legislation and executive orders
|
-
E-Government Act [includes FISMA] (P.L. 107-347), December 2002.
|
-
Federal Information Security Management Act (P.L. 107-347, Title III), December 2002.
|
-
Paperwork Reduction Act (P.L. 104-13), May 1995.
|
-
USA PATRIOT Act (P.L. 107-56), October 2001.
|
-
Privacy Act of 1974 (P.L. 93-579), December 1974.
-
Freedom of Information Act (FOIA), 5 U.S.C. § 552, As Amended By Public Law No. 104-231, 110 Stat. 3048, Electronic Freedom of Information Act Amendments of 1996.
|
-
Health Insurance Portability and Accountability Act (P.L. 104-191), August 1996.
|
-
The Atomic Energy Act of 1954 (P.L. 83-703), August 1954.
-
Executive Order 13556, Controlled Unclassified Information, November 2010.
|
-
Executive Order 13587, Structural Reforms To Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information, October 2011.
|
policies, directives, instructions, regulations, and memoranda
|
-
Presidential Memorandum, National Insider Threat Policy and Minimum Standards for Executive Branch Insider Threat Programs, November 2012.
|
-
Code of Federal Regulations, Title 5, Administrative Personnel, Section 731.106, Designation of Public Trust Positions and Investigative Requirements (5 C.F.R. 731.106).
|
-
Code of Federal Regulations, Part 5 Administrative Personnel, Subpart C—Employees Responsible for the Management or Use of Federal Computer Systems, Section 930.301 through 930.305 (5 C.F.R. 930.301-305).
|
-
Committee on National Security Systems Policy (CNSSP) No. 11, National Policy Governing the Acquisition of Information Assurance (IA) and IA-Enabled Information Technology (IT) Products, July 2003.
|
-
Committee on National Security Systems Policy (CNSSP) No. 12, National Information Assurance Policy for Space Systems Used to Support National Security Missions, March 2007.
|
-
Committee on National Security Systems (CNSS) Instruction 4009, National Information Assurance Glossary, April 2010.
|
-
Committee on National Security Systems (CNSS) Instruction 1253, Version 2, Security Categorization and Control Selection for National Security Systems, March 2012.
|
-
Committee on National Security Systems Directive (CNSSD) No. 504, Directive on Protecting National Security Systems from Insider Threat, January 2012.
|
-
Department of Homeland Security, National Infrastructure Protection Plan (NIPP), 2009.
|
-
Intelligence Community Directive (ICD) 705, Sensitive Compartmented Information Facilities, May 2010.
|
-
Federal Continuity Directive 1 (FCD 1), Federal Executive Branch National Continuity Program and Requirements, February 2008.
|
-
Executive Office of the President of the United States and Federal CIO Council, Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance, December 2011.
|
-
Homeland Security Presidential Directive 7, Critical Infrastructure Identification, Prioritization, and Protection, December 2003.
|
-
Homeland Security Presidential Directive 12, Policy for a Common Identification Standard for Federal Employees and Contractors, August 2004.
|
-
Homeland Security Presidential Directive 20 (National Security Presidential Directive 51), National Continuity Policy, May 2007.
|
-
Intelligence Community Directive Number 704, Personnel Security Standards and Procedures Governing Eligibility For Access To Sensitive Compartmented Information And Other Controlled Access Program Information, October 2008.
|
-
National Communications System (NCS) Directive 3-10, Minimum Requirements for Continuity Communications Capabilities, July 2007.
|
-
National Security Telecommunications and Information Systems Security Instruction (NSTISSI) 7003, Protective Distribution Systems (PDS), December 1996.
|
-
Office of Management and Budget Circular A-130, Appendix III, Transmittal Memorandum #4, Management of Federal Information Resources, November 2000.
|
-
Office of Management and Budget, Federal Enterprise Architecture Program Management Office, FEA Consolidated Reference Model Document, Version 2.3, October 2007.
|
-
Office of Management and Budget, Federal Segment Architecture Methodology (FSAM), January 2009.
|
-
Office of Management and Budget Memorandum 01-05, Guidance on Inter-Agency Sharing of Personal Data - Protecting Personal Privacy, December 2000.
