viernes, 13 de marzo de 2009

Estado actual de serie SP 800 de NIST

El siguiente cuadro muestra los principales documentos publicados por NIST, en especial todos los actualizados en los últimos tiempos.
El cuadro se encuentra ordena por ultima fecha de actualización.

This Special Publication 800 series reports on ITL's research, guidelines, and outreach efforts in computer security, and its collaborative activities with industry, government, and academic organizations.

Number Date Title
SP 800-107 Feb. 09 Recommendation for Applications Using Approved Hash Algorithms
SP 800-106 Feb. 09 Randomized Hashing for Digital Signatures
SP 800-46 Rev. 1 Feb. 09 DRAFT Guide to Enterprise Telework and Remote Access Security
SP 800-81 Rev. 1 Feb. 09 DRAFT Secure Domain Name System (DNS) Deployment Guide
SP 800-53 Rev. 3 Feb. 09 DRAFT Recommended Security Controls for Federal Information Systems and Organizations
SP 800-85 A-1 Feb. 09 DRAFT PIV Card Application and Middleware Interface Test Guidelines (SP 800-73-2 compliance)
SP 800-122 Jan.09 DRAFT Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)
SP 800-61 Rev. 1 Mar-08 Computer Security Incident Handling Guide
SP 800-28 Ver 2 Mar-08 Guidelines on Active Content and Mobile Code
SP 800-67 1.1 May-08 Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher
SP 800-79 -1 Jun-08 Guidelines for the Accreditation of Personal Identity Verification (PIV) Card Issuers (PCI's)
SP 800-55 Rev. 1 Jul-08 Performance Measurement Guide for Information Security
SP 800-53 A Jul-08 Guide for Assessing the Security Controls in Federal Information Systems
SP 800-48 Rev. 1 Jul-08 Guide to Securing Legacy IEEE 802.11 Wireless Networks
SP 800-123 Jul-08 Guide to General Server Security
SP 800-113 Jul-08 Guide to SSL VPNs
SP 800-121 Sep-08 Guide to Bluetooth Security
SP 800-115 Sep-08 Technical Guide to Information Security Testing and Assessment
SP 800-66 Rev 1 Oct-08 An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
SP 800-64 Rev. 2 Oct-08 Security Considerations in the System Development Life Cycle
SP 800-124 Oct-08 Guidelines on Cell Phone and PDA Security
SP 800-116 Nov-08 A Recommendation for the Use of PIV Credentials in Physical Access Control Systems (PACS)
SP 800-87 Rev 1 Apr 08 Codes for Identification of Federal and Federally-Assisted Organizations
SP 800-39 April 08 DRAFT Managing Risk from Information Systems: An Organizational Perspective
SP 800-60 Rev. 1 Aug 08 Guide for Mapping Types of Information and Information Systems to Security Categories: (2 Volumes) - Volume 1: Guide Volume 2: Appendices
SP 800-22 Rev. 1 Aug. 08 A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications
SP 800-37 Rev. 1 Aug 08 DRAFT Guide for Security Authorization of Federal Information Systems: A Security Lifecycle Approach
SP 800-56 B Dec. 08 DRAFT Recommendation for Pair-Wise Key Establishment Using Integer Factorization Cryptography
SP 800-63 Rev. 1 Dec. 08 DRAFT Electronic Authentication Guideline
SP 800-120 Dec. 08 DRAFT Recommendation for EAP Methods Used in Wireless Network Access Authentication
SP 800-41 Rev. 1 July 08 DRAFT Guidelines on Firewalls and Firewall Policy
SP 800-102 Nov 08 DRAFT Recommendation for Digital Signature Timeliness
SP 800-108 Nov. 08 Recommendation for Key Derivation Using Pseudorandom Functions
SP 800-57 Part 3 Oct 08 DRAFT Recommendation for Key Management, Part 3 Application-Specific Key Management Guidance
SP 800-68 Rev. 1 Oct.08 Guide to Securing Microsoft Windows XP Systems for IT Professionals
SP 800-82 Sep 08 DRAFT Guide to Industrial Control Systems (ICS) Security
SP 800-70 Rev. 1 Sept 08 DRAFT National Checklist Program for IT Products--Guidelines for Checklist Users and Developers
SP 800-73 -2 Sept. 08 Interfaces for Personal Identity Verification (4 parts):
SP 800-97 Feb-07 Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i
SP 800-94 Feb-07 Guide to Intrusion Detection and Prevention Systems (IDPS)
SP 800-45 Ver 2 Feb-07 Guidelines on Electronic Mail Security
SP 800-90 Mar-07 Recommendation for Random Number Generation Using Deterministic Random Bit Generators
SP 800-57 Mar-07 Recommendation for Key Management
SP 800-56 A Mar-07 Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography
SP 800-101 May-07 Guidelines on Cell Phone Forensics
SP 800-104 Jun-07 A Scheme for PIV Visual Card Topography
SP 800-54 Jul-07 Border Gateway Protocol Security
SP 800-44 Ver 2 Sep-07 Guidelines on Securing Public Web Servers
SP 800-38 D Nov-07 Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC
SP 800-114 Nov-07 User's Guide to Securing External Devices for Telework and Remote Access
SP 800-111 Nov-07 Guide to Storage Encryption Technologies for End User Devices
SP 800-98 Apr 07 Guidelines for Securing Radio Frequency Identification (RFID) Systems
SP 800-95 Aug07 Guide to Secure Web Services
SP 800-78 -1 Aug07 Cryptographic Algorithms and Key Sizes for Personal Identity Verification
SP 800-76 -1 Jan 07 Biometric Data Specification for Personal Identity Verification
SP 800-18 Rev.1 Feb-06 Guide for Developing Security Plans for Federal Information Systems
SP 800-96 Sep-06 PIV Card to Reader Interoperability Guidelines
SP 800-92 Sep-06 Guide to Computer Security Log Management
SP 800-88 Sep-06 Guidelines for Media Sanitization
SP 800-84 Sep-06 Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities
SP 800-69 Sep-06 Guidance for Securing Microsoft Windows XP Home Edition: A NIST Security Configuration Checklist
SP 800-100 Oct-06 Information Security Handbook: A Guide for Managers
SP 800-89 Nov-06 Recommendation for Obtaining Assurances for Digital Signature Applications
SP 800-86 Aug 06 Guide to Integrating Forensic Techniques into Incident Response
SP 800-103 Oct 06 DRAFT An Ontology of Identity Credentials, Part I: Background and Formulation
SP 800-52 Jun-05 Guidelines for the Selection and Use of Transport Layer Security (TLS) Implementations
SP 800-77 Dec 2005 Guide to IPsec VPNs
SP 800-58 Jan 2005 Security Considerations for Voice Over IP Systems
SP 800-50 Oct-03 Building an Information Technology Security Awareness and Training Program
SP 800-36 Oct-03 Guide to Selecting Information Technology Security Products
SP 800-30 Jul-02 Risk Management Guide for Information Technology Systems
SP 800-51 Sep-02 Use of the Common Vulnerabilities and Exposures (CVE) Vulnerability Naming Scheme

Descarga de las guias

Descarga: "Guide to NIST Information Security Documents."
Descarga: "Roadmap to NIST Information Security Documents."

No hay comentarios: