Wikia

The IT Law Wiki

NIST Special Publications

29,972pages on
this wiki
Talk0

Overview Edit

NIST Special Publications are publications from the National Institute of Standards and Technology. These publications are developed and issued by NIST as recommendations and guidance documents. For other than national security programs and systems, federal agencies must follow those NIST Special Publications mandated in a Federal Information Processing Standard.

While federal agencies are required to follow certain specific NIST Special Publications in accordance with OMB policy, there is flexibility in how agencies apply the guidance. Federal agencies apply the security concepts and principles articulated in the NIST Special Publications in accordance with and in the context of the agency’s missions, business functions, and environment of operation. Consequently, the application of NIST guidance by federal agencies can result in different security solutions that are equally acceptable, compliant with the guidance, and meet the OMB definition of adequate security for federal information systems.

Given the high priority of information sharing and transparency within the federal government, agencies also consider reciprocity in developing their information security solutions. When assessing federal agency compliance with NIST Special Publications, Inspectors General, evaluators, auditors, and assessors consider the intent of the security concepts and principles articulated within the specific guidance document and how the agency applied the guidance in the context of its mission/business responsibilities, operational environment, and unique organizational conditions.

Special Publications 800 series (Computer Security) Edit

Special Publications in the 800 series present documents of general interest to the computer security community. The Special Publication 800 series was established in 1990 to provide a separate identity for information technology security publications. This Special Publication 800 series reports on ITL's research, guidelines, and outreach efforts in computer security, and its collaborative activities with industry, government, and academic organizations.

Publications in this series includes:

Special Publications 500 series (Information Technology) Edit

Publications in this series include:

NIST Cloud Computing Research Papers Edit

  • NIST Cloud Computing Public Security Working Group, White Paper "Challenging Security Requirements for US Government Cloud Computing Adoption", December 2012
  • C. Dabrowski and K. Mills, "VM Leakage and Orphan Control in Open-Source Clouds", Proceedings of IEEE CloudCom 2011, Nov. 29-Dec. 1, Athens, Greece, pp. 554-559.
  • K. Mills, J. Filliben and C. Dabrowski, "Comparing VM-Placement Algorithms for On-Demand Clouds", Proceedings of IEEE CloudCom 2011, Nov. 29-Dec. 1, Athens, Greece, pp. 91-98.
  • C. Dabrowski and K. Mills, "Extended Version of VM Leakage and Ophan Control in Open-Source Clouds", NIST Publication 909325; an abbreviated version of this paper was published in the Proceedings of IEEE CloudCom 2011, Nov. 29-Dec. 1, Athens, Greece.
  • C. Dabrowski and F. Hunt, "Identifying Failure Scenarios in Complex Systems by Perturbing Markov Chain Models", Proceedings of ASME 2011 Conference on Pressure Vessels & Piping, Baltimore, MD, July 17-22, 2011.
  • K. Mills, J. Filliben and C. Dabrowski, "An Efficient Sensitivity Analysis Method for Large Cloud Simulations", Proceedings of the 4th International Cloud Computing Conference, IEEE, Washington, D.C., July 5-9, 2011.

NiST Grant/Contract Reports (GCR) Edit

  • NIST GCR 93-635, Private Branch Exchange (PBX) Security Guideline (PB94-100880) (Sept. 1993).
  • NIST GCR 94-654, Federal Certification Authority Liability and Policy-Law and Policy of Certificate-Based Public Key and Digital Signatures (PB94-191202) (June 1994).
  • NIST GCR 95-670, Standards Policy and Information Infrastructure (May 1995) (PB95-231882).

Other Special Publications Edit

See also Edit

Around Wikia's network

Random Wiki