Difference between revisions of "National Institute of Standards and Technology (NIST)"
m (→AI Assurance Program) |
m (→AI Assurance Program) |
||
Line 24: | Line 24: | ||
* On January 26, 2023, NIST released the [https://airc.nist.gov/AI_RMF_Knowledge_Base/AI_RMF AI Risk Management Framework (AI RMF 1,0)] along with a companion [https://airc.nist.gov/AI_RMF_Knowledge_Base/Playbook NIST AI RMF Playbook], [https://www.nist.gov/video/introduction-nist-ai-risk-management-framework-ai-rmf-10-explainer-video AI RMF Explainer Video], an [https://www.nist.gov/itl/ai-risk-management-framework/roadmap-nist-artificial-intelligence-risk-management-framework-ai AI RMF Roadmap], [https://www.nist.gov/itl/ai-risk-management-framework/crosswalks-nist-artificial-intelligence-risk-management-framework AI RMF Crosswalk], and various [https://www.nist.gov/itl/ai-risk-management-framework/perspectives-about-nist-artificial-intelligence-risk-management Perspectives]. | * On January 26, 2023, NIST released the [https://airc.nist.gov/AI_RMF_Knowledge_Base/AI_RMF AI Risk Management Framework (AI RMF 1,0)] along with a companion [https://airc.nist.gov/AI_RMF_Knowledge_Base/Playbook NIST AI RMF Playbook], [https://www.nist.gov/video/introduction-nist-ai-risk-management-framework-ai-rmf-10-explainer-video AI RMF Explainer Video], an [https://www.nist.gov/itl/ai-risk-management-framework/roadmap-nist-artificial-intelligence-risk-management-framework-ai AI RMF Roadmap], [https://www.nist.gov/itl/ai-risk-management-framework/crosswalks-nist-artificial-intelligence-risk-management-framework AI RMF Crosswalk], and various [https://www.nist.gov/itl/ai-risk-management-framework/perspectives-about-nist-artificial-intelligence-risk-management Perspectives]. | ||
− | == <span id="AI Assurance | + | == <span id="AI Assurance Programs"></span>AI Assurance Programs == |
* [[Risk, Compliance and Regulation]] ... [[Ethics]] ... [[Privacy]] ... [[Law]] ... [[AI Governance]] ... [[AI Verification and Validation]] | * [[Risk, Compliance and Regulation]] ... [[Ethics]] ... [[Privacy]] ... [[Law]] ... [[AI Governance]] ... [[AI Verification and Validation]] | ||
* [https://venturebeat.com/ai/microsoft-unveils-azure-openai-service-for-government-ai-customer-commitments/ Microsoft unveils Azure OpenAI Service for government & AI customer commitments | Carl Franzen - Venture Beat] ... Azure OpenAI Service REST APIs, which allow government customers to build new applications or connect existing ones to OpenAI’s GPT-4, GPT-3, and Embeddings | * [https://venturebeat.com/ai/microsoft-unveils-azure-openai-service-for-government-ai-customer-commitments/ Microsoft unveils Azure OpenAI Service for government & AI customer commitments | Carl Franzen - Venture Beat] ... Azure OpenAI Service REST APIs, which allow government customers to build new applications or connect existing ones to OpenAI’s GPT-4, GPT-3, and Embeddings |
Revision as of 12:36, 12 June 2023
YouTube ... Quora ...Google search ...Google News ...Bing News
Contents
Artificial Intelligence (AI)
- On March 30, 2023 NIST launched the Trustworthy and Responsible AI Resource Center, which will facilitate implementation of, and international alignment with, the AI Risk Management Framework (AI RMF).
- On January 26, 2023, NIST released the AI Risk Management Framework (AI RMF 1,0) along with a companion NIST AI RMF Playbook, AI RMF Explainer Video, an AI RMF Roadmap, AI RMF Crosswalk, and various Perspectives.
AI Assurance Programs
- Risk, Compliance and Regulation ... Ethics ... Privacy ... Law ... AI Governance ... AI Verification and Validation
- Microsoft unveils Azure OpenAI Service for government & AI customer commitments | Carl Franzen - Venture Beat ... Azure OpenAI Service REST APIs, which allow government customers to build new applications or connect existing ones to OpenAI’s GPT-4, GPT-3, and Embeddings
- Microsoft to launch AI Assurance Program as one of three commitments for responsible AI | Amber Hickman - Technology Record
Microsoft's program will help customers ensure that the AI applications they deploy on Microsoft’s platforms comply with legal and regulatory requirements for responsible AI. It will include elements such as regulator engagement support, implementation of the AI Risk Management Framework published by the U.S. National Institute of Standards and Technology (NIST), customer councils for feedback, and regulatory advocacy.
