The IT Law Wiki

NIST Special Publications

29,320pages on
this wiki

Overview Edit

NIST Special Publications are publications from the National Institute of Standards and Technology. These publications are developed and issued by NIST as recommendations and guidance documents. For other than national security programs and systems, federal agencies must follow those NIST Special Publications mandated in a Federal Information Processing Standard.

While federal agencies are required to follow certain specific NIST Special Publications in accordance with OMB policy, there is flexibility in how agencies apply the guidance. Federal agencies apply the security concepts and principles articulated in the NIST Special Publications in accordance with and in the context of the agency’s missions, business functions, and environment of operation. Consequently, the application of NIST guidance by federal agencies can result in different security solutions that are equally acceptable, compliant with the guidance, and meet the OMB definition of adequate security for federal information systems.

Given the high priority of information sharing and transparency within the federal government, agencies also consider reciprocity in developing their information security solutions. When assessing federal agency compliance with NIST Special Publications, Inspectors General, evaluators, auditors, and assessors consider the intent of the security concepts and principles articulated within the specific guidance document and how the agency applied the guidance in the context of its mission/business responsibilities, operational environment, and unique organizational conditions.

Special Publications 800 series (Computer Security) Edit

Special Publications in the 800 series present documents of general interest to the computer security community. The Special Publication 800 series was established in 1990 to provide a separate identity for information technology security publications. This Special Publication 800 series reports on ITL's research, guidelines, and outreach efforts in computer security, and its collaborative activities with industry, government, and academic organizations.

Publications in this series includes:

Special Publications 500 series (Information Technology) Edit

Publications in this series include:

NiST Grant/Contract Reports (GCR) Edit

  • NIST GCR 93-635, Private Branch Exchange (PBX) Security Guideline (PB94-100880) (Sept. 1993).
  • NIST GCR 94-654, Federal Certification Authority Liability and Policy-Law and Policy of Certificate-Based Public Key and Digital Signatures (PB94-191202) (June 1994).
  • NIST GCR 95-670, Standards Policy and Information Infrastructure (May 1995) (PB95-231882).

Other Special Publications Edit

See also Edit

Around Wikia's network

Random Wiki