NIST, Computer Security Division, Computer Security Resource Center
Quick Resources
Internal Links
- 2007 Annual Report
- ITL Division Directories
- CSRC Sitemap
- Federal Computer Security Program Manager's Forum
- Federal Desktop Core Configuration (FDCC)
- Federal Information Security Management Act (FISMA) Implementation Project
- Federal Information Systems Security Educators' Association (FISSEA)
- Federal Register Notices
- Glossary of Key Information Security Terms (.pdf)
- National Vulnerability Database (NVD)
- Personal Identity Verification (PIV) of Federal Employees & Contractors
- Security Content Automation Protocol (SCAP)
- Small Business Outreach Center
External Links
groups
- Security Technology
- Systems and Network Security
- Security Management and Assistance
- Security Testing and Metrics
Publications
more publications- Draft Publications
- Federal Information Processing Standards (FIPS) Publications
- Special Publications (SPs)
- NIST Interagency Reports (IRs)
- Information Technology Laboratory (ITL) Security Bulletins
- By Topic Clusters
- By Family
- By Legal Requirements
To receive email notification(s) when new security publications are released, subscribe to the CSRC Publications Mailing List. To learn more, Click Here.
Website Survey:
Please take a moment to fill out our CSRC website survey. Your input on how to improve the site will allow us to improve our services to you.
Click Here to go directly to the on-line survey form. Thank you for taking a moment for filling out the survey NOTE: The survey has been taken off-line so it can be updated..
News
- NIST Issues Call for a New "Hash" Algorithm. NIST has opened a public competition to develop a new cryptographic “hash” algorithm, which converts a .........
- [July 21, 2008] -- NIST is pleased to announce the release of NIST Special Publication 800-55, Revision 1, Performance Measurement Guide for Information Security. This publication provides.........
- [July 9, 2008] -- NIST announces the public comment release of Special Publication (SP) 800-121, Guide to Bluetooth Security, SP 800-107, Recommendation for Applications Using Approved Hash Algorithms and SP 800-41 Revision 1, Guidelines on Firewalls and Firewall Policy.
- [July 7, 2008] -- NIST announces the release of two publications: Special Publication (SP) 800-113, Guide to SSL VPNs, and draft SP 800-124, Guidelines on Cell Phone and PDA Security.
- [June 30, 2008] -- NIST is proud to announce the release of 3 Special Publications (SP). They are: (1) SP 800-53A Guide for Assessing the Security Controls in Federal Information Systems, (2) SP 800-67 Version 1.1 Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher, and (3) SP 800-79-1, Guidelines for the Accreditation of Personal Identity Verification Card Issuers. To learn more about these 3 documents, please click the "Read more" link below........
- [June 27, 2008] -- At the Office of Management and Budget's (OMB) request, NIST posted the production version 1.0 of the settings for he Federal Desktop Core Configuration (FDCC).
- [June 5, 2008] -- The P1619 Task Group of the Security in Storage Working Group (SISWG) of the Institute of Electrical and Electronics Engineers, Inc. (IEEE) has submitted the XTS-AES algorithm (XTS, for short) to NIST as an
- [May 30, 2008] -- Draft NIST Interagency Report (IR) 7502, The Common Configuration Scoring System (CCSS), is now available for public comment. This document proposes a specification for CCSS, a set of standardized......
- [May 6, 2008] -- Draft SP 800-123, Guide to General Server Security, is available for public comment. This document is intended to assist organizations in installing, configuring, and maintaining secure......
- [May 1, 2008] -- NIST announces the release of the public draft of Special Publication 800-66 Revision 1, An Introductory Resource Guide to Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule (Draft). This Special Publication (SP), which......
- [May 1, 2008] -- NIST announces the release of draft Special Publication 800-108, Recommendation for Key Derivation Using Pseudorandom Functions. This Recommendation specifies......
- [January 25, 2008] -- Presentations from the HIPAA Security Rule Implementation and Assurance A CMS & NIST Workshop are now available.
NIST Security Events
[Thursday August 07, 2008] -- NIST Workshop on Applying NIST Special Publication (SP) 800-53, Revision 2 to Industrial Control Systems (ICS).
August 7, 2008: 1-5 PM, Chicago Marriott Southwest at Burr Ridge, Chicago, IL.
The National Institute of Standards & Technology (NIST) will host a workshop for representatives from ICS communities (e.g., electric, oil, gas, water, manufacturing) to discuss the Bellingham, Washington gasoline pipeline rupture (1999) and Maroochy Shire Water Services sewage spill (Australia, 2000) ICS cyber security incidents; and to analyze and discuss how SP 800-53, Revision 2 would have reduced ICS cyber security vulnerabilities in these incidents.
If you are interested in attending, please send email to:
Stu Katzke
Keith Stouffer
[Wednesday July 16, 2008] -- 9th Free FISSEA Workshop - "What's Happening?" note: Registration deadline is Monday, July 14.
U.S. Department of State, Diplomatic Security Training Center
Dunn Loring, Virginia USA