NIST Seeks Comment by Nov. 15 on Interdomain Traffic Exchange Security

The National Institute of Standards and Technology sought comment by Nov. 15 on a revised draft of Federal Information Security Modernization Act-mandated guidance for technologies that improve security and robustness of interdomain traffic exchange. NIST recommends resource public key infrastructure, border gateway protocol origin validation, and prefix filtering. The agency recommends preventing IP address spoofing using source address validation with access control lists, and unicast reverse path forwarding to prevent and mitigate distributed denial-of-service attacks. NIST recommends remotely triggered black hole filtering, flow specification, and response rate limiting.