系列 编号 英文名 中文名 状态 时间
ITL Bulletin Security Considerations for Exchanging Files Over the Internet 通过Internet交换文件的安全注意事项 Final 8/03/2020
SP 800-210 General Access Control Guidance for Cloud Systems 云系统通用访问控制指南 Final 7/31/2020
White Paper NIST Technical Note (TN) 2066 OpenFMB Proof of Concept Implementation Research OpenFMB概念验证实施研究 Final 7/29/2020
NISTIR 8309 Status Report on the Second Round of the NIST Post-Quantum Cryptography Standardization Process NIST后量子密码标准化流程第二轮的状态报告 Final 7/22/2020
NISTIR 8219 Securing Manufacturing Industrial Control Systems: Behavioral Anomaly Detection 保护制造工业控制系统:行为异常检测 Final 7/16/2020
NISTIR 8214A NIST Roadmap Toward Criteria for Threshold Schemes for Cryptographic Primitives NIST路线图,针对密码基元阈值方案的标准 Final 7/07/2020
SP 800-77 Rev. 1 Guide to IPsec VPNs IPsec VPN指南 Final 6/30/2020
ITL Bulletin NIST Privacy Framework: An Overview NIST隐私框架:概述 Final 6/24/2020
White Paper Can you tell? SSNet – a Sagittal Stratum-inspired Neural Network Framework for Sentiment Analysis 你能告诉? SSNet-矢状面启发神经网络的情感分析框架 Final 6/23/2020
SP 1800-16 Securing Web Transactions: TLS Server Certificate Management 保护Web事务的安全:TLS服务器证书管理 Final 6/16/2020
SP 800-133 Rev. 2 Recommendation for Cryptographic Key Generation 密码密钥生成建议 Final 6/04/2020
NISTIR 8259 Foundational Cybersecurity Activities for IoT Device Manufacturers 物联网设备制造商的基本网络安全活动 Final 5/29/2020
NISTIR 8259A IoT Device Cybersecurity Capability Core Baseline 物联网设备网络安全能力核心基准 Final 5/29/2020
SP 800-204A Building Secure Microservices-based Applications Using Service-Mesh Architecture 使用服务网格体系结构构建基于安全微服务的应用程序 Final 5/27/2020
SP 800-137A Assessing Information Security Continuous Monitoring (ISCM) Programs: Developing an ISCM Program Assessment 评估信息安全连续监视(ISCM)程序:制定ISCM程序评估 Final 5/21/2020
SP 1800-23 Energy Sector Asset Management: For Electric Utilities, Oil & Gas Industry 能源部门资产管理:用于电力,石油和天然气行业 Final 5/20/2020
NISTIR 8196 Security Analysis of First Responder Mobile and Wearable Devices 急救人员移动可穿戴设备的安全性分析 Final 5/11/2020
SP 800-57 Part 1 Rev. 5 Recommendation for Key Management: Part 1 – General 密钥管理建议:第1部分-概述 Final 5/04/2020
NISTIR 8294 Symposium on Federally Funded Research on Cybersecurity of Electric Vehicle Supply Equipment (EVSE) 联邦资助的电动汽车供应设备(EVSE)网络安全研究专题讨论会 Final 4/29/2020
NISTIR 8011 Vol. 4 Automation Support for Security Control Assessments: Software Vulnerability Management 安全控制评估的自动化支持:软件漏洞管理 Final 4/28/2020
White Paper Protecting Data from Ransomware and Other Data Loss Events: A Guide for Managed Service Providers to Conduct, Maintain, and Test Backup Files 保护数据免受勒索软件和其他数据丢失事件的影响:受管服务提供商进行,维护和测试备份文件的指南 Final 4/24/2020
White Paper Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF) 通过采用安全软件开发框架(SSDF)降低软件漏洞的风险 Final 4/23/2020
White Paper 5G Cybersecurity: Preparing a Secure Evolution to 5G 5G网络安全:准备向5G的安全演进 Final 4/13/2020
SP 800-175B Rev. 1 Guideline for Using Cryptographic Standards in the Federal Government: Cryptographic Mechanisms 联邦政府中使用加密标准的准则:加密机制 Final 3/31/2020
White Paper [Project Description] Critical Cybersecurity Hygiene: Patching the Enterprise [项目描述]关键的网络安全卫生:修补企业 Final 3/30/2020
SP 800-140B CMVP Security Policy Requirements: CMVP Validation Authority Updates to ISO/IEC 24759 and ISO/IEC 19790 Annex B CMVP安全策略要求:CMVP验证机构对ISO / IEC 24759和ISO / IEC 19790附件B的更新 Final 3/20/2020
SP 800-140E CMVP Approved Authentication Mechanisms: CMVP Validation Authority Requirements for ISO/IEC 19790 Annex E and ISO/IEC 24579 Section 6.17 CMVP批准的认证机制:CMVP验证机构对ISO / IEC 19790 Annex E和ISO / IEC 24579第6.17节的要求 Final 3/20/2020
SP 800-140F CMVP Approved Non-Invasive Attack Mitigation Test Metrics: CMVP Validation Authority Updates to ISO/IEC 24759 CMVP批准的非侵入式攻击缓解测试指标:CMVP验证机构对ISO / IEC 24759的更新 Final 3/20/2020
SP 800-140D CMVP Approved Sensitive Parameter Generation and Establishment Methods: CMVP Validation Authority Updates to ISO/IEC 24759 CMVP批准的敏感参数生成和建立方法:CMVP验证机构对ISO / IEC 24759的更新 Final 3/20/2020
SP 800-140 FIPS 140-3 Derived Test Requirements (DTR): CMVP Validation Authority Updates to ISO/IEC 24759 FIPS 140-3衍生测试要求(DTR):CMVP验证机构对ISO / IEC 24759的更新 Final 3/20/2020
SP 800-140A CMVP Documentation Requirements: CMVP Validation Authority Updates to ISO/IEC 24759 CMVP文档要求:CMVP验证机构对ISO / IEC 24759的更新 Final 3/20/2020
SP 800-140C CMVP Approved Security Functions: CMVP Validation Authority Updates to ISO/IEC 24759 CMVP批准的安全功能:CMVP验证授权机构对ISO / IEC 24759的更新 Final 3/20/2020
NISTIR 8170 Approaches for Federal Agencies to Use the Cybersecurity Framework 联邦机构使用网络安全框架的方法 Final 3/19/2020
ITL Bulletin Security for Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Solutions 企业远程办公,远程访问和自带设备(BYOD)解决方案的安全性 Final 3/18/2020
SP 800-206 Annual Report 2018: NIST/ITL Cybersecurity Program 2018年度报告:NIST / ITL网络安全计划 Final 3/13/2020
SP 800-63A Digital Identity Guidelines: Enrollment and Identity Proofing 数字身份准则:注册和身份证明 Final 3/02/2020
SP 800-63B Digital Identity Guidelines: Authentication and Lifecycle Management 数字身份准则:身份验证和生命周期管理 Final 3/02/2020
SP 800-63C Digital Identity Guidelines: Federation and Assertions 数字身份准则:联盟和断言 Final 3/02/2020
SP 800-63-3 Digital Identity Guidelines 数字身份准则 Final 3/02/2020
SP 800-171 Rev. 2 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations 保护非联邦系统和组织中的受控未分类信息 Final 2/21/2020
NISTIR 8287 A Roadmap for Successful Regional Alliances and Multistakeholder Partnerships to Build the Cybersecurity Workforce 成功的区域联盟和多方利益相关者合作关系建立网络安全劳动力的路线图 Final 2/20/2020
White Paper [Project Description] Protecting Information and System Integrity in Industrial Control Systems Environments: Cybersecurity for the Manufacturing Sector [项目描述]在工业控制系统环境中保护信息和系统完整性:制造业的网络安全 Final 2/07/2020
White Paper Case Studies in Cyber Supply Chain Risk Management: Palo Alto Networks, Inc. 网络供应链风险管理案例研究:Palo Alto Networks,Inc. Final 2/04/2020
White Paper Case Studies in Cyber Supply Chain Risk Management: Seagate Technology 网络供应链风险管理案例研究:希捷技术 Final 2/04/2020
White Paper Case Studies in Cyber Supply Chain Risk Management: Mayo Clinic 网络供应链风险管理案例研究:Mayo诊所 Final 2/04/2020
White Paper Case Studies in Cyber Supply Chain Risk Management: Anonymous Renewable Energy Company 网络供应链风险管理案例研究:匿名可再生能源公司 Final 2/04/2020
White Paper Case Studies in Cyber Supply Chain Risk Management: Summary of Findings and Recommendations 网络供应链风险管理案例研究:发现和建议摘要 Final 2/04/2020
White Paper Case Studies in Cyber Supply Chain Risk Management: Anonymous Consumer Goods Company 网络供应链风险管理案例研究:匿名消费品公司 Final 2/04/2020
White Paper Case Studies in Cyber Supply Chain Risk Management: Anonymous Consumer Electronics Company 网络供应链风险管理案例研究:匿名消费电子公司 Final 2/04/2020
White Paper On the Profitability of Selfish Mining Against Multiple Difficulty Adjustment Algorithms 基于多重难度调整算法的自私采矿的获利能力 Final 1/29/2020
White Paper NIST Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management, Version 1.0 NIST隐私框架:一种通过企业风险管理改善隐私的工具,版本1.0 Final 1/16/2020
White Paper A Taxonomic Approach to Understanding Emerging Blockchain Identity Management Systems 了解新兴区块链身份管理系统的分类方法 Final 1/14/2020
SP 800-189 Resilient Interdomain Traffic Exchange: BGP Security and DDoS Mitigation 弹性域间流量交换:BGP安全性和DDoS缓解 Final 12/17/2019
White Paper [Project Description] Data Confidentiality: Identifying and Protecting Assets and Data Against Data Breaches [项目描述]数据机密性:识别和保护资产和数据免遭数据泄露 Final 12/05/2019
White Paper [Project Description] Data Confidentiality: Detect, Respond to, and Recover from Data Breaches [项目描述]数据机密性:检测,响应和从数据泄露中恢复 Final 12/05/2019
SP 800-160 Vol. 2 Developing Cyber Resilient Systems: A Systems Security Engineering Approach 开发网络弹性系统:一种系统安全工程方法 Final 11/27/2019
SP 1500-4r2 NIST Big Data Interoperability Framework: Volume 4, Security and Privacy Version 3 NIST大数据互操作性框架:第4卷,安全性和隐私版本3 Final 10/21/2019
SP 800-128 Guide for Security-Focused Configuration Management of Information Systems 注重安全的信息系统配置管理指南 Final 10/10/2019
NISTIR 8268 Status Report on the First Round of the NIST Lightweight Cryptography Standardization Process NIST轻型密码术标准化进程第一轮状态报告 Final 10/07/2019
NISTIR 8183A Vol. 1 Cybersecurity Framework Manufacturing Profile Low Impact Level Example Implementations Guide: Volume 1 – General Implementation Guidance 网络安全框架制造概要低影响级别示例实施指南:第1卷–一般实施指南 Final 9/30/2019
NISTIR 8183A Vol. 3 Cybersecurity Framework Manufacturing Profile Low Impact Level Example Implementations Guide: Volume 3 – Discrete-based Manufacturing System Use Case 网络安全框架制造概要低影响级别示例实施指南:第3卷–基于离散的制造系统用例 Final 9/30/2019
NISTIR 8183A Vol. 2 Cybersecurity Framework Manufacturing Profile Low Impact Level Example Implementations Guide: Volume 2 – Process-based Manufacturing System Use Case 网络安全框架制造概要低影响级别示例实施指南:第2卷–基于流程的制造系统用例 Final 9/30/2019
SP 800-52 Rev. 2 Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations 选择,配置和使用传输层安全性(TLS)实施准则 Final 8/29/2019
SP 1800-12 Derived Personal Identity Verification (PIV) Credentials 派生个人身份验证(PIV)凭据 Final 8/27/2019
White Paper [Project Description] Securing the Industrial Internet of Things: Cybersecurity for Distributed Energy Resources [项目描述]确保工业物联网的安全:分布式能源的网络安全 Final 8/15/2019
SP 800-204 Security Strategies for Microservices-based Application Systems 基于微服务的应用程序系统的安全策略 Final 8/07/2019
SP 1800-7 Situational Awareness for Electric Utilities 电力公用事业的情境意识 Final 8/07/2019
SP 800-162 Guide to Attribute Based Access Control (ABAC) Definition and Considerations 基于属性的访问控制(ABAC)定义和注意事项指南 Final 8/02/2019
NISTIR 8204 Cybersecurity Framework Online Informative References (OLIR) Submissions: Specification for Completing the OLIR Template 网络安全框架在线信息参考(OLIR)提交:完成OLIR模板的规范 Final 8/01/2019
SP 1800-17 Multifactor Authentication for E-Commerce: Risk-Based, FIDO Universal Second Factor Implementations for Purchasers 电子商务的多因素身份验证:针对购买者的基于风险的FIDO通用第二因素实现 Final 7/30/2019
White Paper Practical Cryptanalysis of k-ary C* kary C *的实用密码分析 Final 7/18/2019
White Paper NIST Technical Note (TN) 2051 Cybersecurity Framework Smart Grid Profile 网络安全框架智能电网概况 Final 7/09/2019
NISTIR 7298 Rev. 3 Glossary of Key Information Security Terms 关键信息安全术语表 Final 7/03/2019
SP 1800-14 Protecting the Integrity of Internet Routing: Border Gateway Protocol (BGP) Route Origin Validation 保护Internet路由的完整性:边界网关协议(BGP)路由来源验证 Final 6/28/2019
NISTIR 8228 Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks 管理物联网(IoT)网络安全和隐私风险的注意事项 Final 6/25/2019
SP 800-205 Attribute Considerations for Access Control Systems 访问控制系统的属性注意事项 Final 6/18/2019
