FEDERAL INFORMATION PROCESSING STANDARDS PUBLICATION |
SP 800-53 Rev. 5 DRAFT Security and Privacy Controls for Federal Information Systems and Organizations | SP 800-191 DRAFT The NIST Definition of Fog Computing |
SP 800-183
Networks of 'Things' |
White Paper (DRAFT) [Project Description] Mitigating IoT-based Automated Distributed Threats |
||
Jul 13, 2017 DRAFT Application Container Security Guide (2nd Draft) |
Jul 18, 2017 DRAFT Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher |
Aug 01, 2017 DRAFT Security Assurance Challenges for Container Deployment NIST requests comments on the release of Draft NISTIR 8176, Security Assurance Requirements for Linux Application Container Deployments. |
Aug 01, 2017 DRAFT National Checklist Program for IT Products: Guidelines for Checklist Users and Developers |
Aug 07, 2017 DRAFT Recommendation for Key Derivation through Extraction-then-Expansion |
Aug 07, 2017 DRAFT Recommendation for Pair-Wise Key-Establishment Schemes Using Discrete Logarithm Cryptography |
Apr 26, 2017 DRAFT Profiles for the Lightweight Cryptography Standardization Process |
Apr 28, 2017 DRAFT [Project Description] Securing Property Management Systems: Cybersecurity for the Hospitality Sector |
May 08, 2017 DRAFT Securing Wireless Infusion Pumps in Healthcare Delivery Organizations |
May 12, 2017 DRAFT The Cybersecurity Framework: Implementation Guidance for Federal Agencies |
May 30, 2017 DRAFT Platform Firmware Resiliency Guidelines |
Jul 10, 2017 DRAFT Criticality Analysis Process Model: Prioritizing Systems and Components |
Jan 30, 2017 DRAFT Digital Identity Guidelines |
Feb 02, 2017 DRAFT Identifying Uniformity with Entropy and Divergence
|
Feb 16, 2017 DRAFT Situational Awareness for Electric Utilities |
Mar 20, 2017 DRAFT Cybersecurity Framework Manufacturing Profile (Final Draft) |
Mar 31, 2017 DRAFT Digital Identity Guidelines (Revised Draft) |
Apr 10, 2017 DRAFT Application Container Security Guide |
Nov 02, 2016 DRAFT NICE Cybersecurity Workforce Framework (NCWF): National Initiative for Cybersecurity Education |
Nov 07, 2016 DRAFT [Project Description] Capabilities Assessment for Securing Manufacturing Industrial Control Systems |
Nov 21, 2016 DRAFT Guide to LTE Security |
Dec 15, 2016 DRAFT De-Identifying Government Datasets (2nd Draft) |
an 10, 2017 DRAFT Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1 |
Jan 23, 2017 DRAFT An Introduction to Information Security |
Sep 22, 2016 DRAFT Systems Security Engineering Guideline: An Integrated Approach to Building Trustworthy Resilient Systems |
Sep 30, 2016 DRAFT Vulnerability Description Ontology (VDO): a Framework for Characterizing Vulnerabilities |
Sep 30, 2016 DRAFT Developing Trust Frameworks to Support Identity Federations |
Oct 04, 2016 DRAFT Dramatically Reducing Software Vulnerabilities: Report to the White House Office of Science and Technology Policy |
Oct 17, 2016 DRAFT Guide to Bluetooth Security |
Nov 02, 2016 DRAFT Domain Name Systems-Based Electronic Mail Security |
Aug 16, 2016 DRAFT Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations |
Aug 25, 2016 DRAFT De-Identifying Government Datasets |
Sep 07, 2016 DRAFT Cybersecurity Framework Manufacturing Profile |
Sep 12, 2016 DRAFT Assessing Threats to Mobile Devices & Infrastructure: the Mobile Threat Catalogue |
Sep 13, 2016 DRAFT [Project Description] Authentication for Law Enforcement Vehicle Systems |
