Hier finden Sie alle Normen und Standards, der Reihe nach aufgelistet.
-
NIST FIPS 200 – Minimum Security Requirements for Federal Information and Information Systems
Beschreibung FIPS 200 specifies minimum security requirements for federal information and information systems and a risk-based process for selecting the security controls necessary to satisfy the minimum requirements. NIST Weiterführende Links Das Dokument kann hier heruntergeladen werden. Schlagwörter risk-assessment — security controls — security requirements Status Aktuell: Stand 2006
-
NIST SP 1800-3 – Attribute Based Access Control
Beschreibung This guide discusses potential security risks facing organizations, benefits that may result from the implementation of an ABAC system, and the approach the NCCoE took in developing a reference architecture and build. It includes a discussion of major architecture design considerations, an explanation of security characteristic achieved by the reference design, and a mapping…
-
NIST SP 1800-4 – Mobile Device Security: Cloud and Hybrid Builds
Beschreibung This document proposes a reference design on how to architect enterprise-class protection for mobile devices accessing corporate resources. NIST Weiterführende Links Das Dokument kann hier heruntergeladen werden. Schlagwörter mobile — mobile device — mobile device management — mobility management — mobile security Status Aktuell: Stand 2019
-
NIST SP 500-299 – NIST Cloud Computing Security Reference Architecture
Beschreibung The purpose of this document is to define a NIST Cloud Computing Security Reference Architecture. NIST Weiterführende Links Weitere Informationen finden Sie hier. Das Dokument wurde zurückgezogen und die Überarbeitung eingestellt. Es kann jedoch beispielsweise auf Amazon erworben werden. Schlagwörter computer security — cloud computing Status Zurückgezogen
-
NIST SP 800-145 – The NIST Definition of Cloud Computing
Beschreibung Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models,…
-
NIST SP 800-153 – Guidelines for Securing Wireless Local Area Networks (WLANs)
Beschreibung A wireless local area network (WLAN) is a group of wireless networking devices within a limited geographic area, such as an office building, that exchange data through radio communications. The security of each WLAN is heavily dependent on how well each WLAN component—including client devices, access points (AP), and wireless switches—is secured throughout the…
-
NIST SP 800-34 – Contingency Planning Guide for Federal Information Systems
Beschreibung This publication assists organizations in understanding the purpose, process, and format of information system contingency planning development through practical, real-world guidelines. This guidance document provides background information on interrelationships between information system contingency planning and other types of security and emergency management-related contingency plans, organizational resiliency, and the system development life cycle. NIST Weiterführende…
-
NIST SP 800-35 – Guide to Information Technology Security Services
Beschreibung This guide provides assistance with the selection, implementation, and management of IT security services by guiding organizations through the various phases of the IT security services life cycle. This life cycle provides a framework that enables the IT security decision makers to organize their IT security effortsfrom initiation to closeout. NIST Weiterführende Links Das…
-
NIST SP 800-39 – Managing Information Security Risk: Organization, Mission, and Information System View
Beschreibung The purpose of Special Publication 800-39 is to provide guidance for an integrated, organization-wide program for managing information security risk to organizational operations , organizational assets, individuals, other organizations, and the Nation resulting from the operation and use of federal information systems. NIST Weiterführende Links Das Dokument kann hier heruntergeladen werden. Schlagwörter risk management…
-
NIST SP 800-45 – Guidelines on Electronic Mail Security
Beschreibung The purpose of the publication is to recommend security practices for designing, implementing, and operating email systems on public and private networks. It contains information on popular email encryption standards and other standards relating to email. It presents general information on securing mail servers‘ operating systems and specific guidance on securing mail server applications,…