| ITL Bulletin |
|
Security Considerations for Exchanging Files Over the Internet |
通过Internet交换文件的安全注意事项 |
Final |
8/03/2020 |
| SP |
800-210 |
General Access Control Guidance for Cloud Systems |
云系统通用访问控制指南 |
Final |
7/31/2020 |
| White Paper |
NIST Technical Note (TN) 2066 |
OpenFMB Proof of Concept Implementation Research |
OpenFMB概念验证实施研究 |
Final |
7/29/2020 |
| NISTIR |
8309 |
Status Report on the Second Round of the NIST Post-Quantum Cryptography Standardization Process |
NIST后量子密码标准化流程第二轮的状态报告 |
Final |
7/22/2020 |
| NISTIR |
8219 |
Securing Manufacturing Industrial Control Systems: Behavioral Anomaly Detection |
保护制造工业控制系统:行为异常检测 |
Final |
7/16/2020 |
| NISTIR |
8214A |
NIST Roadmap Toward Criteria for Threshold Schemes for Cryptographic Primitives |
NIST路线图,针对密码基元阈值方案的标准 |
Final |
7/07/2020 |
| SP |
800-77 Rev. 1 |
Guide to IPsec VPNs |
IPsec VPN指南 |
Final |
6/30/2020 |
| ITL Bulletin |
|
NIST Privacy Framework: An Overview |
NIST隐私框架:概述 |
Final |
6/24/2020 |
| White Paper |
|
Can you tell? SSNet – a Sagittal Stratum-inspired Neural Network Framework for Sentiment Analysis |
你能告诉? SSNet-矢状面启发神经网络的情感分析框架 |
Final |
6/23/2020 |
| SP |
1800-16 |
Securing Web Transactions: TLS Server Certificate Management |
保护Web事务的安全:TLS服务器证书管理 |
Final |
6/16/2020 |
| SP |
800-133 Rev. 2 |
Recommendation for Cryptographic Key Generation |
密码密钥生成建议 |
Final |
6/04/2020 |
| NISTIR |
8259 |
Foundational Cybersecurity Activities for IoT Device Manufacturers |
物联网设备制造商的基本网络安全活动 |
Final |
5/29/2020 |
| NISTIR |
8259A |
IoT Device Cybersecurity Capability Core Baseline |
物联网设备网络安全能力核心基准 |
Final |
5/29/2020 |
| SP |
800-204A |
Building Secure Microservices-based Applications Using Service-Mesh Architecture |
使用服务网格体系结构构建基于安全微服务的应用程序 |
Final |
5/27/2020 |
| SP |
800-137A |
Assessing Information Security Continuous Monitoring (ISCM) Programs: Developing an ISCM Program Assessment |
评估信息安全连续监视(ISCM)程序:制定ISCM程序评估 |
Final |
5/21/2020 |
| SP |
1800-23 |
Energy Sector Asset Management: For Electric Utilities, Oil & Gas Industry |
能源部门资产管理:用于电力,石油和天然气行业 |
Final |
5/20/2020 |
| NISTIR |
8196 |
Security Analysis of First Responder Mobile and Wearable Devices |
急救人员移动可穿戴设备的安全性分析 |
Final |
5/11/2020 |
| SP |
800-57 Part 1 Rev. 5 |
Recommendation for Key Management: Part 1 – General |
密钥管理建议:第1部分-概述 |
Final |
5/04/2020 |
| NISTIR |
8294 |
Symposium on Federally Funded Research on Cybersecurity of Electric Vehicle Supply Equipment (EVSE) |
联邦资助的电动汽车供应设备(EVSE)网络安全研究专题讨论会 |
Final |
4/29/2020 |
| NISTIR |
8011 Vol. 4 |
Automation Support for Security Control Assessments: Software Vulnerability Management |
安全控制评估的自动化支持:软件漏洞管理 |
Final |
4/28/2020 |
| White Paper |
|
Protecting Data from Ransomware and Other Data Loss Events: A Guide for Managed Service Providers to Conduct, Maintain, and Test Backup Files |
保护数据免受勒索软件和其他数据丢失事件的影响:受管服务提供商进行,维护和测试备份文件的指南 |
Final |
4/24/2020 |
| White Paper |
|
Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF) |
通过采用安全软件开发框架(SSDF)降低软件漏洞的风险 |
Final |
4/23/2020 |
| White Paper |
|
5G Cybersecurity: Preparing a Secure Evolution to 5G |
5G网络安全:准备向5G的安全演进 |
Final |
4/13/2020 |
| SP |
800-175B Rev. 1 |
Guideline for Using Cryptographic Standards in the Federal Government: Cryptographic Mechanisms |
联邦政府中使用加密标准的准则:加密机制 |
Final |
3/31/2020 |
| White Paper |
|
[Project Description] Critical Cybersecurity Hygiene: Patching the Enterprise |
[项目描述]关键的网络安全卫生:修补企业 |
Final |
3/30/2020 |
| SP |
800-140B |
CMVP Security Policy Requirements: CMVP Validation Authority Updates to ISO/IEC 24759 and ISO/IEC 19790 Annex B |
CMVP安全策略要求:CMVP验证机构对ISO / IEC 24759和ISO / IEC 19790附件B的更新 |
Final |
3/20/2020 |
| SP |
800-140E |
CMVP Approved Authentication Mechanisms: CMVP Validation Authority Requirements for ISO/IEC 19790 Annex E and ISO/IEC 24579 Section 6.17 |
CMVP批准的认证机制:CMVP验证机构对ISO / IEC 19790 Annex E和ISO / IEC 24579第6.17节的要求 |
Final |
3/20/2020 |
| SP |
800-140F |
CMVP Approved Non-Invasive Attack Mitigation Test Metrics: CMVP Validation Authority Updates to ISO/IEC 24759 |
CMVP批准的非侵入式攻击缓解测试指标:CMVP验证机构对ISO / IEC 24759的更新 |
Final |
3/20/2020 |
| SP |
800-140D |
CMVP Approved Sensitive Parameter Generation and Establishment Methods: CMVP Validation Authority Updates to ISO/IEC 24759 |
CMVP批准的敏感参数生成和建立方法:CMVP验证机构对ISO / IEC 24759的更新 |
Final |
3/20/2020 |
| SP |
800-140 |
FIPS 140-3 Derived Test Requirements (DTR): CMVP Validation Authority Updates to ISO/IEC 24759 |
FIPS 140-3衍生测试要求(DTR):CMVP验证机构对ISO / IEC 24759的更新 |
Final |
3/20/2020 |
| SP |
800-140A |
CMVP Documentation Requirements: CMVP Validation Authority Updates to ISO/IEC 24759 |
CMVP文档要求:CMVP验证机构对ISO / IEC 24759的更新 |
Final |
3/20/2020 |
| SP |
800-140C |
CMVP Approved Security Functions: CMVP Validation Authority Updates to ISO/IEC 24759 |
CMVP批准的安全功能:CMVP验证授权机构对ISO / IEC 24759的更新 |
Final |
3/20/2020 |
| NISTIR |
8170 |
Approaches for Federal Agencies to Use the Cybersecurity Framework |
联邦机构使用网络安全框架的方法 |
Final |
3/19/2020 |
| ITL Bulletin |
|
Security for Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Solutions |
企业远程办公,远程访问和自带设备(BYOD)解决方案的安全性 |
Final |
3/18/2020 |
| SP |
800-206 |
Annual Report 2018: NIST/ITL Cybersecurity Program |
2018年度报告:NIST / ITL网络安全计划 |
Final |
3/13/2020 |
| SP |
800-63A |
Digital Identity Guidelines: Enrollment and Identity Proofing |
数字身份准则:注册和身份证明 |
Final |
3/02/2020 |
| SP |
800-63B |
Digital Identity Guidelines: Authentication and Lifecycle Management |
数字身份准则:身份验证和生命周期管理 |
Final |
3/02/2020 |
| SP |
800-63C |
Digital Identity Guidelines: Federation and Assertions |
数字身份准则:联盟和断言 |
Final |
3/02/2020 |
| SP |
800-63-3 |
Digital Identity Guidelines |
数字身份准则 |
Final |
3/02/2020 |
| SP |
800-171 Rev. 2 |
Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations |
保护非联邦系统和组织中的受控未分类信息 |
Final |
2/21/2020 |
| NISTIR |
8287 |
A Roadmap for Successful Regional Alliances and Multistakeholder Partnerships to Build the Cybersecurity Workforce |
成功的区域联盟和多方利益相关者合作关系建立网络安全劳动力的路线图 |
Final |
2/20/2020 |
| White Paper |
|
[Project Description] Protecting Information and System Integrity in Industrial Control Systems Environments: Cybersecurity for the Manufacturing Sector |
[项目描述]在工业控制系统环境中保护信息和系统完整性:制造业的网络安全 |
Final |
2/07/2020 |
| White Paper |
|
Case Studies in Cyber Supply Chain Risk Management: Palo Alto Networks, Inc. |
网络供应链风险管理案例研究:Palo Alto Networks,Inc. |
Final |
2/04/2020 |
| White Paper |
|
Case Studies in Cyber Supply Chain Risk Management: Seagate Technology |
网络供应链风险管理案例研究:希捷技术 |
Final |
2/04/2020 |
| White Paper |
|
Case Studies in Cyber Supply Chain Risk Management: Mayo Clinic |
网络供应链风险管理案例研究:Mayo诊所 |
Final |
2/04/2020 |
| White Paper |
|
Case Studies in Cyber Supply Chain Risk Management: Anonymous Renewable Energy Company |
网络供应链风险管理案例研究:匿名可再生能源公司 |
Final |
2/04/2020 |
| White Paper |
|
Case Studies in Cyber Supply Chain Risk Management: Summary of Findings and Recommendations |
网络供应链风险管理案例研究:发现和建议摘要 |
Final |
2/04/2020 |
| White Paper |
|
Case Studies in Cyber Supply Chain Risk Management: Anonymous Consumer Goods Company |
网络供应链风险管理案例研究:匿名消费品公司 |
Final |
2/04/2020 |
| White Paper |
|
Case Studies in Cyber Supply Chain Risk Management: Anonymous Consumer Electronics Company |
网络供应链风险管理案例研究:匿名消费电子公司 |
Final |
2/04/2020 |
| White Paper |
|
On the Profitability of Selfish Mining Against Multiple Difficulty Adjustment Algorithms |
基于多重难度调整算法的自私采矿的获利能力 |
Final |
1/29/2020 |
| White Paper |
|
NIST Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management, Version 1.0 |
NIST隐私框架:一种通过企业风险管理改善隐私的工具,版本1.0 |
Final |
1/16/2020 |
| White Paper |
|
A Taxonomic Approach to Understanding Emerging Blockchain Identity Management Systems |
了解新兴区块链身份管理系统的分类方法 |
Final |
1/14/2020 |
| SP |
800-189 |
Resilient Interdomain Traffic Exchange: BGP Security and DDoS Mitigation |
弹性域间流量交换:BGP安全性和DDoS缓解 |
Final |
12/17/2019 |
| White Paper |
|
[Project Description] Data Confidentiality: Identifying and Protecting Assets and Data Against Data Breaches |
[项目描述]数据机密性:识别和保护资产和数据免遭数据泄露 |
Final |
12/05/2019 |
| White Paper |
|
[Project Description] Data Confidentiality: Detect, Respond to, and Recover from Data Breaches |
[项目描述]数据机密性:检测,响应和从数据泄露中恢复 |
Final |
12/05/2019 |
| SP |
800-160 Vol. 2 |
Developing Cyber Resilient Systems: A Systems Security Engineering Approach |
开发网络弹性系统:一种系统安全工程方法 |
Final |
11/27/2019 |
| SP |
1500-4r2 |
NIST Big Data Interoperability Framework: Volume 4, Security and Privacy Version 3 |
NIST大数据互操作性框架:第4卷,安全性和隐私版本3 |
Final |
10/21/2019 |
| SP |
800-128 |
Guide for Security-Focused Configuration Management of Information Systems |
注重安全的信息系统配置管理指南 |
Final |
10/10/2019 |
| NISTIR |
8268 |
Status Report on the First Round of the NIST Lightweight Cryptography Standardization Process |
NIST轻型密码术标准化进程第一轮状态报告 |
Final |
10/07/2019 |
| NISTIR |
8183A Vol. 1 |
Cybersecurity Framework Manufacturing Profile Low Impact Level Example Implementations Guide: Volume 1 – General Implementation Guidance |
网络安全框架制造概要低影响级别示例实施指南:第1卷–一般实施指南 |
Final |
9/30/2019 |
| NISTIR |
8183A Vol. 3 |
Cybersecurity Framework Manufacturing Profile Low Impact Level Example Implementations Guide: Volume 3 – Discrete-based Manufacturing System Use Case |
网络安全框架制造概要低影响级别示例实施指南:第3卷–基于离散的制造系统用例 |
Final |
9/30/2019 |
| NISTIR |
8183A Vol. 2 |
Cybersecurity Framework Manufacturing Profile Low Impact Level Example Implementations Guide: Volume 2 – Process-based Manufacturing System Use Case |
网络安全框架制造概要低影响级别示例实施指南:第2卷–基于流程的制造系统用例 |
Final |
9/30/2019 |
| SP |
800-52 Rev. 2 |
Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations |
选择,配置和使用传输层安全性(TLS)实施准则 |
Final |
8/29/2019 |
| SP |
1800-12 |
Derived Personal Identity Verification (PIV) Credentials |
派生个人身份验证(PIV)凭据 |
Final |
8/27/2019 |
| White Paper |
|
[Project Description] Securing the Industrial Internet of Things: Cybersecurity for Distributed Energy Resources |
[项目描述]确保工业物联网的安全:分布式能源的网络安全 |
Final |
8/15/2019 |
| SP |
800-204 |
Security Strategies for Microservices-based Application Systems |
基于微服务的应用程序系统的安全策略 |
Final |
8/07/2019 |
| SP |
1800-7 |
Situational Awareness for Electric Utilities |
电力公用事业的情境意识 |
Final |
8/07/2019 |
| SP |
800-162 |
Guide to Attribute Based Access Control (ABAC) Definition and Considerations |
基于属性的访问控制(ABAC)定义和注意事项指南 |
Final |
8/02/2019 |
| NISTIR |
8204 |
Cybersecurity Framework Online Informative References (OLIR) Submissions: Specification for Completing the OLIR Template |
网络安全框架在线信息参考(OLIR)提交:完成OLIR模板的规范 |
Final |
8/01/2019 |
| SP |
1800-17 |
Multifactor Authentication for E-Commerce: Risk-Based, FIDO Universal Second Factor Implementations for Purchasers |
电子商务的多因素身份验证:针对购买者的基于风险的FIDO通用第二因素实现 |
Final |
7/30/2019 |
| White Paper |
|
Practical Cryptanalysis of k-ary C* |
kary C *的实用密码分析 |
Final |
7/18/2019 |
| White Paper |
NIST Technical Note (TN) 2051 |
Cybersecurity Framework Smart Grid Profile |
网络安全框架智能电网概况 |
Final |
7/09/2019 |
| NISTIR |
7298 Rev. 3 |
Glossary of Key Information Security Terms |
关键信息安全术语表 |
Final |
7/03/2019 |
| SP |
1800-14 |
Protecting the Integrity of Internet Routing: Border Gateway Protocol (BGP) Route Origin Validation |
保护Internet路由的完整性:边界网关协议(BGP)路由来源验证 |
Final |
6/28/2019 |
| NISTIR |
8228 |
Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks |
管理物联网(IoT)网络安全和隐私风险的注意事项 |
Final |
6/25/2019 |
| SP |
800-205 |
Attribute Considerations for Access Control Systems |
访问控制系统的属性注意事项 |
Final |
6/18/2019 |
| NISTIR |
8221 |
A Methodology for Enabling Forensic Analysis Using Hypervisor Vulnerabilities Data |
使用Hypervisor漏洞数据启用取证分析的方法 |