Sep 15, 2016 DRAFT Baldrige Cybersecurity Excellence Builder: Key questions for improving your organization's cybersecurity performance |
Jul 18, 2016 DRAFT SCAP 1.3 Component Specification Version Updates: An Annex to NIST Special Publication 800-126 Revision 3 |
Jul 18, 2016 DRAFT The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.3 |
Jul 27, 2016 DRAFT [Project Description] Mobile Application Single Sign-On: for Public Safety and First Responders |
Aug 01, 2016 DRAFT Attribute Metadata |
Aug 04, 2016 DRAFT SHA-3 Derived Functions: cSHAKE, KMAC, TupleHash, and ParallelHash |
Aug 11, 2016 DRAFT Report on Lightweight Cryptography |
May 9, 2016 DRAFT Project Description--Securing Non-Credit Card, Sensitive Consumer Data: Consumer Data Security for the Retail Sector |
June 1, 2016 DRAFT Mobile Application Vetting Services for Public Safety |
Jun. 6, 2016 DRAFT Guide for Cybersecurity Event Recovery |
Jun. 6, 2016 DRAFT [Concept Paper] Identity and Access Management for Smart Home Devices |
Jun 06, 2016 DRAFT Guide for Cybersecurity Event Recovery |
Jun 23, 2016 DRAFT Guide to Securing Apple OS X 10.10 Systems for IT Professionals: A NIST Security Configuration Checklist |
Apr. 12, 2016 DRAFT LTE Architecture Overview and Security Analysis
|
Apr. 13, 2016 DRAFT Recommendation for Random Bit Generator (RBG) Constructions (Second Draft) |
Apr. 21, 2016 DRAFT Guide to Cyber Threat Information Sharing (Second Draft)
|
May 4, 2016 DRAFT Systems Security Engineering: An Integrated Approach to Building Trustworthy Resilient Systems (Second Draft) |
May 8, 2016 PRE-DRAFT: Digital Authentication Guideline (Public Preview) |
May 9, 2016 DRAFT Project Description--Multifactor Authentication for e-Commerce: Online Authentication for the Retail Sector |
Mar. 11, 2016 DRAFT Guideline for Using Cryptographic Standards in the Federal Government: Cryptographic Mechanisms |
Mar. 14, 2016 DRAFT Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security |
Mar. 14, 2016 DRAFT User's Guide to Telework and Bring Your Own Device (BYOD) Security |
Mar. 14, 2016 DRAFT Guide to Data-Centric System Threat Modeling |
Mar. 29, 2016 DRAFT Trustworthy Email (Second Draft) |
Apr. 5, 2016 DRAFT Guideline for Using Cryptographic Standards in the Federal Government: Directives, Mandates and Policies |
Feb. 5, 2016 DRAFT Best Practices for Privileged User PIV Authentication |
Feb. 8, 2016 DRAFT Derived PIV Application and Data Model Test Guidelines |
Feb 16, 2016 DRAFT Primitives and Elements of Internet of Things (IoT) Trustworthiness |
Feb. 17, 2016 DRAFT Advanced Identity Workshop on Applying Measurement Science in the Identity Ecosystem: Summary and Next Steps |
Feb. 18, 2016 DRAFT NIST Definition of Microservices, Application Containers and System Virtual Machines |
Feb. 23, 2016 PRE-DRAFT Call for Comments: Security and Privacy Controls for Federal Information Systems and Organizations |
Dec. 17, 2015 DRAFT Forming Common Platform Enumeration (CPE) Names from Software Identification (SWID) Tags |
Dec. 28, 2015 DRAFT A Recommendation for the Use of PIV Credentials in Physical Access Control Systems (PACS) |
Dec. 29, 2015 DRAFT Representation of PIV Chain-of-Trust for Import and Export |
Jan. 27, 2016 DRAFT Draft SP 800-90 Series: Random Bit Generators |
Feb. 2, 2016 DRAFT Automation Support for Security Control Assessments |
Feb. 3, 2016 DRAFT Report on Post-Quantum Cryptography |
Oct. 29, 2015 DRAFT IT Asset Management |
