 |
|
|
|
|
|
|
|
- 800-77: Guide to IPsec VPNs
Draft
- 800-76: Biometric Data Specification for Personal Identity Verification
Draft
- 800-73: Integrated Circuit Card for Personal Identity Verification
- 800-72: Guidelines on PDA Forensics, November 2004
- 800-70: The NIST Security Configuration Checklists Program
- 800-68: Guidance for Securing Microsoft Windows XP Systems for IT Professionals: A NIST Security Configuration Checklist
- 800-67: Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher, May 2004
- 800-66: An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
- 800-65: Integrating Security into the Capital Planning and Investment Control Process
- 800-64: Security Considerations in the Information System Development Life Cycle, October 2003 (publication original release date)
(revision 1 released June 2004)
- 800-63: Electronic Authentication Guideline: Recommendations of the National Institute of Standards and Technology,
June 2004 (publication original release date)(revision 1.0.1 released September 2004)
- 800-61: Computer Security Incident Handling Guide,
January 2004
- 800-60: V1 | V2 Guide for Mapping Types of Information and Information Systems to Security Categories,
June 2004
- 800-59: Guideline for Identifying an Information System as a National Security System,
August 2003
- 800-58: Security Considerations for Voice Over IP Systems,
January 2005
- 800-57: Part 1 | part 2 | Part 3 | part 4 Recommendation on Key Management
- 800-56: Recommendation on Key Establishment Schemes:Unnder Development
- 800-55: Security Metrics Guide for Information Technology Systems,
July 2003
- 800-53: Complete | Annex 1 | Annex 2 | Annex 3 Recommended Security Controls for Federal Information Systems,
February 2005
- 800-52: DRAFT Guidelines for the Selection and Use of Transport Layer Security (TLS) Implementations
- 800-51: Use of the Common Vulnerabilities and Exposures (CVE) Vulnerability Naming Scheme,
September 2002
- 800-50: Building an Information Technology Security Awareness and Training Program,
October 2003
- 800-49:Federal S/MIME V3 Client Profile,
November 2002
- 800-48: Wireless Network Security: 802.11, Bluetooth, and Handheld Devices,
November 2002
- 800-47: Security Guide for Interconnecting Information Technology Systems,
August 2002
- 800-46: Security for Telecommuting and Broadband Communications,
August 2002
- 800-45: Guidelines on Electronic Mail Security,
September 2002
- 800-44: Guidelines on Securing Public Web Servers,
September 2002
- 800-43:Part 1 | Part 2 Systems Administration Guidance for Windows 2000 Professional,
November 2002
- 800-42: Guideline on Network Security Testing,
October 2003
- 800-41: Guidelines on Firewalls and Firewall Policy,
January 2002
- 800-40: Procedures for Handling Security Patches,
August 2002
- 800-38C: Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality,
May 2004
- 800-38B: Special Publication 800-38B, Recommendation for Block Cipher Modes of Operation: the RMAC Authentication Mode
- 800-38A: Recommendation for Block Cipher Modes of Operation - Methods and Techniques,
December 2001
- 800-37: Guide for the Security Certification and Accreditation of Federal Information Systems,
May 2004
- 800-36: Guide to Selecting Information Security Products,
October 2003
- 800-35: Guide to Information Technology Security Services,
October 2003
- 800-34: Contingency Planning Guide for Information Technology Systems,
June 2002
- 800-33: Underlying Technical Models for Information Technology Security,
December 2001
- 800-32: Introduction to Public Key Technology and the Federal PKI Infrastructure,
February 2001
- 800-31: Intrusion Detection Systems (IDS),
November 2001
- 800-30: Risk Management Guide for Information Technology Systems,
July 2002
- 800-29: A Comparison of the Security Requirements for Cryptographic Modules in FIPS 140-1 and FIPS 140-2,
June 2001
- 800-28: Guidelines on Active Content and Mobile Code,
October 2001
- 800-27: Rev. A , Engineering Principles for Information Technology Security (A Baseline for Achieving Security), Revision A,
June 2004
- 800-26: Security Self-Assessment Guide for Information Technology Systems,
November 2001
- 800-25: Federal Agency Use of Public Key Technology for Digital Signatures and Authentication,
October 2000
- 800-24: PBX Vulnerability Analysis: Finding Holes in Your PBX Before Someone Else Does,
August 2000
- 800-23: Guideline to Federal Organizations on Security Assurance and Acquisition/Use of Tested/Evaluated Products,
August 2000
- 800-22: A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications,
October 2000 (publication original release date)
- 800-21: Guideline for Implementing Cryptography in the Federal Government,
November 1999
- 800-20: Modes of Operation Validation System for the Triple Data Encryption Algorithm (TMOVS): Requirements and Procedures,
October 1999 (Publication original release date)
Revised April 2000
- 800-19: Mobile Agent Security,
October 1999
- 800-18: Guide for Developing Security Plans for Information Technology Systems,
December 1998
- 800-17: Modes of Operation Validation System (MOVS): Requirements and Procedures,
February 1998
- 800-16: Part 1 | Part 2 | Part 3 Information Technology Security Training Requirements: A Role- and Performance-Based Model (supersedes NIST Spec. Pub. 500-172),
April 1998
- 800-15: Minimum Interoperability Specification for PKI Components (MISPC), Version 1,
September 1997
- 800-14: Generally Accepted Principles and Practices for Securing Information Technology Systems,
September 1996
- 800-13: Telecommunications Security Guidelines for Telecommunications Management Network,
October 1995
- 800-12: An Introduction to Computer Security: The NIST Handbook,
October 1995
- IR 7111:Computer Security Division - 2003 Annual Report
- IR 7100:PDA Forensic Tools:An Overview and Analysis
- IR 7056:Card Technology Development and Gap Analysis Interagency Report
- IR 7046:A Framework for Multi-Mode Authentication: Overview and Implementation Guide
- IR 7030:Picture Password: A Visual Login Technique for Mobile Devices
- IR 7007:An Overview of Issues in Testing Intrusion Detection Systems
- IR 6985:COTS Security Protection Profile - Operating Systems (CSPP-OS)
- IR 6981:Policy Expression and Enforcement for Handheld Devices
- IR 6887:Government Smart Card Interoperability Specification (GSC-IS), v2.1
- IR 6529-A:Common Biometric Exchange File Format (CBEFF)
- IR 6483: Randomness Testing of the Advanced Encryption Standard Finalist Candidates1
- IR 6462:CSPP - Guidance for COTS Security Protection Profiles
- IR 6416:Applying Mobile Agents to Intrusion Detection and Response
- IR 6390:Randomness Testing of the Advanced Encryption Standard Candidate Algorithms
- IR 5495:Computer Security Training & Awareness Course Compendium
- IR 5472:A Head Start on Assurance Proceedings of an Invitational Workshop on Information Technology (IT) Assurance and Trustworthiness
- IR 5308:General Procedures for Registering Computer Security Objects
- IR 5153:Minimum Security Requirements for Multi-User Operating Systems
- IR 4976:Assessing Federal and Commercial Information Security Needs
- IR 4939:Threat Assessment of Malicious Code and External Attacks
- IR 4734:Foundations of a Security Policy for use of the National Research and Educational Network
- IR 4749:Sample Statements of Work for Federal Computer Security Services: For use In-House or Contracting Out
|
|
|
