Building Blocks

Building blocks address broad technology gaps that affect multiple sectors. These projects rely on insight and passion from members of various industries who share a common goal of meeting a particular cybersecurity need. Below are the NCCoE's building block projects. If you're interested in learning more about a building block, or you would like to engage with the center to help develop a new building block, contact us today.

Attribute-Based Access Control (ABAC)

An attribute exchange platform that provides fine-grained access control to data, systems, and networks— both in and among enterprises—based on a person’s title, division, certifications, and other characteristics. Learn more about this project.

Data Integrity

Recovers operating systems, databases, user files, applications, and software/system configurations from malware, malicious insider attacks, or honest mistakes; also explores the issues of auditing and reporting to support recovery and investigations. Learn more about this project.

Derived PIV Credentials

Enables personal ientity verification (PIV) -based access to secured information and resources on mobile devices. Learn more about this project.

DNS-Based Secured Email

Prevents unauthorized parties from reading or modifying an organization's email, or using it as a vector for malware, by using the Domain Name System (DNS)-Based Authentication of Named Entities (DANE) protocol. Learn more about this project.

Enterprise-class protection for organization-issued and personally owned mobile platforms that access corporate networks. Learn more about this project.

Privacy-Enhanced Identity Brokers

Integrates privacy-enhancing technologies into identity broker solutions to meet the privacy objectives of users and organizations. Learn more about this project.

Secure Inter-Domain Routing

Implementing BGP Route Origin Validation (ROV) based upon the Resource Public Key Infrastructure (RPKI) can mitigate accidental and malicious attacks associated with route hijacking. Learn more about this project.

Trusted Geolocation in the Cloud

A way to determine the physical location of cloud computing servers to monitor and control workloads, anticipate and mitigate risks, and reduce the likelihood that unauthorized parties will obtain data. Learn more about this project.