Nov. 5, 2015 DRAFT Mobile Device Security: Cloud & Hybrid Builds |
Nov. 19, 2015 DRAFT Usability and Security Considerations for Public Safety Mobile Authentication |
Nov. 23, 2015 DRAFT Building Block--Data Integrity: Reducing the Impact of Attack |
Dec. 2, 2015 DRAFT A Comparison of Attribute Based Access Control (ABAC) Standards for Data Services: Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC) |
Dec. 17, 2015 DRAFT (Fourth & Final Draft) Guidelines for the Creation of Interoperable Software Identification (SWID) Tags |
Aug 31, 2015 DRAFT (THIRD Draft) Guidelines for the Creation of Interoperable Software Identification (SWID) Tags |
Sep 10, 2015 DRAFT Recommendation for Key Management: Part 1: General (Revision 4) |
Sept. 18, 2015 DRAFT Security Content Automation Protocol (SCAP) Version 1.2 Validation Program Test Requirements |
Sep. 28, 2015 DRAFT Trustworthy Email |
Sep. 29, 2015 DRAFT Attribute Based Access Control |
Sep. 29, 2015 DRAFT Secure Virtual Network Configuration for Virtual Machine (VM) Protection |
July 14, 2015 DRAFT Derived Personal Identity Verification (PIV) Credentials (DPC) Proof of Concept Research |
July 15, 2015 DRAFT (Second Draft) Trusted Geolocation in the Cloud: Proof of Concept Implementation |
July 22, 2015 DRAFT (Second Draft) Guidelines for the Creation of Interoperable Software Identification (SWID) Tags |
July 28, 2015 DRAFT Securing Electronic Health Records on Mobile Devices |
Aug. 10, 2015 DRAFT Report on Strategic U.S. Government Engagement in International
Standardization to Achieve U.S. Objectives for Cybersecurity (2 Volumes): |
Aug 25, 2015 DRAFT Identity and Access Management for Electric Utilities |
May 28, 2015 DRAFT Privacy Risk Management for Federal Information Systems |
May 29, 2015 DRAFT Guidelines for the Creation of Interoperable Software Identification (SWID) Tags |
Jun. 8, 2015 DRAFT PIV Card Application and Middleware Interface Test Guidelines (SP 800-73-4 Compliance) |
Jun. 2015 Recommendation for Random Number Generation Using Deterministic Random Bit Generators |
Jun. 2015 Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations) |
July 10, 2015 DRAFT Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths |
Feb. 9, 2015
DRAFT Guide to Industrial Control Systems (ICS) Security (Second and Final Draft) |
Mar. 4, 2015 DRAFT Security of Automated Access Management Using Secure Shell (SSH) |
Mar. 26, 2015 DRAFT National Checklist Program for IT Products - Guidelines for Checklist Users and Developers |
Apr. 2, 2015 DRAFT Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations (Final Public Draft) |
Apr. 6, 2015 DRAFT De-Identification of Personally Identifiable Information |
May 1, 2015 DRAFT Security Content Automation Protocol (SCAP) Version 1.2 Content Style Guide: Best Practices for Creating and Maintaining SCAP 1.2 Content |
Oct. 28, 2014 DRAFT Guide to Cyber Threat Information Sharing |
Nov. 18, 2014 DRAFT Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations |
Nov. 21, 2014 DRAFT Recommendation for Random Number Generation Using Deterministic Random Bit Generators |
Dec. 16, 2014 DRAFT Small Business Information Security: The Fundamentals |
Dec. 18, 2014 DRAFT A Profile for U. S. Federal Cryptographic Key Management Systems (CKMS) (Third Draft) |
Jan. 23, 2015 DRAFT NIST Cryptographic Standards and Guidelines Development Process (Second Draft) |
Aug 19, 2014 DRAFT Technical Considerations for Vetting 3rd Party Mobile Applications |