|
-
Office of Management and Budget Memorandum 02-01, Guidance for Preparing and Submitting Security Plans of Action and Milestones, October 2001.
|
-
Office of Management and Budget Memorandum 03-19, Reporting Instructions for the Federal Information Security Management Act and Updated Guidance on Quarterly IT Security Reporting, August 2003.
|
-
Office of Management and Budget Memorandum 03-22, OMB Guidance for Implementing the Privacy Provisions of the E-Government Act of 2002, September 2003.
|
-
Office of Management and Budget Memorandum 04-04, E-Authentication Guidance for Federal Agencies, December 2003.
|
-
Office of Management and Budget Memorandum 04-26, Personal Use Policies and File Sharing Technology, September 2004.
|
-
Office of Management and Budget Memorandum 05-08, Designation of Senior Agency Officials for Privacy, February 2005.
|
-
Office of Management and Budget Memorandum 05-24, Implementation of Homeland Security Presidential Directive (HSPD) 12—Policy for a Common Identification Standard for Federal Employees and Contractors, August 2005.
|
-
Office of Management and Budget Memorandum 06-15, Safeguarding Personally Identifiable Information, May 2006.
|
-
Office of Management and Budget Memorandum 06-16, Protection of Sensitive Information, June 2006.
|
-
Office of Management and Budget Memorandum 06-19, Reporting Incidents Involving Personally Identifiable Information and Incorporating the Cost for Security in Agency Information Technology Investments, July 2006.
|
-
Office of Management and Budget Memorandum, Recommendations for Identity Theft Related Data Breach Notification Guidance, September 2006.
|
-
Office of Management and Budget Memorandum 07-11, Implementation of Commonly Accepted Security Configurations for Windows Operating Systems, March 2007.
|
-
Office of Management and Budget Memorandum 07-16, Safeguarding Against and Responding to the Breach of Personally Identifiable Information, May 2007.
|
-
Office of Management and Budget Memorandum 07-18, Ensuring New Acquisitions Include Common Security Configurations, June 2007.
|
-
Office of Management and Budget Memorandum 08-22, Guidance on the Federal Desktop Core Configuration (FDCC), August 2008.
|
-
Office of Management and Budget Memorandum 08-23, Securing the Federal Government’s Domain Name System Infrastructure, August 2008.
|
-
The White House, Office of the Press Secretary, Designation and Sharing of Controlled Unclassified Information (CUI), May 2008.
|
-
The White House, Office of the Press Secretary, Classified Information and Controlled Unclassified Information, May 2009.
|
-
Office of Management and Budget Memorandum 11-11, Continued Implementation of Homeland Security Presidential Directive (HSPD) 12– Policy for a Common Identification Standard for Federal Employees and Contractors, February 2011.
|
-
Office of Management and Budget Memorandum, Requirements for Accepting Externally-Issued Identity Credentials, October 2011.
|
-
Office of Management and Budget Memorandum 11-33, FY 2011 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Management, September 2011.
|
standards
|
-
International Organization for Standardization/International Electrotechnical Commission 27001:2005, Security techniques -- Information security management systems -- Requirements.
|
-
International Organization for Standardization/International Electrotechnical Commission 15408-1:2009, Information technology -- Security techniques -- Evaluation criteria for IT security -- Part 1: Introduction and general model.
|
-
International Organization for Standardization/International Electrotechnical Commission 15408-2:2008, Information technology -- Security techniques -- Evaluation criteria for IT security -- Part 2: Security functional requirements.
|
-
International Organization for Standardization/International Electrotechnical Commission 15408-3:2008, Information technology -- Security techniques -- Evaluation criteria for IT security -- Part 3: Security assurance requirements.
|
-
National Institute of Standards and Technology Federal Information Processing Standards Publication 140-2, Security Requirements for Cryptographic Modules, May 2001. National Institute of Standards and Technology Federal Information Processing Standards Publication 140-3 (Draft), Security Requirements for Cryptographic Modules, December 2009.
|
-
National Institute of Standards and Technology Federal Information Processing Standards Publication 180-4, Secure Hash Standard (SHS), March 2012.
|
-
National Institute of Standards and Technology Federal Information Processing Standards Publication 186-3, Digital Signature Standard (DSS), June 2009.
