You are here

CSAT: A User-friendly Efficient NIST-spec Information System Development Guideline Tool

Award Information
Agency: Department of Commerce
Branch: National Institute of Standards and Technology
Contract: 70NANB19H081
Agency Tracking Number: 071-03-01 (PII)
Amount: $399,997.87
Phase: Phase II
Program: SBIR
Solicitation Topic Code: None
Solicitation Number: N/A
Solicitation Year: 2019
Award Year: 2019
Award Start Date (Proposal Award Date): 2019-09-01
Award End Date (Contract End Date): 2021-08-31
Small Business Information
320 Whittington Pkwy, Louisville, KY, 40222
DUNS: 877380530
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: Y
Principal Investigator
 Bin Xie
 (502) 371-0907
Business Contact
 Bin Xie
Phone: (502) 371-0907
Research Institution
NIST developed risk management framework and guidelines that assist agencies to implement integrated, organization‐wide programs to manage information security risk, and further developed Cloud Security Architecture Tool (CSAT) to facilitate in this matter. However, NIST’s CSAT needs further improvement and implementation of new functions such that it can be commercialized as an Enterprise‐grade product. In this project, InfoBeyond advocates the development of a user‐friendly, efficient, reliable, and generic CSAT. Our CSAT will be delivered: (i) an Enterprise CSAT standalone version, and (ii) a CSAT Cloud version. Specifically, our CSAT is built over a Java Spring and Angular Web –based architecture to support state‐of‐the‐art operational flexibility through user‐friendly GUI. It overcomes the NIST’s CSAT limitations such as an outdated Windows‐based software architecture. In such an architecture, our CSAT efforts are two‐fold: (i) Enhancement of the existing NIST's CSAT functions, (ii) Implementation of new functions. More specifically, our CSAT enhances the NIST’s CSAT functions, such as report composition and generation, heatmap, and user interfaces. Meanwhile, our CSAT implements new features, e.g., collaborative user mode for generating the guideline report. All these improvements and the new features facilitate government agencies’ adoption of secure cloud solution effectively.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government