NIST, Computer Security Division, Computer Security Resource Center
Quick Resources
Internal Links
- 2011 Computer Security Division Annual Report
- Cryptographic Hash Algorithm Competition
- Computer Security Division Directory
- CSRC Sitemap
- Federal Computer Security Program Manager's Forum
- Federal Information Security Management Act (FISMA) Implementation Project
- Federal Information Systems Security Educators' Association (FISSEA)
- Federal Register Notices
- Glossary of Key Information Security Terms (.pdf)
- National Cybersecurity Center of Excellence (NCCOE)
- National Initiative for Cybersecurity Education (NICE)
- National Vulnerability Database (NVD)
- Personal Identity Verification (PIV) of Federal Employees & Contractors
- Security Content Automation Protocol (SCAP)
- Small Business Outreach Center
Video, FAQs, Publication - Supply Chain Risk Management (SCRM)
- United States Government Configuration Baseline (USGCB)
External Links
- Department of Homeland Security Discussion Paper: Enabling Distributed Security in Cyberspace
This discussion paper explores the idea of a healthy, resilient – and fundamentally more secure – cyber ecosystem of the future, in which cyber participants, including cyber devices, are able to work together in near-real time to anticipate and pr event cyber attacks, limit the spread of attacks across participating devices, minimize the consequences of attacks, and recover to a trusted state. Comments should be sent to cyberfeedback@dhs.gov - USA.Gov
- GSA FIPS 201 Evaluation Program
- Office of Management and Budget (OMB)
- Government Accountability Office (GAO)
- Identity, Credential, and Access Management Subcommittee (ICAMSC)
groups
- Cryptographic Technology
- Systems & Emerging Technologies Security Research
- Security Management & Assurance
- Cryptographic Module Validation Program & Cryptographic Algorithm Validation Program (now under Security Management & Assurance)
Publications
more publications- Draft Publications
- Federal Information Processing Standards (FIPS) Publications
- Special Publications (SPs)
- NIST Interagency Reports (IRs)
- Information Technology Laboratory (ITL) Security Bulletins
- By Topic Clusters
- By Family
- By Legal Requirements
To receive email notification(s) when new security publications are released, subscribe to the CSRC Publications Mailing List. To learn more, Click Here.
Questions?
Please email the NIST CSRC webmaster . The CSRC Webmaster works in the Computer Security Division at NIST and all received inquiries will be forwarded to the appropriate staff person within the Computer Security Division. We will try to respond back to your inquiry as quickly as we can.
News
NIST Computer Security Division released a paper "The Role of the National Institute of Standards and Technology in Mobile Security".
- [Oct. 3, 2012] -- NIST and NIST's Computer Security Division Announced the SHA-3 Competition WINNER. NIST announced that.....
- [Sept. 28, 2012] --Draft NIST Interagency Report (IR) 7511 Revision 3, Security Content Automation Protocol (SCAP) Version 1.2 Validation Program Test Requirements, describes the requirements that must be met by products to achieve SCAP 1.2 Validation. Validation is awarded based on a.....
- [Sept. 18, 2012] -- The National Institute of Standards and Technology (NIST) announces the release of the final version of its updated risk assessment guideline, Special Publication 800-30, Revision 1, Guide for Conducting Risk Assessments. The publication, over eighteen months in the making, represents the fifth in the series of publications developed by the Joint Task Force—a partnership among.....
- [Sept. 18, 2012] -- NIST Interagency Report (IR) 7874, Guidelines for Access Control System Evaluation Metrics, has been released as final. This report provides Federal agencies with background information on.....
- [Sept. 6, 2012] -- NIST announces the release of Draft Special Publication 800-88 Revision 1, Guidelines for Media Sanitization for public review and comment. SP 800-88 discussed.....
- [Sept. 5, 2012] -- NIST announces the public comment release of draft NIST Special Publication (SP) 800-40 Revision 3, Guide to Enterprise Patch Management Technologies. Patch management is the process for.....
- [Sept. 5, 2012] -- NIST requests comments on two Draft publications for random bit generation: Draft SP 800-90B, Recommendation for the Entropy Sources Used for Random Bit Generation and Draft SP 800-90C, Recommendation for Random Bit Generator (RBG) Constructions. These 2 drafts.......
- [Aug. 30, 2012] -- NIST seeks additional comments on specific sections of 2nd Draft FIP Standard 140-3, Security Requirements for Cryptographic Modules, comment period ends Oct. 1, 2012.....
- [Aug. 20, 2012] -- NIST draft Special Publication 800-56A (Revision) comment period ends Oct. 31, 2012.....
- [Aug. 9, 2012] -- Draft Special Publication (SP 800-152) comment period ends Oct. 10, 2012......
NIST Security Events
ICT Supply Chain Risk Management (SCRM) Workshop
October 15-16, 2012
NIST Gaithersburg, MD
NICE Workshop Shaping the Future of Cybersecurity Workshop: Connecting the Dots in Cyberspace
October 30 - November 1, 2012
NIST Gaithersburg, Maryland
Workshop Website
Random Bit Generation Workshop
December 5-6, 2012
NIST, Gaithersburg, MD