Aug. 21, 2014 DRAFT Security of Automated Access Management Using Secure Shell (SSH) |
Aug. 22, 2014 DRAFT Guide to Application Whitelisting |
August 28, 2014 DRAFT Appendix H: Security and Privacy Controls for Federal Information Systems and Organizations |
Sept. 10, 2014 DRAFT Risk Management for Replication Devices |
Oct. 20, 2014 DRAFT Security Recommendations for Hypervisor Deployment
|
Jun 2, 2014 DRAFT Guidelines for the Authorization of Personal Identity Verification Card Issuers (PCI) and Derived PIV Credential Issuers (DPCI) |
Jun. 3, 2014 DRAFT Supply Chain Risk Management Practices for Federal Information Systems and Organizations (Second Draft) |
Jun. 23, 2014
DRAFT NIST Cloud Computing Forensic Science Challenges |
July 15, 2014
DRAFT Considerations for Identity Management in Public Safety Mobile Networks |
July 31, 2014 DRAFT Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans |
Aug. 6, 2014 DRAFT PIV Data Model Conformance Test Guidelines |
May 12, 2014 DRAFT Systems Security Engineering: An Integrated Approach to Building Trustworthy Resilient Systems |
May 14, 2014 DRAFT Guide to Industrial Control Systems (ICS) Security |
May 19, 2014 DRAFT Interfaces for Personal Identity Verification (3 Parts) |
May 19, 2014 DRAFT Cryptographic Algorithms and Key Sizes for Personal Identity Verification |
May 28, 2014 DRAFT SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions |
May 29, 2014
DRAFT Reference Certificate Policy (Second Draft) |
Oct. 25, 2013 DRAFT Guidelines for Smart Grid Cybersecurity: |
Dec 13, 2013 DRAFT Cardholder Authentication for the PIV Digital Signature Key |
Jan 7, 2014 DRAFT A Profile for U. S. Federal Cryptographic Key Management Systems (CKMS) |
Apr 4, 2014
DRAFT SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions |
Apr. 21, 2014 SP 800-90 A Rev. 1 (2nd Draft) DRAFT Recommendation for Random Number Generation Using Deterministic Random Bit Generators |
May 5, 2014 DRAFT Recommendation for Key Management: Part 3 - Application-Specific Key Management Guidance |
Aug. 16, 2013 DRAFT Supply Chain Risk Management Practices for Federal Information Systems and Organizations |
Sep. 4, 2013 DRAFT CVSS Implementation Guidance |
Sep. 4, 2013 DRAFT Guidelines on Mobile Device Forensics |
Sep. 9, 2013 DRAFT Draft SP 800-90 Series: Random Bit Generators |
Sep. 24, 2013 DRAFT Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations |
Oct. 24, 2013 DRAFT A Role-Based Model for Federal Information Technology / Cyber
Security Training (2nd public draft) |
Feb. 5, 2013 DRAFT Security and Privacy Controls for Federal Information Systems and Organizations (Final Public Draft) |
April 2013 DRAFT Reference Certificate Policy |
April 22, 2013 DRAFT Guide to Attribute Based Access Control (ABAC) Definition and Considerations |
May 13, 2013 DRAFT Interfaces for Personal Identity Verification (3 Parts) |
May 13, 2013 DRAFT Cryptographic Algorithms and Key Sizes for Personal Identity Verification |
July 8, 2013 DRAFT Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption |
Sept. 27, 2012 DRAFT Security Content Automation Protocol (SCAP) Version 1.0 Validation Program Test Requirements |
Sept. 27, 2012 DRAFT Security Content Automation Protocol (SCAP) Version 1.2 Validation Program Test Requirements |
Oct. 31, 2012 DRAFT Guidelines on Hardware-Rooted Security in Mobile Devices |
Dec. 6, 2012 DRAFT Glossary of Key Information Security Terms |
