NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage
Search CSRC:

Archived ITL Bulletins

The Information Technology Laboratory (ITL) Bulletins have been archived. Some include outdated information or discuss NIST publications that have been superseded or withdrawn. Newer bulletins may be available for a given topic.

ITL October 2010Oct 2010Cyber Security Strategies for the Smart Grid: Protecting the Advanced Digital Infrastructure for Electric Power
ITL August 2010Aug 2010Assessing the Effectiveness of Security Controls in Federal Information Systems
ITL September 2009Sep 2009Updated Digital Signature Standard (DSS) Approved as Federal Information Processing Standard (FIPS) 186-3
ITL August 2009Aug 2009Revised Catalog of Security Controls for Federal Information Systems and Organizations: For Use in Both National Security and Nonnational Security Systems
ITL January 2009Jan 2009Security of Cell Phones and PDAs
ITL November 2008Nov 2008Bluetooth Security: Protecting Wireless Networks and Devices
ITL August 2008Aug 2008Security Assessments: Tools for Measuring the Effectiveness of Security Controls
ITL March 2008Mar 2008Handling Computer Security Incidents: NIST Issues Updated Guidelines
ITL April 2007Apr 2007Securing Wireless Networks
ITL January 2007Jan 2007Security Controls for Information Systems: Revised Guidelines Issued by NIST
ITL June 2006Jun 2006Domain Name System (DNS) Services: NIST Recommendations for Secure Deployment
ITL May 2006May 2006An Update on Cryptographic Standards, Guidelines, and Testing Requirements
ITL December 2005Dec 2005Preventing and Handling Malware Incidents: How to Protect Information Technology Systems from Malicious Code and Software
ITL November 2005Nov 2005Securing Microsoft Windows XP Systems: NIST Recommendations for Using a Security Configuration Checklist
ITL October 2005Oct 2005National Vulnerability Database (NVD): Helping Information Technology System Users and Developers Find Current Information About Cyber Security Vulnerabilities
ITL September 2005Sep 2005Biometric Technologies: Helping to Protect Information and Automated Transactions in Information Technology Systems
ITL July 2005Jul 2005Protecting Sensitive Information that is Transmitted Across Networks: NIST Guidance for Selecting and Using Transport Layer Security Implementations
ITL June 2005Jun 2005NISTís Security Configuration Checklists Program for Information Technology (IT) Products
ITL May 2005May 2005Recommended Security Controls for Federal Information Systems: Guidance for Selecting Cost-Effective Controls Using a Risk-Based Process
ITL April 2005Apr 2005Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
ITL March 2005Mar 2005Personal Identity Verification (PIV) of Federal Employees and Contractors: Federal Information Processing Standard (FIPS) 201 Approved by the Secretary of Commerce
ITL August 2004Aug 2004Electronic Authentication: Guidance for Selecting Secure Techniques
ITL July 2004Jul 2004Guide for Mapping Types of Information and Information Systems to Security Categories
ITL May 2004May 2004Guide for the Security Certification and Accreditation of Federal Information Systems
ITL January 2004Jan 2004Computer Security Incidents: Assessing, Managing, and Controlling the Risks
ITL December 2003Dec 2003Security Considerations in the Information System Development Life Cycle
ITL November 2003Nov 2003Network Security Testing
ITL August 2003Aug 2003IT Security Metrics
ITL June 2003Jun 2003ASSET: Security Assessment Tool for Federal Agencies
ITL March 2003Mar 2003Security for Wireless Networks and Devices
ITL January 2003Jan 2003Security of Electronic Mail
ITL December 2002Dec 2002Security of Public Web Servers
ITL November 2002Nov 2002Security for Telecommuting and Broadband Communication
ITL October 2002Oct 2002Security Patches and the CVE Vulnerability Naming Scheme: Tools to Address Computer System Vulnerabilities
ITL September 2002Sep 2002Cryptographic Standards and Guidelines: A Status Report
ITL July 2002Jul 2002Overview: The Government Smart Card Interoperability Specification
ITL June 2002Jun 2002Contingency Planning Guide for Information Technology Systems