Final |
6/05/2019 |
| SP |
800-57 Part 2 Rev. 1 |
Recommendation for Key Management: Part 2 – Best Practices for Key Management Organizations |
密钥管理建议:第2部分–密钥管理组织的最佳实践 |
Final |
5/23/2019 |
| ITL Bulletin |
|
FIPS 140-3 Adopts ISO/IEC Standards |
FIPS 140-3采用ISO / IEC标准 |
Final |
5/20/2019 |
| NISTIR |
8183 |
Cybersecurity Framework Manufacturing Profile |
网络安全框架制造概况 |
Final |
5/20/2019 |
| White Paper |
|
[Project Description] Securing Telehealth Remote Patient Monitoring Ecosystem: Cybersecurity for the Healthcare Sector |
[项目描述]确保远程医疗远程患者监控生态系统的安全:医疗保健行业的网络安全 |
Final |
5/13/2019 |
| White Paper |
|
BowTie – A deep learning feedforward neural network for sentiment analysis |
BowTie –用于情感分析的深度学习前馈神经网络 |
Final |
4/22/2019 |
| SP |
800-163 Rev. 1 |
Vetting the Security of Mobile Applications |
审查移动应用程序的安全性 |
Final |
4/19/2019 |
| ITL Bulletin |
|
Time to Standardize Threshold Schemes for Cryptographic Primitives |
标准化密码基元阈值方案的时间了 |
Final |
4/09/2019 |
| FIPS |
140-3 |
Security Requirements for Cryptographic Modules |
加密模块的安全要求 |
Final |
3/22/2019 |
| SP |
800-131A Rev. 2 |
Transitioning the Use of Cryptographic Algorithms and Key Lengths |
过渡使用密码算法和密钥长度 |
Final |
3/21/2019 |
| SP |
800-56B Rev. 2 |
Recommendation for Pair-Wise Key-Establishment Using Integer Factorization Cryptography |
使用整数分解密码对进行明智配对密钥建立的建议 |
Final |
3/21/2019 |
| NISTIR |
8214 |
Threshold Schemes for Cryptographic Primitives: Challenges and Opportunities in Standardization and Validation of Threshold Cryptography |
密码原语的阈值方案:阈值密码术的标准化和验证中的挑战和机遇 |
Final |
3/01/2019 |
| ITL Bulletin |
|
The Next Generation Risk Management Framework (RMF 2.0): A Holistic Methodology to Manage Information Security, Privacy and Supply Chain Risk |
下一代风险管理框架(RMF 2.0):一种用于管理信息安全,隐私和供应链风险的整体方法 |
Final |
2/28/2019 |
| SP |
800-177 Rev. 1 |
Trustworthy Email |
可信赖的电子邮件 |
Final |
2/26/2019 |
| SP |
1800-4 |
Mobile Device Security: Cloud and Hybrid Builds |
移动设备安全性:云和混合构建 |
Final |
2/21/2019 |
| NISTIR |
8240 |
Status Report on the First Round of the NIST Post-Quantum Cryptography Standardization Process |
NIST量子后密码学标准化进程第一轮状态报告 |
Final |
1/31/2019 |
| SP |
800-37 Rev. 2 |
Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy |
信息系统和组织的风险管理框架:安全和隐私的系统生命周期方法 |
Final |
12/20/2018 |
| ITL Bulletin |
|
Securing Wireless Infusion Pumps |
保护无线输液泵 |
Final |
12/19/2018 |
| NISTIR |
8241 |
Organizational Views of NIST Cryptographic Standards and Testing and Validation Programs |
NIST加密标准以及测试和验证程序的组织观点 |
Final |
12/17/2018 |
| NISTIR |
8011 Vol. 3 |
Automation Support for Security Control Assessments: Software Asset Management |
安全控制评估的自动化支持:软件资产管理 |
Final |
12/06/2018 |
| NISTIR |
8200 |
Interagency Report on the Status of International Cybersecurity Standardization for the Internet of Things (IoT) |
关于物联网(IoT)国际网络安全标准化状况的机构间报告 |
Final |
11/29/2018 |
| ITL Bulletin |
|
One Block at a Time – Helping to Build Blockchain Knowledge |
一次一个区块–帮助建立区块链知识 |
Final |
10/25/2018 |
| NISTIR |
8202 |
Blockchain Technology Overview |
区块链技术概述 |
Final |
10/03/2018 |
| ITL Bulletin |
|
Automated Cryptographic Validation (ACV) Testing |
自动密码验证(ACV)测试 |
Final |
9/20/2018 |
| White Paper |
|
Transitioning to the Security Content Automation Protocol (SCAP) Version 2 |
过渡到安全内容自动化协议(SCAP)版本2 |
Final |
9/10/2018 |
| White Paper |
|
The Economic Impacts of the Advanced Encryption Standard, 1996-2017 |
1996-2017年高级加密标准的经济影响 |
Final |
9/07/2018 |
| SP |
1800-5 |
IT Asset Management |
IT资产管理 |
Final |
9/07/2018 |
| SP |
1800-8 |
Securing Wireless Infusion Pumps in Healthcare Delivery Organizations |
保护医疗保健交付组织中的无线输液泵 |
Final |
8/17/2018 |
| SP |
1800-1 |
Securing Electronic Health Records on Mobile Devices |
保护移动设备上的电子健康记录 |
Final |
7/27/2018 |
| ITL Bulletin |
|
Assessing Implementation of Controlled Unclassified Information (CUI) Security Requirements |
评估受控未分类信息(CUI)安全要求的实施 |
Final |
7/26/2018 |
| SP |
1800-2 |
Identity and Access Management for Electric Utilities |
公用事业的身份和访问管理 |
Final |
7/13/2018 |
| SP |
800-203 |
2017 NIST/ITL Cybersecurity Program Annual Report |
2017 NIST / ITL网络安全计划年度报告 |
Final |
7/02/2018 |
| SP |
800-116 Rev. 1 |
Guidelines for the Use of PIV Credentials in Facility Access |
在设施访问中使用PIV凭证的准则 |
Final |
6/29/2018 |
| ITL Bulletin |
|
Putting First Things First – A Model Process for Criticality Analysis |
把第一件事放在首位–关键性分析的模型过程 |
Final |
6/26/2018 |
| SP |
800-171A |
Assessing Security Requirements for Controlled Unclassified Information |
评估受控未分类信息的安全性要求 |
Final |
6/13/2018 |
| SP |
800-125A Rev. 1 |
Security Recommendations for Server-based Hypervisor Platforms |
基于服务器的虚拟机监控程序平台的安全建议 |
Final |
6/07/2018 |
| SP |
800-171 Rev. 1 |
Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations |
保护非联邦系统和组织中的受控未分类信息 |
Final |
6/07/2018 |
| White Paper |
|
Extracting Linearization Equations from Noisy Sources |
从噪声源提取线性化方程 |
Final |
5/31/2018 |
| White Paper |
|
A Report to the President on Supporting the Growth and Sustainment of the Nation’s Cybersecurity Workforce: Building the Foundation for a More Secure American Future |
致总统的报告:支持国家网络安全劳动力的增长和维持:为更安全的美国未来奠定基础 |
Final |
5/30/2018 |
| White Paper |
|
A Report to the President on Enhancing the Resilience of the Internet and Communications Ecosystem Against Botnets and Other Automated, Distributed Threats |
致总统的报告,旨在增强互联网和通信生态系统对僵尸网络和其他自动分布式威胁的抵御能力 |
Final |
5/30/2018 |
| ITL Bulletin |
|
Protecting Software Integrity Through Code Signing |
通过代码签名保护软件完整性 |
Final |
5/23/2018 |
| SP |
800-202 |
Quick Start Guide for Populating Mobile Test Devices |
填充移动测试设备的快速入门指南 |
Final |
5/10/2018 |
| SP |
800-193 |
Platform Firmware Resiliency Guidelines |
平台固件弹性指南 |
Final |
5/04/2018 |
| ITL Bulletin |
|
Improving the Trustworthiness of Email, and Beyond! |
提高电子邮件的可信赖性,以及超越! |
Final |
4/25/2018 |
| NISTIR |
7511 Rev. 5 |
Security Content Automation Protocol (SCAP) Version 1.3 Validation Program Test Requirements |
安全内容自动化协议(SCAP)版本1.3验证程序测试要求 |
Final |
4/20/2018 |
| SP |
800-87 Rev. 2 |
Codes for Identification of Federal and Federally-Assisted Organizations |
联邦和联邦协助组织识别码 |
Final |
4/19/2018 |
| White Paper |
|
Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1 |
改善关键基础设施网络安全的框架,版本1.1 |
Final |
4/16/2018 |
| SP |
800-56C Rev. 1 |
Recommendation for Key-Derivation Methods in Key-Establishment Schemes |
密钥建立方案中密钥导出方法的建议 |
Final |
4/16/2018 |
| SP |
800-56A Rev. 3 |
Recommendation for Pair-Wise Key-Establishment Schemes Using Discrete Logarithm Cryptography |
使用离散对数密码学的明智配对密钥建立方案的建议 |
Final |
4/16/2018 |
| NISTIR |
8179 |
Criticality Analysis Process Model: Prioritizing Systems and Components |
关键性分析过程模型:确定系统和组件的优先级 |
Final |
4/09/2018 |
| ITL Bulletin |
|
Safeguards for Securing Virtualized Servers |
保护虚拟服务器的安全措施 |
Final |
3/27/2018 |
| SP |
800-160 Vol. 1 |
Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems |
系统安全工程:可信安全系统工程中多学科方法的考虑 |
Final |
3/21/2018 |
| SP |
500-325 |
Fog Computing Conceptual Model |
雾计算概念模型 |
Final |
3/14/2018 |
| ITL Bulletin |
|
Securing Tomorrow’s Information Through Post-Quantum Cryptography |
通过后量子密码保护明天的信息 |
Final |
2/27/2018 |
| SP |
800-70 Rev. 4 |
National Checklist Program for IT Products: Guidelines for Checklist Users and Developers |
国家IT产品清单程序:清单用户和开发人员指南 |
Final |
2/15/2018 |
| SP |
800-126 Rev. 3 |
The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.3 |
安全内容自动化协议(SCAP)的技术规范:SCAP版本1.3 |
Final |
2/14/2018 |
| SP |
800-126A |
SCAP 1.3 Component Specification Version Updates: An Annex to NIST Special Publication 800-126 Revision 3 |
SCAP 1.3组件规范版本更新:NIST特殊出版物800-126修订版3的附件 |
Final |
2/14/2018 |
| White Paper |
|
[Project Description] Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events |
[项目描述]数据完整性:识别和保护资产免受勒索软件和其他破坏性事件的侵害 |
Final |
2/07/2018 |
| White Paper |
|
[Project Description] Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events |
[项目描述]数据完整性:检测并响应勒索软件和其他破坏性事件 |
Final |
2/07/2018 |
| ITL Bulletin |
|
Guidance for Improving LTE-Based Mobile Communications Security |
改善基于LTE的移动通信安全性的指南 |
Final |
1/29/2018 |
| White Paper |
|
Security Considerations for Code Signing |
代码签名的安全注意事项 |
Final |
1/26/2018 |
| White Paper |
|
[Project Description] Securing Picture Archiving and Communication System (PACS): Cybersecurity for the Healthcare Sector |
[项目描述]保护图片存档和通信系统(PACS):医疗保健行业的网络安全 |
Final |
1/23/2018 |
| SP |
1800-6 |
Domain Name System-Based Electronic Mail Security |
基于域名系统的电子邮件安全 |
Final |
1/19/2018 |
| NISTIR |
8149 |
Developing Trust Frameworks to Support Identity Federations |
开发信任框架以支持身份联合 |
Final |
1/12/2018 |
| NISTIR |
8112 |
Attribute Metadata: A Proposed Schema for Evaluating Federated Attributes |
属性元数据:用于评估联合属性的建议方案 |
Final |
1/12/2018 |
| SP |
800-90B |
Recommendation for the Entropy Sources Used for Random Bit Generation |
对用于随机位生成的熵源的建议 |
Final |
1/10/2018 |
| NISTIR |
8201 |
Internet of Things (IoT) Cybersecurity Colloquium: A NIST Workshop Proceedings |
物联网(IoT)网络安全研讨会:NIST研讨会论文集 |
Final |
12/22/2017 |
| SP |
800-187 |
Guide to LTE Security |
LTE安全指南 |
Final |
12/21/2017 |
| White Paper |
|
[Project Description] Mitigating IoT-based Distributed Denial of Service (DDOS) |
[项目描述]缓解基于IoT的分布式拒绝服务(DDOS) |
Final |
12/14/2017 |
| ITL Bulletin |
|
Guidance on TDEA Block Ciphers |
TDEA分组密码指南 |
Final |
11/27/2017 |
| SP |
800-67 Rev. 2 |
Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher |
关于三重数据加密算法(TDEA)分组密码的建议 |
Final |
11/17/2017 |
| White Paper |
|
[Project Description] TLS Server Certificate Management |
[项目描述] TLS服务器证书管理 |
Final |
11/09/2017 |
| ITL Bulletin |
|
NIST Guidance on Application Container Security |
NIST应用容器安全指南 |
Final |
10/24/2017 |
| White Paper |
|
NSRL Kaspersky dataset documentation |
NSRL卡巴斯基数据集文档 |
Final |
10/23/2017 |
| NISTIR |
8176 |
Security Assurance Requirements for Linux Application Container Deployments |
Linux应用程序容器部署的安全性保证要求 |
Final |
10/11/2017 |
| NISTIR |
8194 |
Exploratory Lens Model of Decision-Making in a Potential Phishing Attack Scenario |
潜在的网络钓鱼攻击场景中的决策探索性透镜模型 |
Final |
10/10/2017 |
| SP |
800-195 |
2016 NIST/ITL Cybersecurity Program Annual Report |
2016 NIST / ITL网络安全计划年度报告 |
Final |
9/28/2017 |
| ITL Bulletin |
|
Updating the Keys for DNS Security |
更新密钥以提高DNS安全性 |
Final |
9/27/2017 |
| SP |
800-190 |
Application Container Security Guide |
应用容器安全指南 |
Final |
9/25/2017 |
| NISTIR |
8192 |
Enhancing Resilience of the Internet and Communications Ecosystem: A NIST Workshop Proceedings |
增强Internet和通信生态系统的弹性:NIST研讨会论文集 |
Final |
9/18/2017 |
| White Paper |
|
[Project Description] Securing Property Management Systems: Cybersecurity for the Hospitality Sector |
[项目描述]保护财产管理系统的安全:酒店业的网络安全 |
Final |
9/13/2017 |
| ITL Bulletin |
|
Understanding the Major Update to NIST SP 800-63: Digital Identity Guidelines |
了解NIST SP 800-63的主要更新:数字身份准则 |
Final |
8/29/2017 |
| SP |
800-181 |
National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework |
国家网络安全教育倡议(NICE)网络安全劳动力框架 |
Final |
8/07/2017 |
| ITL Bulletin |
|
Updated NIST Guidance for Bluetooth Security |
更新了NIST蓝牙安全性指南 |
Final |
7/25/2017 |
| White Paper |
|
An Elementary Proof of Private Random Number Generation from Bell Inequalities |
贝尔不等式生成私人随机数的基本证明 |
Final |
7/20/2017 |
| White Paper |
|
[Project Description] Secure Inter-Domain Routing–Part 1: Route Hijacks |
[项目描述]安全的域间路由-第1部分:路由劫持 |
Final |
7/06/2017 |
| White Paper |
|
SPHINCS-Simpira: Fast Stateless Hash-based Signatures with Post-quantum Security |
SPHINCS-Simpira:具有后量子安全性的基于无状态哈希的快速签名 |
Final |
6/29/2017 |
| SP |
800-192 |
Verification and Test Methods for Access Control Policies/Models |