NISTIR 8221 A Methodology for Enabling Forensic Analysis Using Hypervisor Vulnerabilities Data 使用Hypervisor漏洞数据启用取证分析的方法 Final 6/05/2019
SP 800-57 Part 2 Rev. 1 Recommendation for Key Management: Part 2 – Best Practices for Key Management Organizations 密钥管理建议:第2部分–密钥管理组织的最佳实践 Final 5/23/2019
ITL Bulletin FIPS 140-3 Adopts ISO/IEC Standards FIPS 140-3采用ISO / IEC标准 Final 5/20/2019
NISTIR 8183 Cybersecurity Framework Manufacturing Profile 网络安全框架制造概况 Final 5/20/2019
White Paper [Project Description] Securing Telehealth Remote Patient Monitoring Ecosystem: Cybersecurity for the Healthcare Sector [项目描述]确保远程医疗远程患者监控生态系统的安全:医疗保健行业的网络安全 Final 5/13/2019
White Paper BowTie – A deep learning feedforward neural network for sentiment analysis BowTie –用于情感分析的深度学习前馈神经网络 Final 4/22/2019
SP 800-163 Rev. 1 Vetting the Security of Mobile Applications 审查移动应用程序的安全性 Final 4/19/2019
ITL Bulletin Time to Standardize Threshold Schemes for Cryptographic Primitives 标准化密码基元阈值方案的时间了 Final 4/09/2019
FIPS 140-3 Security Requirements for Cryptographic Modules 加密模块的安全要求 Final 3/22/2019
SP 800-131A Rev. 2 Transitioning the Use of Cryptographic Algorithms and Key Lengths 过渡使用密码算法和密钥长度 Final 3/21/2019
SP 800-56B Rev. 2 Recommendation for Pair-Wise Key-Establishment Using Integer Factorization Cryptography 使用整数分解密码对进行明智配对密钥建立的建议 Final 3/21/2019
NISTIR 8214 Threshold Schemes for Cryptographic Primitives: Challenges and Opportunities in Standardization and Validation of Threshold Cryptography 密码原语的阈值方案:阈值密码术的标准化和验证中的挑战和机遇 Final 3/01/2019
ITL Bulletin The Next Generation Risk Management Framework (RMF 2.0): A Holistic Methodology to Manage Information Security, Privacy and Supply Chain Risk 下一代风险管理框架(RMF 2.0):一种用于管理信息安全,隐私和供应链风险的整体方法 Final 2/28/2019
SP 800-177 Rev. 1 Trustworthy Email 可信赖的电子邮件 Final 2/26/2019
SP 1800-4 Mobile Device Security: Cloud and Hybrid Builds 移动设备安全性:云和混合构建 Final 2/21/2019
NISTIR 8240 Status Report on the First Round of the NIST Post-Quantum Cryptography Standardization Process NIST量子后密码学标准化进程第一轮状态报告 Final 1/31/2019
SP 800-37 Rev. 2 Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy 信息系统和组织的风险管理框架:安全和隐私的系统生命周期方法 Final 12/20/2018
ITL Bulletin Securing Wireless Infusion Pumps 保护无线输液泵 Final 12/19/2018
NISTIR 8241 Organizational Views of NIST Cryptographic Standards and Testing and Validation Programs NIST加密标准以及测试和验证程序的组织观点 Final 12/17/2018
NISTIR 8011 Vol. 3 Automation Support for Security Control Assessments: Software Asset Management 安全控制评估的自动化支持:软件资产管理 Final 12/06/2018
NISTIR 8200 Interagency Report on the Status of International Cybersecurity Standardization for the Internet of Things (IoT) 关于物联网(IoT)国际网络安全标准化状况的机构间报告 Final 11/29/2018
ITL Bulletin One Block at a Time – Helping to Build Blockchain Knowledge 一次一个区块–帮助建立区块链知识 Final 10/25/2018
NISTIR 8202 Blockchain Technology Overview 区块链技术概述 Final 10/03/2018
ITL Bulletin Automated Cryptographic Validation (ACV) Testing 自动密码验证(ACV)测试 Final 9/20/2018
White Paper Transitioning to the Security Content Automation Protocol (SCAP) Version 2 过渡到安全内容自动化协议(SCAP)版本2 Final 9/10/2018
White Paper The Economic Impacts of the Advanced Encryption Standard, 1996-2017 1996-2017年高级加密标准的经济影响 Final 9/07/2018
SP 1800-5 IT Asset Management IT资产管理 Final 9/07/2018
SP 1800-8 Securing Wireless Infusion Pumps in Healthcare Delivery Organizations 保护医疗保健交付组织中的无线输液泵 Final 8/17/2018
SP 1800-1 Securing Electronic Health Records on Mobile Devices 保护移动设备上的电子健康记录 Final 7/27/2018
ITL Bulletin Assessing Implementation of Controlled Unclassified Information (CUI) Security Requirements 评估受控未分类信息(CUI)安全要求的实施 Final 7/26/2018
SP 1800-2 Identity and Access Management for Electric Utilities 公用事业的身份和访问管理 Final 7/13/2018
SP 800-203 2017 NIST/ITL Cybersecurity Program Annual Report 2017 NIST / ITL网络安全计划年度报告 Final 7/02/2018
SP 800-116 Rev. 1 Guidelines for the Use of PIV Credentials in Facility Access 在设施访问中使用PIV凭证的准则 Final 6/29/2018
ITL Bulletin Putting First Things First – A Model Process for Criticality Analysis 把第一件事放在首位–关键性分析的模型过程 Final 6/26/2018
SP 800-171A Assessing Security Requirements for Controlled Unclassified Information 评估受控未分类信息的安全性要求 Final 6/13/2018
SP 800-125A Rev. 1 Security Recommendations for Server-based Hypervisor Platforms 基于服务器的虚拟机监控程序平台的安全建议 Final 6/07/2018
SP 800-171 Rev. 1 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations 保护非联邦系统和组织中的受控未分类信息 Final 6/07/2018
White Paper Extracting Linearization Equations from Noisy Sources 从噪声源提取线性化方程 Final 5/31/2018
White Paper A Report to the President on Supporting the Growth and Sustainment of the Nation’s Cybersecurity Workforce: Building the Foundation for a More Secure American Future 致总统的报告:支持国家网络安全劳动力的增长和维持:为更安全的美国未来奠定基础 Final 5/30/2018
White Paper A Report to the President on Enhancing the Resilience of the Internet and Communications Ecosystem Against Botnets and Other Automated, Distributed Threats 致总统的报告,旨在增强互联网和通信生态系统对僵尸网络和其他自动分布式威胁的抵御能力 Final 5/30/2018
ITL Bulletin Protecting Software Integrity Through Code Signing 通过代码签名保护软件完整性 Final 5/23/2018
SP 800-202 Quick Start Guide for Populating Mobile Test Devices 填充移动测试设备的快速入门指南 Final 5/10/2018
SP 800-193 Platform Firmware Resiliency Guidelines 平台固件弹性指南 Final 5/04/2018
ITL Bulletin Improving the Trustworthiness of Email, and Beyond! 提高电子邮件的可信赖性,以及超越! Final 4/25/2018
NISTIR 7511 Rev. 5 Security Content Automation Protocol (SCAP) Version 1.3 Validation Program Test Requirements 安全内容自动化协议(SCAP)版本1.3验证程序测试要求 Final 4/20/2018
SP 800-87 Rev. 2 Codes for Identification of Federal and Federally-Assisted Organizations 联邦和联邦协助组织识别码 Final 4/19/2018
White Paper Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1 改善关键基础设施网络安全的框架,版本1.1 Final 4/16/2018
SP 800-56C Rev. 1 Recommendation for Key-Derivation Methods in Key-Establishment Schemes 密钥建立方案中密钥导出方法的建议 Final 4/16/2018
SP 800-56A Rev. 3 Recommendation for Pair-Wise Key-Establishment Schemes Using Discrete Logarithm Cryptography 使用离散对数密码学的明智配对密钥建立方案的建议 Final 4/16/2018
NISTIR 8179 Criticality Analysis Process Model: Prioritizing Systems and Components 关键性分析过程模型:确定系统和组件的优先级 Final 4/09/2018
ITL Bulletin Safeguards for Securing Virtualized Servers 保护虚拟服务器的安全措施 Final 3/27/2018
SP 800-160 Vol. 1 Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems 系统安全工程:可信安全系统工程中多学科方法的考虑 Final 3/21/2018
SP 500-325 Fog Computing Conceptual Model 雾计算概念模型 Final 3/14/2018
ITL Bulletin Securing Tomorrow’s Information Through Post-Quantum Cryptography 通过后量子密码保护明天的信息 Final 2/27/2018
SP 800-70 Rev. 4 National Checklist Program for IT Products: Guidelines for Checklist Users and Developers 国家IT产品清单程序:清单用户和开发人员指南 Final 2/15/2018
SP 800-126 Rev. 3 The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.3 安全内容自动化协议(SCAP)的技术规范:SCAP版本1.3 Final 2/14/2018
SP 800-126A SCAP 1.3 Component Specification Version Updates: An Annex to NIST Special Publication 800-126 Revision 3 SCAP 1.3组件规范版本更新:NIST特殊出版物800-126修订版3的附件 Final 2/14/2018
White Paper [Project Description] Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events [项目描述]数据完整性:识别和保护资产免受勒索软件和其他破坏性事件的侵害 Final 2/07/2018
White Paper [Project Description] Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events [项目描述]数据完整性:检测并响应勒索软件和其他破坏性事件 Final 2/07/2018
ITL Bulletin Guidance for Improving LTE-Based Mobile Communications Security 改善基于LTE的移动通信安全性的指南 Final 1/29/2018
White Paper Security Considerations for Code Signing 代码签名的安全注意事项 Final 1/26/2018
White Paper [Project Description] Securing Picture Archiving and Communication System (PACS): Cybersecurity for the Healthcare Sector [项目描述]保护图片存档和通信系统(PACS):医疗保健行业的网络安全 Final 1/23/2018
SP 1800-6 Domain Name System-Based Electronic Mail Security 基于域名系统的电子邮件安全 Final 1/19/2018
NISTIR 8149 Developing Trust Frameworks to Support Identity Federations 开发信任框架以支持身份联合 Final 1/12/2018
NISTIR 8112 Attribute Metadata: A Proposed Schema for Evaluating Federated Attributes 属性元数据:用于评估联合属性的建议方案 Final 1/12/2018
SP 800-90B Recommendation for the Entropy Sources Used for Random Bit Generation 对用于随机位生成的熵源的建议 Final 1/10/2018
NISTIR 8201 Internet of Things (IoT) Cybersecurity Colloquium: A NIST Workshop Proceedings 物联网(IoT)网络安全研讨会:NIST研讨会论文集 Final 12/22/2017
SP 800-187 Guide to LTE Security LTE安全指南 Final 12/21/2017
White Paper [Project Description] Mitigating IoT-based Distributed Denial of Service (DDOS) [项目描述]缓解基于IoT的分布式拒绝服务(DDOS) Final 12/14/2017
ITL Bulletin Guidance on TDEA Block Ciphers TDEA分组密码指南 Final 11/27/2017
SP 800-67 Rev. 2 Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher 关于三重数据加密算法(TDEA)分组密码的建议 Final 11/17/2017
White Paper [Project Description] TLS Server Certificate Management [项目描述] TLS服务器证书管理 Final 11/09/2017
ITL Bulletin NIST Guidance on Application Container Security NIST应用容器安全指南 Final 10/24/2017
White Paper NSRL Kaspersky dataset documentation NSRL卡巴斯基数据集文档 Final 10/23/2017
NISTIR 8176 Security Assurance Requirements for Linux Application Container Deployments Linux应用程序容器部署的安全性保证要求 Final 10/11/2017
NISTIR 8194 Exploratory Lens Model of Decision-Making in a Potential Phishing Attack Scenario 潜在的网络钓鱼攻击场景中的决策探索性透镜模型 Final 10/10/2017
SP 800-195 2016 NIST/ITL Cybersecurity Program Annual Report 2016 NIST / ITL网络安全计划年度报告 Final 9/28/2017
ITL Bulletin Updating the Keys for DNS Security 更新密钥以提高DNS安全性 Final 9/27/2017
SP 800-190 Application Container Security Guide 应用容器安全指南 Final 9/25/2017
NISTIR 8192 Enhancing Resilience of the Internet and Communications Ecosystem: A NIST Workshop Proceedings 增强Internet和通信生态系统的弹性:NIST研讨会论文集 Final 9/18/2017
White Paper [Project Description] Securing Property Management Systems: Cybersecurity for the Hospitality Sector [项目描述]保护财产管理系统的安全:酒店业的网络安全 Final 9/13/2017
ITL Bulletin Understanding the Major Update to NIST SP 800-63: Digital Identity Guidelines 了解NIST SP 800-63的主要更新:数字身份准则 Final 8/29/2017
SP 800-181 National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework 国家网络安全教育倡议(NICE)网络安全劳动力框架 Final 8/07/2017
ITL Bulletin Updated NIST Guidance for Bluetooth Security 更新了NIST蓝牙安全性指南 Final 7/25/2017
White Paper An Elementary Proof of Private Random Number Generation from Bell Inequalities 贝尔不等式生成私人随机数的基本证明 Final 7/20/2017
White Paper [Project Description] Secure Inter-Domain Routing–Part 1: Route Hijacks [项目描述]安全的域间路由-第1部分:路由劫持 Final 7/06/2017
White Paper SPHINCS-Simpira: Fast Stateless Hash-based Signatures with Post-quantum Security SPHINCS-Simpira:具有后量子安全性的基于无状态哈希的快速签名 Final 6/29/2017
