Karen Kent's Cyber Publications

Welcome! This site has links to all of my online cybersecurity publications. Sign up to get a weekly email update when I release something new.

Ransomware Risk Management: A Cybersecurity Framework 2.0 Community Profile

This CSF 2.0 Community Profile identifies the security outcomes from the NIST CSF 2.0 that support governing management of, identifying, protecting against, detecting, responding to, and recovering from ransomware events. The Profile can be used as a guide to managing the risk of ransomware events. That includes helping to gauge an organization’s level of readiness to counter ransomware threats and to deal with the potential consequences of events.

No SUPI-Based Paging: Applying 5G Cybersecurity and Privacy Capabilities

This white paper provides an overview of “no Subscription Permanent Identifier (SUPI) based paging,” a 5G capability for protecting users from being identified and located by an attacker. Unlike previous generations of cellular systems, new requirements in 5G standards protect subscriber confidentiality by using a temporary identity (ID) instead of SUPI for the paging protocol, and explicitly define when the temporary ID must be reallocated (refreshed).

Reallocation of Temporary Identities: Applying 5G Cybersecurity and Privacy Capabilities

This white paper describes how 5G standards have enhanced the implementation guideline to protect subscriber identities (IDs), specifically how the network reallocates temporary IDs to protect users from being identified and located by an attacker. Unlike previous generations of cellular systems, new requirements in 5G explicitly define when the temporary ID must be reallocated (refreshed).

Using Hardware-Enabled Security to Ensure 5G System Platform Integrity: Applying 5G Cybersecurity and Privacy Capabilities

This white paper provides an overview and an example of employing hardware-enabled security capabilities to provision, measure, attest to, and enforce the integrity of the compute platform to foster trust in a 5G system’s server infrastructure. It discusses security threats within computing environments and how leveraging hardware roots of trust (HRoT) and remote attestation can help mitigate specific threats.

Protecting Subscriber Identifiers with Subscription Concealed Identifier (SUCI): Applying 5G Cybersecurity and Privacy Capabilities

This white paper describes how Subscription Concealed Identifier (SUCI) protection can be enabled in 5G networks. SUCI protection is defined by 5G standards as an optional security capability for operator deployments. By enabling SUCI on their 5G networks and subscriber SIMs, and configuring SUCI to use a non-null encryption cipher scheme, 5G network operators can provide their customers with the advantages of SUCI’s protections.

Automation of the NIST Cryptographic Module Validation Program: September 2024 Status Report

NIST has undertaken the Automated Cryptographic Module Validation Project (ACMVP) to support improvement in the efficiency and timeliness of CMVP operations and processes. The goal is to demonstrate a suite of automated tools that would permit organizations to perform testing of their cryptographic products according to the requirements of FIPS 140-3, then directly report the results to NIST using appropriate protocols. This is a status report of progress made so far with the ACMVP and the planned next steps for the project.
Load More