respective privacy and security requirements, which may overlap in concept and in implementation within federal information systems and organisations;
  • Demonstrates the applicability of the NIST Risk Management Framework in the selection, implementation, assessment and monitoring of privacy controls deployed in federal information systems and organisations; and
  • Promotes closer co-operation between privacy and security officials within the federal government to help achieve the objectives of senior leaders/executives in enforcing the requirements in federal privacy legislation, policies, regulations, directives, standards and guidance.

In addition to the basic privacy controls in Appendix J, NIST plans to develop assessment procedures to allow organisations to evaluate the effectiveness of the controls on an ongoing basis. Standardized privacy controls and assessment procedures will provide a more disciplined and structured approach for satisfying federal privacy requirements and demonstrating compliance to those requirements, Ron Ross said.

Due to the special nature of the material in Appendix J, it is being vetted separately from other changes to the main document. The publication may be found at http://csrc.nist.gov/publications/PubsDrafts.html#SP-800-53-Appendix%20J
Source: National Institute of Standards and Technology (NIST)

Back to Table of contents

Primeur weekly 2011-07-25

Exascale supercomputing

High-Tech Consortium launches European Technology Platform for High Performance Computing ...

The Cloud

Acer to acquire US-based iGware with US$320 million for mid- to long-term investment in Cloud technology ...

Citrix acquires Cloud.com ...

Dell announces intent to acquire data centre networking expert Force10 Networks ...

IBM Federal Community Cloud to speed agency adoption of social collaboration technologies ...

State of Vermont transforms business operations with Cloud technology from IBM and Silanis ...

LEAD Technologies releases LEADTOOLS V17.5 ...

Capgemini and Microsoft plan to offer accelerated Cloud services in 22 countries ...

NIST proposes new privacy controls for federal information systems and organisations ...

Oracle buys Ksplice ...

Therap Services expands health services infrastructure with Oracle servers ...

Oracle announces Oracle Unified Directory 11g ...

Oracle introduces Oracle VM VirtualBox 4.1 ...

Oracle WebLogic Server selected by Choice Hotels to power its Cloud infrastructure and choiceADVANTAGE SaaS application ...

Desktop Grids

8th IDGF Workshop to issue Call for Participation ...

Einstein@OSG to use resources from Open Science Grid and D-Grid ...

EuroFlash

transtec and Bright Computing enter into partnership for European HPC market ...

Bull technology supporting the University of Perpignan Via Domitia ...

Cosmological evolution of dark matter is similar to that of visible matter ...

Budding engineers build a supercomputer with the Smallpeice Trust ...

USFlash

Emerson Network Power research highlights the progress of data centre infrastructure management initiatives in the U.S. ...

New line of embedded computers from Emerson Network Power offer fast, cost-effective and lower risk solutions ...

Gigamon Solutions monitors National Center for Supercomputing Applications ...

HP helps Desjardins General Insurance Group reduce costs and risk by migrating off mainframe technology ...

HP helps enterprises advance development for the Cloud ...

HP helps enterprises scale up ...

Researchers demonstrate breakthrough storage performance for big data applications ...

Next generation IBM XIV Storage System improves efficiency for demanding application workloads ...

New IBM zEnterprise mainframe server advances smarter computing for companies and governments in emerging markets and mid-size clients around the world ...

Intel to acquire Fulcrum Microsystems ...

Jaryba and Vinetech enter into a reseller agreement to sell Jaryba SmartSuspend throughout Korea ...

Polk transforms Analytic Solutions as a Service with Oracle Exadata Database Machine and Oracle Business Intelligence Foundation ...

OSC lifts OSU land speed racer toward 400-mph goal ...

SAS' 'big analytics' tackles big data, speeds problem solving ...

CSC selects SGI to advance climate forecast modelling at NOAA ...

VMware partners embrace VMware vSphere 5 and comprehensive Cloud infrastructure suite ...