Obsahuje:
  • všechny e-ziny od 9/1999
  • celou databázi NEWS
  • soutěže 2000-2011
  • další články a BONUSY

Security - News

http://crypto-world.info

Crypto - News | Security - News

05 / 2005
Vybrali pro vás: TR - Tomáš Rosa, JP - Jaroslav Pinkava, PV - Pavel Vondruška, VK - Vlastimil Klíma

NIST - byl vydán Computer Security Division - 2004 Annual Report

03.05.2005
Obsah:

Welcome Letter 1
Division Organization 2
The Computer Security Division Responds to the Federal Information Security Management Act of 2002 3
Outreach, Awareness and Education 4
Security Management and Guidance 9
Security Testing and Metrics 20
Security Research and Emerging Technologies 23
Cryptographic Standards and Applications 39
Honors and Awards 44
Computer Security Division Publications – 2004 46
Ways to Engage Our Division and NIST 48

Přehled obsahuje celou řadu zajímavých informací, mj. např. seznam publikací:

NIST SPECIAL PUBLICATIONS
SP 800-67 Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher May 2004
SP 800-64 Security Considerations in the Information System Development Life Cycle October 2003
SP 800-63 Recommendation for Electronic Authentication July 2004
SP 800-61 Computer Security Incident Handling Guide January 2004
SP 800-60 Guide for Mapping Types of Information and Information Systems to Security Categories June 2004
SP 800-50 Building an Information Technology Security Awareness and Training Program October 2003
SP 800-42 Guideline on Network Security Testing October 2003
SP 800-38C Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality May 2004
SP 800-37 Guidelines for the Security Certification and Accreditation of Federal Information Technology Systems May 2004
SP 800-27 Rev A Engineering Principles for Information Technology Security (A Baseline for Achieving Security) July 2004

DRAFT NIST SPECIAL PUBLICATIONS
SP 800-72 Guidelines on PDA Forensics August 2004
SP 800-70 Security Configuration Checklists Program for IT Products July 2004
SP 800-68 Guidance for Securing Microsoft Windows XP Systems for IT Professionals: A NIST Security Configuration Checklist June 2004
SP 800-66 An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule May 2004
SP 800-65 Integrating Security into the Capital Planning and Investment Control Process July 2004
SP 800-58 Security Considerations for Voice Over IP Systems May 2004
SP 800-53 Recommended Security Controls for Federal Information Systems October 2003
SP 800-52 Guidelines on the Selection and Use of Transport Layer Security September 2004

C O M P U T E R S E C U R I T Y D I V I S I O N P U B L I C A T I O N S
FEDERAL INFORMATION PROCESSING STANDARDS

FIPS 199 Standards for Security Categorization of Federal Information and Information Systems February 2004

NIST INTERAGENCY REPORTS
NIST IR 7111 Computer Security Division - 2003 Annual Report April 04
NIST IR 7100 PDA Forensic Tools: An Overview and Analysis August 04
NIST IR 7056 Card Technology Development and Gap Analysis Interagency Report December 03

INFORMATION TECHNOLOGY LABORATORY BULLETINS WRITTEN BY THE CSD
October 2003 Information Technology Security Awareness, Training, Education, and Certification
November 2003 Network Security Testing
December 2003 Security Considerations in the Information System Development Life Cycle
January 2004 Computer Security Incidents: Assessing, Managing, And Controlling The Risks
March 2004 Federal Information Processing Standard (FIPS) 199, Standards For Security Categorization Of Federal Information And Information Systems
April 2004 Selecting Information Technology Security Products
May 2004 Guide For The Security Certification And Accreditation Of Federal Information Systems
June 2004 Information Technology Security Services: How To Select, Implement, And Manage
July 2004 Guide For Mapping Types Of Information And Information Systems To Security Categories
August 2004 Electronic Authentication: Guidance For Selecting Secure Techniques
September 2004 Information Security Within the System Development Life Cycle
Zdroj: http://csrc.ncsl.nist.gov/publications/nistir/NISTIR7219-CSD-2004-Annual-Report.pdf
Autor: JP


<<- novější - Server napaden bankovními podvodníky dva dny po instalaci
Vyšlo RFC 4046 (Multicast Security - MSEC - Group Key Management Architecture) - starší ->>
Design: Webdesign