SP 800-192 Verification and Test Methods for Access Control Policies/Models 访问控制策略/模型的验证和测试方法 Final 6/27/2017
White Paper Tightly Secure Short Signatures from Weak PRFs 弱PRF严格保护短签名 Final 6/27/2017
SP 800-12 Rev. 1 An Introduction to Information Security 信息安全概论 Final 6/22/2017
ITL Bulletin Toward Standardizing Lightweight Cryptography 迈向标准化轻量化密码学 Final 6/20/2017
NISTIR 8011 Vol. 2 Automation Support for Security Control Assessments: Volume 2: Hardware Asset Management 安全控制评估的自动化支持:第2卷:硬件资产管理 Final 6/06/2017
NISTIR 8011 Vol. 1 Automation Support for Security Control Assessments: Volume 1: Overview 安全控制评估的自动化支持:第1卷:概述 Final 6/06/2017
White Paper Graphical Methods in Device-Independent Quantum Cryptography 与设备无关的量子密码学中的图形方法 Final 5/25/2017
SP 800-121 Rev. 2 Guide to Bluetooth Security 蓝牙安全性指南 Final 5/08/2017
ITL Bulletin Cyber-Threat Intelligence and Information Sharing 网络威胁情报和信息共享 Final 5/08/2017
ITL Bulletin Building the Bridge Between Privacy and Cybersecurity for Federal Systems 搭建联邦系统的隐私和网络安全之间的桥梁 Final 4/18/2017
White Paper Baldrige Cybersecurity Excellence Builder: Key questions for improving your organization’s cybersecurity performance Baldrige网络安全卓越构建器:改善组织的网络安全绩效的关键问题 Final 4/02/2017
NISTIR 8114 Report on Lightweight Cryptography 轻型密码学报告 Final 3/28/2017
ITL Bulletin Fundamentals of Small Business Information Security 小型企业信息安全基础 Final 3/13/2017
White Paper [Project Description] Capabilities Assessment for Securing Manufacturing Industrial Control Systems [项目描述]保障制造业工业控制系统能力的评估 Final 3/09/2017
ITL Bulletin Guide for Cybersecurity Incident Recovery 网络安全事件恢复指南 Final 2/17/2017
NISTIR 8165 Impact of Code Complexity on Software Analysis 代码复杂度对软件分析的影响 Final 2/09/2017
NISTIR 8136 An Overview of Mobile Application Vetting Services for Public Safety 面向公共安全的移动应用程序审查服务概述 Final 1/27/2017
ITL Bulletin Dramatically Reducing Software Vulnerabilities 大大减少软件漏洞 Final 1/17/2017
NISTIR 8062 An Introduction to Privacy Engineering and Risk Management in Federal Systems 联邦系统中的隐私工程和风险管理简介 Final 1/04/2017
SP 800-184 Guide for Cybersecurity Event Recovery 网络安全事件恢复指南 Final 12/22/2016
SP 800-185 SHA-3 Derived Functions: cSHAKE, KMAC, TupleHash, and ParallelHash SHA-3派生函数:cSHAKE,KMAC,TupleHash和ParallelHash Final 12/22/2016
ITL Bulletin Rethinking Security Through Systems Security Engineering 通过系统安全工程重新考虑安全性 Final 12/21/2016
SP 800-179 Guide to Securing Apple OS X 10.10 Systems for IT Professionals: A NIST Security Configuration Checklist 适用于IT专业人员的Apple OS X 10.10系统安全指南:NIST安全配置清单 Final 12/05/2016
NISTIR 8151 Dramatically Reducing Software Vulnerabilities: Report to the White House Office of Science and Technology Policy 大幅减少软件漏洞:向白宫科学技术政策办公室报告 Final 11/30/2016
White Paper [Project Description] Mobile Application Single Sign-On: for Public Safety and First Responders [项目描述]移动应用程序单点登录:公共安全和急救人员 Final 11/28/2016
ITL Bulletin Exploring the Next Generation of Access Control Methodologies 探索下一代访问控制方法 Final 11/21/2016
SP 500-320 Report of the Workshop on Software Measures and Metrics to Reduce Security Vulnerabilities (SwMM-RSV) 减少安全漏洞的软件措施和指标研讨会的报告(SwMM-RSV) Final 11/10/2016
NISTIR 7621 Rev. 1 Small Business Information Security: The Fundamentals 小型企业信息安全:基础知识 Final 11/03/2016
ITL Bulletin Making Email Trustworthy 使电子邮件值得信赖 Final 10/24/2016
SP 800-38B Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication 分组密码操作模式的建议:认证的CMAC模式 Final 10/06/2016
SP 800-150 Guide to Cyber Threat Information Sharing 网络威胁信息共享指南 Final 10/04/2016
SP 800-178 A Comparison of Attribute Based Access Control (ABAC) Standards for Data Service Applications: Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC) 数据服务应用的基于属性的访问控制(ABAC)标准的比较:可扩展访问控制标记语言(XACML)和下一代访问控制(NGAC) Final 10/03/2016
ITL Bulletin Demystifying the Internet of Things 揭开物联网的神秘面纱 Final 9/23/2016
White Paper [Project Description] Multifactor Authentication for e-Commerce: Online Authentication for the Retail Sector [项目描述]电子商务的多因素身份验证:零售部门的在线身份验证 Final 9/20/2016
NISTIR 8103 Advanced Identity Workshop on Applying Measurement Science in the Identity Ecosystem: Summary and Next Steps 关于在身份生态系统中应用测量科学的高级身份研讨会:摘要和后续步骤 Final 9/19/2016
SP 800-175A Guideline for Using Cryptographic Standards in the Federal Government: Directives, Mandates and Policies 联邦政府中使用加密标准的指南:指令,授权和政策 Final 8/22/2016
SP 800-182 Computer Security Division 2015 Annual Report 计算机安全司2015年度报告 Final 8/10/2016
ITL Bulletin NIST Updates Personal Identity Verification (PIV) Guidelines NIST更新了个人身份验证(PIV)指南 Final 8/09/2016
SP 800-114 Rev. 1 User’s Guide to Telework and Bring Your Own Device (BYOD) Security 远程办公和自带设备(BYOD)安全性用户指南 Final 7/29/2016
SP 800-46 Rev. 2 Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security 企业远程办公,远程访问和自带设备(BYOD)安全性指南 Final 7/29/2016
SP 800-183 Networks of ‘Things’ “事物”网络 Final 7/28/2016
NISTIR 8080 Usability and Security Considerations for Public Safety Mobile Authentication 公共安全移动身份验证的可用性和安全性注意事项 Final 7/27/2016
ITL Bulletin Improving Security and Software Management Through the Use of SWID Tags 通过使用SWID标签改善安全性和软件管理 Final 7/13/2016
SP 800-166 Derived PIV Application and Data Model Test Guidelines 衍生的PIV应用程序和数据模型测试准则 Final 6/06/2016
ITL Bulletin Extending Network Security into Virtualized Infrastructure 将网络安全扩展到虚拟化基础架构 Final 6/03/2016
NISTIR 8135 Identifying and Categorizing Data Types for Public Safety Mobile Applications: Workshop Report 识别和分类公共安全移动应用程序的数据类型:研讨会报告 Final 6/01/2016
SP 800-156 Representation of PIV Chain-of-Trust for Import and Export 进出口PIV信任链的表示形式 Final 5/20/2016
White Paper User’s Guide to Running the Draft NIST SP 800-90B Entropy Estimation Suite 运行NIST SP 800-90B熵估算套件草案的用户指南 Final 5/12/2016
ITL Bulletin Combinatorial Testing for Cybersecurity and Reliability 网络安全性和可靠性的组合测试 Final 5/12/2016
White Paper [Project Description] Data Integrity: Recovering from a destructive malware attack [项目描述]数据完整性:从破坏性恶意软件攻击中恢复 Final 5/09/2016
NISTIR 8105 Report on Post-Quantum Cryptography 量子后密码学报告 Final 4/28/2016
NISTIR 8040 Measuring the Usability and Security of Permuted Passwords on Mobile Platforms 测量移动平台上排列密码的可用性和安全性 Final 4/25/2016
NISTIR 8060 Guidelines for the Creation of Interoperable Software Identification (SWID) Tags 创建互操作软件标识(SWID)标签的准则 Final 4/22/2016
White Paper Best Practices for Privileged User PIV Authentication 特权用户PIV身份验证的最佳做法 Final 4/21/2016
ITL Bulletin New NIST Security Standard Can Protect Credit Cards, Health Information 新的NIST安全标准可以保护信用卡,健康信息 Final 4/14/2016
SP 800-85A-4 PIV Card Application and Middleware Interface Test Guidelines (SP 800-73-4 Compliance) PIV卡应用程序和中间件接口测试指​​南(符合SP 800-73-4) Final 4/13/2016
NISTIR 7977 NIST Cryptographic Standards and Guidelines Development Process NIST加密标准和准则制定流程 Final 3/31/2016
SP 800-38G Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption 分组密码操作模式的建议:保留格式的加密方法 Final 3/29/2016
NISTIR 8054 NSTIC Pilots: Catalyzing the Identity Ecosystem NSTIC试点:催化身份生态系统 Final 3/15/2016
ITL Bulletin Updates to the NIST SCAP Validation Program and Associated Test Requirements NIST SCAP验证程序和相关测试要求的更新 Final 3/15/2016
SP 800-125B Secure Virtual Network Configuration for Virtual Machine (VM) Protection 用于虚拟机(VM)保护的安全虚拟网络配置 Final 3/07/2016
Building Block [Project Description] Domain Name System-Based Security for Electronic Mail [项目描述]基于域名系统的电子邮件安全性 Final 3/04/2016
ITL Bulletin Implementing Trusted Geolocation Services in the Cloud 在云中实施可信的地理位置服务 Final 2/17/2016
SP 800-73-4 Interfaces for Personal Identity Verification 个人身份验证界面 Final 2/12/2016
NISTIR 7511 Rev. 4 Security Content Automation Protocol (SCAP) Version 1.2 Validation Program Test Requirements 安全内容自动化协议(SCAP)1.2版验证程序测试要求 Final 1/28/2016
NISTIR 8055 Derived Personal Identity Verification (PIV) Credentials (DPC) Proof of Concept Research 概念研究的派生个人身份验证(PIV)凭证(DPC)证明 Final 1/20/2016
ITL Bulletin Securing Interactive and Automated Access Management Using Secure Shell (SSH) 使用安全外壳(SSH)保护交互式和自动访问管理的安全 Final 1/11/2016
NISTIR 8074 Vol. 2 Supplemental Information for the Interagency Report on Strategic U.S. Government Engagement in International Standardization to Achieve U.S. Objectives for Cybersecurity 关于美国政府战略性参与国际标准化以实现美国网络安全目标的机构间报告的补充信息 Final 12/23/2015
NISTIR 8074 Vol. 1 Interagency Report on Strategic U.S. Government Engagement in International Standardization to Achieve U.S. Objectives for Cybersecurity 关于美国政府战略参与国际标准化以实现美国网络安全目标的机构间报告 Final 12/23/2015
ITL Bulletin Stopping Malware and Unauthorized Software through Application Whitelisting 通过应用白名单停止恶意软件和未经授权的软件 Final 12/15/2015
NISTIR 7904 Trusted Geolocation in the Cloud: Proof of Concept Implementation 云中的可信地理位置:概念验证实施 Final 12/10/2015
Use Case [Project Description] Wireless Medical Infusion Pumps: Medical Device Security [项目描述]无线医用输液泵:医疗设备安全 Final 12/01/2015
ITL Bulletin Tailoring Security Controls for Industrial Control Systems 定制工业控制系统的安全控制 Final 11/16/2015
SP 800-152 A Profile for U.S. Federal Cryptographic Key Management Systems (CKMS) 美国联邦密码密钥管理系统(CKMS)的配置文件 Final 10/28/2015
SP 800-167 Guide to Application Whitelisting 申请白名单指南 Final 10/28/2015
NISTIR 7987 Rev. 1 Policy Machine: Features, Architecture, and Specification 策略机器:功能,体系结构和规范 Final 10/27/2015
White Paper The Number of Boolean Functions with Multiplicative Complexity 2 具有乘法复杂度的布尔函数数2 Final 10/27/2015
NISTIR 8053 De-Identification of Personal Information 取消个人信息识别 Final 10/22/2015
ITL Bulletin Protection of Controlled Unclassified Information 保护受控的非保密信息 Final 10/19/2015
NISTIR 7966 Security of Interactive and Automated Access Management Using Secure Shell (SSH) 使用安全外壳(SSH)的交互式自动访问管理的安全性 Final 10/15/2015
ITL Bulletin Additional Secure Hash Algorithm Standards Offer New Opportunities for Data Protection 其他安全哈希算法标准为数据保护提供了新的机会 Final 9/24/2015
White Paper Multiplicative Complexity of Vector Value Boolean Functions 向量值布尔函数的乘法复杂度 Final 9/21/2015
Building Block [Project Description] Software Asset Management: Continuous Monitoring [项目描述]软件资产管理:持续监控 Final 9/16/2015
SP 800-176 Computer Security Division 2014 Annual Report 计算机安全司2014年度报告 Final 8/20/2015
ITL Bulletin Recommendation for Random Number Generation Using Deterministic Random Bit Generators 使用确定性随机位生成器生成随机数的建议 Final 8/13/2015
FIPS 180-4 Secure Hash Standard (SHS) 安全哈希标准(SHS) Final 8/04/2015
FIPS 202 SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions SHA-3标准:基于置换的哈希和可扩展输出函数 Final 8/04/2015
