An updated version of the Electronic Authentication Guideline was released by NIST last Tuesday (2/5/13) – go to http://csrc.nist.gov/publications/drafts/800-63-2/sp800_63_2_draft.pdf to view the updated draft…

The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that was established to help streamline security assessments for Cloud Service Providers (CSP).  FedRAMP strives to accelerate the adoption of secure cloud solutions by increasing confidence in the…

On July 10, 2012, the National Institute of Standards and Technology (NIST) published its draft guidelines to provide a testing framework for securely and remotely upgrading smart electrical meter firmware.  Electrosoft developed Draft NISTIR 7823 under contract to NIST in support of the Smart…

Electrosoft is actively participating in the Integrated Electronic Health Record (iEHR) initiative between the Department of Veterans Affairs (VA) and the US Department of Defense (DoD). The iEHR initiative represents a monumental opportunity for partnership and collaboration between the DoD and…

The National Institute of Standards (NIST) has developed guidelines for cloud computing and cloud security based upon extensive research for a reference architecture which includes taxonomies that define roles, services and service deployment models. Their approach has been to invite…

The Flame virus uses a MD5 collision attack to generate a rogue Microsoft digital code-signing certificate. With the certificate in hand, the virus passes the malware to Windows computers as an update from Microsoft. It is recommended that certificate authorities stop signing digital…