U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PROJECTS/PROGRAMS

High Assurance Domains

Share

Summary

 

NIST is working with the Internet industry to design, standardize and foster deployment of technologies to improve the security and robustness of enterprise networks and the core Internet technologies upon which they relay.  The High Assurance Domains (HAD) project is currently focused on (1) the Domain Name System (DNS) is the ubiquitous naming infrastructure for the global Internet; (2) enterprise electronic mail systems; and (3) Zero Trust Network architecture.  

Description

High Assurance Domains Infor Graphic

The objectives of NIST’s High Assurance Domains (HAD) project are to design, standardize and foster wide scale adoption of technologies to improve the security, robustness and privacy of the Internet’s Domain Name System.  A second dimension of the NIST’s effort is to explore ways to leverage a trustworthy global naming service to address other issues in Internet security and scalable trust infrastructures.

 

Major Accomplishments

  • 2022 - NIST published research on the use of machine learning to detect botnet DNS abuse.
  • 2020 - NIST, in collaboration with the Federal CIO Council, develops and publishes a Zero Trust Architecture reference.
  • 2017 – NIST, in collaboration with the NCCoE, develops and issues guidance on DNS Based Electronic Mail Security guidance.
  • 2017 – NIST develops and issues Trustworthy Email guidance document (NIST SP-800-177r1).
  • 2016 – NIST develops and deploys online test systems for DANE and DMARC enabled email technologies.
  • 2013 – NIST issues revised Secure DNS Deployment Guide (NIST SP-800-81r1)
    DoC Gold Medal
  • 2009 – NIST, in collaboration with NTIA develops requirements for DNSSEC deployment at the root of global DNS deploys DNSSEC.  DNS root DNSSEC signed for the first time.  NTIA and HAD project team awarded DoC Gold Medal .
  • 2009 – NIST deployment guidance and test tools enable  .gov to be the first GTLD to operationally deploy DNSSEC.
  • 2009 - NIST works with GSA and OMB to ensure the safety of initial .gov DNSSEC deployment.   HAD project team awarded DoC Gold Medal .
  • 2008 – NIST issues first Secure DNS Deployment Guide (NIST SP-800-81).
  • 2006 – NIST develops and deploys first DNSSEC zone integrity test tool to assist early adopters.
  • 2005 – NIST coauthors set of basic IETF DNSSEC RFCs.

For further details on NIST accomplishments, contributions and impact, see Associated Products .

Advanced communications, Information technology, Cybersecurity, Interoperability testing, Networking, Network modeling and analysis, Network security and robustness, Network test and measurement, Next generation networks and Protocol design and standardization
Created August 14, 2016, Updated April 5, 2022