Security - News

• NIST Interagency Report (NISTIR) 7815, Access Control for SAR Systems This report describes concepts, issues, and recommendations surrounding the identification, encoding, testing, and deployment of policies used to control access to Suspicious Activity Report (SAR) records. In addition, this report defines an architectural and design specification of a privilege management system called the Policy Evaluation Testbed (PET) system that is used to support and demonstrate the application of access control policies to SAR records.
• NIST Interagency Report (NISTIR) 7791, Conformance Test Architecture and Test Suite for ANSI/NIST-ITL 1-2007 The Conformance Test Architecture and Test Suite described in this publication are designed to test implementations of ANSI/NIST ITL 1-2007. The code is currently designed to support testing of selected record types of the standard but can be extended to support other record types as required. A high-level overview of the architecture and test suite as well as software details and the code structure are provided. A quick start user guide and a comprehensive table of the standard’s requirements and the associated implemented conformance test assertions (over five-hundred and thirty) are included.
• NIST Interagency Report (NISTIR) 7806, ANSI/NIST-ITL 1-2011 Requirements and Conformance Test Assertions This publication documents set of test assertions based on the requirements specified in the 4th draft of a new version of the ANSI/NIST-ITL standard (2011). Over twelve hundred test assertions have been identified and organized into a set of tables to assist in the development of a conformance test tool designed to test implementations of the new version of the ANSI/NIST-ITL standard for selected record types. These tables were contributed to the Conformance Testing Methodology (CTM) Working Group which was recently established by NIST/ITL to develop a CTM for the new version of the ANSI/NIST-ITL (AN-2011) standard. As the technical content of the AN-2011 draft standard evolves towards approval and publication (the final versison is already available), revised versions of these tables will be developed until they fully address the requirements of the approved AN-2011 standard. This publication documents the assertions developed and the terms, operands, and operators used in defining these assertions. Brief information on previous and ongoing conformance test tools development within NIST/ITL CSD is included. (here is URL to where this NISTIR can be found on the NISTIR page on CSRC)

Heuristické vyhledání souvisejících článků v archívu NEWS

• NIST vydal draft: NIST Interagency Report (NISTIR) 7275 Revision 4, Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2
• NIST vydal Interagency Report (NISTIR) 7275 Revision 3
• NIST vydal dokument: Forensics Web Services (FWS), Interagency Report (NISTIR) 7559
• Americký NIST vydal dokument Interagency Report (NISTIR) 7817, A Credential Reliability and Revocation Model for Federated Identities.
• NIST vydal: Draft NIST Interagency Report (IR) 7622, Piloting Supply Chain Risk Management Practices for Federal Information Systems
• NIST - SP 800-85B, PIV Data Model Conformance Test Guidelines.