CBP testing mobile biometrics
July 30, 2015
Results of the Biometric Exit Mobile Air Test could form the basis of a new DHS entry-exit system.
David Stegon was a staff reporter for FedScoop and StateScoop from 2011-2014.
The National Institute of Standards and Technology released draft guidelines for securing mobile devices and is requesting comments through December 14.
The draft, "Guidelines on Hardware-Rooted Security in Mobile Devices," defines the fundamental security components and capabilities needed to enable more secure use of products.
"Many current mobile devices lack a firm foundation from which to build security and trust," said NIST lead for hardware-rooted security Andrew Regenscheid, one of the publication's authors. "These guidelines are intended to help designers of next-generation mobile phones and tablets improve security through the use of highly trustworthy components, called roots of trust, that perform vital security functions."
On laptop and desktop systems, these roots of trust are often implemented in a separate security computer chip that cannot be tampered with, but the power and space constraints in mobile devices could lead manufacturers to pursue other approaches such as leveraging security features built into the processors these products use, he said.
The NIST guidelines are centered on three security capabilities to address known mobile device security challenges, including device integrity, isolation and protected storage.
To attain the security capabilities, the guidelines recommend that every mobile device implement three security components that can be used by the device's operating system and its applications.