Dec. 21, 2012 DRAFT Trusted Geolocation in the Cloud: Proof of Concept Implementation |
Feb. 1, 2013 DRAFT Electronic Authentication Guideline |
August 8, 2012 DRAFT A Profile for U. S. Federal Cryptographic Key Management Systems (CKMS) |
Aug 20, 2012 DRAFT Recommendation for Pair-Wise Key-Establishment Schemes Using Discrete Logarithm Cryptography (Draft Revision) |
Sept. 5, 2012 DRAFT Guide to Enterprise Patch Management Technologies |
Sept. 5, 2012 DRAFT Recommendation for the Entropy Sources Used for Random Bit Generation |
Sept. 5, 2012 DRAFT Recommendation for Random Bit Generator (RBG) Constructions |
Sept. 6, 2012 DRAFT Guidelines for Media Sanitization |
Jul. 9, 2012 DRAFT Biometric Data Specification for Personal Identity Verification |
Jul 10, 2012 DRAFT Advanced Metering Infrastructure Smart Meter Upgradeability Test Framework |
Jul 10, 2012 DRAFT Guidelines for Managing and Securing Mobile Devices in the Enterprise |
July 25, 2012 DRAFT Guide to Malware Incident Prevention and Handling for Desktops and Laptops |
July 25, 2012 DRAFT Guide to Intrusion Detection and Prevention Systems (IDPS) |
July 30, 2012 DRAFT BIOS Protection Guidelines for Servers |
Mar. 23, 2012 DRAFT Notional Supply Chain Risk Management Practices for Federal Information Systems
ENTWURF Fiktive Supply Chain Risk Management Practices für die Federal Information Systems
|
Apr. 4, 2012 DRAFT Security Content Automation Protocol (SCAP) Version 1.0 Validation Program Test Requirements ENTWURF Security Content Automation Protocol (SCAP) Version 1.0 Validation
Program Prüfanforderungen |
April 10, 2012 DRAFT Proposed Change Notice for Digital Signature Standard (DSS)
Entwurf vorgeschlagen Änderungsmitteilung für Digital Signature Standard (DSS) |
Apr. 13, 2012 DRAFT A Framework for Designing Cryptographic Key Management Systems |
May 7, 2012 DRAFT Specification for the Asset Summary Reporting Format 1.0 |
Jul 9, 2012 DRAFT Personal Identity Verification (PIV) of Federal Employees and Contractors (REVISED DRAFT) |
Jan. 6, 2012 DRAFT Continuous Monitoring Reference Model Workflow, Subsystem, and Interface Specifications
ENTWURF
Kontinuierliche Überwachung Reference
Model Workflow, Subsystem
und Schnittstellen-Spezifikationen |
Jan. 6, 2012 DRAFT A Credential Reliability and Revocation Model for Federated Identities
Entwurf einer
Credential Zuverlässigkeit
und Widerruf Modell für
Federated Identities |
Jan. 6, 2012 DRAFT Guide to Adopting and Using the Security Content Automation Protocol (SCAP) Version 1.2
Entwurf des Leitfadens
auf die Annahme und Verwendung des
Security Content Automation Protocol
(SCAP) Version 1.2 |
Jan. 20, 2012
DRAFT Applying the Continuous Monitoring Technical Reference Model to the Asset, Configuration, and Vulnerability Management Domains
ENTWURF Anwendung
der kontinuierlichen Überwachung
Technical Reference Model für
das Asset-, Konfigurations-und
Vulnerability Management Domains |
Jan. 31, 2012 DRAFT Computer Security Incident Handling Guide
ENTWURF Computer Security Incident Handling-Führer |
Feb. 28, 2012 DRAFT Security and Privacy Controls for Federal Information Systems and Organizations (Initial Public Draft)
ENTWURF Security and Privacy Controls für Federal Information Systeme und Organisationen (Initial Public Draft) |
Sept. 26, 2011 DRAFT Guidelines for Securing Wireless Local Area Networks (WLANs) Entwurf von Leitlinien zur Sicherung der Wireless Local Area Networks (WLANs |