访问控制策略/模型的验证和测试方法 |
Final |
6/27/2017 |
| White Paper |
|
Tightly Secure Short Signatures from Weak PRFs |
弱PRF严格保护短签名 |
Final |
6/27/2017 |
| SP |
800-12 Rev. 1 |
An Introduction to Information Security |
信息安全概论 |
Final |
6/22/2017 |
| ITL Bulletin |
|
Toward Standardizing Lightweight Cryptography |
迈向标准化轻量化密码学 |
Final |
6/20/2017 |
| NISTIR |
8011 Vol. 2 |
Automation Support for Security Control Assessments: Volume 2: Hardware Asset Management |
安全控制评估的自动化支持:第2卷:硬件资产管理 |
Final |
6/06/2017 |
| NISTIR |
8011 Vol. 1 |
Automation Support for Security Control Assessments: Volume 1: Overview |
安全控制评估的自动化支持:第1卷:概述 |
Final |
6/06/2017 |
| White Paper |
|
Graphical Methods in Device-Independent Quantum Cryptography |
与设备无关的量子密码学中的图形方法 |
Final |
5/25/2017 |
| SP |
800-121 Rev. 2 |
Guide to Bluetooth Security |
蓝牙安全性指南 |
Final |
5/08/2017 |
| ITL Bulletin |
|
Cyber-Threat Intelligence and Information Sharing |
网络威胁情报和信息共享 |
Final |
5/08/2017 |
| ITL Bulletin |
|
Building the Bridge Between Privacy and Cybersecurity for Federal Systems |
搭建联邦系统的隐私和网络安全之间的桥梁 |
Final |
4/18/2017 |
| White Paper |
|
Baldrige Cybersecurity Excellence Builder: Key questions for improving your organization’s cybersecurity performance |
Baldrige网络安全卓越构建器:改善组织的网络安全绩效的关键问题 |
Final |
4/02/2017 |
| NISTIR |
8114 |
Report on Lightweight Cryptography |
轻型密码学报告 |
Final |
3/28/2017 |
| ITL Bulletin |
|
Fundamentals of Small Business Information Security |
小型企业信息安全基础 |
Final |
3/13/2017 |
| White Paper |
|
[Project Description] Capabilities Assessment for Securing Manufacturing Industrial Control Systems |
[项目描述]保障制造业工业控制系统能力的评估 |
Final |
3/09/2017 |
| ITL Bulletin |
|
Guide for Cybersecurity Incident Recovery |
网络安全事件恢复指南 |
Final |
2/17/2017 |
| NISTIR |
8165 |
Impact of Code Complexity on Software Analysis |
代码复杂度对软件分析的影响 |
Final |
2/09/2017 |
| NISTIR |
8136 |
An Overview of Mobile Application Vetting Services for Public Safety |
面向公共安全的移动应用程序审查服务概述 |
Final |
1/27/2017 |
| ITL Bulletin |
|
Dramatically Reducing Software Vulnerabilities |
大大减少软件漏洞 |
Final |
1/17/2017 |
| NISTIR |
8062 |
An Introduction to Privacy Engineering and Risk Management in Federal Systems |
联邦系统中的隐私工程和风险管理简介 |
Final |
1/04/2017 |
| SP |
800-184 |
Guide for Cybersecurity Event Recovery |
网络安全事件恢复指南 |
Final |
12/22/2016 |
| SP |
800-185 |
SHA-3 Derived Functions: cSHAKE, KMAC, TupleHash, and ParallelHash |
SHA-3派生函数:cSHAKE,KMAC,TupleHash和ParallelHash |
Final |
12/22/2016 |
| ITL Bulletin |
|
Rethinking Security Through Systems Security Engineering |
通过系统安全工程重新考虑安全性 |
Final |
12/21/2016 |
| SP |
800-179 |
Guide to Securing Apple OS X 10.10 Systems for IT Professionals: A NIST Security Configuration Checklist |
适用于IT专业人员的Apple OS X 10.10系统安全指南:NIST安全配置清单 |
Final |
12/05/2016 |
| NISTIR |
8151 |
Dramatically Reducing Software Vulnerabilities: Report to the White House Office of Science and Technology Policy |
大幅减少软件漏洞:向白宫科学技术政策办公室报告 |
Final |
11/30/2016 |
| White Paper |
|
[Project Description] Mobile Application Single Sign-On: for Public Safety and First Responders |
[项目描述]移动应用程序单点登录:公共安全和急救人员 |
Final |
11/28/2016 |
| ITL Bulletin |
|
Exploring the Next Generation of Access Control Methodologies |
探索下一代访问控制方法 |
Final |
11/21/2016 |
| SP |
500-320 |
Report of the Workshop on Software Measures and Metrics to Reduce Security Vulnerabilities (SwMM-RSV) |
减少安全漏洞的软件措施和指标研讨会的报告(SwMM-RSV) |
Final |
11/10/2016 |
| NISTIR |
7621 Rev. 1 |
Small Business Information Security: The Fundamentals |
小型企业信息安全:基础知识 |
Final |
11/03/2016 |
| ITL Bulletin |
|
Making Email Trustworthy |
使电子邮件值得信赖 |
Final |
10/24/2016 |
| SP |
800-38B |
Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication |
分组密码操作模式的建议:认证的CMAC模式 |
Final |
10/06/2016 |
| SP |
800-150 |
Guide to Cyber Threat Information Sharing |
网络威胁信息共享指南 |
Final |
10/04/2016 |
| SP |
800-178 |
A Comparison of Attribute Based Access Control (ABAC) Standards for Data Service Applications: Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC) |
数据服务应用的基于属性的访问控制(ABAC)标准的比较:可扩展访问控制标记语言(XACML)和下一代访问控制(NGAC) |
Final |
10/03/2016 |
| ITL Bulletin |
|
Demystifying the Internet of Things |
揭开物联网的神秘面纱 |
Final |
9/23/2016 |
| White Paper |
|
[Project Description] Multifactor Authentication for e-Commerce: Online Authentication for the Retail Sector |
[项目描述]电子商务的多因素身份验证:零售部门的在线身份验证 |
Final |
9/20/2016 |
| NISTIR |
8103 |
Advanced Identity Workshop on Applying Measurement Science in the Identity Ecosystem: Summary and Next Steps |
关于在身份生态系统中应用测量科学的高级身份研讨会:摘要和后续步骤 |
Final |
9/19/2016 |
| SP |
800-175A |
Guideline for Using Cryptographic Standards in the Federal Government: Directives, Mandates and Policies |
联邦政府中使用加密标准的指南:指令,授权和政策 |
Final |
8/22/2016 |
| SP |
800-182 |
Computer Security Division 2015 Annual Report |
计算机安全司2015年度报告 |
Final |
8/10/2016 |
| ITL Bulletin |
|
NIST Updates Personal Identity Verification (PIV) Guidelines |
NIST更新了个人身份验证(PIV)指南 |
Final |
8/09/2016 |
| SP |
800-114 Rev. 1 |
User’s Guide to Telework and Bring Your Own Device (BYOD) Security |
远程办公和自带设备(BYOD)安全性用户指南 |
Final |
7/29/2016 |
| SP |
800-46 Rev. 2 |
Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security |
企业远程办公,远程访问和自带设备(BYOD)安全性指南 |
Final |
7/29/2016 |
| SP |
800-183 |
Networks of ‘Things’ |
“事物”网络 |
Final |
7/28/2016 |
| NISTIR |
8080 |
Usability and Security Considerations for Public Safety Mobile Authentication |
公共安全移动身份验证的可用性和安全性注意事项 |
Final |
7/27/2016 |
| ITL Bulletin |
|
Improving Security and Software Management Through the Use of SWID Tags |
通过使用SWID标签改善安全性和软件管理 |
Final |
7/13/2016 |
| SP |
800-166 |
Derived PIV Application and Data Model Test Guidelines |
衍生的PIV应用程序和数据模型测试准则 |
Final |
6/06/2016 |
| ITL Bulletin |
|
Extending Network Security into Virtualized Infrastructure |
将网络安全扩展到虚拟化基础架构 |
Final |
6/03/2016 |
| NISTIR |
8135 |
Identifying and Categorizing Data Types for Public Safety Mobile Applications: Workshop Report |
识别和分类公共安全移动应用程序的数据类型:研讨会报告 |
Final |
6/01/2016 |
| SP |
800-156 |
Representation of PIV Chain-of-Trust for Import and Export |
进出口PIV信任链的表示形式 |
Final |
5/20/2016 |
| White Paper |
|
User’s Guide to Running the Draft NIST SP 800-90B Entropy Estimation Suite |
运行NIST SP 800-90B熵估算套件草案的用户指南 |
Final |
5/12/2016 |
| ITL Bulletin |
|
Combinatorial Testing for Cybersecurity and Reliability |
网络安全性和可靠性的组合测试 |
Final |
5/12/2016 |
| White Paper |
|
[Project Description] Data Integrity: Recovering from a destructive malware attack |
[项目描述]数据完整性:从破坏性恶意软件攻击中恢复 |
Final |
5/09/2016 |
| NISTIR |
8105 |
Report on Post-Quantum Cryptography |
量子后密码学报告 |
Final |
4/28/2016 |
| NISTIR |
8040 |
Measuring the Usability and Security of Permuted Passwords on Mobile Platforms |
测量移动平台上排列密码的可用性和安全性 |
Final |
4/25/2016 |
| NISTIR |
8060 |
Guidelines for the Creation of Interoperable Software Identification (SWID) Tags |
创建互操作软件标识(SWID)标签的准则 |
Final |
4/22/2016 |
| White Paper |
|
Best Practices for Privileged User PIV Authentication |
特权用户PIV身份验证的最佳做法 |
Final |
4/21/2016 |
| ITL Bulletin |
|
New NIST Security Standard Can Protect Credit Cards, Health Information |
新的NIST安全标准可以保护信用卡,健康信息 |
Final |
4/14/2016 |
| SP |
800-85A-4 |
PIV Card Application and Middleware Interface Test Guidelines (SP 800-73-4 Compliance) |
PIV卡应用程序和中间件接口测试指南(符合SP 800-73-4) |
Final |
4/13/2016 |
| NISTIR |
7977 |
NIST Cryptographic Standards and Guidelines Development Process |
NIST加密标准和准则制定流程 |
Final |
3/31/2016 |
| SP |
800-38G |
Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption |
分组密码操作模式的建议:保留格式的加密方法 |
Final |
3/29/2016 |
| NISTIR |
8054 |
NSTIC Pilots: Catalyzing the Identity Ecosystem |
NSTIC试点:催化身份生态系统 |
Final |
3/15/2016 |
| ITL Bulletin |
|
Updates to the NIST SCAP Validation Program and Associated Test Requirements |
NIST SCAP验证程序和相关测试要求的更新 |
Final |
3/15/2016 |
| SP |
800-125B |
Secure Virtual Network Configuration for Virtual Machine (VM) Protection |
用于虚拟机(VM)保护的安全虚拟网络配置 |
Final |
3/07/2016 |
| Building Block |
|
[Project Description] Domain Name System-Based Security for Electronic Mail |
[项目描述]基于域名系统的电子邮件安全性 |
Final |
3/04/2016 |
| ITL Bulletin |
|
Implementing Trusted Geolocation Services in the Cloud |
在云中实施可信的地理位置服务 |
Final |
2/17/2016 |
| SP |
800-73-4 |
Interfaces for Personal Identity Verification |
个人身份验证界面 |
Final |
2/12/2016 |
| NISTIR |
7511 Rev. 4 |
Security Content Automation Protocol (SCAP) Version 1.2 Validation Program Test Requirements |
安全内容自动化协议(SCAP)1.2版验证程序测试要求 |
Final |
1/28/2016 |
| NISTIR |
8055 |
Derived Personal Identity Verification (PIV) Credentials (DPC) Proof of Concept Research |
概念研究的派生个人身份验证(PIV)凭证(DPC)证明 |
Final |
1/20/2016 |
| ITL Bulletin |
|
Securing Interactive and Automated Access Management Using Secure Shell (SSH) |
使用安全外壳(SSH)保护交互式和自动访问管理的安全 |
Final |
1/11/2016 |
| NISTIR |
8074 Vol. 2 |
Supplemental Information for the Interagency Report on Strategic U.S. Government Engagement in International Standardization to Achieve U.S. Objectives for Cybersecurity |
关于美国政府战略性参与国际标准化以实现美国网络安全目标的机构间报告的补充信息 |
Final |
12/23/2015 |
| NISTIR |
8074 Vol. 1 |
Interagency Report on Strategic U.S. Government Engagement in International Standardization to Achieve U.S. Objectives for Cybersecurity |
关于美国政府战略参与国际标准化以实现美国网络安全目标的机构间报告 |
Final |
12/23/2015 |
| ITL Bulletin |
|
Stopping Malware and Unauthorized Software through Application Whitelisting |
通过应用白名单停止恶意软件和未经授权的软件 |
Final |
12/15/2015 |
| NISTIR |
7904 |
Trusted Geolocation in the Cloud: Proof of Concept Implementation |
云中的可信地理位置:概念验证实施 |
Final |
12/10/2015 |
| Use Case |
|
[Project Description] Wireless Medical Infusion Pumps: Medical Device Security |
[项目描述]无线医用输液泵:医疗设备安全 |
Final |
12/01/2015 |
| ITL Bulletin |
|
Tailoring Security Controls for Industrial Control Systems |
定制工业控制系统的安全控制 |
Final |
11/16/2015 |
| SP |
800-152 |
A Profile for U.S. Federal Cryptographic Key Management Systems (CKMS) |
美国联邦密码密钥管理系统(CKMS)的配置文件 |
Final |
10/28/2015 |
| SP |
800-167 |
Guide to Application Whitelisting |
申请白名单指南 |
Final |
10/28/2015 |
| NISTIR |
7987 Rev. 1 |
Policy Machine: Features, Architecture, and Specification |
策略机器:功能,体系结构和规范 |
Final |
10/27/2015 |
| White Paper |
|
The Number of Boolean Functions with Multiplicative Complexity 2 |
具有乘法复杂度的布尔函数数2 |
Final |
10/27/2015 |
| NISTIR |
8053 |
De-Identification of Personal Information |
取消个人信息识别 |
Final |
10/22/2015 |
| ITL Bulletin |
|
Protection of Controlled Unclassified Information |
保护受控的非保密信息 |
Final |
10/19/2015 |
| NISTIR |
7966 |
Security of Interactive and Automated Access Management Using Secure Shell (SSH) |
使用安全外壳(SSH)的交互式自动访问管理的安全性 |
Final |
10/15/2015 |
| ITL Bulletin |
|
Additional Secure Hash Algorithm Standards Offer New Opportunities for Data Protection |
其他安全哈希算法标准为数据保护提供了新的机会 |
Final |
9/24/2015 |
| White Paper |
|
Multiplicative Complexity of Vector Value Boolean Functions |
向量值布尔函数的乘法复杂度 |
Final |
9/21/2015 |
| Building Block |
|
[Project Description] Software Asset Management: Continuous Monitoring |
[项目描述]软件资产管理:持续监控 |
Final |
9/16/2015 |
| SP |
800-176 |
Computer Security Division 2014 Annual Report |
计算机安全司2014年度报告 |
Final |
8/20/2015 |
| ITL Bulletin |
|
Recommendation for Random Number Generation Using Deterministic Random Bit Generators |
使用确定性随机位生成器生成随机数的建议 |
Final |
8/13/2015 |
| FIPS |
180-4 |
Secure Hash Standard (SHS) |
安全哈希标准(SHS) |
Final |
8/04/2015 |
| FIPS |
202 |
SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions |
SHA-3标准:基于置换的哈希和可扩展输出函数 |
Final |
8/04/2015 |
| SP |
800-79-2 |