SP 800-79-2 Guidelines for the Authorization of Personal Identity Verification Card Issuers (PCI) and Derived PIV Credential Issuers (DPCI) 授权个人身份验证卡发行人(PCI)和派生PIV凭证发行人(DPCI)的准则 Final 7/30/2015
ITL Bulletin Improved Security and Mobility Through Updated Interfaces for PIV Cards 通过更新的PIV卡接口提高了安全性和移动性 Final 7/21/2015
SP 800-90A Rev. 1 Recommendation for Random Number Generation Using Deterministic Random Bit Generators 使用确定性随机位生成器生成随机数的建议 Final 6/24/2015
SP 500-304 Conformance Testing Methodology Framework for ANSI/NIST-ITL 1-2011 Update: 2013, Data Format for the Interchange of Fingerprint, Facial & Other Biometric Information ANSI / NIST-ITL 1-2011更新的一致性测试方法框架,2013年,指纹,面部和其他生物识别信息互换的数据格式 Final 6/24/2015
NISTIR 7863 Cardholder Authentication for the PIV Digital Signature Key PIV数字签名密钥的持卡人身份验证 Final 6/18/2015
ITL Bulletin Increasing Visibility and Control of Your ICT Supply Chains 增强ICT供应链的可见性和控制力 Final 6/15/2015
White Paper Final Report: Leveraging the Cyber Risk Portal as A Teaching & Education Tool 最终报告:利用网络风险门户作为教学工具 Final 6/10/2015
SP 800-82 Rev. 2 Guide to Industrial Control Systems (ICS) Security 工业控制系统(ICS)安全性指南 Final 6/03/2015
SP 800-78-4 Cryptographic Algorithms and Key Sizes for Personal Identity Verification 用于个人身份验证的密码算法和密钥大小 Final 5/29/2015
ITL Bulletin Authentication Considerations for Public Safety Mobile Networks 公共安全移动网络的身份验证注意事项 Final 5/14/2015
ITL Bulletin Is Your Replication Device Making An Extra Copy For Someone Else? 您的复制设备是否为其他人制作了额外的副本? Final 4/16/2015
NISTIR 8041 Proceedings of the Cybersecurity for Direct Digital Manufacturing (DDM) Symposium 直接数字制造(DDM)网络安全研讨会论文集 Final 4/10/2015
SP 800-161 Supply Chain Risk Management Practices for Federal Information Systems and Organizations 联邦信息系统和组织的供应链风险管理实践 Final 4/08/2015
White Paper Analysis of VAES3 (FF2) VAES3(FF2)的分析 Final 4/02/2015
Building Block V.2 [Project Description] Attribute Based Access Control [项目描述]基于属性的访问控制 Final 4/01/2015
NISTIR 8014 Considerations for Identity Management in Public Safety Mobile Networks 公共安全移动网络中身份管理的注意事项 Final 3/30/2015
ITL Bulletin Guidance for Secure Authorization of Mobile Applications in the Corporate Environment 企业环境中移动应用程序的安全授权指南 Final 3/19/2015
White Paper User’s Guide to Running the Draft NIST SP 800-90B Section 9 Entropy Estimation Tests NIST SP 800-90B草案运行用户指南第9节熵估算测试 Final 3/10/2015
NISTIR 7823 Advanced Metering Infrastructure Smart Meter Upgradeability Test Framework 先进的计量基础设施智能电表可升级性测试框架 Final 3/02/2015
NISTIR 8023 Risk Management for Replication Devices 复制设备的风险管理 Final 2/23/2015
ITL Bulletin NIST Special Publication 800-88 Revision 1, Guidelines for Media Sanitization NIST特别出版物800-88修订版1,媒体清理准则 Final 2/05/2015
ITL Bulletin Release of NIST Special Publication 800-53A, Revision 4, Assessing Security and Privacy Controls in Federal Information Systems and Organizations NIST特别出版物800-53A,修订版4的发布,评估联邦信息系统和组织中的安全性和隐私控制 Final 1/29/2015
SP 800-53 Rev. 4 Security and Privacy Controls for Federal Information Systems and Organizations 联邦信息系统和组织的安全和隐私控制 Final 1/22/2015
NISTIR 8018 Public Safety Mobile Application Security Requirements Workshop Summary 公共安全移动应用安全要求研讨会总结 Final 1/22/2015
SP 800-57 Part 3 Rev. 1 Recommendation for Key Management, Part 3: Application-Specific Key Management Guidance 密钥管理建议,第3部分:特定于应用程序的密钥管理指南 Final 1/22/2015
ITL Bulletin Release Of NIST Special Publication 800-157, Guidelines For Derived Personal Identity Verification (PIV) Credentials 发布NIST特别出版物800-157,派生个人身份验证(PIV)凭据准则 Final 12/30/2014
SP 800-157 Guidelines for Derived Personal Identity Verification (PIV) Credentials 派生个人身份验证(PIV)凭据准则 Final 12/19/2014
SP 800-53A Rev. 4 Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans 评估联邦信息系统和组织中的安全和隐私控制:建立有效的评估计划 Final 12/18/2014
SP 800-88 Rev. 1 Guidelines for Media Sanitization 媒体消毒准则 Final 12/17/2014
ITL Bulletin Cryptographic Module Validation Program (CMVP) 密码模块验证程序(CMVP) Final 12/01/2014
ITL Bulletin Release of NIST Special Publication 800-147B, BIOS Protection Guidelines for Servers NIST特殊出版物800-147B,服务器的BIOS保护准则的发布 Final 10/29/2014
ITL Bulletin Release of NIST Interagency Report 7628 Revision 1, Guidelines for Smart Grid Cybersecurity 发布NIST Inter机构间报告7628修订版1,《智能电网网络安全指南》 Final 9/29/2014
NISTIR 7628 Rev. 1 Guidelines for Smart Grid Cybersecurity 智能电网网络安全准则 Final 9/25/2014
Building Block V.2 [Project Description] Mobile Device Security for Enterprises [项目描述]企业移动设备安全 Final 9/12/2014
SP 800-170 Computer Security Division 2013 Annual Report 计算机安全部2013年度报告 Final 9/04/2014
SP 800-147B BIOS Protection Guidelines for Servers 服务器的BIOS保护准则 Final 8/28/2014
ITL Bulletin Policy Machine: Towards a General-Purpose Enterprise-Wide Operating Environment 策略机器:迈向通用的企业范围操作环境 Final 8/28/2014
ITL Bulletin Release of NIST Interagency Report 7946, CVSS Implementation Guidance 发布NIST机构间报告7946,CVSS实施指南 Final 7/10/2014
SP 800-168 Approximate Matching: Definition and Terminology 近似匹配:定义和术语 Final 7/02/2014
ITL Bulletin ITL Forensic Science Program ITL法医学计划 Final 6/05/2014
SP 800-101 Rev. 1 Guidelines on Mobile Device Forensics 移动设备取证准则 Final 5/15/2014
ITL Bulletin Small and Medium-Size Business Information Security Outreach Program 中小型企业信息安全推广计划 Final 5/13/2014
NISTIR 7946 CVSS Implementation Guidance CVSS实施指南 Final 4/28/2014
NISTIR 7991 United States Federal Employees’ Password Management Behaviors – A Department of Commerce Case Study 美国联邦雇员的密码管理行为–商务部案例研究 Final 4/08/2014
ITL Bulletin Attribute Based Access Control (ABAC) Definition and Considerations 基于属性的访问控制(ABAC)定义和注意事项 Final 3/07/2014
NISTIR 7849 A Methodology for Developing Authentication Assurance Level Taxonomy for Smart Card-based Identity Verification 开发用于基于智能卡的身份验证的身份验证保证级别分类法的方法 Final 3/05/2014
White Paper NISTIR 7628 User’s Guide NISTIR 7628用户指南 Final 2/26/2014
White Paper Summary of NIST SP 800-53, Revision 4: Security and Privacy Controls for Federal Information Systems and Organizations NIST SP 800-53,修订版4的摘要:联邦信息系统和组织的安全和隐私控制 Final 2/19/2014
ITL Bulletin Framework for Improving Critical Infrastructure Cybersecurity 改善关键基础设施网络安全的框架 Final 2/19/2014
White Paper Framework for Improving Critical Infrastructure Cybersecurity, Version 1.0 改进关键基础设施网络安全的框架,版本1.0 Final 2/12/2014
NISTIR 7983 Report: Authentication Diary Study 报告:认证日记研究 Final 2/04/2014
ITL Bulletin A Profile of the Key Management Framework for the Federal Government 联邦政府关键管理框架简介 Final 1/09/2014
ITL Bulletin The National Vulnerability Database (NVD): Overview 国家漏洞数据库(NVD):概述 Final 12/18/2013
NISTIR 7970 Taxonomic Rules for Password Policies: Translating the Informal to the Formal Language 密码策略的分类规则:将非正式语言转换为正式语言 Final 12/09/2013
Use Case Identity and Access Management: Securing Networked Infrastructure for the Energy Sector 身份和访问管理:确保能源部门的网络基础架构安全 Final 11/05/2013
ITL Bulletin ITL Releases Preliminary Cybersecurity Framework ITL发布初步网络安全框架 Final 11/04/2013
ITL Bulletin ITL Updates Federal Information Processing Standard (FIPS) for Personal Identity Verification (PIV) of Federal Employees and Contractors ITL更新了联邦信息处理标准(FIPS),用于联邦雇员和承包商的个人身份验证(PIV) Final 10/22/2013
NISTIR 7956 Cryptographic Key Management Issues & Challenges in Cloud Services 云服务中的密码密钥管理问题和挑战 Final 9/18/2013
NISTIR 7957 Conformance Test Architecture and Test Suite for ANSI/NIST-ITL 1-2011 NIEM XML Encoded Transactions ANSI / NIST-ITL 1-2011 NIEM XML编码交易的一致性测试架构和测试套件 Final 9/18/2013
SP 800-81-2 Secure Domain Name System (DNS) Deployment Guide 安全域名系统(DNS)部署指南 Final 9/18/2013
ITL Bulletin NIST Opens Draft Special Publication 800-90A, Recommendation for Random Number Generation Using Deterministic Random Bit Generators, For Review and Comment (Supplemental ITL Bulletin for September 2013) NIST公开了特别出版物草案800-90A,《使用确定性随机位发生器生成随机数的建议》,以供审查和评论(2013年9月补充ITL公告) Final 9/09/2013
FIPS 201-2 Personal Identity Verification (PIV) of Federal Employees and Contractors 联邦雇员和承包商的个人身份验证(PIV) Final 9/05/2013
ITL Bulletin ITL Publishes Guidance on Preventing and Handling Malware Incidents 国际交易日志发布了预防和处理恶意软件事件的指南 Final 8/22/2013
SP 800-130 A Framework for Designing Cryptographic Key Management Systems 设计密码密钥管理系统的框架 Final 8/15/2013
ITL Bulletin ITL Publishes Guidance on Enterprise Patch Management Technologies ITL发布有关企业补丁管理技术的指南 Final 8/08/2013
SP 800-165 Computer Security Division 2012 Annual Report 计算机安全司2012年度报告 Final 7/22/2013
SP 800-40 Rev. 3 Guide to Enterprise Patch Management Technologies 企业补丁管理技术指南 Final 7/22/2013
SP 800-83 Rev. 1 Guide to Malware Incident Prevention and Handling for Desktops and Laptops 台式机和笔记本电脑的恶意软件事件预防和处理指南 Final 7/22/2013
FIPS 186-4 Digital Signature Standard (DSS) 数字签名标准(DSS) Final 7/19/2013
ITL Bulletin ITL Issues Guidelines for Managing the Security of Mobile Devices ITL发行管理移动设备安全性的准则 Final 7/15/2013
SP 800-76-2 Biometric Specifications for Personal Identity Verification 个人身份验证的生物识别规范 Final 7/11/2013
White Paper Summary of the Workshop on Information and Communication Technologies Supply Chain Risk Management, National Institute of Standards and Technology, October 15-16, 2012 美国国家标准技术研究院信息与通信技术供应链风险管理研讨会摘要,2012年10月15日至16日 Final 7/10/2013
SP 800-124 Rev. 1 Guidelines for Managing the Security of Mobile Devices in the Enterprise 企业中移动设备安全性管理准则 Final 6/21/2013
NISTIR 7933 Requirements and Conformance Test Assertions for ANSI/NIST-ITL 1-2011 Record Type 18 – DNA Record ANSI / NIST-ITL 1-2011记录类型18的要求和一致性测试断言-DNA记录 Final 6/21/2013
ITL Bulletin ITL Publishes Security And Privacy Controls For Federal Agencies ITL为联邦机构发布安全和隐私控制 Final 5/01/2013
ITL Bulletin Security Content Automation Protocol (SCAP) Version 1.2 Validation Program Test Requirements 安全内容自动化协议(SCAP)1.2版验证程序测试要求 Final 4/10/2013
ITL Bulletin NIST to Develop a Cybersecurity Framework to Protect Critical Infrastructure NIST将开发网络安全框架来保护关键基础设施 Final 3/21/2013
NISTIR 7916 Proceedings of the Cybersecurity in Cyber-Physical Systems Workshop, April 23-24, 2012 网络物理系统网络安全研讨会论文集,2012年4月23日至24日 Final 2/15/2013
ITL Bulletin Managing Identity Requirements for Remote Users of Information Systems to Protect System Security and Information Privacy 管理信息系统远程用户的身份要求以保护系统安全性和信息隐私 Final 1/29/2013
White Paper Summary of the Workshop on Cryptographic Key Management Systems (CKMS), National Institute of Standards and Technology, September 10-11, 2012 美国国家标准与技术研究院密码密钥管理系统(CKMS)研讨会摘要,2012年9月10日至11日 Final 1/10/2013
ITL Bulletin Generating Secure Cryptographic Keys: A Critical Component of Cryptographic Key Management and the Protection of Sensitive Information 生成安全的密码密钥:密码密钥管理和敏感信息保护的重要组成部分 Final 12/19/2012