Sept. 27, 2011 DRAFT Guide to Bluetooth SecurityEntwurf des Leitfadens zur Bluetooth-Sicherheit |
Nov. 17, 2011
DRAFT Security Content Automation Protocol (SCAP) Version 1.0 Validation Program Test Requirements ENTWURF Security Content Automation Protocol (SCAP) Version 1.0 Validation Program Prüfanforderungen |
Dec. 6, 2011 DRAFT Common Remediation Enumeration (CRE) Version 1.0
Entwurf eines gemeinsamen
Remediation-Enumeration (CRE) Version 1.0
|
Dec. 8, 2011 DRAFT BIOS Integrity Measurement Guidelines |
Jan. 6, 2012 DRAFT CAESARS Framework Extension: An Enterprise Continuous Monitoring Technical Reference Architecture ENTWURF
CAESARS Framework Extension:Ein
Enterprise Kontinuierliche Überwachung
Technical Reference rchitecture |
July 27, 2011 DRAFT Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2 |
July 27, 2011 DRAFT Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher
Entwurf einer Empfehlung
für den Triple Data |
Aug. 1, 2011 DRAFT Recommendation for Cryptographic Key Generation
Entwurf einer Empfehlung für Cryptographic Schlüssel (Key) Generation |
Aug. 11, 2011 DRAFT Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping
Entwurf einer Empfehlung für Block Cipher Betriebsmodi: Methoden für Key Wrapping |
Sept. 14, 2011 DRAFT Recommendation for Applications Using Approved Hash Algorithms
Entwurf einer Empfehlung für Anwendungen mit Hilfe von Approved Hash-Algorithmen |
Sept. 19, 2011 DRAFT Guide for Conducting Risk Assessments
Entwurf des Leitfadens für die Durchführung Risk Assessments |
Jun. 3, 2011 DRAFT Common Platform Enumeration: Applicability Language Specification Version 2.3 Entwurf einer gemeinsamen Plattform Enumeration: Anwendbarkeit Language Specification Version 2.3 |
June 28, 2011 DRAFT Electronic Authentication Guideline
Entwurf des elektronischen Authentifizierung Guideline |
July 12, 2011 DRAFT (2nd Draft) Recommendation for Key Derivation through Extraction-then-Expansion
ENTWURF
(2. Entwurf) Empfehlung
für Key |
July 12, 2011 DRAFT The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.2 ENTWURF
Erarbeitung der technischen
Spezifikation für die |
July 13, 2011 DRAFT Trust Model for Security Automation Data 1.0 (TMSAD)
ENTWURF
Trust Model for Security
Automation Daten |
July 19, 2011 DRAFT Privacy Control Catalog
ENTWURF Privacy Control Katalog |
Apr. 28, 2011 DRAFT Common Platform Enumeration: Naming Specification Version 2.3 |
Apr. 28, 2011 DRAFT Common Platform Enumeration : Name Matching Specification Version 2.3 |
May 6, 2011 DRAFT Recommendation for Key Management: Part 1: General |
May 6, 2011 DRAFT Recommendation for Random Number Generation Using Deterministic Random Bit Generators |
May 12, 2011 DRAFT Cloud Computing Synopsis and Recommendations |
Jun. 3, 2011 DRAFT Common Platform Enumeration: Dictionary Specification Version 2.3 |
Feb. 10, 2011 DRAFT Transitions: Validation of Transitioning Cryptographic Algorithm and Key Lengths |
Feb. 10, 2011 DRAFT Transitions: Validating the Transition from FIPS 186-2 to FIPS 186-3 |
Feb. 11, 2011 DRAFT Secure Hash Standard (SHS) |
Feb. 11, 2011 DRAFT Basic Input/Output System (BIOS) Protection Guidelines |
Mar. 8, 2011
DRAFT Personal Identity
Verification (PIV) of Federal Employees and Contractors
Apr. 18, 2011 DRAFT Biometric
Data Specification for Personal Identity Verification | |
Jan. 28, 2011 DRAFT Guidelines on Security and Privacy in Public Cloud Computing |
Jan. 28, 2011 DRAFT A NIST Definition of Cloud Computing |
Jan.
