Many of NIST's cybersecurity and privacy publications are posted as drafts for public comment. Comment periods are still open for the following publications. Select the publication title to access downloads, related content, and instructions for submitting comments. Your thoughtful reviews and comments are greatly appreciated and help us to improve our standards and guidance.
Also see a complete list of public drafts that includes those whose comment periods have closed.
There are several new digital credentials-based standards emerging and they are all in silos operating in specific environments and written for specific contexts. And as such, there is a lack of foundational, strongly verifiable, and trustable digital credentials available to make transition t... |
This document addresses the need to support a cloud system’s forensic readiness, which is the ability to quickly and effectively collect digital evidence with minimal investigation costs. The document presents a reference architecture to help users understand the forensic challenges that might ex... |
Genomic data has enabled the rapid growth of the U.S. bioeconomy and is valuable to the individual, industry, and government due to intrinsic properties that, in combination, make it different from other types of high-value data which possess only a subset of these properties. The characteristics of... |
Executive Order 13702 established the National Strategic Computing Initiative (NSCI) to maximize the benefits of high-performance computing (HPC) for economic competitiveness and scientific discovery. Securing HPC systems is challenging due to their size; performance requirements; diverse and comple... |
NISTIR 8320D is the latest in a series of reports on hardware-enabled security techniques and technologies. Organizations employ a growing volume of machine identities, often numbering in the thousands or millions per organization. Machine identities, such as secret cryptographic keys, can be use... |
NIST requests public comments on NIST IR 8214C ipd (initial public draft), NIST First Call for Multi-Party Threshold Schemes, for primitives organized into two categories: Cat1: selected NIST-specified primitives Cat2: other primitives not specified by NIST The report specifies the vari... |
NIST requests comments on the draft fourth revision to the four-volume suite of Special Publication 800-63, Digital Identity Guidelines. This publication presents the process and technical requirements for meeting the digital identity management assurance levels specified in each volume. They also p... |
NIST requests comments on the draft fourth revision to the four-volume suite of Special Publication 800-63, Digital Identity Guidelines. This publication presents the process and technical requirements for meeting the digital identity management assurance levels specified in each volume. They also p... |
NIST requests comments on the draft fourth revision to the four-volume suite of Special Publication 800-63, Digital Identity Guidelines. This publication presents the process and technical requirements for meeting the digital identity management assurance levels specified in each volume. They also p... |
NIST requests comments on the draft fourth revision to the four-volume suite of Special Publication 800-63, Digital Identity Guidelines. This publication presents the process and technical requirements for meeting the digital identity management assurance levels specified in each volume. They also p... |
Summary This publication complements FIPS 201-3, which defines the requirements and characteristics of government-wide interoperable identity credentials used by federal employees and contractors. The draft guidelines in SP 800-217 provide technical requirements on the use of federated PIV i... |
Summary This publication complements FIPS 201-3, which defines the requirements and characteristics of government-wide interoperable identity credentials used by federal employees and contractors. The draft guidelines in SP 800-157r1 detail the issuance and maintenance of authenticators used... |
This draft revision of NIST SP 800-219 provides resources that system administrators, security professionals, security policy authors, information security officers, and auditors can leverage to secure and assess macOS desktop and laptop system security in an automated way. This publication intro... |
This NIST report on artificial intelligence (AI) develops a taxonomy of attacks and mitigations and defines terminology in the field of adversarial machine learning (AML). Taken together, the taxonomy and terminology are meant to inform other standards and future practice guides for assessing and ma... |