SP 800-38F Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping 分组密码操作模式的建议:密钥包装方法 Final 12/13/2012
White Paper Proof of Concept for an ICT SCRM Enterprise Assessment Package ICT SCRM企业评估包的概念验证 Final 12/01/2012
NISTIR 7817 A Credential Reliability and Revocation Model for Federated Identities 联合身份的凭证可靠性和撤销模型 Final 11/29/2012
ITL Bulletin Practices for Managing Supply Chain Risks to Protect Federal Information Systems 管理供应链风险以保护联邦信息系统的实践 Final 11/27/2012
White Paper Challenging Security Requirements for US Government Cloud Computing Adoption 挑战美国政府采用云计算的安全性要求 Final 11/19/2012
NISTIR 7896 Third-Round Report of the SHA-3 Cryptographic Hash Algorithm Competition SHA-3密码哈希算法竞赛的第三轮报告 Final 11/15/2012
NISTIR 7878 Combinatorial Coverage Measurement 组合覆盖率测量 Final 10/26/2012
ITL Bulletin Conducting Information Security-Related Risk Assessments: Updated Guidelines for Comprehensive Risk Management Programs 进行与信息安全相关的风险评估:全面风险管理计划的最新准则 Final 10/25/2012
NISTIR 7622 Notional Supply Chain Risk Management Practices for Federal Information Systems 联邦信息系统的名义供应链风险管理实践 Final 10/16/2012
ITL Bulletin Revised Guide Helps Organizations Handle Security Related Incidents 经修订的指南可帮助组织处理与安全相关的事件 Final 9/27/2012
SP 800-30 Rev. 1 Guide for Conducting Risk Assessments 进行风险评估指南 Final 9/17/2012
NISTIR 7877 BioCTS 2012: Advanced Conformance Test Architectures and Test Suites for Biometric Data Interchange Formats and Biometric Information Records BioCTS 2012:适用于生物识别数据交换格式和生物识别信息记录的高级一致性测试体系结构和测试套件 Final 9/14/2012
NISTIR 7874 Guidelines for Access Control System Evaluation Metrics 访问控制系统评估指标准则 Final 9/14/2012
SP 800-107 Rev. 1 Recommendation for Applications Using Approved Hash Algorithms 使用经认可的哈希算法的应用建议 Final 8/24/2012
White Paper The Role of the National Institute of Standards and Technology in Mobile Security 美国国家标准技术研究院在移动安全中的作用 Final 8/23/2012
ITL Bulletin Security of Bluetooth Systems and Devices: Updated Guide Issued by the National Institute of Standards and Technology (NIST) 蓝牙系统和设备的安全性:美国国家标准技术研究院(NIST)发布的更新指南 Final 8/13/2012
SP 800-61 Rev. 2 Computer Security Incident Handling Guide 计算机安全事件处理指南 Final 8/06/2012
NISTIR 7867 Rev. 2012 Usability of PIV Smartcards for Logical Access PIV智能卡用于逻辑访问的可用性 Final 8/01/2012
NISTIR 7870 NIST Test Personal Identity Verification (PIV) Cards NIST测试个人身份验证(PIV)卡 Final 7/12/2012
ITL Bulletin Preparing for and Responding to Certification Authority Compromise and Fraudulent Certificate Issuance 准备和响应证书颁发机构的妥协和欺诈性证书颁发 Final 7/10/2012
NISTIR 7864 The Common Misuse Scoring System (CMSS): Metrics for Software Feature Misuse Vulnerabilities 常见滥用评分系统(CMSS):软件功能滥用漏洞的度量标准 Final 7/10/2012
ITL Bulletin Cloud Computing: A Review of Features, Benefits, and Risks, and Recommendations for Secure, Efficient Implementations 云计算:功能,收益和风险的回顾,以及有关安全,高效实施的建议 Final 6/27/2012
SP 800-146 Cloud Computing Synopsis and Recommendations 云计算简介和建议 Final 5/29/2012
ITL Bulletin Secure Hash Standard: Updated Specifications Approved and Issued as Federal Information Processing Standard (FIPS) 180-4 安全哈希标准:更新的规范已批准并发布为联邦信息处理标准(FIPS)180-4 Final 5/09/2012
NISTIR 7816 Computer Security Division 2011 Annual Report 计算机安全司2011年度报告 Final 5/08/2012
White Paper Adaptive Preimage Resistance Analysis Revisited: Requirements, Subtleties and Implications 自适应原像电阻分析:要求,细微之处和启示 Final 4/16/2012
ITL Bulletin Guidelines for Improving Security and Privacy in Public Cloud Computing 在公共云计算中提高安全性和隐私性的准则 Final 3/28/2012
SP 800-126 Rev. 2 The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.2 安全内容自动化协议(SCAP)的技术规范:SCAP版本1.2 Final 3/19/2012
NISTIR 7275 Rev. 4 Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2 可扩展配置清单描述格式(XCCDF)版本1.2的规范 Final 3/01/2012
ITL Bulletin Guidelines for Securing Wireless Local Area Networks (WLANs) 保护无线局域网(WLAN)的准则 Final 2/27/2012
SP 800-153 Guidelines for Securing Wireless Local Area Networks (WLANs) 保护无线局域网(WLAN)的准则 Final 2/21/2012
ITL Bulletin Advancing Security Automation and Standardization: Revised Technical Specifications Issued for the Security Content Automation Protocol (SCAP) 推进安全自动化和标准化:针对安全内容自动化协议(SCAP)发布的修订的技术规范 Final 1/24/2012
SP 800-135 Rev. 1 Recommendation for Existing Application-Specific Key Derivation Functions 有关现有的特定于应用程序的密钥派生功能的建议 Final 12/23/2011
ITL Bulletin Revised Guideline for Electronic Authentication of Users Helps Organizations Protect the Security of Their Information Systems 修订的用户电子身份验证指南可帮助组织保护其信息系统的安全性 Final 12/22/2011
SP 800-144 Guidelines on Security and Privacy in Public Cloud Computing 公共云计算中的安全性和隐私准则 Final 12/09/2011
White Paper The ICT SCRM Community Framework Development Project: Final Report ICT SCRM社区框架开发项目:最终报告 Final 12/01/2011
ITL Bulletin Continuous Monitoring of Information Security: An Essential Component of Risk Management 持续监控信息安全:风险管理的重要组成部分 Final 10/25/2011
SP 800-137 Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations 联邦信息系统和组织的信息安全连续监视(ISCM) Final 9/30/2011
SP 800-145 The NIST Definition of Cloud Computing NIST云计算的定义 Final 9/28/2011
ITL Bulletin Managing the Configuration of Information Systems with a Focus on Security 以安全为中心来管理信息系统的配置 Final 9/26/2011
NISTIR 7802 Trust Model for Security Automation Data 1.0 (TMSAD) 安全自动化数据1.0(TMSAD)的信任模型 Final 9/20/2011
NISTIR 7806 ANSI/NIST-ITL 1-2011 Requirements and Conformance Test Assertions ANSI / NIST-ITL 1-2011要求和一致性测试断言 Final 9/16/2011
NISTIR 7682 Information System Security Best Practices for UOCAVA-Supporting Systems UOCAVA支持系统的信息系统安全最佳实践 Final 9/15/2011
NISTIR 7711 Security Best Practices for the Electronic Transmission of Election Materials for UOCAVA Voters UOCAVA选民的电子传输选举材料的安全最佳实践 Final 9/15/2011
ITL Bulletin Protecting Industrial Control Systems – Key Components of Our Nation’s Critical Infrastructures 保护工业控制系统–国家关键基础设施的关键组成部分 Final 8/24/2011
NISTIR 7698 Common Platform Enumeration: Applicability Language Specification Version 2.3 通用平台枚举:适用语言规范版本2.3 Final 8/19/2011
NISTIR 7696 Common Platform Enumeration: Name Matching Specification Version 2.3 通用平台枚举:名称匹配规范版本2.3 Final 8/19/2011
NISTIR 7697 Common Platform Enumeration: Dictionary Specification Version 2.3 通用平台枚举:字典规范版本2.3 Final 8/19/2011
NISTIR 7695 Common Platform Enumeration: Naming Specification Version 2.3 通用平台枚举:命名规范版本2.3 Final 8/19/2011
NISTIR 7788 Security Risk Analysis of Enterprise Networks Using Probabilistic Attack Graphs 使用概率攻击图的企业网络安全风险分析 Final 8/01/2011
NISTIR 7815 Access Control for SAR Systems SAR系统的访问控制 Final 7/01/2011
ITL Bulletin Guidelines for Protecting Basic Input/Output System (BIOS) Firmware 保护基本输入/输出系统(BIOS)固件的准则 Final 6/28/2011
NISTIR 7791 Conformance Test Architecture and Test Suite for ANSI/NIST-ITL 1-2007 ANSI / NIST-ITL 1-2007的一致性测试体系结构和测试套件 Final 6/22/2011
NISTIR 7694 Specification for Asset Reporting Format 1.1 资产报告格式规范1.1 Final 6/21/2011
White Paper A depth-16 circuit for the AES S-box AES S盒的深度16电路 Final 6/17/2011
NISTIR 7693 Specification for Asset Identification 1.1 资产识别规范1.1 Final 6/17/2011
NISTIR 7751 Computer Security Division 2010 Annual Report 计算机安全司2010年度报告 Final 5/31/2011
ITL Bulletin Using Security Configuration Checklists and the National Checklist Program 使用安全配置清单和国家清单清单程序 Final 5/25/2011
SP 800-147 BIOS Protection Guidelines BIOS保护准则 Final 4/29/2011
ITL Bulletin Full Virtualization Technologies: Guidelines for Secure Implementation and Management 完全虚拟化技术:安全实施和管理准则 Final 4/25/2011
NISTIR 7692 Specification for the Open Checklist Interactive Language (OCIL) Version 2.0 开放清单交互语言(OCIL)2.0版规范 Final 4/07/2011
White Paper Assessing SCRM Capabilities and Perspectives of the IT Vendor Community: Toward a Cyber-Supply Chain Code of Practice 评估SCRM能力和IT供应商社区的观点:迈向网络供应链实践准则 Final 4/01/2011
ITL Bulletin Managing Information Security Risk: Organization, Mission and Information System View 管理信息安全风险:组织,任务和信息系统视图 Final 3/22/2011
SP 800-39 Managing Information Security Risk: Organization, Mission, and Information System View 管理信息安全风险:组织,任务和信息系统视图 Final 3/01/2011
NISTIR 7771 Conformance Test Architecture for Biometric Data Interchange Formats – Version Beta 2.0 生物识别数据交换格式的一致性测试体系结构-Beta 2.0版 Final 2/28/2011
SP 800-51 Rev. 1 Guide to Using Vulnerability Naming Schemes 使用漏洞命名方案的指南 Final 2/25/2011
SP 800-126 Rev. 1 The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.1 安全内容自动化协议(SCAP)的技术规范:SCAP版本1.1 Final 2/25/2011
NISTIR 7764 Status Report on the Second Round of the SHA-3 Cryptographic Hash Algorithm Competition SHA-3密码哈希算法竞赛第二轮状态报告 Final 2/23/2011
NISTIR 7770 Security Considerations for Remote Electronic UOCAVA Voting 远程电子UOCAVA投票的安全注意事项 Final 2/21/2011
ITL Bulletin Internet Protocol Version 6 (IPv6): NIST Guidelines Help Organizations Manage the Secure Deployment of the New Network Protocol Internet协议版本6(IPv6):NIST指南可帮助组织管理新网络协议的安全部署 Final 1/31/2011
SP 800-125 Guide to Security for Full Virtualization Technologies 完整虚拟化技术的安全性指南 Final 1/28/2011
SP 800-119 Guidelines for the Secure Deployment of IPv6 安全部署IPv6的准则 Final 12/29/2010
ITL Bulletin Securing WiMAX Wireless Communications 保护WiMAX无线通信 Final 12/27/2010
NISTIR 7502 The Common Configuration Scoring System (CCSS): Metrics for Software Security Configuration Vulnerabilities 通用配置评分系统(CCSS):软件安全配置漏洞的衡量指标 Final 12/27/2010
SP 800-132 Recommendation for Password-Based Key Derivation: Part 1: Storage Applications 基于密码的密钥派生建议:第1部分:存储应用程序 Final 12/22/2010
White Paper Economic Analysis of Role-Based Access Control: Final Report 基于角色的访问控制的经济分析:最终报告 Final 12/19/2010
ITL Bulletin The Exchange of Health Information: Designing a Security Architecture to Provide Information Security and Privacy 健康信息的交换:设计提供信息安全性和隐私性的安全体系结构 Final 11/23/2010
SP 800-34 Rev. 1 Contingency Planning Guide for Federal Information Systems 联邦信息系统应急计划指南 Final 11/11/2010
NISTIR 7773 An Application of Combinatorial Methods to Conformance Testing for Document Object Model Events 组合方法在文档对象模型事件一致性测试中的应用 Final 11/01/2010
SP 800-38A Addendum Recommendation for Block Cipher Modes of Operation: Three Variants of Ciphertext Stealing for CBC Mode 分组密码操作模式的建议:CBC模式的三种密文窃取方式 Final 10/21/2010
SP 800-142 Practical Combinatorial Testing 实用组合测试 Final 10/07/2010
NISTIR 7497 Security Architecture Design Process for Health Information Exchanges (HIEs) 健康信息交换(HIE)的安全体系结构设计过程 Final 9/30/2010
ITL Bulletin Security Content Automation Protocol (SCAP): Helping Organizations Maintain and Verify the Security of Their Information Systems 安全内容自动化协议(SCAP):帮助组织维护和验证其信息系统的安全性 Final 9/27/2010