Guidelines for the Authorization of Personal Identity Verification Card Issuers (PCI) and Derived PIV Credential Issuers (DPCI) |
授权个人身份验证卡发行人(PCI)和派生PIV凭证发行人(DPCI)的准则 |
Final |
7/30/2015 |
| ITL Bulletin |
|
Improved Security and Mobility Through Updated Interfaces for PIV Cards |
通过更新的PIV卡接口提高了安全性和移动性 |
Final |
7/21/2015 |
| SP |
800-90A Rev. 1 |
Recommendation for Random Number Generation Using Deterministic Random Bit Generators |
使用确定性随机位生成器生成随机数的建议 |
Final |
6/24/2015 |
| SP |
500-304 |
Conformance Testing Methodology Framework for ANSI/NIST-ITL 1-2011 Update: 2013, Data Format for the Interchange of Fingerprint, Facial & Other Biometric Information |
ANSI / NIST-ITL 1-2011更新的一致性测试方法框架,2013年,指纹,面部和其他生物识别信息互换的数据格式 |
Final |
6/24/2015 |
| NISTIR |
7863 |
Cardholder Authentication for the PIV Digital Signature Key |
PIV数字签名密钥的持卡人身份验证 |
Final |
6/18/2015 |
| ITL Bulletin |
|
Increasing Visibility and Control of Your ICT Supply Chains |
增强ICT供应链的可见性和控制力 |
Final |
6/15/2015 |
| White Paper |
|
Final Report: Leveraging the Cyber Risk Portal as A Teaching & Education Tool |
最终报告:利用网络风险门户作为教学工具 |
Final |
6/10/2015 |
| SP |
800-82 Rev. 2 |
Guide to Industrial Control Systems (ICS) Security |
工业控制系统(ICS)安全性指南 |
Final |
6/03/2015 |
| SP |
800-78-4 |
Cryptographic Algorithms and Key Sizes for Personal Identity Verification |
用于个人身份验证的密码算法和密钥大小 |
Final |
5/29/2015 |
| ITL Bulletin |
|
Authentication Considerations for Public Safety Mobile Networks |
公共安全移动网络的身份验证注意事项 |
Final |
5/14/2015 |
| ITL Bulletin |
|
Is Your Replication Device Making An Extra Copy For Someone Else? |
您的复制设备是否为其他人制作了额外的副本? |
Final |
4/16/2015 |
| NISTIR |
8041 |
Proceedings of the Cybersecurity for Direct Digital Manufacturing (DDM) Symposium |
直接数字制造(DDM)网络安全研讨会论文集 |
Final |
4/10/2015 |
| SP |
800-161 |
Supply Chain Risk Management Practices for Federal Information Systems and Organizations |
联邦信息系统和组织的供应链风险管理实践 |
Final |
4/08/2015 |
| White Paper |
|
Analysis of VAES3 (FF2) |
VAES3(FF2)的分析 |
Final |
4/02/2015 |
| Building Block |
V.2 |
[Project Description] Attribute Based Access Control |
[项目描述]基于属性的访问控制 |
Final |
4/01/2015 |
| NISTIR |
8014 |
Considerations for Identity Management in Public Safety Mobile Networks |
公共安全移动网络中身份管理的注意事项 |
Final |
3/30/2015 |
| ITL Bulletin |
|
Guidance for Secure Authorization of Mobile Applications in the Corporate Environment |
企业环境中移动应用程序的安全授权指南 |
Final |
3/19/2015 |
| White Paper |
|
User’s Guide to Running the Draft NIST SP 800-90B Section 9 Entropy Estimation Tests |
NIST SP 800-90B草案运行用户指南第9节熵估算测试 |
Final |
3/10/2015 |
| NISTIR |
7823 |
Advanced Metering Infrastructure Smart Meter Upgradeability Test Framework |
先进的计量基础设施智能电表可升级性测试框架 |
Final |
3/02/2015 |
| NISTIR |
8023 |
Risk Management for Replication Devices |
复制设备的风险管理 |
Final |
2/23/2015 |
| ITL Bulletin |
|
NIST Special Publication 800-88 Revision 1, Guidelines for Media Sanitization |
NIST特别出版物800-88修订版1,媒体清理准则 |
Final |
2/05/2015 |
| ITL Bulletin |
|
Release of NIST Special Publication 800-53A, Revision 4, Assessing Security and Privacy Controls in Federal Information Systems and Organizations |
NIST特别出版物800-53A,修订版4的发布,评估联邦信息系统和组织中的安全性和隐私控制 |
Final |
1/29/2015 |
| SP |
800-53 Rev. 4 |
Security and Privacy Controls for Federal Information Systems and Organizations |
联邦信息系统和组织的安全和隐私控制 |
Final |
1/22/2015 |
| NISTIR |
8018 |
Public Safety Mobile Application Security Requirements Workshop Summary |
公共安全移动应用安全要求研讨会总结 |
Final |
1/22/2015 |
| SP |
800-57 Part 3 Rev. 1 |
Recommendation for Key Management, Part 3: Application-Specific Key Management Guidance |
密钥管理建议,第3部分:特定于应用程序的密钥管理指南 |
Final |
1/22/2015 |
| ITL Bulletin |
|
Release Of NIST Special Publication 800-157, Guidelines For Derived Personal Identity Verification (PIV) Credentials |
发布NIST特别出版物800-157,派生个人身份验证(PIV)凭据准则 |
Final |
12/30/2014 |
| SP |
800-157 |
Guidelines for Derived Personal Identity Verification (PIV) Credentials |
派生个人身份验证(PIV)凭据准则 |
Final |
12/19/2014 |
| SP |
800-53A Rev. 4 |
Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans |
评估联邦信息系统和组织中的安全和隐私控制:建立有效的评估计划 |
Final |
12/18/2014 |
| SP |
800-88 Rev. 1 |
Guidelines for Media Sanitization |
媒体消毒准则 |
Final |
12/17/2014 |
| ITL Bulletin |
|
Cryptographic Module Validation Program (CMVP) |
密码模块验证程序(CMVP) |
Final |
12/01/2014 |
| ITL Bulletin |
|
Release of NIST Special Publication 800-147B, BIOS Protection Guidelines for Servers |
NIST特殊出版物800-147B,服务器的BIOS保护准则的发布 |
Final |
10/29/2014 |
| ITL Bulletin |
|
Release of NIST Interagency Report 7628 Revision 1, Guidelines for Smart Grid Cybersecurity |
发布NIST Inter机构间报告7628修订版1,《智能电网网络安全指南》 |
Final |
9/29/2014 |
| NISTIR |
7628 Rev. 1 |
Guidelines for Smart Grid Cybersecurity |
智能电网网络安全准则 |
Final |
9/25/2014 |
| Building Block |
V.2 |
[Project Description] Mobile Device Security for Enterprises |
[项目描述]企业移动设备安全 |
Final |
9/12/2014 |
| SP |
800-170 |
Computer Security Division 2013 Annual Report |
计算机安全部2013年度报告 |
Final |
9/04/2014 |
| SP |
800-147B |
BIOS Protection Guidelines for Servers |
服务器的BIOS保护准则 |
Final |
8/28/2014 |
| ITL Bulletin |
|
Policy Machine: Towards a General-Purpose Enterprise-Wide Operating Environment |
策略机器:迈向通用的企业范围操作环境 |
Final |
8/28/2014 |
| ITL Bulletin |
|
Release of NIST Interagency Report 7946, CVSS Implementation Guidance |
发布NIST机构间报告7946,CVSS实施指南 |
Final |
7/10/2014 |
| SP |
800-168 |
Approximate Matching: Definition and Terminology |
近似匹配:定义和术语 |
Final |
7/02/2014 |
| ITL Bulletin |
|
ITL Forensic Science Program |
ITL法医学计划 |
Final |
6/05/2014 |
| SP |
800-101 Rev. 1 |
Guidelines on Mobile Device Forensics |
移动设备取证准则 |
Final |
5/15/2014 |
| ITL Bulletin |
|
Small and Medium-Size Business Information Security Outreach Program |
中小型企业信息安全推广计划 |
Final |
5/13/2014 |
| NISTIR |
7946 |
CVSS Implementation Guidance |
CVSS实施指南 |
Final |
4/28/2014 |
| NISTIR |
7991 |
United States Federal Employees’ Password Management Behaviors – A Department of Commerce Case Study |
美国联邦雇员的密码管理行为–商务部案例研究 |
Final |
4/08/2014 |
| ITL Bulletin |
|
Attribute Based Access Control (ABAC) Definition and Considerations |
基于属性的访问控制(ABAC)定义和注意事项 |
Final |
3/07/2014 |
| NISTIR |
7849 |
A Methodology for Developing Authentication Assurance Level Taxonomy for Smart Card-based Identity Verification |
开发用于基于智能卡的身份验证的身份验证保证级别分类法的方法 |
Final |
3/05/2014 |
| White Paper |
|
NISTIR 7628 User’s Guide |
NISTIR 7628用户指南 |
Final |
2/26/2014 |
| White Paper |
|
Summary of NIST SP 800-53, Revision 4: Security and Privacy Controls for Federal Information Systems and Organizations |
NIST SP 800-53,修订版4的摘要:联邦信息系统和组织的安全和隐私控制 |
Final |
2/19/2014 |
| ITL Bulletin |
|
Framework for Improving Critical Infrastructure Cybersecurity |
改善关键基础设施网络安全的框架 |
Final |
2/19/2014 |
| White Paper |
|
Framework for Improving Critical Infrastructure Cybersecurity, Version 1.0 |
改进关键基础设施网络安全的框架,版本1.0 |
Final |
2/12/2014 |
| NISTIR |
7983 |
Report: Authentication Diary Study |
报告:认证日记研究 |
Final |
2/04/2014 |
| ITL Bulletin |
|
A Profile of the Key Management Framework for the Federal Government |
联邦政府关键管理框架简介 |
Final |
1/09/2014 |
| ITL Bulletin |
|
The National Vulnerability Database (NVD): Overview |
国家漏洞数据库(NVD):概述 |
Final |
12/18/2013 |
| NISTIR |
7970 |
Taxonomic Rules for Password Policies: Translating the Informal to the Formal Language |
密码策略的分类规则:将非正式语言转换为正式语言 |
Final |
12/09/2013 |
| Use Case |
|
Identity and Access Management: Securing Networked Infrastructure for the Energy Sector |
身份和访问管理:确保能源部门的网络基础架构安全 |
Final |
11/05/2013 |
| ITL Bulletin |
|
ITL Releases Preliminary Cybersecurity Framework |
ITL发布初步网络安全框架 |
Final |
11/04/2013 |
| ITL Bulletin |
|
ITL Updates Federal Information Processing Standard (FIPS) for Personal Identity Verification (PIV) of Federal Employees and Contractors |
ITL更新了联邦信息处理标准(FIPS),用于联邦雇员和承包商的个人身份验证(PIV) |
Final |
10/22/2013 |
| NISTIR |
7956 |
Cryptographic Key Management Issues & Challenges in Cloud Services |
云服务中的密码密钥管理问题和挑战 |
Final |
9/18/2013 |
| NISTIR |
7957 |
Conformance Test Architecture and Test Suite for ANSI/NIST-ITL 1-2011 NIEM XML Encoded Transactions |
ANSI / NIST-ITL 1-2011 NIEM XML编码交易的一致性测试架构和测试套件 |
Final |
9/18/2013 |
| SP |
800-81-2 |
Secure Domain Name System (DNS) Deployment Guide |
安全域名系统(DNS)部署指南 |
Final |
9/18/2013 |
| ITL Bulletin |
|
NIST Opens Draft Special Publication 800-90A, Recommendation for Random Number Generation Using Deterministic Random Bit Generators, For Review and Comment (Supplemental ITL Bulletin for September 2013) |
NIST公开了特别出版物草案800-90A,《使用确定性随机位发生器生成随机数的建议》,以供审查和评论(2013年9月补充ITL公告) |
Final |
9/09/2013 |
| FIPS |
201-2 |
Personal Identity Verification (PIV) of Federal Employees and Contractors |
联邦雇员和承包商的个人身份验证(PIV) |
Final |
9/05/2013 |
| ITL Bulletin |
|
ITL Publishes Guidance on Preventing and Handling Malware Incidents |
国际交易日志发布了预防和处理恶意软件事件的指南 |
Final |
8/22/2013 |
| SP |
800-130 |
A Framework for Designing Cryptographic Key Management Systems |
设计密码密钥管理系统的框架 |
Final |
8/15/2013 |
| ITL Bulletin |
|
ITL Publishes Guidance on Enterprise Patch Management Technologies |
ITL发布有关企业补丁管理技术的指南 |
Final |
8/08/2013 |
| SP |
800-165 |
Computer Security Division 2012 Annual Report |
计算机安全司2012年度报告 |
Final |
7/22/2013 |
| SP |
800-40 Rev. 3 |
Guide to Enterprise Patch Management Technologies |
企业补丁管理技术指南 |
Final |
7/22/2013 |
| SP |
800-83 Rev. 1 |
Guide to Malware Incident Prevention and Handling for Desktops and Laptops |
台式机和笔记本电脑的恶意软件事件预防和处理指南 |
Final |
7/22/2013 |
| FIPS |
186-4 |
Digital Signature Standard (DSS) |
数字签名标准(DSS) |
Final |
7/19/2013 |
| ITL Bulletin |
|
ITL Issues Guidelines for Managing the Security of Mobile Devices |
ITL发行管理移动设备安全性的准则 |
Final |
7/15/2013 |
| SP |
800-76-2 |
Biometric Specifications for Personal Identity Verification |
个人身份验证的生物识别规范 |
Final |
7/11/2013 |
| White Paper |
|
Summary of the Workshop on Information and Communication Technologies Supply Chain Risk Management, National Institute of Standards and Technology, October 15-16, 2012 |
美国国家标准技术研究院信息与通信技术供应链风险管理研讨会摘要,2012年10月15日至16日 |
Final |
7/10/2013 |
| SP |
800-124 Rev. 1 |
Guidelines for Managing the Security of Mobile Devices in the Enterprise |
企业中移动设备安全性管理准则 |
Final |
6/21/2013 |
| NISTIR |
7933 |
Requirements and Conformance Test Assertions for ANSI/NIST-ITL 1-2011 Record Type 18 – DNA Record |
ANSI / NIST-ITL 1-2011记录类型18的要求和一致性测试断言-DNA记录 |
Final |
6/21/2013 |
| ITL Bulletin |
|
ITL Publishes Security And Privacy Controls For Federal Agencies |
ITL为联邦机构发布安全和隐私控制 |
Final |
5/01/2013 |
| ITL Bulletin |
|
Security Content Automation Protocol (SCAP) Version 1.2 Validation Program Test Requirements |
安全内容自动化协议(SCAP)1.2版验证程序测试要求 |
Final |
4/10/2013 |
| ITL Bulletin |
|
NIST to Develop a Cybersecurity Framework to Protect Critical Infrastructure |
NIST将开发网络安全框架来保护关键基础设施 |
Final |
3/21/2013 |
| NISTIR |
7916 |
Proceedings of the Cybersecurity in Cyber-Physical Systems Workshop, April 23-24, 2012 |
网络物理系统网络安全研讨会论文集,2012年4月23日至24日 |
Final |
2/15/2013 |
| ITL Bulletin |
|
Managing Identity Requirements for Remote Users of Information Systems to Protect System Security and Information Privacy |
管理信息系统远程用户的身份要求以保护系统安全性和信息隐私 |
Final |
1/29/2013 |
| White Paper |
|
Summary of the Workshop on Cryptographic Key Management Systems (CKMS), National Institute of Standards and Technology, September 10-11, 2012 |
美国国家标准与技术研究院密码密钥管理系统(CKMS)研讨会摘要,2012年9月10日至11日 |
Final |
1/10/2013 |
| ITL Bulletin |
|
Generating Secure Cryptographic Keys: A Critical Component of Cryptographic Key Management and the Protection of Sensitive Information |
生成安全的密码密钥:密码密钥管理和敏感信息保护的重要组成部分 |