|
-
National Institute of Standards and Technology Federal Information Processing Standards Publication 188, Standard Security Label for Information Transfer, September 1994.
|
-
National Institute of Standards and Technology Federal Information Processing Standards Publication 190, Guideline for the Use of Advanced Authentication Technology Alternatives, September 1994.
|
-
National Institute of Standards and Technology Federal Information Processing Standards Publication 197, Advanced Encryption Standard (AES), November 2001.
|
-
National Institute of Standards and Technology Federal Information Processing Standards Publication 198-1, The Keyed-Hash Message Authentication Code (HMAC), July 2008.
|
-
National Institute of Standards and Technology Federal Information Processing Standards Publication 199, Standards for Security Categorization of Federal Information and Information Systems, February 2004.
|
-
National Institute of Standards and Technology Federal Information Processing Standards Publication 200, Minimum Security Requirements for Federal Information and Information Systems, March 2006.
|
-
National Institute of Standards and Technology Federal Information Processing Standards Publication 201-1, Personal Identity Verification (PIV) of Federal Employees and Contractors, March 2006.
|
guidelines and interagency reports
|
-
National Institute of Standards and Technology Special Publication 800-12, An Introduction to Computer Security: The NIST Handbook, October 1995.
|
-
National Institute of Standards and Technology Special Publication 800-13, Telecommunications Security Guidelines for Telecommunications Management Network, October 1995.
|
-
National Institute of Standards and Technology Special Publication 800-14, Generally Accepted Principles and Practices for Securing Information Technology Systems, September 1996.
|
-
National Institute of Standards and Technology Special Publication 800-15, Minimum Interoperability Specification for PKI Components (MISPC), Version 1, January 1998.
|
-
National Institute of Standards and Technology Special Publication 800-16, Information Security Training Requirements: A Role- and Performance-Based Model, April 1998.
|
-
National Institute of Standards and Technology Special Publication 800-17, Modes of Operation Validation System (MOVS): Requirements and Procedures, February 1998.
|
-
National Institute of Standards and Technology Special Publication 800-18, Revision 1, Guide for Developing Security Plans for Federal Information Systems, February 2006.
|
-
National Institute of Standards and Technology Special Publication 800-19, Mobile Agent Security, October 1999.
|
-
National Institute of Standards and Technology Special Publication 800-20, Modes of Operation Validation System for the Triple Data Encryption Algorithm (TMOVS): Requirements and Procedures, October 1999.
|
-
National Institute of Standards and Technology Special Publication 800-21-1, Second Edition, Guideline for Implementing Cryptography in the Federal Government, December 2005.
|
-
National Institute of Standards and Technology Special Publication 800-22, Revision 1a, A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications, April 2010.
|
-
National Institute of Standards and Technology Special Publication 800-23, Guidelines to Federal Organizations on Security Assurance and Acquisition/Use of Tested/Evaluated Products, August 2000.
|
-
National Institute of Standards and Technology Special Publication 800-24, PBX Vulnerability Analysis: Finding Holes in Your PBX Before Someone Else Does, August 2000.
|
-
National Institute of Standards and Technology Special Publication 800-25, Federal Agency Use of Public Key Technology for Digital Signatures and Authentication, October 2000.
|
-
National Institute of Standards and Technology Special Publication 800-27, Revision A, Engineering Principles for Information Technology Security (A Baseline for Achieving Security), June 2004.
|
-
National Institute of Standards and Technology Special Publication 800-28, Version 2, Guidelines on Active Content and Mobile Code, March 2008.
|
-
National Institute of Standards and Technology Special Publication 800-29, A Comparison of the Security Requirements for Cryptographic Modules in FIPS 140-1 and FIPS 140-2, June 2001.
|
-
National Institute of Standards and Technology Special Publication 800-30, Revision 1, Guide for Conducting Risk Assessments, September 2012.
|
-
National Institute of Standards and Technology Special Publication 800-32, Introduction to Public Key Technology and the Federal PKI Infrastructure, February 2001.
|
-
National Institute of Standards and Technology Special Publication 800-33, Underlying Technical Models for Information Technology Security, December 2001.
|
-
National Institute of Standards and Technology Special Publication 800-34, Revision 1, Contingency Planning Guide for Federal Information Systems, May 2010.
