Search CSRC

Abstract:

Abstract: This report is a preliminary study on the feasibility and possible use of electronic research notebooks (ERNs) at the National Institute of Standards and Technology (NIST). The goal of this project is to determine the requirements for ERN and to assess current technologies for the design of a protot...

Abstract: The Secure Data Network System (SDNS) project, initiated by the National Security Agency in 1986, produced a computer network security architecture within the framework of the International Organization for Standardization (ISO) reference model for Open Systems Interconnection (OSI). The security pr...

Abstract: This National Institute of Standards and Technology Interagency Report (NISTIR) presents the National Aeronautics and Space Administration's (NASA) Automated Information Security Handbook . The Handbook provides NASA's overall approach to automated information systems security including: program goa...

Abstract: The NIST Secure Data Network System (SDNS) project implements computer to computer communications security for distributed applications. The internationally accepted Open Systems Interconnection (OSI) computer networking architecture provides the framework for SDNS, which is a project of the Nationa...

According to a recent independent analysis, e-commerce fraud increased by 30 percent in 2017, compared to.....

The National Cybersecurity Center of Excellence (NCCoE) has released the final NIST Cybersecurity Practice Guide 1800-2, Identity and Access Management for Electric Utilities, and invites you to download the guide.

The United States continues to have complete dependence on information technology deployed in critical infrastructure systems and applications in both the....

NIST announces the release of an errata update for Special Publication 800-171, Revision 1, Protecting Controlled Unclassified Information is Nonfederal Systems and Organizations. The errata.....

As the world rapidly embraces the Internet of Things, properly securing medical devices has grown challenging for most healthcare delivery organizations (HDOs).......

NIST announces the release of Special Publication 800-160, Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems. ...

NIST is proud to announce the release of Special Publication 800-182, 2015 Computer Security Division Annual Report. This annual report provides major highlights and accomplishments that the NIST Computer Security Division...

NIST is pleased to announce the release of Special Publication 800-156, Representation of PIV Chain-of-Trust for Import and Export. The document provides the data representation of a chain-of-trust record for the exchange of records between PIV Card issuers. ...

NIST announces the completion of Special Publication (SP) 800-57, Part 1 Rev. 4, Recommendation for Key Management, Part 1: General. This Recommendation provides ...

NIST is excited to announce the release of the latest NIST Cybersecurity Practice Guide, "IT Asset Management" for the Financial Services sector. The document is a draft, and comments are being accepted.

The use of mobile devices in health care sometimes outpaces the privacy and security protections on those devices. Stolen personal information can have negative financial impacts, ...

The purpose of Special Publication 800-163, Vetting the Security of Mobile Applications, is to help organizations understand the process for vetting the security of mobile applications, ...

NIST announces the release of an errata update to Special Publication 800-37, Revision 1, Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach.

NIST announces the release of Special Publication (SP) 800-101 Revision 1, Guidelines on Mobile Device Forensics. Mobile device forensics is the science of recovering digital evidence from a mobile device under forensically sound conditions using accepted methods.

The National Institute of Standards and Technology (NIST) is pleased to announce the release of Special Publication 800-56A, Revision 2: Recommendation for Pair-Wise Key Establishment Schemes Using Discrete

NIST anticipates the release of Special Publication 800-53, Revision 4, Security and Privacy Controls for Federal information Systems and Organizations (Final Public Draft) on Tuesday, February 5th.

The National Institute of Standards and Technology (NIST) announces the release of the final version of its updated risk assessment guideline, Special Publication 800-30, Revision 1, Guide for Conducting Risk Assessments.

The National Institute of Standards and Technology (NIST) and the National Security Agency (NSA), partners in the National Information Assurance Partnership (NIAP), …

While FIPS 140-2 continues on through 2026, development to support and validate FIPS 140-3 modules must be in place by September 2020. This project addresses questions concerning the process of migrating from FIPS 140-2 to FIPS 140-3. The transition process includes organizational, documentation and procedural changes necessary to update and efficiently manage the ever increasing list of security products that are tested for use in the US and Canadian governments. Changes also support the migration of internally developed security standards towards a set of standards developed and maintained...

THIS PAGE IS FOR HISTORICAL PURPOSES ONLY SEE FIPS 140-3 TRANSITION EFFORT FOR THE CURRENT STATUS Approval of FIPS 140-3 | SP 800-140x Development | Implementation Schedule | 2015 RFI FIPS 140-3 approved On March 22, 2019, the Secretary of Commerce approved Federal Information Processing Standards Publication (FIPS) 140-3, Security Requirements for Cryptographic Modules, which supersedes FIPS 140-2. This was announced in the Federal Register on May 1, 2019. FIPS 140-3 aligns with ISO/IEC 19790:2012(E) and includes modifications of the Annexes that are allowed to the Cryptographic...