The draft 'Guide to Bluetooth Security', which is a revision of the original guide released in September 2008, describes the security capabilities of technologies based on Bluetooth, which is an open standard for short-range radio frequency communication, and provides recommendations to organizations on securing devices effectively.
Significant changes from the original version include an update to the vulnerability mitigation information for secure simple pairing, which helps protect against eavesdropping, and the introduction of Bluetooth version 3.0 high-speed and Bluetooth version 4.0 low-energy security mechanisms and recommendations, NIST explained. Version 3.0 provides data-rate improvements over previous versions of Bluetooth, while 4.0 is designed for smaller, resource-constrained devices like heart rate monitors and other wearable medical sensor networks.
The draft 'Guidelines for Securing Wireless Local Area Networks' provides organizations with recommendations for improving the security configuration and monitoring of their WLANs and devices connecting to those networks, NIST explained.
The draft publication’s recommendations cover topics such as standardized WLAN security configurations, security assessments, and continuous monitoring. The WLAN publication is a new document that supplements but does not replace older publications on WLAN security, according to NIST.
Public comments can be submitted via email by the Nov. 10 deadline. For the Bluetooth publication (SP 800-121), send comments to 800-121comments@nist.gov, with "Comments on SP 800-121" in the subject line. For the WLAN publication (SP 800-153), send comments to 800-153comments@nist.gov, with "Comments on SP 800-153" in the subject line.