Final |
12/19/2012 |
| SP |
800-38F |
Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping |
分组密码操作模式的建议:密钥包装方法 |
Final |
12/13/2012 |
| White Paper |
|
Proof of Concept for an ICT SCRM Enterprise Assessment Package |
ICT SCRM企业评估包的概念验证 |
Final |
12/01/2012 |
| NISTIR |
7817 |
A Credential Reliability and Revocation Model for Federated Identities |
联合身份的凭证可靠性和撤销模型 |
Final |
11/29/2012 |
| ITL Bulletin |
|
Practices for Managing Supply Chain Risks to Protect Federal Information Systems |
管理供应链风险以保护联邦信息系统的实践 |
Final |
11/27/2012 |
| White Paper |
|
Challenging Security Requirements for US Government Cloud Computing Adoption |
挑战美国政府采用云计算的安全性要求 |
Final |
11/19/2012 |
| NISTIR |
7896 |
Third-Round Report of the SHA-3 Cryptographic Hash Algorithm Competition |
SHA-3密码哈希算法竞赛的第三轮报告 |
Final |
11/15/2012 |
| NISTIR |
7878 |
Combinatorial Coverage Measurement |
组合覆盖率测量 |
Final |
10/26/2012 |
| ITL Bulletin |
|
Conducting Information Security-Related Risk Assessments: Updated Guidelines for Comprehensive Risk Management Programs |
进行与信息安全相关的风险评估:全面风险管理计划的最新准则 |
Final |
10/25/2012 |
| NISTIR |
7622 |
Notional Supply Chain Risk Management Practices for Federal Information Systems |
联邦信息系统的名义供应链风险管理实践 |
Final |
10/16/2012 |
| ITL Bulletin |
|
Revised Guide Helps Organizations Handle Security Related Incidents |
经修订的指南可帮助组织处理与安全相关的事件 |
Final |
9/27/2012 |
| SP |
800-30 Rev. 1 |
Guide for Conducting Risk Assessments |
进行风险评估指南 |
Final |
9/17/2012 |
| NISTIR |
7877 |
BioCTS 2012: Advanced Conformance Test Architectures and Test Suites for Biometric Data Interchange Formats and Biometric Information Records |
BioCTS 2012:适用于生物识别数据交换格式和生物识别信息记录的高级一致性测试体系结构和测试套件 |
Final |
9/14/2012 |
| NISTIR |
7874 |
Guidelines for Access Control System Evaluation Metrics |
访问控制系统评估指标准则 |
Final |
9/14/2012 |
| SP |
800-107 Rev. 1 |
Recommendation for Applications Using Approved Hash Algorithms |
使用经认可的哈希算法的应用建议 |
Final |
8/24/2012 |
| White Paper |
|
The Role of the National Institute of Standards and Technology in Mobile Security |
美国国家标准技术研究院在移动安全中的作用 |
Final |
8/23/2012 |
| ITL Bulletin |
|
Security of Bluetooth Systems and Devices: Updated Guide Issued by the National Institute of Standards and Technology (NIST) |
蓝牙系统和设备的安全性:美国国家标准技术研究院(NIST)发布的更新指南 |
Final |
8/13/2012 |
| SP |
800-61 Rev. 2 |
Computer Security Incident Handling Guide |
计算机安全事件处理指南 |
Final |
8/06/2012 |
| NISTIR |
7867 Rev. 2012 |
Usability of PIV Smartcards for Logical Access |
PIV智能卡用于逻辑访问的可用性 |
Final |
8/01/2012 |
| NISTIR |
7870 |
NIST Test Personal Identity Verification (PIV) Cards |
NIST测试个人身份验证(PIV)卡 |
Final |
7/12/2012 |
| ITL Bulletin |
|
Preparing for and Responding to Certification Authority Compromise and Fraudulent Certificate Issuance |
准备和响应证书颁发机构的妥协和欺诈性证书颁发 |
Final |
7/10/2012 |
| NISTIR |
7864 |
The Common Misuse Scoring System (CMSS): Metrics for Software Feature Misuse Vulnerabilities |
常见滥用评分系统(CMSS):软件功能滥用漏洞的度量标准 |
Final |
7/10/2012 |
| ITL Bulletin |
|
Cloud Computing: A Review of Features, Benefits, and Risks, and Recommendations for Secure, Efficient Implementations |
云计算:功能,收益和风险的回顾,以及有关安全,高效实施的建议 |
Final |
6/27/2012 |
| SP |
800-146 |
Cloud Computing Synopsis and Recommendations |
云计算简介和建议 |
Final |
5/29/2012 |
| ITL Bulletin |
|
Secure Hash Standard: Updated Specifications Approved and Issued as Federal Information Processing Standard (FIPS) 180-4 |
安全哈希标准:更新的规范已批准并发布为联邦信息处理标准(FIPS)180-4 |
Final |
5/09/2012 |
| NISTIR |
7816 |
Computer Security Division 2011 Annual Report |
计算机安全司2011年度报告 |
Final |
5/08/2012 |
| White Paper |
|
Adaptive Preimage Resistance Analysis Revisited: Requirements, Subtleties and Implications |
自适应原像电阻分析:要求,细微之处和启示 |
Final |
4/16/2012 |
| ITL Bulletin |
|
Guidelines for Improving Security and Privacy in Public Cloud Computing |
在公共云计算中提高安全性和隐私性的准则 |
Final |
3/28/2012 |
| SP |
800-126 Rev. 2 |
The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.2 |
安全内容自动化协议(SCAP)的技术规范:SCAP版本1.2 |
Final |
3/19/2012 |
| NISTIR |
7275 Rev. 4 |
Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2 |
可扩展配置清单描述格式(XCCDF)版本1.2的规范 |
Final |
3/01/2012 |
| ITL Bulletin |
|
Guidelines for Securing Wireless Local Area Networks (WLANs) |
保护无线局域网(WLAN)的准则 |
Final |
2/27/2012 |
| SP |
800-153 |
Guidelines for Securing Wireless Local Area Networks (WLANs) |
保护无线局域网(WLAN)的准则 |
Final |
2/21/2012 |
| ITL Bulletin |
|
Advancing Security Automation and Standardization: Revised Technical Specifications Issued for the Security Content Automation Protocol (SCAP) |
推进安全自动化和标准化:针对安全内容自动化协议(SCAP)发布的修订的技术规范 |
Final |
1/24/2012 |
| SP |
800-135 Rev. 1 |
Recommendation for Existing Application-Specific Key Derivation Functions |
有关现有的特定于应用程序的密钥派生功能的建议 |
Final |
12/23/2011 |
| ITL Bulletin |
|
Revised Guideline for Electronic Authentication of Users Helps Organizations Protect the Security of Their Information Systems |
修订的用户电子身份验证指南可帮助组织保护其信息系统的安全性 |
Final |
12/22/2011 |
| SP |
800-144 |
Guidelines on Security and Privacy in Public Cloud Computing |
公共云计算中的安全性和隐私准则 |
Final |
12/09/2011 |
| White Paper |
|
The ICT SCRM Community Framework Development Project: Final Report |
ICT SCRM社区框架开发项目:最终报告 |
Final |
12/01/2011 |
| ITL Bulletin |
|
Continuous Monitoring of Information Security: An Essential Component of Risk Management |
持续监控信息安全:风险管理的重要组成部分 |
Final |
10/25/2011 |
| SP |
800-137 |
Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations |
联邦信息系统和组织的信息安全连续监视(ISCM) |
Final |
9/30/2011 |
| SP |
800-145 |
The NIST Definition of Cloud Computing |
NIST云计算的定义 |
Final |
9/28/2011 |
| ITL Bulletin |
|
Managing the Configuration of Information Systems with a Focus on Security |
以安全为中心来管理信息系统的配置 |
Final |
9/26/2011 |
| NISTIR |
7802 |
Trust Model for Security Automation Data 1.0 (TMSAD) |
安全自动化数据1.0(TMSAD)的信任模型 |
Final |
9/20/2011 |
| NISTIR |
7806 |
ANSI/NIST-ITL 1-2011 Requirements and Conformance Test Assertions |
ANSI / NIST-ITL 1-2011要求和一致性测试断言 |
Final |
9/16/2011 |
| NISTIR |
7682 |
Information System Security Best Practices for UOCAVA-Supporting Systems |
UOCAVA支持系统的信息系统安全最佳实践 |
Final |
9/15/2011 |
| NISTIR |
7711 |
Security Best Practices for the Electronic Transmission of Election Materials for UOCAVA Voters |
UOCAVA选民的电子传输选举材料的安全最佳实践 |
Final |
9/15/2011 |
| ITL Bulletin |
|
Protecting Industrial Control Systems – Key Components of Our Nation’s Critical Infrastructures |
保护工业控制系统–国家关键基础设施的关键组成部分 |
Final |
8/24/2011 |
| NISTIR |
7698 |
Common Platform Enumeration: Applicability Language Specification Version 2.3 |
通用平台枚举:适用语言规范版本2.3 |
Final |
8/19/2011 |
| NISTIR |
7696 |
Common Platform Enumeration: Name Matching Specification Version 2.3 |
通用平台枚举:名称匹配规范版本2.3 |
Final |
8/19/2011 |
| NISTIR |
7697 |
Common Platform Enumeration: Dictionary Specification Version 2.3 |
通用平台枚举:字典规范版本2.3 |
Final |
8/19/2011 |
| NISTIR |
7695 |
Common Platform Enumeration: Naming Specification Version 2.3 |
通用平台枚举:命名规范版本2.3 |
Final |
8/19/2011 |
| NISTIR |
7788 |
Security Risk Analysis of Enterprise Networks Using Probabilistic Attack Graphs |
使用概率攻击图的企业网络安全风险分析 |
Final |
8/01/2011 |
| NISTIR |
7815 |
Access Control for SAR Systems |
SAR系统的访问控制 |
Final |
7/01/2011 |
| ITL Bulletin |
|
Guidelines for Protecting Basic Input/Output System (BIOS) Firmware |
保护基本输入/输出系统(BIOS)固件的准则 |
Final |
6/28/2011 |
| NISTIR |
7791 |
Conformance Test Architecture and Test Suite for ANSI/NIST-ITL 1-2007 |
ANSI / NIST-ITL 1-2007的一致性测试体系结构和测试套件 |
Final |
6/22/2011 |
| NISTIR |
7694 |
Specification for Asset Reporting Format 1.1 |
资产报告格式规范1.1 |
Final |
6/21/2011 |
| White Paper |
|
A depth-16 circuit for the AES S-box |
AES S盒的深度16电路 |
Final |
6/17/2011 |
| NISTIR |
7693 |
Specification for Asset Identification 1.1 |
资产识别规范1.1 |
Final |
6/17/2011 |
| NISTIR |
7751 |
Computer Security Division 2010 Annual Report |
计算机安全司2010年度报告 |
Final |
5/31/2011 |
| ITL Bulletin |
|
Using Security Configuration Checklists and the National Checklist Program |
使用安全配置清单和国家清单清单程序 |
Final |
5/25/2011 |
| SP |
800-147 |
BIOS Protection Guidelines |
BIOS保护准则 |
Final |
4/29/2011 |
| ITL Bulletin |
|
Full Virtualization Technologies: Guidelines for Secure Implementation and Management |
完全虚拟化技术:安全实施和管理准则 |
Final |
4/25/2011 |
| NISTIR |
7692 |
Specification for the Open Checklist Interactive Language (OCIL) Version 2.0 |
开放清单交互语言(OCIL)2.0版规范 |
Final |
4/07/2011 |
| White Paper |
|
Assessing SCRM Capabilities and Perspectives of the IT Vendor Community: Toward a Cyber-Supply Chain Code of Practice |
评估SCRM能力和IT供应商社区的观点:迈向网络供应链实践准则 |
Final |
4/01/2011 |
| ITL Bulletin |
|
Managing Information Security Risk: Organization, Mission and Information System View |
管理信息安全风险:组织,任务和信息系统视图 |
Final |
3/22/2011 |
| SP |
800-39 |
Managing Information Security Risk: Organization, Mission, and Information System View |
管理信息安全风险:组织,任务和信息系统视图 |
Final |
3/01/2011 |
| NISTIR |
7771 |
Conformance Test Architecture for Biometric Data Interchange Formats – Version Beta 2.0 |
生物识别数据交换格式的一致性测试体系结构-Beta 2.0版 |
Final |
2/28/2011 |
| SP |
800-51 Rev. 1 |
Guide to Using Vulnerability Naming Schemes |
使用漏洞命名方案的指南 |
Final |
2/25/2011 |
| SP |
800-126 Rev. 1 |
The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.1 |
安全内容自动化协议(SCAP)的技术规范:SCAP版本1.1 |
Final |
2/25/2011 |
| NISTIR |
7764 |
Status Report on the Second Round of the SHA-3 Cryptographic Hash Algorithm Competition |
SHA-3密码哈希算法竞赛第二轮状态报告 |
Final |
2/23/2011 |
| NISTIR |
7770 |
Security Considerations for Remote Electronic UOCAVA Voting |
远程电子UOCAVA投票的安全注意事项 |
Final |
2/21/2011 |
| ITL Bulletin |
|
Internet Protocol Version 6 (IPv6): NIST Guidelines Help Organizations Manage the Secure Deployment of the New Network Protocol |
Internet协议版本6(IPv6):NIST指南可帮助组织管理新网络协议的安全部署 |
Final |
1/31/2011 |
| SP |
800-125 |
Guide to Security for Full Virtualization Technologies |
完整虚拟化技术的安全性指南 |
Final |
1/28/2011 |
| SP |
800-119 |
Guidelines for the Secure Deployment of IPv6 |
安全部署IPv6的准则 |
Final |
12/29/2010 |
| ITL Bulletin |
|
Securing WiMAX Wireless Communications |
保护WiMAX无线通信 |
Final |
12/27/2010 |
| NISTIR |
7502 |
The Common Configuration Scoring System (CCSS): Metrics for Software Security Configuration Vulnerabilities |
通用配置评分系统(CCSS):软件安全配置漏洞的衡量指标 |
Final |
12/27/2010 |
| SP |
800-132 |
Recommendation for Password-Based Key Derivation: Part 1: Storage Applications |
基于密码的密钥派生建议:第1部分:存储应用程序 |
Final |
12/22/2010 |
| White Paper |
|
Economic Analysis of Role-Based Access Control: Final Report |
基于角色的访问控制的经济分析:最终报告 |
Final |
12/19/2010 |
| ITL Bulletin |
|
The Exchange of Health Information: Designing a Security Architecture to Provide Information Security and Privacy |
健康信息的交换:设计提供信息安全性和隐私性的安全体系结构 |
Final |
11/23/2010 |
| SP |
800-34 Rev. 1 |
Contingency Planning Guide for Federal Information Systems |
联邦信息系统应急计划指南 |
Final |
11/11/2010 |
| NISTIR |
7773 |
An Application of Combinatorial Methods to Conformance Testing for Document Object Model Events |
组合方法在文档对象模型事件一致性测试中的应用 |
Final |
11/01/2010 |
| SP |
800-38A Addendum |
Recommendation for Block Cipher Modes of Operation: Three Variants of Ciphertext Stealing for CBC Mode |
分组密码操作模式的建议:CBC模式的三种密文窃取方式 |
Final |
10/21/2010 |
| SP |
800-142 |
Practical Combinatorial Testing |
实用组合测试 |
Final |
10/07/2010 |
| NISTIR |
7497 |
Security Architecture Design Process for Health Information Exchanges (HIEs) |
健康信息交换(HIE)的安全体系结构设计过程 |
Final |
9/30/2010 |
| ITL Bulletin |
|
Security Content Automation Protocol (SCAP): Helping Organizations Maintain and Verify the Security of Their Information Systems |