“Ensuring the right guardrails for the responsible use of AI will not be limited to technology companies and governments; every organisation that creates or uses AI systems will need to develop and implement its own governance systems,” said Antony Cook, corporate vice president and deputy general counsel at Microsoft.
The program will focus on regulator engagement support that will apply what Microsoft calls the ‘KY3C’ approach: know your cloud, customer and content. Microsoft will also provide a risk framework implementation, customer councils and regulatory advocacy for governments and stakeholders, which involves a blueprint from Microsoft’s vice chair and president Brad Smith.
Risk Management
- Risk, Compliance and Regulation
- Capabilities
- Cybersecurity References
- Offense - Adversarial Threats/Attacks
- Cybersecurity Frameworks, Architectures & Roadmaps
- Cybersecurity Companies/Products
- Radial Basis Function Network (RBFN)
- Quantum Cryptographic Technology
- Federal Risk and Authorization Management Program (FedRAMP) | NIST
- Cybersecurity Framework | NIST
- AI Risk Management Framework (AI RMF 1.0 | NIST
- NIST Selects ‘Lightweight Cryptography’ Algorithms to Protect Small Devices | Chad Boutin - NIST ... The algorithms are designed to protect data created and transmitted by the Internet of Things and other small electronics. The winner, a group of cryptographic algorithms called Ascon, will be published as NIST’s lightweight cryptography standard later in 2023
- NIST Launches New Trustworthy and Responsible AI Resource Center: Includes First Version of AI Risk Management Framework Playbook
- Positioning, Navigation and Timing (PNT)
Post-Quantum Cryptography (PQC)
- Quantum Cryptography
- Side Channel Attack (SCA)
- Migrating to Post-Quantum Cryptography | The White House
- Quantum apocalypse: Experts warn of ‘store now, decrypt later’ hacks | Leigh McGowran - Silicon Republic
- The impact of Quantum Computing on cybersecurity | Forta Tripwire
- Post Quantum Solutions
In cryptography, post-quantum cryptography (PQC) (sometimes referred to as quantum-proof, quantum-safe or quantum-resistant) refers to cryptographic algorithms (usually public-key algorithms) that are thought to be secure against a cryptanalytic attack by a quantum computer. The problem with currently popular algorithms is that their security relies on one of three hard mathematical problems: the integer factorization problem, the discrete logarithm problem or the elliptic-curve discrete logarithm problem. All of these problems could be easily solved on a sufficiently powerful quantum computer running Shor's algorithm. Even though current quantum computers lack processing power to break any real cryptographic algorithm, many cryptographers are designing new algorithms to prepare for a time when quantum computing becomes a threat. This work has gained greater attention from academics and industry through the PQCrypto conference series since 2006 and more recently by several workshops on Quantum Safe Cryptography hosted by the European Telecommunications Standards Institute (ETSI) and the Institute for Quantum Computing. In contrast to the threat quantum computing poses to current public-key algorithms, most current symmetric cryptographic algorithms and hash functions are considered to be relatively secure against attacks by quantum computers. While the quantum Grover's algorithm does speed up attacks against symmetric ciphers, doubling the key size can effectively block these attacks. Thus post-quantum symmetric cryptography does not need to differ significantly from current symmetric cryptography. - Wikipedia
Quantum Apocalypse: Store Now, Decrypt Later (DNDL) ... stealing data now to decrypt it in future, as quantum computing could render modern encryption methods obsolete
NIST Standardization process for PQC
- Post-Quantum Cryptography (PQC) | NIST
- National Security Agency (NSA)
- NIST winners and will ratify standards in 2024
- Multiple global rounds since 2015 led to NIST announcing winners in July 22 - four algorithms:
- CRYSTALS-KYBER was chosen by NIST as the new standard for public-key encryption/KEMs
- Falcon, CRYSTALS-Dilithium and SPHINCS+ will all be standardized for digital signatures
- There are more algorithms under consideration too, so the process continues