Events
March 27, 2012 - March 29, 2012
https://csrc.nist.gov/events/2012/fissea-25th-annual-conference
FISSEA’s 25th Annual Conference: "A New Era in Cybersecurity Awareness, Training, and Education" March 27 - 29, 2012 Agenda & Keynote Speakers FINAL Agenda: Updated March 21, 2012 This year’s theme, “A New Era in Cybersecurity Awareness, Training, and Education” was chosen to reflect current projects, trends and initiatives that will provide pathways to future solutions. The conference will also address other aspects of cybersecurity awareness, training, and education. Keynote Speakers: VADM, Patricia Tracey, USN (ret), Vice President, Defense Industry & Development, HP Enterprise...
Publications
SP 800-126 Rev. 2 (Final)
March 19, 2012
https://csrc.nist.gov/pubs/sp/800/126/r2/final
Abstract: This document provides the definitive technical specification for version 1.2 of the Security Content Automation Protocol (SCAP). SCAP consists of a suite of specifications for standardizing the format and nomenclature by which information about software flaws and security configurations is communic...
Events
March 13, 2012 - March 14, 2012
https://csrc.nist.gov/events/2012/2012-nist-nstic-idtrust-workshop
"Technologies and Standards Enabling the Identity Ecosystem" The workshop focused on how technologies and standards can help the framework of the identity ecosystem coalesce. The two day workshop featureed plenary presentations and panel discussions by leading identity management and standards experts addressing a broad swath of technology and standards issues that surround identifying and implementing the four NSTIC Guiding Principles in the Identity Ecosystem: Identity Solutions will be Privacy-Enhancing and Voluntary Identity Solutions will be Secure and Resilient Identity Solutions...
Publications
IR 7275 Rev. 4 (Final)
March 1, 2012
https://csrc.nist.gov/pubs/ir/7275/r4/upd1/final
Abstract: This report specifies the data model and Extensible Markup Language (XML) representation for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2. An XCCDF document is a structured collection of security configuration rules for some set of target systems. The XCCDF specifica...
Publications
SP 800-153 (Final)
February 21, 2012
https://csrc.nist.gov/pubs/sp/800/153/final
Abstract: A wireless local area network (WLAN) is a group of wireless networking devices within a limited geographic area, such as an office building, that exchange data through radio communications. The security of each WLAN is heavily dependent on how well each WLAN component—including client devices, acces...
Events
February 1, 2012 - February 3, 2012
https://csrc.nist.gov/events/2012/ispab-february-2012-meeting
(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes Panel discussion: Economic Incentives for Medical Device Security Kevin Fu, Associate Professor, Computer Science, University of Massachusetts Amherst (moderator) Brian Fitzgerald, Deputy Director, Division of Electrical and Software Engineering, FDA CDRH OSEL Louis Jacques, Director, Coverage and Analysis Group, Centers for Medicare and Medicaid Services James Keller, Vice President, Health Technology Evaluation and Safety, ECRI Institute George Mills, Director, Department of Engineering, The Joint...
Events
October 26, 2011 - October 28, 2011
https://csrc.nist.gov/events/2011/ispab-october-2011-meeting
(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes SP 800-53 Appendix on Privacy Ron Ross, NIST Fellow Erika McCallister, Computer Scientist, NIST Martha Landesberg, Associate Director, Privacy Policy, Privacy Office, DHS Roanne Shaddox, Sr. Privacy Specialist, FDIC Cyber Awareness Month – Updates and Report Bill Newhouse, Cybersecurity Advisor, NIST FCC and Technology Robert Naylor, Chief Information Officer, Office of the Managing Director, Federal Communications Commission HSPD‐12 and Open Identity Initiative Carol A. Bales, OMB Lisa A. Schlosser,...
Publications
IR 7275 Rev. 4 (Final) (Withdrawn)
September 30, 2011
Withdrawn on March 01, 2012.
https://csrc.nist.gov/pubs/ir/7275/r4/final
Abstract: This report specifies the data model and Extensible Markup Language (XML) representation for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2. An XCCDF document is a structured collection of security configuration rules for some set of target systems. The XCCDF specifica...
Publications
SP 800-126 Rev. 2 (Final) (Withdrawn)
September 1, 2011
Withdrawn on March 19, 2012.
https://csrc.nist.gov/pubs/sp/800/126/r2/final-(1)
Abstract: This document provides the definitive technical specification for version 1.2 of the Security Content Automation Protocol (SCAP). SCAP consists of a suite of specifications for standardizing the format and nomenclature by which information about software flaws and security configurations is communic...
Publications
IR 7697 (Final)
August 19, 2011
https://csrc.nist.gov/pubs/ir/7697/final
Abstract: This report defines the Common Platform Enumeration (CPE) Dictionary version 2.3 specification. The CPE Dictionary Specification is a part of a stack of CPE specifications that support a variety of use cases relating to IT product description and naming. An individual CPE dictionary is a repository...
Publications
IR 7695 (Final)
August 19, 2011
https://csrc.nist.gov/pubs/ir/7695/final
Abstract: This report defines the Common Platform Enumeration (CPE) Naming version 2.3 specification. The CPE Naming specification is a part of a stack of CPE specifications that support a variety of use cases relating to IT product description and naming. The CPE Naming specification defines the logical stru...
Publications
IR 7698 (Final)
August 19, 2011
https://csrc.nist.gov/pubs/ir/7698/final
Abstract: This report defines the Common Platform Enumeration (CPE) Applicability Language version 2.3 specification. The CPE Applicability Language specification is part of a stack of CPE specifications that support a variety of use cases relating to IT product description and naming. The CPE Applicability L...
Publications
IR 7696 (Final)
August 19, 2011
https://csrc.nist.gov/pubs/ir/7696/final
Abstract: This report defines the Common Platform Enumeration (CPE) Name Matching version 2.3 specification. The CPE Name Matching specification is part of a stack of CPE specifications that support a variety of use cases relating to IT product description and naming. The CPE Name Matching specification provi...
Events
July 13, 2011 - July 15, 2011
https://csrc.nist.gov/events/2011/ispab-july-2011-meeting
(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes NIST Updates Donna Dodson, NIST Cloud Security and Privacy ISIMC Cloud Security Earl Crane, Department of Homeland Security Handout – Guidelines for Secure Use of Cloud Computing Earl Crane, Department of Homeland Security Doctrine for Cybersecurity (Web site link - by clicking this website link, you will be leaving NIST webspace & link points to a PDF file on Cornell Univ. website) Fred B. Schneider, Cornell University Mississippi State University – Control Systems Security Research Program Ray...