NISTIR 7601 Framework for Emergency Response Officials (ERO): Authentication and Authorization Infrastructure 紧急响应官员(ERO)框架:身份验证和授权基础结构 Final 8/31/2010
ITL Bulletin Contingency Planning for Information Systems: Updated Guide for Federal Organizations 信息系统应急计划:联邦组织的最新指南 Final 7/20/2010
NISTIR 7559 Forensics Web Services (FWS) 取证Web服务(FWS) Final 6/30/2010
ITL Bulletin How to Identify Personnel with Significant Responsibilities for Information Security 如何识别对信息安全负有重大责任的人员 Final 6/22/2010
NISTIR 7676 Maintaining and Using Key History on Personal Identity Verification (PIV) Cards 维护和使用个人身份验证(PIV)卡上的密钥历史记录 Final 6/18/2010
SP 800-22 Rev. 1a A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications 用于密码学应用的随机和伪随机数生成器的统计测试套件 Final 4/30/2010
ITL Bulletin Guide to Protecting Personally Identifiable Information 保护个人身份信息指南 Final 4/28/2010
SP 800-122 Guide to Protecting the Confidentiality of Personally Identifiable Information (PII) 保护个人身份信息(PII)机密性指南 Final 4/06/2010
NISTIR 7657 A Report on the Privilege (Access) Management Workshop 特权(访问)管理研讨会的报告 Final 3/30/2010
ITL Bulletin Revised Guide Helps Federal Organizations Improve Their Risk Management Practices and Information System Security 经修订的指南可帮助联邦组织改善其风险管理实践和信息系统安全性 Final 3/29/2010
NISTIR 7653 Computer Security Division 2009 Annual Report 计算机安全司2009年度报告 Final 3/23/2010
ITL Bulletin Secure Management of Keys in Cryptographic Applications: Guidance for Organizations 加密应用程序中密钥的安全管理:组织指南 Final 2/24/2010
NISTIR 7658 Guide to SIMfill Use and Development SIMfill使用和开发指南 Final 2/24/2010
ITL Bulletin Security Metrics: Measurements to Support the Continued Development of Information Security Technology 安全指标:支持信息安全技术持续发展的措施 Final 1/27/2010
SP 800-38E Recommendation for Block Cipher Modes of Operation: the XTS-AES Mode for Confidentiality on Storage Devices 块密码模式的建议:存储设备的机密性的XTS-AES模式 Final 1/18/2010
NISTIR 7609 Cryptographic Key Management Workshop Summary — June 8-9, 2009 加密密钥管理研讨会摘要-2009年6月8日至9日 Final 1/08/2010
NISTIR 7665 Proceedings of the Privilege Management Workshop, September 1-3, 2009 特权管理研讨会论文集,2009年9月1-3日 Final 1/01/2010
ITL Bulletin Cybersecurity Fundamentals for Small Business Owners 小型企业所有者的网络安全基础知识 Final 11/19/2009
ITL Bulletin Protecting Information Systems with Firewalls: Revised Guidelines on Firewall Technologies and Policies 使用防火墙保护信息系统:修订的防火墙技术和策略指南 Final 10/29/2009
NISTIR 7617 Mobile Forensic Reference Materials: a Methodology and Reification 流动取证参考材料:方法论和修正 Final 10/14/2009
SP 800-108 Recommendation for Key Derivation Using Pseudorandom Functions (Revised) 使用伪随机函数推导密钥的建议(修订版) Final 10/01/2009
NISTIR 7581 System and Network Security Acronyms and Abbreviations 系统和网络安全首字母缩写词和缩写 Final 9/30/2009
SP 800-41 Rev. 1 Guidelines on Firewalls and Firewall Policy 防火墙和防火墙策略准则 Final 9/28/2009
SP 800-102 Recommendation for Digital Signature Timeliness 关于数字签名及时性的建议 Final 9/23/2009
NISTIR 7620 Status Report on the First Round of the SHA-3 Cryptographic Hash Algorithm Competition SHA-3密码哈希算法竞赛第一轮状态报告 Final 9/23/2009
NISTIR 7611 Use of ISO/IEC 24727 使用ISO / IEC 24727 Final 8/14/2009
ITL Bulletin Risk Management Framework: Helping Organizations Implement Effective Information Security Programs 风险管理框架:帮助组织实施有效的信息安全计划 Final 7/23/2009
NISTIR 7564 Directions in Security Metrics Research 安全指标研究的方向 Final 4/30/2009
ITL Bulletin The Cryptographic Hash Algorithm Family: Revision of the Secure Hash Standard and Ongoing Competition for New Hash Algorithms 密码哈希算法系列:安全哈希标准的修订以及新哈希算法的持续竞争 Final 3/25/2009
NISTIR 7536 Computer Security Division 2008 Annual Report 计算机安全司2008年度报告 Final 3/16/2009
ITL Bulletin Using Personal Identity Verification (Piv) Credentials in Physical Access Control Systems (PACS) 在物理访问控制系统(PACS)中使用个人身份验证(Piv)凭据 Final 2/26/2009
SP 800-106 Randomized Hashing for Digital Signatures 数字签名的随机散列 Final 2/25/2009
NISTIR 7539 Symmetric Key Injection onto Smart Cards 将对称密钥注入智能卡 Final 12/22/2008
NISTIR 7551 A Threat Analysis on UOCAVA Voting Systems UOCAVA投票系统的威胁分析 Final 12/19/2008
ITL Bulletin Guide to Information Security Testing and Assessment 信息安全测试与评估指南 Final 12/18/2008
SP 800-66 Rev. 1 An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule 实施《健康保险可移植性和责任法案》(HIPAA)安全规则的入门资源指南 Final 10/23/2008
ITL Bulletin Keeping Information Technology (IT) System Servers Secure: A General Guide to Good Practices 确保信息技术(IT)系统服务器的安全:良好实践通则 Final 10/15/2008
SP 800-115 Technical Guide to Information Security Testing and Assessment 信息安全测试与评估技术指南 Final 9/30/2008
ITL Bulletin Using Performance Measurements to Evaluate and Strengthen Information System Security 使用性能度量来评估和增强信息系统安全性 Final 9/18/2008
NISTIR 7516 Forensic Filtering of Cell Phone Protocols 手机协议的取证过滤 Final 8/27/2008
SP 800-22 Rev. 1 A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications 用于密码学应用的随机和伪随机数生成器的统计测试套件 Final 8/01/2008
SP 800-60 Vol. 2 Rev. 1 Guide for Mapping Types of Information and Information Systems to Security Categories: Appendices 将信息和信息系统的类型映射到安全类别的指南:附录 Final 8/01/2008
SP 800-60 Vol. 1 Rev. 1 Guide for Mapping Types of Information and Information Systems to Security Categories 将信息和信息系统的类型映射到安全类别的指南 Final 8/01/2008
SP 800-123 Guide to General Server Security 通用服务器安全性指南 Final 7/25/2008
ITL Bulletin Guidelines on Implementing A Secure Sockets Layer (SSL) Virtual Private Network (VPN) 实施安全套接字层(SSL)虚拟专用网(VPN)的准则 Final 7/23/2008
FIPS 198-1 The Keyed-Hash Message Authentication Code (HMAC) 密钥哈希消息认证码(HMAC) Final 7/16/2008
SP 800-55 Rev. 1 Performance Measurement Guide for Information Security 信息安全性能评估指南 Final 7/16/2008
SP 800-113 Guide to SSL VPNs SSL VPN指南 Final 7/01/2008
ITL Bulletin New Cryptographic Hash Algorithm Family: NIST Holds a Public Competition to Find New Algorithms 新的密码哈希算法系列:NIST举行公开比赛以寻找新算法 Final 5/28/2008
ITL Bulletin Using Active Content and Mobile Code and Safeguarding the Security of Information Technology Systems 使用活动内容和移动代码并保护信息技术系统的安全 Final 4/24/2008
NISTIR 7442 Computer Security Division 2007 Annual Report 计算机安全司2007年度报告 Final 4/01/2008
SP 800-28 Version 2 Guidelines on Active Content and Mobile Code 有效内容和移动代码准则 Final 3/07/2008
ITL Bulletin Federal Desktop Core Configuration (FDCC): Improving Security for Windows Desktop Operating Systems 联邦桌面核心配置(FDCC):提高Windows桌面操作系统的安全性 Final 2/27/2008
ITL Bulletin Secure Web Servers Protecting Web Sites that are Accessed by the Public 安全的Web服务器保护公众访问的网站 Final 1/31/2008
NISTIR 7275 Rev. 3 Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.1.4 可扩展配置清单描述格式(XCCDF)版本1.1.4的规范 Final 1/01/2008
NISTIR 7452 Secure Biometric Match-on-Card Feasibility Report 安全生物识别卡片匹配可行性报告 Final 11/30/2007
SP 800-38D Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC 块密码模式的建议:伽罗瓦/计数器模式(GCM)和GMAC Final 11/28/2007
ITL Bulletin Using Storage Encryption Technologies to Protect End User Devices 使用存储加密技术保护最终用户设备 Final 11/26/2007
SP 800-111 Guide to Storage Encryption Technologies for End User Devices 最终用户设备的存储加密技术指南 Final 11/15/2007
ITL Bulletin The Common Vulnerability Scoring System (CVSS) 通用漏洞评分系统(CVSS) Final 10/25/2007
SP 800-44 Version 2 Guidelines on Securing Public Web Servers 保护公共Web服务器的准则 Final 10/09/2007
NISTIR 7427 6th Annual PKI R&D Workshop “Applications-Driven PKI” Proceedings 第六届PKI年度研发研讨会“应用驱动的PKI”会议记录 Final 9/13/2007
NISTIR 7435 The Common Vulnerability Scoring System (CVSS) and its Applicability to Federal Agency Systems 通用漏洞评分系统(CVSS)及其对联邦机构系统的适用性 Final 8/30/2007
SP 800-95 Guide to Secure Web Services 安全Web服务指南 Final 8/29/2007
ITL Bulletin Secure Web Services 安全的网络服务 Final 8/23/2007
SP 800-38C Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality 分组密码操作模式的建议:身份验证和机密性的CCM模式 Final 7/20/2007
ITL Bulletin Forensic Techniques for Cell Phones 手机取证技术 Final 6/27/2007
ITL Bulletin Securing Radio Frequency Identification (RFID) Systems 保护射频识别(RFID)系统 Final 5/17/2007
NISTIR 7275 Rev. 2 Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.1.3 可扩展配置清单描述格式(XCCDF)版本1.1.3的规范 Final 4/30/2007
SP 800-98 Guidelines for Securing Radio Frequency Identification (RFID) Systems 保护射频识别(RFID)系统的准则 Final 4/06/2007
ITL Bulletin Improving The Security of Electronic Mail: Updated Guidelines Issued by NIST 提高电子邮件的安全性:NIST发布的更新指南 Final 3/28/2007
NISTIR 7399 Computer Security Division 2006 Annual Report 计算机安全司2006年度报告 Final 3/21/2007
NISTIR 7387 Cell Phone Forensic Tools: an Overview and Analysis Update 手机取证工具:概述和分析更新 Final 3/21/2007
SP 800-100 Information Security Handbook: A Guide for Managers 信息安全手册:经理指南 Final 3/07/2007
ITL Bulletin Intrusion Detection and Prevention Systems 入侵检测与防御系统 Final 2/26/2007
SP 800-45 Version 2 Guidelines on Electronic Mail Security 电子邮件安全准则 Final 2/20/2007
SP 800-94 Guide to Intrusion Detection and Prevention Systems (IDPS) 入侵检测和防御系统(IDPS)指南 Final 2/20/2007
SP 800-97 Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i 建立无线健壮的安全网络:IEEE 802.11i指南 Final 2/07/2007
NISTIR 7359 Information Security Guide for Government Executives 政府主管人员信息安全指南 Final 1/01/2007
NISTIR 7358 Program Review for Information Security Management Assistance (PRISMA) 信息安全管理援助计划审查(PRISMA) Final 1/01/2007
SP 800-96 PIV Card to Reader Interoperability Guidelines PIV卡与读取器的互操作性指南 Final 12/29/2006
ITL Bulletin Maintaining Effective Information Technology (IT) Security Through Test, Training, and Exercise Programs 通过测试,培训和演习计划维护有效的信息技术(IT)安全 Final 12/19/2006
SP 800-89 Recommendation for Obtaining Assurances for Digital Signature Applications 获得数字签名应用保证的建议 Final 11/30/2006
ITL Bulletin Guide to Securing Computers Using Windows XP Home Edition 使用Windows XP Home Edition保护计算机安全的指南 Final 11/22/2006
NISTIR 7275 Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.1 可扩展配置清单描述格式(XCCDF)版本1.1的规范 Final 11/01/2006
ITL Bulletin Log Management: Using Computer and Network Records to Improve Information Security 日志管理:使用计算机和网络记录来提高信息安全性 Final 10/25/2006
NISTIR 7316 Assessment of Access Control Systems 评估访问控制系统 Final 9/29/2006
ITL Bulletin Forensic Techniques: Helping Organizations Improve Their Responses to Information Security Incidents 法证技术:帮助组织改善对信息安全事件的响应 Final 9/27/2006
SP 800-84 Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities IT计划和功能的测试,培训和练习计划指南 Final 9/21/2006
SP 800-92 Guide to Computer Security Log Management 计算机安全日志管理指南 Final 9/13/2006
SP 800-86 Guide to Integrating Forensic Techniques into Incident Response 将法医技术整合到事件响应中的指南 Final 9/01/2006
