NIST Accepting Comments on BIOS Server Security

August 28, 2012 | Filed under: Cyber | Posted by:

NIST photo

The National Institute of Standards and Technology wants public input on a draft version of guidelines for securing servers.

The agency said the servers run Basic Input/Output System software, which it says the first major program to run when one of its computers starts up.

Areas NIST wants input on include securing BIOS update processes, unauthorized updates, developing digital signatures and integrity protection.

“While laptop and desktop computers have largely converged on a single architecture for system BIOS, server class systems have a more diverse set of architectures, and more mechanisms for updating or modifying the system BIOS,” author Andrew Regenscheid said in a release.

NIST said it also wants help in developing features where no mechanisms can get around protections.

Similar to the first guideline, released in April 2011, the new version was written for server developers and information system security professionals.

Comments on the new guidelines are due to NIST Sept. 14.

The agency recently updated its draft guidelines for a cryptographic key management system, part of a larger effort to help agencies update their cryptographic algorithms.

Related posts:

  1. NIST Seeks Public’s Input on Cloud Definition, Security Guidelines
  2. NIST, Partners Aim For Interoperable Biometric Devices; Kevin Mangold Comments
  3. NIST Wants Security Beyond Passwords for Cyber Transactions
  4. NIST Updates Crypto Key Management Draft
  5. NIST Issues Agency Wi-Fi Security Guidance

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>