2011 SP 800-131 A Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths. |
Feb. 3, 2011 DRAFT CAESARS Framework Extension: An Enterprise Continuous Monitoring Technical Reference Architecture |
Feb. 10, 2011 DRAFT Security Content Automation Protocol (SCAP) Version 1.0 Validation Program Test Requirements |
Feb. 10, 2011 DRAFT Proposed Open Specifications for an Enterprise Remediation Automation Framework |
Aug. 2008 A Statistical Test Suite for |
Apr.. 2010 A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications |
|
Jan. 11, 2011 DRAFT The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.1 |
||
Dec. 6, 2010 DRAFT Specification for the Asset Reporting Format 1. |
Dec. 6, 2010 DRAFT Guide to Using Vulnerability Naming Schemes |
Dec. 14, 2010 DRAFT Integrated Enterprise-Wide Risk Management: Organization, Mission, and Information System View |
Dec. 16, 2010 DRAFT Information Security Continuous Monitoring for Federal Information Systems and Organizations |
Dec. 22, 2010 DRAFT National Checklist Program for IT Products—Guidelines for Checklist Users and Developers |
Jan. 11, 2011 DRAFT The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.1 |
Aug 30, 2010
DRAFT Recommendation for Existing Application-Specific Key
Derivation Functions |
Sept 23, 2010 DRAFT Recommendation for Key Derivation through Extraction-then-Expansion |
Oct. 22, 2010 DRAFT Specification for the Open Checklist Interactive Language (OCIL) Version 2.0 |
Nov. 19, 2010 DRAFT Cryptographic Algorithms and Key Sizes for PIV |
Oct. 22, 2010 DRAFT Specification for the Open Checklist Interactive Language (OCIL) Version 2.0 |
Dec. 6, 2010 DRAFT Specification for Asset Identification 1.1 |
July 6, 2010 DRAFT Recommendation for Block Cipher Modes of Operation: Three Variants of Ciphertext Stealing for CBC Mode |
July 7, 2010 DRAFT Guide to Security for Full Virtualization Technologies |
July 29, 2010 DRAFT Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2 |
Aug. 24, 2010
DRAFT Common Platform Enumeration: Naming Specification
Version 2.3
|
Aug. 24, 2010
DRAFT Common Platform Enumeration : Name Matching
Specification Version 2.3
|
Aug. 24, 2010
DRAFT Common Platform Enumeration: Dictionary Specification
Version 2.3 |
May 27, 2010 DRAFT The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.1 |
May 28, 2010 DRAFT Glossary of Key Information Security Terms |
Jun. 16, 2010 DRAFT A Framework for Designing Cryptographic Key Management Systems |
Jun. 16, 2010 DRAFT Recommendation for the Transitioning of Cryptographic Algorithms and Key Sizes |
Jun. 24, 2010 DRAFT Recommendation for Password-Based Key Derivation - Part 1: Storage Applications |
Jun. 25, 2010 DRAFT Piloting Supply Chain Risk Management Practices for Federal Information Systems |
Mar. 10, 2010 DRAFT Open Vulnerability Assessment Language (OVAL) Validation Program Derived Test Requirements |
Mar. 18, 2010 NIST IR-7676DRAFT Maintaining and Using Key History on Personal Identity Verification (PIV) Cards |
Mar. 18, 2010 SP 800-128DRAFT Guide for Security Configuration Management of Information Systems |
Apr. 20, 2010 DRAFT Security Content Automation Protocol (SCAP) Version 1.0 Validation Program Test Requirements |
May 5, 2010 DRAFT Guide for Assessing the Security Controls in Federal Information Systems and Organizations, Building Effective Security Assessment Plans |
May 14, 2010 DRAFT PIV Card Application and Middleware Interface Test Guidelines (SP 800-73-3 Compliance) |
Nov. 25, 2009 DRAFT Privilege Management |
Dec. 11, 2009 DRAFT Security Requirements for Cryptographic Modules (Revised Draft) |
Dec. 15, 2009 DRAFT The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.1 |
Jan. 14, 2010 DRAFT Recommendation for the Transitioning of Cryptographic Algorithms and Key Sizes |
Feb. 2, 2010 DRAFT Smart Grid Cyber Security Strategy and Requirements 2 nd Edition |