安全内容自动化协议(SCAP):帮助组织维护和验证其信息系统的安全性 |
Final |
9/27/2010 |
| NISTIR |
7601 |
Framework for Emergency Response Officials (ERO): Authentication and Authorization Infrastructure |
紧急响应官员(ERO)框架:身份验证和授权基础结构 |
Final |
8/31/2010 |
| ITL Bulletin |
|
Contingency Planning for Information Systems: Updated Guide for Federal Organizations |
信息系统应急计划:联邦组织的最新指南 |
Final |
7/20/2010 |
| NISTIR |
7559 |
Forensics Web Services (FWS) |
取证Web服务(FWS) |
Final |
6/30/2010 |
| ITL Bulletin |
|
How to Identify Personnel with Significant Responsibilities for Information Security |
如何识别对信息安全负有重大责任的人员 |
Final |
6/22/2010 |
| NISTIR |
7676 |
Maintaining and Using Key History on Personal Identity Verification (PIV) Cards |
维护和使用个人身份验证(PIV)卡上的密钥历史记录 |
Final |
6/18/2010 |
| SP |
800-22 Rev. 1a |
A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications |
用于密码学应用的随机和伪随机数生成器的统计测试套件 |
Final |
4/30/2010 |
| ITL Bulletin |
|
Guide to Protecting Personally Identifiable Information |
保护个人身份信息指南 |
Final |
4/28/2010 |
| SP |
800-122 |
Guide to Protecting the Confidentiality of Personally Identifiable Information (PII) |
保护个人身份信息(PII)机密性指南 |
Final |
4/06/2010 |
| NISTIR |
7657 |
A Report on the Privilege (Access) Management Workshop |
特权(访问)管理研讨会的报告 |
Final |
3/30/2010 |
| ITL Bulletin |
|
Revised Guide Helps Federal Organizations Improve Their Risk Management Practices and Information System Security |
经修订的指南可帮助联邦组织改善其风险管理实践和信息系统安全性 |
Final |
3/29/2010 |
| NISTIR |
7653 |
Computer Security Division 2009 Annual Report |
计算机安全司2009年度报告 |
Final |
3/23/2010 |
| ITL Bulletin |
|
Secure Management of Keys in Cryptographic Applications: Guidance for Organizations |
加密应用程序中密钥的安全管理:组织指南 |
Final |
2/24/2010 |
| NISTIR |
7658 |
Guide to SIMfill Use and Development |
SIMfill使用和开发指南 |
Final |
2/24/2010 |
| ITL Bulletin |
|
Security Metrics: Measurements to Support the Continued Development of Information Security Technology |
安全指标:支持信息安全技术持续发展的措施 |
Final |
1/27/2010 |
| SP |
800-38E |
Recommendation for Block Cipher Modes of Operation: the XTS-AES Mode for Confidentiality on Storage Devices |
块密码模式的建议:存储设备的机密性的XTS-AES模式 |
Final |
1/18/2010 |
| NISTIR |
7609 |
Cryptographic Key Management Workshop Summary — June 8-9, 2009 |
加密密钥管理研讨会摘要-2009年6月8日至9日 |
Final |
1/08/2010 |
| NISTIR |
7665 |
Proceedings of the Privilege Management Workshop, September 1-3, 2009 |
特权管理研讨会论文集,2009年9月1-3日 |
Final |
1/01/2010 |
| ITL Bulletin |
|
Cybersecurity Fundamentals for Small Business Owners |
小型企业所有者的网络安全基础知识 |
Final |
11/19/2009 |
| ITL Bulletin |
|
Protecting Information Systems with Firewalls: Revised Guidelines on Firewall Technologies and Policies |
使用防火墙保护信息系统:修订的防火墙技术和策略指南 |
Final |
10/29/2009 |
| NISTIR |
7617 |
Mobile Forensic Reference Materials: a Methodology and Reification |
流动取证参考材料:方法论和修正 |
Final |
10/14/2009 |
| SP |
800-108 |
Recommendation for Key Derivation Using Pseudorandom Functions (Revised) |
使用伪随机函数推导密钥的建议(修订版) |
Final |
10/01/2009 |
| NISTIR |
7581 |
System and Network Security Acronyms and Abbreviations |
系统和网络安全首字母缩写词和缩写 |
Final |
9/30/2009 |
| SP |
800-41 Rev. 1 |
Guidelines on Firewalls and Firewall Policy |
防火墙和防火墙策略准则 |
Final |
9/28/2009 |
| SP |
800-102 |
Recommendation for Digital Signature Timeliness |
关于数字签名及时性的建议 |
Final |
9/23/2009 |
| NISTIR |
7620 |
Status Report on the First Round of the SHA-3 Cryptographic Hash Algorithm Competition |
SHA-3密码哈希算法竞赛第一轮状态报告 |
Final |
9/23/2009 |
| NISTIR |
7611 |
Use of ISO/IEC 24727 |
使用ISO / IEC 24727 |
Final |
8/14/2009 |
| ITL Bulletin |
|
Risk Management Framework: Helping Organizations Implement Effective Information Security Programs |
风险管理框架:帮助组织实施有效的信息安全计划 |
Final |
7/23/2009 |
| NISTIR |
7564 |
Directions in Security Metrics Research |
安全指标研究的方向 |
Final |
4/30/2009 |
| ITL Bulletin |
|
The Cryptographic Hash Algorithm Family: Revision of the Secure Hash Standard and Ongoing Competition for New Hash Algorithms |
密码哈希算法系列:安全哈希标准的修订以及新哈希算法的持续竞争 |
Final |
3/25/2009 |
| NISTIR |
7536 |
Computer Security Division 2008 Annual Report |
计算机安全司2008年度报告 |
Final |
3/16/2009 |
| ITL Bulletin |
|
Using Personal Identity Verification (Piv) Credentials in Physical Access Control Systems (PACS) |
在物理访问控制系统(PACS)中使用个人身份验证(Piv)凭据 |
Final |
2/26/2009 |
| SP |
800-106 |
Randomized Hashing for Digital Signatures |
数字签名的随机散列 |
Final |
2/25/2009 |
| NISTIR |
7539 |
Symmetric Key Injection onto Smart Cards |
将对称密钥注入智能卡 |
Final |
12/22/2008 |
| NISTIR |
7551 |
A Threat Analysis on UOCAVA Voting Systems |
UOCAVA投票系统的威胁分析 |
Final |
12/19/2008 |
| ITL Bulletin |
|
Guide to Information Security Testing and Assessment |
信息安全测试与评估指南 |
Final |
12/18/2008 |
| SP |
800-66 Rev. 1 |
An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule |
实施《健康保险可移植性和责任法案》(HIPAA)安全规则的入门资源指南 |
Final |
10/23/2008 |
| ITL Bulletin |
|
Keeping Information Technology (IT) System Servers Secure: A General Guide to Good Practices |
确保信息技术(IT)系统服务器的安全:良好实践通则 |
Final |
10/15/2008 |
| SP |
800-115 |
Technical Guide to Information Security Testing and Assessment |
信息安全测试与评估技术指南 |
Final |
9/30/2008 |
| ITL Bulletin |
|
Using Performance Measurements to Evaluate and Strengthen Information System Security |
使用性能度量来评估和增强信息系统安全性 |
Final |
9/18/2008 |
| NISTIR |
7516 |
Forensic Filtering of Cell Phone Protocols |
手机协议的取证过滤 |
Final |
8/27/2008 |
| SP |
800-22 Rev. 1 |
A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications |
用于密码学应用的随机和伪随机数生成器的统计测试套件 |
Final |
8/01/2008 |
| SP |
800-60 Vol. 2 Rev. 1 |
Guide for Mapping Types of Information and Information Systems to Security Categories: Appendices |
将信息和信息系统的类型映射到安全类别的指南:附录 |
Final |
8/01/2008 |
| SP |
800-60 Vol. 1 Rev. 1 |
Guide for Mapping Types of Information and Information Systems to Security Categories |
将信息和信息系统的类型映射到安全类别的指南 |
Final |
8/01/2008 |
| SP |
800-123 |
Guide to General Server Security |
通用服务器安全性指南 |
Final |
7/25/2008 |
| ITL Bulletin |
|
Guidelines on Implementing A Secure Sockets Layer (SSL) Virtual Private Network (VPN) |
实施安全套接字层(SSL)虚拟专用网(VPN)的准则 |
Final |
7/23/2008 |
| FIPS |
198-1 |
The Keyed-Hash Message Authentication Code (HMAC) |
密钥哈希消息认证码(HMAC) |
Final |
7/16/2008 |
| SP |
800-55 Rev. 1 |
Performance Measurement Guide for Information Security |
信息安全性能评估指南 |
Final |
7/16/2008 |
| SP |
800-113 |
Guide to SSL VPNs |
SSL VPN指南 |
Final |
7/01/2008 |
| ITL Bulletin |
|
New Cryptographic Hash Algorithm Family: NIST Holds a Public Competition to Find New Algorithms |
新的密码哈希算法系列:NIST举行公开比赛以寻找新算法 |
Final |
5/28/2008 |
| ITL Bulletin |
|
Using Active Content and Mobile Code and Safeguarding the Security of Information Technology Systems |
使用活动内容和移动代码并保护信息技术系统的安全 |
Final |
4/24/2008 |
| NISTIR |
7442 |
Computer Security Division 2007 Annual Report |
计算机安全司2007年度报告 |
Final |
4/01/2008 |
| SP |
800-28 Version 2 |
Guidelines on Active Content and Mobile Code |
有效内容和移动代码准则 |
Final |
3/07/2008 |
| ITL Bulletin |
|
Federal Desktop Core Configuration (FDCC): Improving Security for Windows Desktop Operating Systems |
联邦桌面核心配置(FDCC):提高Windows桌面操作系统的安全性 |
Final |
2/27/2008 |
| ITL Bulletin |
|
Secure Web Servers Protecting Web Sites that are Accessed by the Public |
安全的Web服务器保护公众访问的网站 |
Final |
1/31/2008 |
| NISTIR |
7275 Rev. 3 |
Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.1.4 |
可扩展配置清单描述格式(XCCDF)版本1.1.4的规范 |
Final |
1/01/2008 |
| NISTIR |
7452 |
Secure Biometric Match-on-Card Feasibility Report |
安全生物识别卡片匹配可行性报告 |
Final |
11/30/2007 |
| SP |
800-38D |
Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC |
块密码模式的建议:伽罗瓦/计数器模式(GCM)和GMAC |
Final |
11/28/2007 |
| ITL Bulletin |
|
Using Storage Encryption Technologies to Protect End User Devices |
使用存储加密技术保护最终用户设备 |
Final |
11/26/2007 |
| SP |
800-111 |
Guide to Storage Encryption Technologies for End User Devices |
最终用户设备的存储加密技术指南 |
Final |
11/15/2007 |
| ITL Bulletin |
|
The Common Vulnerability Scoring System (CVSS) |
通用漏洞评分系统(CVSS) |
Final |
10/25/2007 |
| SP |
800-44 Version 2 |
Guidelines on Securing Public Web Servers |
保护公共Web服务器的准则 |
Final |
10/09/2007 |
| NISTIR |
7427 |
6th Annual PKI R&D Workshop “Applications-Driven PKI” Proceedings |
第六届PKI年度研发研讨会“应用驱动的PKI”会议记录 |
Final |
9/13/2007 |
| NISTIR |
7435 |
The Common Vulnerability Scoring System (CVSS) and its Applicability to Federal Agency Systems |
通用漏洞评分系统(CVSS)及其对联邦机构系统的适用性 |
Final |
8/30/2007 |
| SP |
800-95 |
Guide to Secure Web Services |
安全Web服务指南 |
Final |
8/29/2007 |
| ITL Bulletin |
|
Secure Web Services |
安全的网络服务 |
Final |
8/23/2007 |
| SP |
800-38C |
Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality |
分组密码操作模式的建议:身份验证和机密性的CCM模式 |
Final |
7/20/2007 |
| ITL Bulletin |
|
Forensic Techniques for Cell Phones |
手机取证技术 |
Final |
6/27/2007 |
| ITL Bulletin |
|
Securing Radio Frequency Identification (RFID) Systems |
保护射频识别(RFID)系统 |
Final |
5/17/2007 |
| NISTIR |
7275 Rev. 2 |
Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.1.3 |
可扩展配置清单描述格式(XCCDF)版本1.1.3的规范 |
Final |
4/30/2007 |
| SP |
800-98 |
Guidelines for Securing Radio Frequency Identification (RFID) Systems |
保护射频识别(RFID)系统的准则 |
Final |
4/06/2007 |
| ITL Bulletin |
|
Improving The Security of Electronic Mail: Updated Guidelines Issued by NIST |
提高电子邮件的安全性:NIST发布的更新指南 |
Final |
3/28/2007 |
| NISTIR |
7399 |
Computer Security Division 2006 Annual Report |
计算机安全司2006年度报告 |
Final |
3/21/2007 |
| NISTIR |
7387 |
Cell Phone Forensic Tools: an Overview and Analysis Update |
手机取证工具:概述和分析更新 |
Final |
3/21/2007 |
| SP |
800-100 |
Information Security Handbook: A Guide for Managers |
信息安全手册:经理指南 |
Final |
3/07/2007 |
| ITL Bulletin |
|
Intrusion Detection and Prevention Systems |
入侵检测与防御系统 |
Final |
2/26/2007 |
| SP |
800-45 Version 2 |
Guidelines on Electronic Mail Security |
电子邮件安全准则 |
Final |
2/20/2007 |
| SP |
800-94 |
Guide to Intrusion Detection and Prevention Systems (IDPS) |
入侵检测和防御系统(IDPS)指南 |
Final |
2/20/2007 |
| SP |
800-97 |
Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i |
建立无线健壮的安全网络:IEEE 802.11i指南 |
Final |
2/07/2007 |
| NISTIR |
7359 |
Information Security Guide for Government Executives |
政府主管人员信息安全指南 |
Final |
1/01/2007 |
| NISTIR |
7358 |
Program Review for Information Security Management Assistance (PRISMA) |
信息安全管理援助计划审查(PRISMA) |
Final |
1/01/2007 |
| SP |
800-96 |
PIV Card to Reader Interoperability Guidelines |
PIV卡与读取器的互操作性指南 |
Final |
12/29/2006 |
| ITL Bulletin |
|
Maintaining Effective Information Technology (IT) Security Through Test, Training, and Exercise Programs |
通过测试,培训和演习计划维护有效的信息技术(IT)安全 |
Final |
12/19/2006 |
| SP |
800-89 |
Recommendation for Obtaining Assurances for Digital Signature Applications |
获得数字签名应用保证的建议 |
Final |
11/30/2006 |
| ITL Bulletin |
|
Guide to Securing Computers Using Windows XP Home Edition |
使用Windows XP Home Edition保护计算机安全的指南 |
Final |
11/22/2006 |
| NISTIR |
7275 |
Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.1 |
可扩展配置清单描述格式(XCCDF)版本1.1的规范 |
Final |
11/01/2006 |
| ITL Bulletin |
|
Log Management: Using Computer and Network Records to Improve Information Security |
日志管理:使用计算机和网络记录来提高信息安全性 |
Final |
10/25/2006 |
| NISTIR |
7316 |
Assessment of Access Control Systems |
评估访问控制系统 |
Final |
9/29/2006 |
| ITL Bulletin |
|
Forensic Techniques: Helping Organizations Improve Their Responses to Information Security Incidents |
法证技术:帮助组织改善对信息安全事件的响应 |
Final |
9/27/2006 |
| SP |
800-84 |
Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities |
IT计划和功能的测试,培训和练习计划指南 |
Final |
9/21/2006 |
| SP |
800-92 |
Guide to Computer Security Log Management |
计算机安全日志管理指南 |
Final |
9/13/2006 |
| SP |
800-86 |