|
-
National Institute of Standards and Technology Special Publication 800-35, Guide to Information Technology Security Services, October 2003.
|
-
National Institute of Standards and Technology Special Publication 800-36, Guide to Selecting Information Security Products, October 2003.
|
-
National Institute of Standards and Technology Special Publication 800-37, Revision 1, Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach, February 2010.
|
-
National Institute of Standards and Technology Special Publication 800-38A—Addendum, Recommendation for Block Cipher Modes of Operation: Three Variants of Ciphertext Stealing for CBC Mode, October 2010.
|
-
National Institute of Standards and Technology Special Publication 800-38B, Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication, May 2005.
|
-
National Institute of Standards and Technology Special Publication 800-38C, Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality, May 2004.
|
-
National Institute of Standards and Technology Special Publication 800-38D, Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC, November 2007.
|
-
National Institute of Standards and Technology Special Publication 800-38E, Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for Confidentiality on Storage Devices, January 2010.
|
-
National Institute of Standards and Technology Special Publication 800-38F, Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping, December 2012.
|
-
National Institute of Standards and Technology Special Publication 800-39, Managing Information Security Risk: Organization, Mission, and Information System View, March 2011.
|
-
National Institute of Standards and Technology Special Publication 800-40, Version 2, Creating a Patch and Vulnerability Management Program, November 2005.
|
-
National Institute of Standards and Technology Special Publication 800-41, Revision 1, Guidelines on Firewalls and Firewall Policy, September 2009.
|
-
National Institute of Standards and Technology Special Publication 800-43, Systems Administration Guidance for Windows 2000 Professional System, November 2002.
|
-
National Institute of Standards and Technology Special Publication 800-44, Version 2, Guidelines on Securing Public Web Servers, September 2007.
|
-
National Institute of Standards and Technology Special Publication 800-45, Version 2, Guidelines on Electronic Mail Security, February 2007.
|
-
National Institute of Standards and Technology Special Publication 800-46, Revision 1, Guide to Enterprise Telework and Remote Access Security, June 2009.
|
-
National Institute of Standards and Technology Special Publication 800-47, Security Guide for Interconnecting Information Technology Systems, August 2002.
|
-
National Institute of Standards and Technology Special Publication 800-48, Revision 1, Guide to Securing Legacy IEEE 802.11 Wireless Networks, July 2008.
|
-
National Institute of Standards and Technology Special Publication 800-49, Federal S/MIME V3 Client Profile, November 2002.
|
-
National Institute of Standards and Technology Special Publication 800-50, Building an Information Technology Security Awareness and Training Program, October 2003.
|
-
National Institute of Standards and Technology Special Publication 800-51, Revision 1, Guide to Using Vulnerability Naming Schemes, February 2011.
|
-
National Institute of Standards and Technology Special Publication 800-52, Revision 1 (Draft), Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations, September 2013.
|
-
National Institute of Standards and Technology Special Publication 800-53A, Revision 1, Guide for Assessing the Security Controls in Federal Information Systems and Organizations: Building Effective Security Assessment Plans, June 2010.
|
-
National Institute of Standards and Technology Special Publication 800-54, Border Gateway Protocol Security, July 2007.
|
-
National Institute of Standards and Technology Special Publication 800-55, Revision 1, Performance Measurement Guide for Information Security, July 2008.
|
-
National Institute of Standards and Technology Special Publication 800-56A (Revised), Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography, March 2007.
|
-
National Institute of Standards and Technology Special Publication 800-57 Revision 3, Recommendation for Key Management, July 2012.
|
-
National Institute of Standards and Technology Special Publication 800-58, Security Considerations for Voice Over IP Systems, January 2005.
|
-
National Institute of Standards and Technology Special Publication 800-59, Guideline for Identifying an Information System as a National Security System, August 2003.
|
-
National Institute of Standards and Technology Special Publication 800-60, Revision 1, Guide for Mapping Types of Information and Information Systems to Security Categories, August 2008.
|
-
National Institute of Standards and Technology Special Publication 800-61, Revision 2, Computer Security Incident Handling Guide, August 2012.
|
-
National Institute of Standards and Technology Special Publication 800-63-1, Electronic Authentication Guideline, December 2011.
