NIST Special Publication 800-37
- NIST Special Publication 800-37
-
NIST Special Publication 800-37, "Guide for Applying the Risk Management Framework to Federal Information Systems" was developed by the Joint Task Force Transformation Initiative Working Group. It aims to transform the traditional Certification and Accreditation (C&A) process into the six-step Risk management framework (RMF).
The second step of the RMF is to select the appropriate subset of security controls from the control catalog in NIST Special Publication 800-53.
External links
Categories:
- Information assurance standards
- Standards
Wikimedia Foundation.
2010.
Look at other dictionaries:
NIST Special Publication 800-53 — NIST Special Publication 800 53, Recommended Security Controls for Federal Information Systems and Organizations, and catalogs security controls for all U.S. federal information systems except those related to national security. It is published… … Wikipedia
Cyber security standards — are security standards which enable organizations to practice safe security techniques to minimize the number of successful cyber security attacks. These guides provide general outlines as well as specific techniques for implementing cyber… … Wikipedia
Triple DES — Triple Data Encryption Algorithm General First published 1998 (ANS X9.52) Derived from DES Cipher detail Key sizes 168, 112 or 56 bits (Keying option 1, 2, 3 respectively) Block sizes … Wikipedia
Galois/Counter Mode — GCM mode (Galois/Counter Mode) is a mode of operation for symmetric key cryptographic block ciphers. It is an authenticated encryption algorithm designed to provide both authentication and privacy. GCM mode is defined for block ciphers with a… … Wikipedia
Блочный шифр — Общая схема работы блочного шифра Блочный шифр разновидность симметричного шифра … Википедия
Federal Information Security Management Act of 2002 — The Federal Information Security Management Act of 2002 ( FISMA , usc|44|3541, et seq. ) is a United States federal law enacted in 2002 as Title III of the E Government Act of 2002 (USPL|107|347, USStat|116|2899). The act was meant to bolster… … Wikipedia
Data remanence — is the residual representation of data that remains even after attempts have been made to remove or erase the data. This residue may result from data being left intact by a nominal file deletion operation, by reformatting of storage media that… … Wikipedia
Dual_EC_DRBG — or Dual Elliptic Curve Deterministic Random Bit Generator[1] is a controversial pseudorandom number generator (PRNG) designed and published by the National Security Agency. It is based on the elliptic curve discrete logarithm problem (ECDLP) and… … Wikipedia
Information security — Components: or qualities, i.e., Confidentiality, Integrity and Availability (CIA). Information Systems are decomposed in three main portions, hardware, software and communications with the purpose to identify and apply information security… … Wikipedia
Domain Name System Security Extensions — Internet protocol suite Application layer BGP DHCP DNS FTP HTTP … Wikipedia