Guide to Integrating Forensic Techniques into Incident Response |
将法医技术整合到事件响应中的指南 |
Final |
9/01/2006 |
| NISTIR |
7337 |
Personal Identity Verification Demonstration Summary |
个人身份验证演示摘要 |
Final |
8/31/2006 |
| ITL Bulletin |
|
Protecting Sensitive Information Processed and Stored in Information Technology (IT) Systems |
保护在信息技术(IT)系统中处理和存储的敏感信息 |
Final |
8/30/2006 |
| SP |
800-85B |
PIV Data Model Test Guidelines |
PIV数据模型测试准则 |
Final |
7/31/2006 |
| NISTIR |
7313 |
5th Annual PKI R&D Workshop “Making PKI Easy to Use” Proceedings |
第五届PKI年度研发研讨会“使PKI易于使用”会议记录 |
Final |
7/18/2006 |
| ITL Bulletin |
|
Protecting Sensitive Information Transmitted in Public Networks |
保护在公共网络中传输的敏感信息 |
Final |
4/21/2006 |
| ITL Bulletin |
|
Minimum Security Requirements for Federal Information and Information Systems: Federal Information Processing Standard (FIPS) 200 Approved by the Secretary of Commerce |
联邦信息和信息系统的最低安全要求:商务部长批准的联邦信息处理标准(FIPS)200 |
Final |
3/24/2006 |
| NISTIR |
7308 |
An Algorithm for Generating Very Large Covering Arrays |
生成非常大的覆盖数组的算法 |
Final |
3/20/2006 |
| NISTIR |
7290 |
Fingerprint Identification and Mobile Handheld Devices: An Overview and Implementation |
指纹识别和移动手持设备:概述和实现 |
Final |
3/01/2006 |
| FIPS |
200 |
Minimum Security Requirements for Federal Information and Information Systems |
联邦信息和信息系统的最低安全要求 |
Final |
3/01/2006 |
| SP |
800-18 Rev. 1 |
Guide for Developing Security Plans for Federal Information Systems |
联邦信息系统安全计划制定指南 |
Final |
2/24/2006 |
| ITL Bulletin |
|
Creating a Program to Manage Security Patches and Vulnerabilities: NIST Recommendations for Improving System Security |
创建程序来管理安全补丁和漏洞:NIST关于提高系统安全性的建议 |
Final |
2/15/2006 |
| NISTIR |
7285 |
Computer Security Division 2005 Annual Report |
计算机安全司2005年度报告 |
Final |
2/01/2006 |
| ITL Bulletin |
|
Testing and Validation of Personal Identity Verification (PIV) Components and Subsystems for Conformance to Federal Information Processing Standard 201 |
测试和验证个人身份验证(PIV)组件和子系统是否符合联邦信息处理标准201 |
Final |
1/25/2006 |
| NISTIR |
7284 |
Personal Identity Verification Card Management Report |
个人身份验证卡管理报告 |
Final |
1/06/2006 |
| NISTIR |
7250 |
Cell Phone Forensic Tools: an Overview and Analysis |
手机取证工具:概述和分析 |
Final |
10/19/2005 |
| NISTIR |
7219 |
Computer Security Division 2004 Annual Report |
计算机安全司2004年度报告 |
Final |
8/01/2005 |
| NISTIR |
7224 |
4th Annual PKI R&D Workshop “Multiple Paths to Trust” Proceedings |
第四届PKI年度研发研讨会“多途径信任”会议记录 |
Final |
8/01/2005 |
| ITL Bulletin |
|
Implementation of FIPS 201, Personal Identity Verification (PIV) of Federal Employees and Contractors |
实施FIPS 201,联邦雇员和承包商的个人身份验证(PIV) |
Final |
8/01/2005 |
| NISTIR |
7206 |
Smart Cards and Mobile Device Authentication: an Overview and Implementation |
智能卡和移动设备身份验证:概述和实现 |
Final |
7/01/2005 |
| NISTIR |
7200 |
Proximity Beacons and Mobile Device Authentication: an Overview and Implementation |
邻近信标和移动设备身份验证:概述和实现 |
Final |
6/01/2005 |
| ITL Bulletin |
|
Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule |
实施《健康保险携带与责任法案(HIPAA)安全规则》 |
Final |
4/01/2005 |
| ITL Bulletin |
|
Integrating IT Security into the Capital Planning and Investment Control Process |
将IT安全集成到资本计划和投资控制流程中 |
Final |
1/27/2005 |
| NISTIR |
7188 |
Specification for the Extensible Configuration Checklist Description Format (XCCDF) |
可扩展配置清单描述格式(XCCDF)规范 |
Final |
1/01/2005 |
| SP |
800-58 |
Security Considerations for Voice Over IP Systems |
IP语音系统的安全注意事项 |
Final |
1/01/2005 |
| SP |
800-72 |
Guidelines on PDA Forensics |
PDA取证准则 |
Final |
11/01/2004 |
| ITL Bulletin |
|
Understanding the New NIST Standards and Guidelines Required by FISMA: How Three Mandated Documents are Changing the Dynamic of Information Security for the Federal Government |
了解FISMA要求的新NIST标准和指南:三份强制性文件如何改变联邦政府信息安全的动态 |
Final |
11/01/2004 |
| ITL Bulletin |
|
Securing Voice Over Internet Protocol (IP) Networks |
保护互联网协议(IP)网络上的语音 |
Final |
10/01/2004 |
| NISTIR |
7122 |
3rd Annual PKI Research Workshop Proceedings |
第三届PKI年度研究研讨会论文集 |
Final |
9/08/2004 |
| ITL Bulletin |
|
Information Security Within the System Development Life Cycle (SDLC) |
系统开发生命周期(SDLC)中的信息安全 |
Final |
9/01/2004 |
| NISTIR |
7100 |
PDA Forensic Tools: an Overview and Analysis |
PDA取证工具:概述和分析 |
Final |
8/01/2004 |
| ITL Bulletin |
|
Information Technology Security Services: How to Select, Implement, and Manage |
信息技术安全服务:如何选择,实施和管理 |
Final |
6/01/2004 |
| NISTIR |
7111 |
Computer Security Division 2003 Annual Report |
计算机安全司2003年度报告 |
Final |
4/30/2004 |
| ITL Bulletin |
|
Selecting Information Technology Security Products |
选择信息技术安全产品 |
Final |
4/28/2004 |
| NISTIR |
6529-A |
Common Biometric Exchange Formats Framework (CBEFF) |
通用生物特征识别交换格式框架(CBEFF) |
Final |
4/05/2004 |
| NISTIR |
7085 |
2nd Annual PKI Research Workshop Proceedings |
第二届PKI年度研究研讨会论文集 |
Final |
4/01/2004 |
| ITL Bulletin |
|
Federal Information Processing Standard (FIPS) 199, Standards for Security Categorization of Federal Information and Information Systems |
联邦信息处理标准(FIPS)199,联邦信息和信息系统安全分类标准 |
Final |
3/01/2004 |
| NISTIR |
7056 |
Card Technology Developments and Gap Analysis Interagency Report |
卡技术发展与差距分析跨机构报告 |
Final |
3/01/2004 |
| FIPS |
199 |
Standards for Security Categorization of Federal Information and Information Systems |
联邦信息和信息系统安全分类标准 |
Final |
2/01/2004 |
| NISTIR |
7059 |
1st Annual PKI Research Workshop Proceedings |
第一届PKI年度研究研讨会论文集 |
Final |
11/12/2003 |
| ITL Bulletin |
|
Information Technology Security Awareness, Training, Education, and Certification |
信息技术安全意识,培训,教育和认证 |
Final |
10/15/2003 |
| SP |
800-35 |
Guide to Information Technology Security Services |
信息技术安全服务指南 |
Final |
10/09/2003 |
| SP |
800-50 |
Building an Information Technology Security Awareness and Training Program |
建立信息技术安全意识和培训计划 |
Final |
10/01/2003 |
| SP |
800-59 |
Guideline for Identifying an Information System as a National Security System |
将信息系统识别为国家安全系统的准则 |
Final |
8/20/2003 |
| NISTIR |
7046 |
A Framework for Multi-mode Authentication: Overview and Implementation Guide |
多模式身份验证框架:概述和实施指南 |
Final |
8/01/2003 |
| NISTIR |
6887 2003 Edition |
Government Smart Card Interoperability Specification, Version 2.1 |
政府智能卡互操作性规范,版本2.1 |
Final |
7/16/2003 |
| NISTIR |
7007 |
An Overview of Issues in Testing Intrusion Detection Systems |
测试入侵检测系统的问题概述 |
Final |
7/11/2003 |
| ITL Bulletin |
|
Testing Intrusion Detection Systems |
测试入侵检测系统 |
Final |
7/01/2003 |
| NISTIR |
7030 |
Picture Password: A Visual Login Technique for Mobile Devices |
图片密码:移动设备的可视登录技术 |
Final |
7/01/2003 |
| NISTIR |
6977 |
Vulnerabilities in Quantum Key Distribution Protocols |
量子密钥分发协议中的漏洞 |
Final |
5/01/2003 |
| NISTIR |
6985 |
COTS Security Protection Profile – Operating Systems (CSPP-OS) (Worked Example Applying Guidance of NISTIR-6462, CSPP) Version 1.0 |
COTS安全保护配置文件-操作系统(CSPP-OS)(应用NISTIR-6462,CSPP指导的工作示例)版本1.0 |
Final |
4/01/2003 |
| NISTIR |
6981 |
Policy Expression and Enforcement for Handheld Devices |
手持设备的策略表达和执行 |
Final |
4/01/2003 |
| ITL Bulletin |
|
Secure Interconnections for Information Technology Systems |
信息技术系统的安全互连 |
Final |
2/26/2003 |
| FIPS |
140-2 |
Security Requirements for Cryptographic Modules |
加密模块的安全要求 |
Final |
12/03/2002 |
| SP |
800-49 |
Federal S/MIME V3 Client Profile |
联邦S / MIME V3客户端配置文件 |
Final |
11/05/2002 |
| SP |
800-47 |
Security Guide for Interconnecting Information Technology Systems |
互连信息技术系统的安全指南 |
Final |
9/01/2002 |
| ITL Bulletin |
|
Techniques for System and Data Recovery |
系统和数据恢复技术 |
Final |
4/01/2002 |
| White Paper |
|
The Economic Impact of Role-Based Access Control |
基于角色的访问控制的经济影响 |
Final |
3/01/2002 |
| SP |
800-38A |
Recommendation for Block Cipher Modes of Operation: Methods and Techniques |
分组密码操作模式的建议:方法和技术 |
Final |
12/01/2001 |
| FIPS |
197 |
Advanced Encryption Standard (AES) |
高级加密标准(AES) |
Final |
11/26/2001 |
| White Paper |
|
The Economic Impacts of NIST’s Data Encryption Standard (DES) Program |
NIST数据加密标准(DES)计划的经济影响 |
Final |
10/01/2001 |
| White Paper |
|
Report on the Second Modes of Operation Workshop |
第二种运作方式研讨会报告 |
Final |
10/01/2001 |
| SP |
800-32 |
Introduction to Public Key Technology and the Federal PKI Infrastructure |
公钥技术和联邦PKI基础结构简介 |
Final |
2/26/2001 |
| White Paper |
|
Report on the Symmetric Key Block Cipher Modes of Operation Workshop |
对称密钥块密码操作模式研讨会报告 |
Final |
12/01/2000 |
| White Paper |
|
Federal Information Technology Security Assessment Framework |
联邦信息技术安全评估框架 |
Final |
11/28/2000 |
| SP |
800-25 |
Federal Agency Use of Public Key Technology for Digital Signatures and Authentication |
联邦机构使用公钥技术进行数字签名和认证 |
Final |
10/01/2000 |
| NISTIR |
6483 |
Randomness Testing of the Advanced Encryption Standard Finalist Candidates |
高级加密标准决赛入围者的随机性测试 |
Final |
4/01/2000 |
| White Paper |
|
Report of the Workshop on Key Management Using Public Key Cryptography |
使用公共密钥密码学进行密钥管理研讨会的报告 |
Final |
2/28/2000 |
| NISTIR |
6462 |
CSPP – Guidance for COTS Security Protection Profiles (Formerly: CS2 – Protection Profile Guidance for Near-Term COTS) Version 1.0 |
CSPP-COTS安全保护配置文件指南(以前:CS2-短期COTS保护配置文件指南)版本1.0 |
Final |
12/01/1999 |
| NISTIR |
6416 |
Applying Mobile Agents to Intrusion Detection and Response |
将移动代理应用于入侵检测和响应 |
Final |
10/01/1999 |
| NISTIR |
6390 |
Randomness Testing of the Advanced Encryption Standard Candidate Algorithms |
高级加密标准候选算法的随机性测试 |
Final |
9/01/1999 |
| NISTIR |
6192 |
A Revised Model for Role Based Access Control |
基于角色的访问控制的修订模型 |
Final |
7/09/1998 |
| SP |
800-16 |
Information Technology Security Training Requirements: a Role- and Performance-Based Model |
信息技术安全培训要求:基于角色和绩效的模型 |
Final |
4/01/1998 |
| SP |
800-15 |
MISPC Minimum Interoperability Specification for PKI Components, Version 1 |
MISPC最小互操作性规范,用于PKI组件,版本1 |
Final |
1/01/1998 |
| NISTIR |
6068 |
Report on the TMACH Experiment |
关于TMACH实验的报告 |
Final |
7/01/1997 |
| NISTIR |
5820 |
Distributed Communication Methods and Role-Based Access Control for Use in Health Care Applications |
用于医疗保健应用程序的分布式通信方法和基于角色的访问控制 |
Final |
4/01/1996 |
| NISTIR |
5788 |
Public Key Infrastructure Invitational Workshop September 28, 1995, MITRE Corporation, McLean, Virginia |
公钥基础结构邀请研讨会,1995年9月28日,MITRE公司,弗吉尼亚州麦克莱恩 |
Final |
11/01/1995 |
| NISTIR |
5540 |
Multi-Agency Certification and Accreditation (C&A) Process: A Worked Example |
多机构认证和鉴定(C&A)流程:一个可行的示例 |
Final |
12/01/1994 |
| NISTIR |
5570 |
An Assessment of the DOD Goal Security Architecture (DGSA) for Non-Military Use |
国防部非军事用途目标安全架构(DGSA)的评估 |
Final |
11/01/1994 |
| NISTIR |
5472 |
A Head Start on Assurance: Proceedings of an Invitational Workshop on Information Technology (IT) Assurance and Trustworthiness, March 21-23, 1994 |
保证的开端:1994年3月21日至23日举行的信息技术(IT)保证与信任邀请研讨会的议事录 |
Final |
8/01/1994 |
| NISTIR |
5468 |
Report of the NIST Workshop on Key Escrow Encryption |
NIST密钥托管加密研讨会报告 |
Final |
6/01/1994 |
| NISTIR |
5590 |
Proceedings Report of the International Invitation Workshop on Developmental Assurance |
发展保证国际邀请研讨会的会议记录报告 |
Final |
6/01/1994 |
| White Paper |
|
Auditing Password Usage |
审核密码使用情况 |
Final |
9/01/1988 |
| White Paper |
|
DoD Rainbow Series |
国防部彩虹系列 |
Final |
12/26/1985 |
| White Paper |
NBS Technical Note (TN) 906 |
A Methodology for Evaluating Alternative Technical and Information Management Approaches to Privacy Requirements |
评估隐私要求的替代技术和信息管理方法的方法论 |
Final |
6/01/1976 |
| White Paper |
NBS Technical Note (TN) 876 |
Exploring Privacy and Data Security Costs: A Summary of a Workshop |
探索隐私和数据安全成本:研讨会总结 |
Final |
8/01/1975 |
| White Paper |
NBS Technical Note (TN) 827 |