ITL February 2002Feb 2002Risk Management Guidance for Information Technology Systems
ITL January 2002Jan 2002Guidelines on Firewalls and Firewall Policy
ITL November 2001Nov 2001Computer Forensics Guidance
ITL September 2001Sep 2001Security Self-Assessment Guide for Information Technology Systems
ITL July 2001Jul 2001A Comparison of the Security Requirements for Cryptographic Modules in FIPS 140-1 and FIPS 140-2
ITL June 2001Jun 2001Engineering Principles for Information Technology Security
ITL May 2001May 2001Biometrics - Technologies for Highly Secure Personal Authentication
ITL March 2001Mar 2001An Introduction to IPsec (Internet Protocol Security)
ITL December 2000Dec 2000A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications
ITL October 2000Oct 2000An Overview of the Common Criteria Evaluation and Validation Scheme
ITL August 2000Aug 2000Security for Private Branch Exchange Systems
ITL July 2000Jul 2000Identifying Critical Patches with ICAT *
ITL June 2000Jun 2000Mitigating Emerging Hacker Threats
ITL March 2000Mar 2000Security Implications of Active Content
ITL February 2000Feb 2000Guideline for Implementing Cryptography in the Federal Government
ITL December 1999Dec 1999Operating System Security: Adding to the Arsenal of Security Techniques
ITL November 1999Nov 1999Acquiring and Deploying Intrusion Detection Systems
ITL September 1999Sep 1999Securing Web Servers
ITL August 1999Aug 1999The Advanced Encryption Standard (AES): A Status Report
ITL May 1999May 1999Computer Attacks: What They are and how to Defend Against Them
ITL April 1999Apr 1999Guide for Developing Security Plans for Information Technology Systems
ITL February 1999Feb 1999Enhancements to Data Encryption and Digital Signature Federal Standards
ITL January 1999Jan 1999Secure Web-Based Access to High Performance Computing Resources
ITL November 1998Nov 1998Common Criteria: Launching the International Standard
ITL September 1998Sep 1998Cryptography Standards and Infrastructures for the Twenty-First Century
ITL June 1998Jun 1998Training for Information Technology Security: Evaluating the Effectiveness of Results-Based Learning
ITL April 1998Apr 1998Training Requirements for Information Technology Security: An Introduction to Results-Based Learning
ITL March 1998Mar 1998Management of Risks in Information Systems: Practices of Successful Organizations
ITL February 1998Feb 1998Information Security and the World Wide Web (WWW)
ITL November 1997Nov 1997Internet Electronic Mail
ITL July 1997Jul 1997Public Key Infrastructure Technology
ITL April 1997Apr 1997Security Considerations in Computer Support and Operations
ITL March 1997Mar 1997Audit Trails
ITL February 1997Feb 1997Advanced Encryption Standard (AES)
ITL January 1997Jan 1997Security Issues for Telecommuting
ITL October 1996Oct 1996Generally Accepted System Security Principles (GSSPs): Guidance on Securing Information Technology (IT) Systems
ITL August 1996Aug 1996Implementation Issues for Cryptography
ITL June 1996Jun 1996Information Security Policies for Changing Information Technology Environments
ITL May 1996May 1996The World Wide Web: Managing Security Risks
ITL February 1996Feb 1996Human/Computer Interface Security Issues
ITL December 1995Dec 1995An Introduction to Role-Based Access Control
ITL August 1995Aug 1995FIPS 140-1: A Framework for Cryptographic Standards
ITL February 1995Feb 1995The Data Encryption Standard (DES): an Update
ITL November 1994Nov 1994Digital Signature Standard (DSS)
ITL May 1994May 1994Reducing the Risks of Internet Connection and Use
ITL March 1994Mar 1994Threats to Computer Systems: an Overview
ITL August 1993Aug 1993Security Program Management
ITL July 1993Jul 1993Connecting to the Internet: Security Considerations
ITL March 1993Mar 1993Guidance on the Legality of Keystroke Monitoring
ITL November 1992Nov 1992Sensitivity of Information
ITL March 1992Mar 1992An Introduction to Secure Telephone Terminals
ITL February 1992Feb 1992Establishing a Computer Security Incident Handling Capability
ITL November 1991Nov 1991Advanced Authentication Technology
ITL February 1991Feb 1991Computer Security Roles of NIST and NSA
ITL August 1990Aug 1990Computer Virus Attacks
Back to Top