Feb. 22, 2010 DRAFT Guidelines for the Secure Deployment of IPv6 |
Sept. 11, 2009 DRAFT PIV Data Model Conformance Test Guidelines |
Sept. 22, 2009 DRAFT Guide to Security for Worldwide Interoperability for Microwave Access (WiMAX) Technologies |
Sept. 25, 2009 DRAFT Smart Grid Cyber Security Strategy and Requirements 1 nd Edition |
Oct. 6, 2009 DRAFT Cryptographic Algorithms and Key Sizes for Personal Identification Verification (PIV) |
Oct. 27, 2009 DRAFT Contingency Planning Guide for Federal Information Systems |
Nov. 17, 2009 DRAFT Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach |
July 31, 2009 DRAFT The Technical Specification for the Security Content Automation Protocol (SCAP) |
Aug. 11, 2009 DRAFT System and Network Security Acronyms and Abbreviations |
Aug. 13, 2009 DRAFT Interfaces for Personal
Identity Verification (4 Parts) |
Aug. 17, 2009 DRAFT Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for Confidentiality on Block-Oriented Storage Devices |
Aug. 19, 2009 DRAFT Cryptographic Key Management Workshop Summary |
Aug. 26, 2009 DRAFT Secure Domain Name System (DNS) Deployment Guide |
Mar. 20, 2009 DRAFT Information Security Training Requirements: A Role- and Performance-Based Model |
Apr. 21, 2009 DRAFT Security Content Automation Protocol (SCAP) Version 1.0 Validation Program Test Requirements |
Apr. 21, 2009 DRAFT Guide to Enterprise Password Management |
May 5, 2009 DRAFT Guide to Adopting and Using the Security Content Automation Protocol (SCAP) |
June 16, 2009 DRAFT The Common Configuration Scoring System (CCSS): Metrics for Software Security Configuration Vulnerabilities |
July 14, 2009 DRAFT Recommendations for Integrating Information Security into the Capital Planning and Investment Control Process (CPIC |
Dec. 22, 2008 DRAFT Recommendation for EAP Methods Used in Wireless Network Access Authentication |
Jan. 13, 2009 DRAFT Security Architecture Design Process for Health Information Exchanges (HIEs) |
Jan. 13, 2009 DRAFT Guide to Protecting the Confidentiality of Personally Identifiable Information (PII) |
Feb. 27, 2009 DRAFT The Common Misuse Scoring System (CMSS): Metrics for Software Feature Misuse Vulnerabilities |
Feb. 27, 2009 DRAFT Secure Domain Name System (DNS) Deployment Guide |
Mar. 6, 2009 DRAFT Directions in Security Metrics Research |
Sept. 19, 2008 DRAFT National Checklist Program for IT Products--Guidelines for Checklist Users and Developers |
Sep 29, 2008 DRAFT Guide to Industrial Control Systems (ICS) Security |
Oct 24, 2008 DRAFT Recommendation for Key Management, Part 3 Application-Specific Key Management Guidance |
Nov 12, 2008 DRAFT Recommendation for Digital Signature Timeliness |
Dec. 10, 2008 DRAFT Recommendation for Pair-Wise Key Establishment Using Integer Factorization Cryptography |
Dec. 12, 2008 DRAFT Electronic Authentication Guideline |
Oct 6, 2006 DRAFT An Ontology of Identity Credentials, Part I: Background and Formulation ENTWURF einer Ontologie der Identity Credentials, Teil I: Grundlagen und Formulierung |
Jul 13, 2007 DRAFT Security Requirements for Cryptographic Modules ENTWURF Sicherheitsanforderungen an kryptographische Module |
Sep 29, 2007 DRAFT Security Assessment Provider Requirements and Customer Responsibilities: Building a Security Assessment Credentialing Program for Federal Information Systems ENTWURF Managing Risk von Information Systems: organisatorischer Sicht |
April 3, 2008 DRAFT Managing Risk from Information Systems: An Organizational Perspective ENTWURF Managing Risk von Information Systems: organisatorischer Sicht |
July 9, 2008 DRAFT Guidelines on Firewalls and Firewall Policy Entwurf von Leitlinien zur Firewalls und Firewall Policy |
August 19, 2008 DRAFT Guide for Security Authorization of Federal Information Systems: A Security Lifecycle Approach Entwurf des Leitfadens für Sicherheit Authorization of Federal Information Systems: Ein Security-Lifecycle-Ansatz |