Controlled Accessibility Workshop Report |
受控辅助功能研讨会报告 |
Final |
5/01/1974 |
| White Paper |
NBS Technical Note (TN) 809 |
Government Looks at Privacy and Security in Computer Systems: Summary of a Conference held at the National Bureau of Standards, Gaithersburg, Maryland, November 19-20, 1973 |
政府关注计算机系统的隐私和安全性:1973年11月19日至20日在马里兰州盖瑟斯堡国家标准局举行的会议摘要 |
Final |
2/01/1974 |
| White Paper |
NBS Technical Note (TN) 780 |
Controlled Accessibility Bibliography |
受控无障碍书目 |
Final |
6/01/1973 |
| NISTIR |
8278A |
National Cybersecurity Online Informative References (OLIR) Program: Submission Guidance for OLIR Developers |
国家网络安全在线信息参考(OLIR)程序:针对OLIR开发人员的提交指南 |
Draft |
8/04/2020 |
| NISTIR |
8278 |
National Cybersecurity Online Informative References (OLIR) Program: Program Overview and OLIR Uses (2nd Draft) |
国家网络安全在线信息参考(OLIR)计划:计划概述和OLIR使用(第二稿) |
Draft |
8/04/2020 |
| SP |
800-53B |
Control Baselines for Information Systems and Organizations |
信息系统和组织的控制基准 |
Draft |
7/31/2020 |
| SP |
800-209 |
Security Guidelines for Storage Infrastructure |
存储基础结构安全准则 |
Draft |
7/21/2020 |
| SP |
800-181 Rev. 1 |
Workforce Framework for Cybersecurity (NICE Framework) |
网络安全劳动力框架(NICE框架) |
Draft |
7/15/2020 |
| NISTIR |
8286 |
Integrating Cybersecurity and Enterprise Risk Management (ERM) (2nd Draft) |
整合网络安全与企业风险管理(ERM)(第二稿) |
Draft |
7/09/2020 |
| SP |
800-172 |
Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171 (Final Public Draft) |
保护受控的未分类信息的增强的安全性要求:NIST特别出版物800-171(最终公共草案)的补充 |
Draft |
7/06/2020 |
| SP |
800-63-4 |
PRE-DRAFT Call for Comments: Digital Identity Guidelines |
征求意见稿:数字身份准则 |
Draft |
6/08/2020 |
| White Paper |
|
Getting Ready for Post-Quantum Cryptography: Explore Challenges Associated with Adoption and Use of Post-Quantum Cryptographic Algorithms |
准备进行量子后密码学:探索与采用和使用量子后密码算法相关的挑战 |
Draft |
5/26/2020 |
| White Paper |
|
Hardware-Enabled Security for Server Platforms: Enabling a Layered Approach to Platform Security for Cloud and Edge Computing Use Cases |
服务器平台的硬件启用安全性:为云和边缘计算用例启用分层的平台安全性方法 |
Draft |
4/28/2020 |
| SP |
1800-19 |
Trusted Cloud: Security Practice Guide for VMware Hybrid Cloud Infrastructure as a Service (IaaS) Environments |
可信云:VMware混合云基础架构即服务(IaaS)环境的安全实践指南 |
Draft |
4/13/2020 |
| White Paper |
|
Methodology for Characterizing Network Behavior of Internet of Things Devices |
表征物联网设备网络行为的方法 |
Draft |
4/01/2020 |
| SP |
800-56C Rev. 2 |
Recommendation for Key-Derivation Methods in Key-Establishment Schemes |
密钥建立方案中密钥导出方法的建议 |
Draft |
3/24/2020 |
| SP |
800-124 Rev. 2 |
Guidelines for Managing the Security of Mobile Devices in the Enterprise |
企业中移动设备安全性管理准则 |
Draft |
3/24/2020 |
| White Paper |
|
[Project Description] Implementing a Zero Trust Architecture |
[项目描述]实现零信任架构 |
Draft |
3/17/2020 |
| SP |
800-53 Rev. 5 |
Security and Privacy Controls for Information Systems and Organizations (Final Public Draft) |
信息系统和组织的安全和隐私控制(最终公开草案) |
Draft |
3/16/2020 |
| NISTIR |
8272 |
Impact Analysis Tool for Interdependent Cyber Supply Chain Risks |
相互依赖的网络供应链风险的影响分析工具 |
Draft |
3/13/2020 |
| NISTIR |
8183 Rev. 1 |
Cybersecurity Framework Version 1.1 Manufacturing Profile |
网络安全框架版本1.1制造概要 |
Draft |
3/04/2020 |
| SP |
800-207 |
Zero Trust Architecture (2nd Draft) |
零信任架构(第二稿) |
Draft |
2/13/2020 |
| NISTIR |
8246 |
National Vulnerability Database (NVD) Metadata Submission Guidelines for Common Vulnerabilities and Exposures (CVE) Numbering Authorities (CNAs) and Authorized Data Publishers |
常见漏洞和披露(CVE)编号颁发机构(CNA)和授权数据发布者的国家漏洞数据库(NVD)元数据提交准则 |
Draft |
2/10/2020 |
| SP |
800-161 Rev. 1 |
PRE-DRAFT Call for Comments: Supply Chain Risk Management Practices for Federal Information Systems and Organizations |
草案前征求意见:联邦信息系统和组织的供应链风险管理实践 |
Draft |
2/04/2020 |
| NISTIR |
8276 |
Key Practices in Cyber Supply Chain Risk Management: Observations from Industry |
网络供应链风险管理的关键实践:行业观察 |
Draft |
2/04/2020 |
| SP |
1800-26 |
Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events |
数据完整性:检测并响应勒索软件和其他破坏性事件 |
Draft |
1/27/2020 |
| SP |
1800-25 |
Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events |
数据完整性:识别和保护资产免受勒索软件和其他破坏性事件的侵害 |
Draft |
1/27/2020 |
| SP |
800-208 |
Recommendation for Stateful Hash-Based Signature Schemes |
有状态的基于哈希的签名方案的建议 |
Draft |
12/11/2019 |
| White Paper |
|
[Project Description] Validating the Integrity of Servers and Client Devices: Supply Chain Assurance |
[项目描述]验证服务器和客户端设备的完整性:供应链保证 |
Draft |
11/22/2019 |
| SP |
1800-15 |
Securing Small Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage Description (MUD) |
保护小型企业和家庭物联网(IoT)设备的安全:使用制造商使用说明(MUD)缓解基于网络的攻击 |
Draft |
11/21/2019 |
| FIPS |
186-5 |
Digital Signature Standard (DSS) |
数字签名标准(DSS) |
Draft |
10/31/2019 |
| SP |
800-186 |
Recommendations for Discrete Logarithm-Based Cryptography: Elliptic Curve Domain Parameters |
基于离散对数密码的建议:椭圆曲线域参数 |
Draft |
10/31/2019 |
| NISTIR |
8269 |
A Taxonomy and Terminology of Adversarial Machine Learning |
对抗机器学习的分类和术语 |
Draft |
10/30/2019 |
| White Paper |
|
[Project Description] Improving Cybersecurity of Managed Service Providers (Supporting Small- and Medium-Sized Businesses) |
[项目描述]改善托管服务提供商的网络安全性(支持中小型企业) |
Draft |
10/08/2019 |
| NISTIR |
8267 |
Security Review of Consumer Home Internet of Things (IoT) Products |
消费者家庭物联网(IoT)产品的安全性审查 |
Draft |
10/01/2019 |
| SP |
1800-24 |
Securing Picture Archiving and Communication System (PACS) |
保护图片存档和通信系统(PACS) |
Draft |
9/16/2019 |
| SP |
1800-21 |
Mobile Device Security: Corporate-Owned Personally-Enabled (COPE) |
移动设备安全性:公司拥有的个人启用(COPE) |
Draft |
7/22/2019 |
| White Paper |
|
[Project Description] Continuous Monitoring for IT Infrastructure: Techniques for auditing user activity and detecting irregular activity events within small and medium-size businesses |
[项目描述] IT基础结构的连续监视:审计用户活动并检测中小型企业中不规则活动事件的技术 |
Draft |
6/17/2019 |
| SP |
1800-13 |
Mobile Application Single Sign-On: Improving Authentication for Public Safety First Responders (2nd Draft) |
移动应用程序单点登录:提高公共安全第一响应者的身份验证(第二稿) |
Draft |
5/29/2019 |
| White Paper |
|
An Application of Combinatorial Methods for Explainability in Artificial Intelligence and Machine Learning |
可解释性组合方法在人工智能与机器学习中的应用 |
Draft |
5/22/2019 |
| NISTIR |
8213 |
A Reference for Randomness Beacons: Format and Protocol Version 2 |
随机信标的参考:格式和协议版本2 |
Draft |
5/06/2019 |
| SP |
800-38G Rev. 1 |
Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption |
分组密码操作模式的建议:保留格式的加密方法 |
Draft |
2/28/2019 |
| White Paper |
|
[Project Description] Security for IoT Sensor Networks: Building Management Case Study |
[项目描述] IoT传感器网络的安全性:楼宇管理案例研究 |
Draft |
2/01/2019 |
| SP |
800-179 Rev. 1 |
Guide to Securing Apple macOS 10.12 Systems for IT Professionals: A NIST Security Configuration Checklist |
适用于IT专业人员的Apple macOS 10.12系统安全指南:NIST安全配置清单 |
Draft |
10/19/2018 |
| White Paper |
|
Internet of Things (IoT) Trust Concerns |
物联网(IoT)信任问题 |
Draft |
10/17/2018 |
| SP |
1800-18 |
Privileged Account Management for the Financial Services Sector |
金融服务业的特权账户管理 |
Draft |
9/28/2018 |
| SP |
800-71 |
Recommendation for Key Establishment Using Symmetric Block Ciphers |
使用对称块密码建立密钥的建议 |
Draft |
7/02/2018 |
| White Paper |
|
A Data Structure for Integrity Protection with Erasure Capability |
具有擦除能力的完整性保护的数据结构 |
Draft |
5/31/2018 |
| White Paper |
|
[Project Description] Energy Sector Asset Management: For Electric Utilities, Oil & Gas Industry |
[项目描述]能源部门资产管理:用于电力,石油和天然气行业 |
Draft |
1/16/2018 |
| NISTIR |
8193 |
National Initiative for Cybersecurity Education (NICE) Framework Work Role Capability Indicators: Indicators for Performing Work Roles |
国家网络安全教育倡议(NICE)框架工作角色能力指标:履行工作角色的指标 |
Draft |
11/08/2017 |
| White Paper |
|
[Project Description] Privileged Account Management: Securing Privileged Accounts for the Financial Services Sector |
[项目描述]特权帐户管理:保护金融服务部门的特权帐户 |
Draft |
10/12/2017 |
| SP |
1800-3 |
Attribute Based Access Control (2nd Draft) |
基于属性的访问控制(第二稿) |
Draft |
9/20/2017 |
| SP |
1800-11 |
Data Integrity: Recovering from Ransomware and Other Destructive Events |
数据完整性:从勒索软件和其他破坏性事件中恢复 |
Draft |
9/06/2017 |
| SP |
1800-9 |
Access Rights Management for the Financial Services Sector |
金融服务业的访问权限管理 |
Draft |
8/31/2017 |
| NISTIR |
8139 |
Identifying Uniformity with Entropy and Divergence |
用熵和散度识别均匀性 |
Draft |
2/02/2017 |
| SP |
800-188 |
De-Identifying Government Datasets (2nd Draft) |
取消识别政府数据集(第二稿) |
Draft |
12/15/2016 |
| NISTIR |
8138 |
Vulnerability Description Ontology (VDO): a Framework for Characterizing Vulnerabilities |
漏洞描述本体(VDO):表征漏洞的框架 |
Draft |
9/30/2016 |
| White Paper |
|
[Project Description] Authentication for Law Enforcement Vehicle Systems |
[项目描述]执法车辆系统认证 |
Draft |
9/13/2016 |
| NISTIR |
8144 |
Assessing Threats to Mobile Devices & Infrastructure: the Mobile Threat Catalogue |
评估对移动设备和基础架构的威胁:移动威胁目录 |
Draft |
9/12/2016 |
| White Paper |
|
[Concept Paper] Identity and Access Management for Smart Home Devices |
[概念文件]智能家居设备的身份和访问管理 |
Draft |
6/06/2016 |
| White Paper |
|
[Project Description] Securing Non-Credit Card, Sensitive Consumer Data: Consumer Data Security for the Retail Sector |
[项目描述]保护非信用卡,敏感的消费者数据:零售部门的消费者数据安全 |
Draft |
5/09/2016 |
| SP |
800-90C |
Recommendation for Random Bit Generator (RBG) Constructions |
随机位发生器(RBG)结构的建议 |
Draft |
4/13/2016 |
| SP |
800-154 |
Guide to Data-Centric System Threat Modeling |
以数据为中心的系统威胁建模指南 |
Draft |
3/14/2016 |
| SP |
800-180 |
NIST Definition of Microservices, Application Containers and System Virtual Machines |
NIST微服务,应用程序容器和系统虚拟机的定义 |
Draft |
2/18/2016 |
| NISTIR |
8085 |
Forming Common Platform Enumeration (CPE) Names from Software Identification (SWID) Tags |
从软件标识(SWID)标记形成通用平台枚举(CPE)名称 |
Draft |
12/17/2015 |
| NISTIR |
8058 |
Security Content Automation Protocol (SCAP) Version 1.2 Content Style Guide: Best Practices for Creating and Maintaining SCAP 1.2 Content |
安全内容自动化协议(SCAP)1.2版内容样式指南:创建和维护SCAP 1.2内容的最佳做法 |
Draft |
5/01/2015 |
| NISTIR |
8050 |
Executive Technical Workshop on Improving Cybersecurity and Consumer Privacy: Summary and Next Steps |
执行技术研讨会,旨在提高网络安全性和消费者隐私:摘要和后续步骤 |
Draft |
4/02/2015 |
| SP |
800-85B-4 |
PIV Data Model Test Guidelines |
PIV数据模型测试准则 |
Draft |
8/06/2014 |
| NISTIR |
8006 |
NIST Cloud Computing Forensic Science Challenges |
NIST云计算法医学挑战 |
Draft |
6/23/2014 |
| NISTIR |
7924 |
Reference Certificate Policy (2nd Draft) |
参考证书政策(第二稿) |
Draft |
5/29/2014 |
| NISTIR |
7981 |
Mobile, PIV, and Authentication |
移动,PIV和身份验证 |
Draft |
3/07/2014 |
| SP |
500-299 |
NIST Cloud Computing Security Reference Architecture |
NIST云计算安全参考架构 |
Draft |
5/05/2013 |
| SP |
800-164 |
Guidelines on Hardware-Rooted Security in Mobile Devices |
移动设备中基于硬件的安全性准则 |
Draft |
10/31/2012 |
| SP |
800-94 Rev. 1 |
Guide to Intrusion Detection and Prevention Systems (IDPS) |
入侵检测和防御系统(IDPS)指南 |
Draft |
7/25/2012 |
| NISTIR |
7848 |
Specification for the Asset Summary Reporting Format 1.0 |
资产汇总报告格式1.0规范 |
Draft |
5/07/2012 |
| NISTIR |
7800 |
Applying the Continuous Monitoring Technical Reference Model to the Asset, Configuration, and Vulnerability Management Domains |
将持续监视技术参考模型应用于资产,配置和漏洞管理域 |
Draft |
1/20/2012 |
| NISTIR |
7799 |
Continuous Monitoring Reference Model Workflow, Subsystem, and Interface Specifications |
连续监控参考模型工作流程,子系统和接口规范 |
Draft |
1/06/2012 |
| NISTIR |
7756 |
CAESARS Framework Extension: An Enterprise Continuous Monitoring Technical Reference Architecture |
CAESARS框架扩展:企业持续监控技术参考架构 |
Draft |
1/06/2012 |
| SP |
800-155 |
BIOS Integrity Measurement Guidelines |
BIOS完整性测量准则 |
Draft |
12/08/2011 |