NISTIR 7337 Personal Identity Verification Demonstration Summary 个人身份验证演示摘要 Final 8/31/2006
ITL Bulletin Protecting Sensitive Information Processed and Stored in Information Technology (IT) Systems 保护在信息技术(IT)系统中处理和存储的敏感信息 Final 8/30/2006
SP 800-85B PIV Data Model Test Guidelines PIV数据模型测试准则 Final 7/31/2006
NISTIR 7313 5th Annual PKI R&D Workshop “Making PKI Easy to Use” Proceedings 第五届PKI年度研发研讨会“使PKI易于使用”会议记录 Final 7/18/2006
ITL Bulletin Protecting Sensitive Information Transmitted in Public Networks 保护在公共网络中传输的敏感信息 Final 4/21/2006
ITL Bulletin Minimum Security Requirements for Federal Information and Information Systems: Federal Information Processing Standard (FIPS) 200 Approved by the Secretary of Commerce 联邦信息和信息系统的最低安全要求:商务部长批准的联邦信息处理标准(FIPS)200 Final 3/24/2006
NISTIR 7308 An Algorithm for Generating Very Large Covering Arrays 生成非常大的覆盖数组的算法 Final 3/20/2006
NISTIR 7290 Fingerprint Identification and Mobile Handheld Devices: An Overview and Implementation 指纹识别和移动手持设备:概述和实现 Final 3/01/2006
FIPS 200 Minimum Security Requirements for Federal Information and Information Systems 联邦信息和信息系统的最低安全要求 Final 3/01/2006
SP 800-18 Rev. 1 Guide for Developing Security Plans for Federal Information Systems 联邦信息系统安全计划制定指南 Final 2/24/2006
ITL Bulletin Creating a Program to Manage Security Patches and Vulnerabilities: NIST Recommendations for Improving System Security 创建程序来管理安全补丁和漏洞:NIST关于提高系统安全性的建议 Final 2/15/2006
NISTIR 7285 Computer Security Division 2005 Annual Report 计算机安全司2005年度报告 Final 2/01/2006
ITL Bulletin Testing and Validation of Personal Identity Verification (PIV) Components and Subsystems for Conformance to Federal Information Processing Standard 201 测试和验证个人身份验证(PIV)组件和子系统是否符合联邦信息处理标准201 Final 1/25/2006
NISTIR 7284 Personal Identity Verification Card Management Report 个人身份验证卡管理报告 Final 1/06/2006
NISTIR 7250 Cell Phone Forensic Tools: an Overview and Analysis 手机取证工具:概述和分析 Final 10/19/2005
NISTIR 7219 Computer Security Division 2004 Annual Report 计算机安全司2004年度报告 Final 8/01/2005
NISTIR 7224 4th Annual PKI R&D Workshop “Multiple Paths to Trust” Proceedings 第四届PKI年度研发研讨会“多途径信任”会议记录 Final 8/01/2005
ITL Bulletin Implementation of FIPS 201, Personal Identity Verification (PIV) of Federal Employees and Contractors 实施FIPS 201,联邦雇员和承包商的个人身份验证(PIV) Final 8/01/2005
NISTIR 7206 Smart Cards and Mobile Device Authentication: an Overview and Implementation 智能卡和移动设备身份验证:概述和实现 Final 7/01/2005
NISTIR 7200 Proximity Beacons and Mobile Device Authentication: an Overview and Implementation 邻近信标和移动设备身份验证:概述和实现 Final 6/01/2005
ITL Bulletin Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule 实施《健康保险携带与责任法案(HIPAA)安全规则》 Final 4/01/2005
ITL Bulletin Integrating IT Security into the Capital Planning and Investment Control Process 将IT安全集成到资本计划和投资控制流程中 Final 1/27/2005
NISTIR 7188 Specification for the Extensible Configuration Checklist Description Format (XCCDF) 可扩展配置清单描述格式(XCCDF)规范 Final 1/01/2005
SP 800-58 Security Considerations for Voice Over IP Systems IP语音系统的安全注意事项 Final 1/01/2005
SP 800-72 Guidelines on PDA Forensics PDA取证准则 Final 11/01/2004
ITL Bulletin Understanding the New NIST Standards and Guidelines Required by FISMA: How Three Mandated Documents are Changing the Dynamic of Information Security for the Federal Government 了解FISMA要求的新NIST标准和指南:三份强制性文件如何改变联邦政府信息安全的动态 Final 11/01/2004
ITL Bulletin Securing Voice Over Internet Protocol (IP) Networks 保护互联网协议(IP)网络上的语音 Final 10/01/2004
NISTIR 7122 3rd Annual PKI Research Workshop Proceedings 第三届PKI年度研究研讨会论文集 Final 9/08/2004
ITL Bulletin Information Security Within the System Development Life Cycle (SDLC) 系统开发生命周期(SDLC)中的信息安全 Final 9/01/2004
NISTIR 7100 PDA Forensic Tools: an Overview and Analysis PDA取证工具:概述和分析 Final 8/01/2004
ITL Bulletin Information Technology Security Services: How to Select, Implement, and Manage 信息技术安全服务:如何选择,实施和管理 Final 6/01/2004
NISTIR 7111 Computer Security Division 2003 Annual Report 计算机安全司2003年度报告 Final 4/30/2004
ITL Bulletin Selecting Information Technology Security Products 选择信息技术安全产品 Final 4/28/2004
NISTIR 6529-A Common Biometric Exchange Formats Framework (CBEFF) 通用生物特征识别交换格式框架(CBEFF) Final 4/05/2004
NISTIR 7085 2nd Annual PKI Research Workshop Proceedings 第二届PKI年度研究研讨会论文集 Final 4/01/2004
ITL Bulletin Federal Information Processing Standard (FIPS) 199, Standards for Security Categorization of Federal Information and Information Systems 联邦信息处理标准(FIPS)199,联邦信息和信息系统安全分类标准 Final 3/01/2004
NISTIR 7056 Card Technology Developments and Gap Analysis Interagency Report 卡技术发展与差距分析跨机构报告 Final 3/01/2004
FIPS 199 Standards for Security Categorization of Federal Information and Information Systems 联邦信息和信息系统安全分类标准 Final 2/01/2004
NISTIR 7059 1st Annual PKI Research Workshop Proceedings 第一届PKI年度研究研讨会论文集 Final 11/12/2003
ITL Bulletin Information Technology Security Awareness, Training, Education, and Certification 信息技术安全意识,培训,教育和认证 Final 10/15/2003
SP 800-35 Guide to Information Technology Security Services 信息技术安全服务指南 Final 10/09/2003
SP 800-50 Building an Information Technology Security Awareness and Training Program 建立信息技术安全意识和培训计划 Final 10/01/2003
SP 800-59 Guideline for Identifying an Information System as a National Security System 将信息系统识别为国家安全系统的准则 Final 8/20/2003
NISTIR 7046 A Framework for Multi-mode Authentication: Overview and Implementation Guide 多模式身份验证框架:概述和实施指南 Final 8/01/2003
NISTIR 6887 2003 Edition Government Smart Card Interoperability Specification, Version 2.1 政府智能卡互操作性规范,版本2.1 Final 7/16/2003
NISTIR 7007 An Overview of Issues in Testing Intrusion Detection Systems 测试入侵检测系统的问题概述 Final 7/11/2003
ITL Bulletin Testing Intrusion Detection Systems 测试入侵检测系统 Final 7/01/2003
NISTIR 7030 Picture Password: A Visual Login Technique for Mobile Devices 图片密码:移动设备的可视登录技术 Final 7/01/2003
NISTIR 6977 Vulnerabilities in Quantum Key Distribution Protocols 量子密钥分发协议中的漏洞 Final 5/01/2003
NISTIR 6985 COTS Security Protection Profile – Operating Systems (CSPP-OS) (Worked Example Applying Guidance of NISTIR-6462, CSPP) Version 1.0 COTS安全保护配置文件-操作系统(CSPP-OS)(应用NISTIR-6462,CSPP指导的工作示例)版本1.0 Final 4/01/2003
NISTIR 6981 Policy Expression and Enforcement for Handheld Devices 手持设备的策略表达和执行 Final 4/01/2003
ITL Bulletin Secure Interconnections for Information Technology Systems 信息技术系统的安全互连 Final 2/26/2003
FIPS 140-2 Security Requirements for Cryptographic Modules 加密模块的安全要求 Final 12/03/2002
SP 800-49 Federal S/MIME V3 Client Profile 联邦S / MIME V3客户端配置文件 Final 11/05/2002
SP 800-47 Security Guide for Interconnecting Information Technology Systems 互连信息技术系统的安全指南 Final 9/01/2002
ITL Bulletin Techniques for System and Data Recovery 系统和数据恢复技术 Final 4/01/2002
White Paper The Economic Impact of Role-Based Access Control 基于角色的访问控制的经济影响 Final 3/01/2002
SP 800-38A Recommendation for Block Cipher Modes of Operation: Methods and Techniques 分组密码操作模式的建议:方法和技术 Final 12/01/2001
FIPS 197 Advanced Encryption Standard (AES) 高级加密标准(AES) Final 11/26/2001
White Paper The Economic Impacts of NIST’s Data Encryption Standard (DES) Program NIST数据加密标准(DES)计划的经济影响 Final 10/01/2001
White Paper Report on the Second Modes of Operation Workshop 第二种运作方式研讨会报告 Final 10/01/2001
SP 800-32 Introduction to Public Key Technology and the Federal PKI Infrastructure 公钥技术和联邦PKI基础结构简介 Final 2/26/2001
White Paper Report on the Symmetric Key Block Cipher Modes of Operation Workshop 对称密钥块密码操作模式研讨会报告 Final 12/01/2000
White Paper Federal Information Technology Security Assessment Framework 联邦信息技术安全评估框架 Final 11/28/2000
SP 800-25 Federal Agency Use of Public Key Technology for Digital Signatures and Authentication 联邦机构使用公钥技术进行数字签名和认证 Final 10/01/2000
NISTIR 6483 Randomness Testing of the Advanced Encryption Standard Finalist Candidates 高级加密标准决赛入围者的随机性测试 Final 4/01/2000
White Paper Report of the Workshop on Key Management Using Public Key Cryptography 使用公共密钥密码学进行密钥管理研讨会的报告 Final 2/28/2000
NISTIR 6462 CSPP – Guidance for COTS Security Protection Profiles (Formerly: CS2 – Protection Profile Guidance for Near-Term COTS) Version 1.0 CSPP-COTS安全保护配置文件指南(以前:CS2-短期COTS保护配置文件指南)版本1.0 Final 12/01/1999
NISTIR 6416 Applying Mobile Agents to Intrusion Detection and Response 将移动代理应用于入侵检测和响应 Final 10/01/1999
NISTIR 6390 Randomness Testing of the Advanced Encryption Standard Candidate Algorithms 高级加密标准候选算法的随机性测试 Final 9/01/1999
NISTIR 6192 A Revised Model for Role Based Access Control 基于角色的访问控制的修订模型 Final 7/09/1998
SP 800-16 Information Technology Security Training Requirements: a Role- and Performance-Based Model 信息技术安全培训要求:基于角色和绩效的模型 Final 4/01/1998
SP 800-15 MISPC Minimum Interoperability Specification for PKI Components, Version 1 MISPC最小互操作性规范,用于PKI组件,版本1 Final 1/01/1998
NISTIR 6068 Report on the TMACH Experiment 关于TMACH实验的报告 Final 7/01/1997
NISTIR 5820 Distributed Communication Methods and Role-Based Access Control for Use in Health Care Applications 用于医疗保健应用程序的分布式通信方法和基于角色的访问控制 Final 4/01/1996
NISTIR 5788 Public Key Infrastructure Invitational Workshop September 28, 1995, MITRE Corporation, McLean, Virginia 公钥基础结构邀请研讨会,1995年9月28日,MITRE公司,弗吉尼亚州麦克莱恩 Final 11/01/1995
NISTIR 5540 Multi-Agency Certification and Accreditation (C&A) Process: A Worked Example 多机构认证和鉴定(C&A)流程:一个可行的示例 Final 12/01/1994
NISTIR 5570 An Assessment of the DOD Goal Security Architecture (DGSA) for Non-Military Use 国防部非军事用途目标安全架构(DGSA)的评估 Final 11/01/1994
NISTIR 5472 A Head Start on Assurance: Proceedings of an Invitational Workshop on Information Technology (IT) Assurance and Trustworthiness, March 21-23, 1994 保证的开端:1994年3月21日至23日举行的信息技术(IT)保证与信任邀请研讨会的议事录 Final 8/01/1994
NISTIR 5468 Report of the NIST Workshop on Key Escrow Encryption NIST密钥托管加密研讨会报告 Final 6/01/1994
NISTIR 5590 Proceedings Report of the International Invitation Workshop on Developmental Assurance 发展保证国际邀请研讨会的会议记录报告 Final 6/01/1994
White Paper Auditing Password Usage 审核密码使用情况 Final 9/01/1988
White Paper DoD Rainbow Series 国防部彩虹系列 Final 12/26/1985
White Paper NBS Technical Note (TN) 906 A Methodology for Evaluating Alternative Technical and Information Management Approaches to Privacy Requirements 评估隐私要求的替代技术和信息管理方法的方法论 Final 6/01/1976
White Paper NBS Technical Note (TN) 876 Exploring Privacy and Data Security Costs: A Summary of a Workshop 探索隐私和数据安全成本:研讨会总结 Final 8/01/1975
White Paper NBS Technical Note (TN) 827 Controlled Accessibility Workshop Report 受控辅助功能研讨会报告 Final 5/01/1974