|
-
National Institute of Standards and Technology Special Publication 800-64, Revision 2, Security Considerations in the System Development Life Cycle, October 2008.
|
-
National Institute of Standards and Technology Special Publication 800-65, Integrating IT Security into the Capital Planning and Investment Control Process, January 2005.
|
-
National Institute of Standards and Technology Special Publication 800-66, Revision 1, An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule, October 2008.
|
-
National Institute of Standards and Technology Special Publication 800-67, Revision 1, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher, January 2012.
|
-
National Institute of Standards and Technology Special Publication 800-68, Revision 1, Guide to Securing Microsoft Windows XP Systems for IT Professionals: A NIST Security Configuration Checklist, October 2008.
|
-
National Institute of Standards and Technology Special Publication 800-69, Guidance for Securing Microsoft Windows XP Home Edition: A NIST Security Configuration Checklist, September 2006.
|
-
National Institute of Standards and Technology Special Publication 800-70, Revision 2, National Checklist Program for IT Products--Guidelines for Checklist Users and Developers, February 2011.
|
-
National Institute of Standards and Technology Special Publication 800-72, Guidelines on PDA Forensics, November 2004.
|
-
National Institute of Standards and Technology Special Publication 800-73-3, Interfaces for Personal Identity Verification, February 2010.
|
-
National Institute of Standards and Technology Special Publication 800-76-1, Biometric Data Specification for Personal Identity Verification, January 2007.
|
-
National Institute of Standards and Technology Special Publication 800-77, Guide to IPsec VPNs, December 2005.
|
-
National Institute of Standards and Technology Special Publication 800-78-3, Cryptographic Algorithms and Key Sizes for Personal Identity Verification (PIV), December 2010.
|
-
National Institute of Standards and Technology Special Publication 800-79-1, Guidelines for the Accreditation of Personal Identity Verification Card Issuers, June 2008.
|
-
National Institute of Standards and Technology Special Publication 800-81, Secure Domain Name System (DNS) Deployment Guide, Revision 1, April 2010.
|
-
National Institute of Standards and Technology Special Publication 800-82, Revision 1, Guide to Industrial Control Systems (ICS) Security, April 2013.
|
-
National Institute of Standards and Technology Special Publication 800-83, Guide to Malware Incident Prevention and Handling, November 2005.
|
-
National Institute of Standards and Technology Special Publication 800-84, Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities, September 2006.
|
-
National Institute of Standards and Technology Special Publication 800-85A-2, PIV Card Application and Middleware Interface Test Guidelines (SP 800-73-3 Compliance), July 2010.
|
-
National Institute of Standards and Technology Special Publication 800-85B-1, (Draft) PIV Data Model Test Guidelines, September 2009.
|
-
National Institute of Standards and Technology Special Publication 800-86, Guide to Integrating Forensic Techniques into Incident Response, August 2006.
|
-
National Institute of Standards and Technology Special Publication 800-87, Revision 1, Codes for the Identification of Federal and Federally-Assisted Organizations, April 2008.
|
-
National Institute of Standards and Technology Special Publication 800-88, Guidelines for Media Sanitization, September 2006.
|
-
National Institute of Standards and Technology Special Publication 800-89, Recommendation for Obtaining Assurances for Digital Signature Applications, November 2006.
|
-
National Institute of Standards and Technology Special Publication 800-90A, Recommendation for Random Number Generation Using Deterministic Random Bit Generators, January 2012.
|
-
National Institute of Standards and Technology Special Publication 800-92, Guide to Computer Security Log Management, September 2006.
|
-
National Institute of Standards and Technology Special Publication 800-94, Guide to Intrusion Detection and Prevention Systems (IDPS), February 2007.
|
-
National Institute of Standards and Technology Special Publication 800-95, Guide to Secure Web Services, August 2007.
|
-
National Institute of Standards and Technology Special Publication 800-96, PIV Card / Reader Interoperability Guidelines, September 2006.
|
-
National Institute of Standards and Technology Special Publication 800-97, Establishing Robust Security Networks: A Guide to IEEE 802.11i, February 2007.
|
-
National Institute of Standards and Technology Special Publication 800-98, Guidelines for Securing Radio Frequency Identification (RFID) Systems, April 2007.
|
-
National Institute of Standards and Technology Special Publication 800-100, Information Security Handbook: A Guide for Managers, October 2006.
|
-
National Institute of Standards and Technology Special Publication 800-101, Guidelines on Cell Phone Forensics, May 2007.
|
-
National Institute of Standards and Technology Special Publication 800-103 (Draft), An Ontology of Identity Credentials, Part I: Background and Formulation, October 2006.
|
-
National Institute of Standards and Technology Special Publication 800-104, A Scheme for PIV Visual Card Topography, June 2007.
|
-
National Institute of Standards and Technology Special Publication 800-106, Randomized Hashing Digital Signatures, February 2009.
|
-
National Institute of Standards and Technology Special Publication 800-107, Recommendation for Applications Using Approved Hash Algorithms, August 2012.
|
-
National Institute of Standards and Technology Special Publication 800-108, Recommendation for Key Derivation Using Pseudorandom Functions, October 2009.
|
-
National Institute of Standards and Technology Special Publication 800-111, Guide to Storage Encryption Technologies for End User Devices, November 2007.
|
-
National Institute of Standards and Technology Special Publication 800-113, Guide to SSL VPNs, July 2008.
|
-
National Institute of Standards and Technology Special Publication 800-114, User's Guide to Securing External Devices for Telework and Remote Access, November 2007.
|
-
National Institute of Standards and Technology Special Publication 800-115, Technical Guide to Information Security Testing and Assessment, September 2008.
|
-
National Institute of Standards and Technology Special Publication 800-116, A Recommendation for the Use of PIV Credentials in Physical Access Control Systems (PACS), November 2008.
|
-
National Institute of Standards and Technology Special Publication 800-117, Version 1.0, Guide to Adopting and Using the Security Content Automation Protocol (SCAP), July 2010.
|
-
National Institute of Standards and Technology Special Publication 800-118 (Draft), Guide to Enterprise Password Management, April 2009.
|
-
National Institute of Standards and Technology Special Publication 800-121, Revision 1, Guide to Bluetooth Security, June 2012.
|
-
National Institute of Standards and Technology Special Publication 800-122, Guide to Protecting the Confidentiality of Personally Identifiable Information (PII), April 2010.
|
-
National Institute of Standards and Technology Special Publication 800-123, Guide to General Server Security, July 2008.
|
-
National Institute of Standards and Technology Special Publication 800-124, Guidelines on Cell Phone and PDA Security, October 2008.
|
-
National Institute of Standards and Technology Special Publication 800-125, Guide to Security for Full Virtualization Technologies, January 2011.
|
-
National Institute of Standards and Technology Special Publication 800-126, Revision 2, The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.2, September 2011.
|
-
National Institute of Standards and Technology Special Publication 800-127, Guide to Securing WiMAX Wireless Communications, September 2010.
|
-
National Institute of Standards and Technology Special Publication 800-128, Guide for Security-Focused Configuration Management of Information Systems, August 2011.
|
-
National Institute of Standards and Technology Special Publication 800-133, Recommendation for Cryptographic Key Generation, December 2012.
|
-
National Institute of Standards and Technology Special Publication 800-137, Information Security Continuous Monitoring for Federal Information Systems and Organizations, September 2011.
|
-
National Institute of Standards and Technology Special Publication 800-142, Practical Combinatorial Testing, October 2010.
|
-
National Institute of Standards and Technology Special Publication 800-144, Guidelines for Security and Privacy in Public Cloud Computing, December 2011.
|
-
National Institute of Standards and Technology Special Publication 800-145, The NIST Definition of Cloud Computing, September 2011.
|
-
National Institute of Standards and Technology Special Publication 800-146, Cloud Computing Synopsis and Recommendations, May 2012.
|
-
National Institute of Standards and Technology Special Publication 800-147, Basic Input/Output System (BIOS) Protection Guidelines, April 2011.
|
-
National Institute of Standards and Technology Special Publication 800-153, Guidelines for Securing Wireless Local Area Networks (WLANs), September 2011.
|
-
National Institute of Standards and Technology Interagency Report 7622, Notional Supply Chain Risk Management Practices for Federal Information Systems, October 2012.
|