White Paper NBS Technical Note (TN) 809 Government Looks at Privacy and Security in Computer Systems: Summary of a Conference held at the National Bureau of Standards, Gaithersburg, Maryland, November 19-20, 1973 政府关注计算机系统的隐私和安全性:1973年11月19日至20日在马里兰州盖瑟斯堡国家标准局举行的会议摘要 Final 2/01/1974
White Paper NBS Technical Note (TN) 780 Controlled Accessibility Bibliography 受控无障碍书目 Final 6/01/1973
NISTIR 8278A National Cybersecurity Online Informative References (OLIR) Program: Submission Guidance for OLIR Developers 国家网络安全在线信息参考(OLIR)程序:针对OLIR开发人员的提交指南 Draft 8/04/2020
NISTIR 8278 National Cybersecurity Online Informative References (OLIR) Program: Program Overview and OLIR Uses (2nd Draft) 国家网络安全在线信息参考(OLIR)计划:计划概述和OLIR使用(第二稿) Draft 8/04/2020
SP 800-53B Control Baselines for Information Systems and Organizations 信息系统和组织的控制基准 Draft 7/31/2020
SP 800-209 Security Guidelines for Storage Infrastructure 存储基础结构安全准则 Draft 7/21/2020
SP 800-181 Rev. 1 Workforce Framework for Cybersecurity (NICE Framework) 网络安全劳动力框架(NICE框架) Draft 7/15/2020
NISTIR 8286 Integrating Cybersecurity and Enterprise Risk Management (ERM) (2nd Draft) 整合网络安全与企业风险管理(ERM)(第二稿) Draft 7/09/2020
SP 800-172 Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171 (Final Public Draft) 保护受控的未分类信息的增强的安全性要求:NIST特别出版物800-171(最终公共草案)的补充 Draft 7/06/2020
SP 800-63-4 PRE-DRAFT Call for Comments: Digital Identity Guidelines 征求意见稿:数字身份准则 Draft 6/08/2020
White Paper Getting Ready for Post-Quantum Cryptography: Explore Challenges Associated with Adoption and Use of Post-Quantum Cryptographic Algorithms 准备进行量子后密码学:探索与采用和使用量子后密码算法相关的挑战 Draft 5/26/2020
White Paper Hardware-Enabled Security for Server Platforms: Enabling a Layered Approach to Platform Security for Cloud and Edge Computing Use Cases 服务器平台的硬件启用安全性:为云和边缘计算用例启用分层的平台安全性方法 Draft 4/28/2020
SP 1800-19 Trusted Cloud: Security Practice Guide for VMware Hybrid Cloud Infrastructure as a Service (IaaS) Environments 可信云:VMware混合云基础架构即服务(IaaS)环境的安全实践指南 Draft 4/13/2020
White Paper Methodology for Characterizing Network Behavior of Internet of Things Devices 表征物联网设备网络行为的方法 Draft 4/01/2020
SP 800-56C Rev. 2 Recommendation for Key-Derivation Methods in Key-Establishment Schemes 密钥建立方案中密钥导出方法的建议 Draft 3/24/2020
SP 800-124 Rev. 2 Guidelines for Managing the Security of Mobile Devices in the Enterprise 企业中移动设备安全性管理准则 Draft 3/24/2020
White Paper [Project Description] Implementing a Zero Trust Architecture [项目描述]实现零信任架构 Draft 3/17/2020
SP 800-53 Rev. 5 Security and Privacy Controls for Information Systems and Organizations (Final Public Draft) 信息系统和组织的安全和隐私控制(最终公开草案) Draft 3/16/2020
NISTIR 8272 Impact Analysis Tool for Interdependent Cyber Supply Chain Risks 相互依赖的网络供应链风险的影响分析工具 Draft 3/13/2020
NISTIR 8183 Rev. 1 Cybersecurity Framework Version 1.1 Manufacturing Profile 网络安全框架版本1.1制造概要 Draft 3/04/2020
SP 800-207 Zero Trust Architecture (2nd Draft) 零信任架构(第二稿) Draft 2/13/2020
NISTIR 8246 National Vulnerability Database (NVD) Metadata Submission Guidelines for Common Vulnerabilities and Exposures (CVE) Numbering Authorities (CNAs) and Authorized Data Publishers 常见漏洞和披露(CVE)编号颁发机构(CNA)和授权数据发布者的国家漏洞数据库(NVD)元数据提交准则 Draft 2/10/2020
SP 800-161 Rev. 1 PRE-DRAFT Call for Comments: Supply Chain Risk Management Practices for Federal Information Systems and Organizations 草案前征求意见:联邦信息系统和组织的供应链风险管理实践 Draft 2/04/2020
NISTIR 8276 Key Practices in Cyber Supply Chain Risk Management: Observations from Industry 网络供应链风险管理的关键实践:行业观察 Draft 2/04/2020
SP 1800-26 Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events 数据完整性:检测并响应勒索软件和其他破坏性事件 Draft 1/27/2020
SP 1800-25 Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events 数据完整性:识别和保护资产免受勒索软件和其他破坏性事件的侵害 Draft 1/27/2020
SP 800-208 Recommendation for Stateful Hash-Based Signature Schemes 有状态的基于哈希的签名方案的建议 Draft 12/11/2019
White Paper [Project Description] Validating the Integrity of Servers and Client Devices: Supply Chain Assurance [项目描述]验证服务器和客户端设备的完整性:供应链保证 Draft 11/22/2019
SP 1800-15 Securing Small Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage Description (MUD) 保护小型企业和家庭物联网(IoT)设备的安全:使用制造商使用说明(MUD)缓解基于网络的攻击 Draft 11/21/2019
FIPS 186-5 Digital Signature Standard (DSS) 数字签名标准(DSS) Draft 10/31/2019
SP 800-186 Recommendations for Discrete Logarithm-Based Cryptography: Elliptic Curve Domain Parameters 基于离散对数密码的建议:椭圆曲线域参数 Draft 10/31/2019
NISTIR 8269 A Taxonomy and Terminology of Adversarial Machine Learning 对抗机器学习的分类和术语 Draft 10/30/2019
White Paper [Project Description] Improving Cybersecurity of Managed Service Providers (Supporting Small- and Medium-Sized Businesses) [项目描述]改善托管服务提供商的网络安全性(支持中小型企业) Draft 10/08/2019
NISTIR 8267 Security Review of Consumer Home Internet of Things (IoT) Products 消费者家庭物联网(IoT)产品的安全性审查 Draft 10/01/2019
SP 1800-24 Securing Picture Archiving and Communication System (PACS) 保护图片存档和通信系统(PACS) Draft 9/16/2019
SP 1800-21 Mobile Device Security: Corporate-Owned Personally-Enabled (COPE) 移动设备安全性:公司拥有的个人启用(COPE) Draft 7/22/2019
White Paper [Project Description] Continuous Monitoring for IT Infrastructure: Techniques for auditing user activity and detecting irregular activity events within small and medium-size businesses [项目描述] IT基础结构的连续监视:审计用户活动并检测中小型企业中不规则活动事件的技术 Draft 6/17/2019
SP 1800-13 Mobile Application Single Sign-On: Improving Authentication for Public Safety First Responders (2nd Draft) 移动应用程序单点登录:提高公共安全第一响应者的身份验证(第二稿) Draft 5/29/2019
White Paper An Application of Combinatorial Methods for Explainability in Artificial Intelligence and Machine Learning 可解释性组合方法在人工智能与机器学习中的应用 Draft 5/22/2019
NISTIR 8213 A Reference for Randomness Beacons: Format and Protocol Version 2 随机信标的参考:格式和协议版本2 Draft 5/06/2019
SP 800-38G Rev. 1 Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption 分组密码操作模式的建议:保留格式的加密方法 Draft 2/28/2019
White Paper [Project Description] Security for IoT Sensor Networks: Building Management Case Study [项目描述] IoT传感器网络的安全性:楼宇管理案例研究 Draft 2/01/2019
SP 800-179 Rev. 1 Guide to Securing Apple macOS 10.12 Systems for IT Professionals: A NIST Security Configuration Checklist 适用于IT专业人员的Apple macOS 10.12系统安全指南:NIST安全配置清单 Draft 10/19/2018
White Paper Internet of Things (IoT) Trust Concerns 物联网(IoT)信任问题 Draft 10/17/2018
SP 1800-18 Privileged Account Management for the Financial Services Sector 金融服务业的特权账户管理 Draft 9/28/2018
SP 800-71 Recommendation for Key Establishment Using Symmetric Block Ciphers 使用对称块密码建立密钥的建议 Draft 7/02/2018
White Paper A Data Structure for Integrity Protection with Erasure Capability 具有擦除能力的完整性保护的数据结构 Draft 5/31/2018
White Paper [Project Description] Energy Sector Asset Management: For Electric Utilities, Oil & Gas Industry [项目描述]能源部门资产管理:用于电力,石油和天然气行业 Draft 1/16/2018
NISTIR 8193 National Initiative for Cybersecurity Education (NICE) Framework Work Role Capability Indicators: Indicators for Performing Work Roles 国家网络安全教育倡议(NICE)框架工作角色能力指标:履行工作角色的指标 Draft 11/08/2017
White Paper [Project Description] Privileged Account Management: Securing Privileged Accounts for the Financial Services Sector [项目描述]特权帐户管理:保护金融服务部门的特权帐户 Draft 10/12/2017
SP 1800-3 Attribute Based Access Control (2nd Draft) 基于属性的访问控制(第二稿) Draft 9/20/2017
SP 1800-11 Data Integrity: Recovering from Ransomware and Other Destructive Events 数据完整性:从勒索软件和其他破坏性事件中恢复 Draft 9/06/2017
SP 1800-9 Access Rights Management for the Financial Services Sector 金融服务业的访问权限管理 Draft 8/31/2017
NISTIR 8139 Identifying Uniformity with Entropy and Divergence 用熵和散度识别均匀性 Draft 2/02/2017
SP 800-188 De-Identifying Government Datasets (2nd Draft) 取消识别政府数据集(第二稿) Draft 12/15/2016
NISTIR 8138 Vulnerability Description Ontology (VDO): a Framework for Characterizing Vulnerabilities 漏洞描述本体(VDO):表征漏洞的框架 Draft 9/30/2016
White Paper [Project Description] Authentication for Law Enforcement Vehicle Systems [项目描述]执法车辆系统认证 Draft 9/13/2016
NISTIR 8144 Assessing Threats to Mobile Devices & Infrastructure: the Mobile Threat Catalogue 评估对移动设备和基础架构的威胁:移动威胁目录 Draft 9/12/2016
White Paper [Concept Paper] Identity and Access Management for Smart Home Devices [概念文件]智能家居设备的身份和访问管理 Draft 6/06/2016
White Paper [Project Description] Securing Non-Credit Card, Sensitive Consumer Data: Consumer Data Security for the Retail Sector [项目描述]保护非信用卡,敏感的消费者数据:零售部门的消费者数据安全 Draft 5/09/2016
SP 800-90C Recommendation for Random Bit Generator (RBG) Constructions 随机位发生器(RBG)结构的建议 Draft 4/13/2016
SP 800-154 Guide to Data-Centric System Threat Modeling 以数据为中心的系统威胁建模指南 Draft 3/14/2016
SP 800-180 NIST Definition of Microservices, Application Containers and System Virtual Machines NIST微服务,应用程序容器和系统虚拟机的定义 Draft 2/18/2016
NISTIR 8085 Forming Common Platform Enumeration (CPE) Names from Software Identification (SWID) Tags 从软件标识(SWID)标记形成通用平台枚举(CPE)名称 Draft 12/17/2015
NISTIR 8058 Security Content Automation Protocol (SCAP) Version 1.2 Content Style Guide: Best Practices for Creating and Maintaining SCAP 1.2 Content 安全内容自动化协议(SCAP)1.2版内容样式指南:创建和维护SCAP 1.2内容的最佳做法 Draft 5/01/2015
NISTIR 8050 Executive Technical Workshop on Improving Cybersecurity and Consumer Privacy: Summary and Next Steps 执行技术研讨会,旨在提高网络安全性和消费者隐私:摘要和后续步骤 Draft 4/02/2015
SP 800-85B-4 PIV Data Model Test Guidelines PIV数据模型测试准则 Draft 8/06/2014
NISTIR 8006 NIST Cloud Computing Forensic Science Challenges NIST云计算法医学挑战 Draft 6/23/2014
NISTIR 7924 Reference Certificate Policy (2nd Draft) 参考证书政策(第二稿) Draft 5/29/2014
NISTIR 7981 Mobile, PIV, and Authentication 移动,PIV和身份验证 Draft 3/07/2014
SP 500-299 NIST Cloud Computing Security Reference Architecture NIST云计算安全参考架构 Draft 5/05/2013
SP 800-164 Guidelines on Hardware-Rooted Security in Mobile Devices 移动设备中基于硬件的安全性准则 Draft 10/31/2012
SP 800-94 Rev. 1 Guide to Intrusion Detection and Prevention Systems (IDPS) 入侵检测和防御系统(IDPS)指南 Draft 7/25/2012
NISTIR 7848 Specification for the Asset Summary Reporting Format 1.0 资产汇总报告格式1.0规范 Draft 5/07/2012
NISTIR 7800 Applying the Continuous Monitoring Technical Reference Model to the Asset, Configuration, and Vulnerability Management Domains 将持续监视技术参考模型应用于资产,配置和漏洞管理域 Draft 1/20/2012
NISTIR 7799 Continuous Monitoring Reference Model Workflow, Subsystem, and Interface Specifications 连续监控参考模型工作流程,子系统和接口规范 Draft 1/06/2012
NISTIR 7756 CAESARS Framework Extension: An Enterprise Continuous Monitoring Technical Reference Architecture CAESARS框架扩展:企业持续监控技术参考架构 Draft 1/06/2012
SP 800-155 BIOS Integrity Measurement Guidelines BIOS完整性测量准则 Draft 12/08/2011

发表评论

电子邮件地址不会被公开。 必填项已用*标注