NIST 网络安全相关标准美国（简单整理）

最新推荐文章于 2023-12-08 11:31:26 发布

置顶 DarkN0te

最新推荐文章于 2023-12-08 11:31:26 发布

阅读量1w

点赞数 10

文章标签：安全

本文链接：https://blog.csdn.net/m0_46232048/article/details/107924430

版权

系列	编号	英文名	中文名	状态	时间
ITL Bulleti		Security Considerations for Exchanging Files Over the Internet	通过Internet交换文件的安全注意事项	Final	8/03/2020
SP	800-210	General Access Control Guidance for Cloud Systems	云系统通用访问控制指南	Final	7/31/2020
White Paper	NIST Technical Note (TN) 2066	OpenFMB Proof of Concept Implementation Research	OpenFMB概念验证实施研究	Final	7/29/2020
NISTIR	8309	Status Report on the Second Round of the NIST Post-Quantum Cryptography Standardization Process	NIST后量子密码标准化流程第二轮的状态报告	Final	7/22/2020
NISTIR	8219	Securing Manufacturing Industrial Control Systems: Behavioral Anomaly Detection	保护制造工业控制系统：行为异常检测	Final	7/16/2020
NISTIR	8214A	NIST Roadmap Toward Criteria for Threshold Schemes for Cryptographic Primitives	NIST路线图，针对密码基元阈值方案的标准	Final	7/07/2020
SP	800-77 Rev. 1	Guide to IPsec VPNs	IPsec VPN指南	Final	6/30/2020
ITL Bulletin		NIST Privacy Framework: An Overview	NIST隐私框架：概述	Final	6/24/2020
White Paper		Can you tell? SSNet - a Sagittal Stratum-inspired Neural Network Framework for Sentiment Analysis	你能告诉？ SSNet-矢状面启发神经网络的情感分析框架	Final	6/23/2020
SP	1800-16	Securing Web Transactions: TLS Server Certificate Management	保护Web事务的安全：TLS服务器证书管理	Final	6/16/2020
SP	800-133 Rev. 2	Recommendation for Cryptographic Key Generation	密码密钥生成建议	Final	6/04/2020
NISTIR	8259	Foundational Cybersecurity Activities for IoT Device Manufacturers	物联网设备制造商的基本网络安全活动	Final	5/29/2020
NISTIR	8259A	IoT Device Cybersecurity Capability Core Baseline	物联网设备网络安全能力核心基准	Final	5/29/2020
SP	800-204A	Building Secure Microservices-based Applications Using Service-Mesh Architecture	使用服务网格体系结构构建基于安全微服务的应用程序	Final	5/27/2020
SP	800-137A	Assessing Information Security Continuous Monitoring (ISCM) Programs: Developing an ISCM Program Assessment	评估信息安全连续监视（ISCM）程序：制定ISCM程序评估	Final	5/21/2020
SP	1800-23	Energy Sector Asset Management: For Electric Utilities, Oil & Gas Industry	能源部门资产管理：用于电力，石油和天然气行业	Final	5/20/2020
NISTIR	8196	Security Analysis of First Responder Mobile and Wearable Devices	急救人员移动可穿戴设备的安全性分析	Final	5/11/2020
SP	800-57 Part 1 Rev. 5	Recommendation for Key Management: Part 1 – General	密钥管理建议：第1部分-概述	Final	5/04/2020
NISTIR	8294	Symposium on Federally Funded Research on Cybersecurity of Electric Vehicle Supply Equipment (EVSE)	联邦资助的电动汽车供应设备（EVSE）网络安全研究专题讨论会	Final	4/29/2020
NISTIR	8011 Vol. 4	Automation Support for Security Control Assessments: Software Vulnerability Management	安全控制评估的自动化支持：软件漏洞管理	Final	4/28/2020
White Paper		Protecting Data from Ransomware and Other Data Loss Events: A Guide for Managed Service Providers to Conduct, Maintain, and Test Backup Files	保护数据免受勒索软件和其他数据丢失事件的影响：受管服务提供商进行，维护和测试备份文件的指南	Final	4/24/2020
White Paper		Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF)	通过采用安全软件开发框架（SSDF）降低软件漏洞的风险	Final	4/23/2020
White Paper		5G Cybersecurity: Preparing a Secure Evolution to 5G	5G网络安全：准备向5G的安全演进	Final	4/13/2020
SP	800-175B Rev. 1	Guideline for Using Cryptographic Standards in the Federal Government: Cryptographic Mechanisms	联邦政府中使用加密标准的准则：加密机制	Final	3/31/2020
White Paper		[Project Description] Critical Cybersecurity Hygiene: Patching the Enterprise	[项目描述]关键的网络安全卫生：修补企业	Final	3/30/2020
SP	800-140B	CMVP Security Policy Requirements: CMVP Validation Authority Updates to ISO/IEC 24759 and ISO/IEC 19790 Annex B	CMVP安全策略要求：CMVP验证机构对ISO / IEC 24759和ISO / IEC 19790附件B的更新	Final	3/20/2020
SP	800-140E	CMVP Approved Authentication Mechanisms: CMVP Validation Authority Requirements for ISO/IEC 19790 Annex E and ISO/IEC 24579 Section 6.17	CMVP批准的认证机制：CMVP验证机构对ISO / IEC 19790 Annex E和ISO / IEC 24579第6.17节的要求	Final	3/20/2020
SP	800-140F	CMVP Approved Non-Invasive Attack Mitigation Test Metrics: CMVP Validation Authority Updates to ISO/IEC 24759	CMVP批准的非侵入式攻击缓解测试指标：CMVP验证机构对ISO / IEC 24759的更新	Final	3/20/2020
SP	800-140D	CMVP Approved Sensitive Parameter Generation and Establishment Methods: CMVP Validation Authority Updates to ISO/IEC 24759	CMVP批准的敏感参数生成和建立方法：CMVP验证机构对ISO / IEC 24759的更新	Final	3/20/2020
SP	800-140	FIPS 140-3 Derived Test Requirements (DTR): CMVP Validation Authority Updates to ISO/IEC 24759	FIPS 140-3衍生测试要求（DTR）：CMVP验证机构对ISO / IEC 24759的更新	Final	3/20/2020
SP	800-140A	CMVP Documentation Requirements: CMVP Validation Authority Updates to ISO/IEC 24759	CMVP文档要求：CMVP验证机构对ISO / IEC 24759的更新	Final	3/20/2020
SP	800-140C	CMVP Approved Security Functions: CMVP Validation Authority Updates to ISO/IEC 24759	CMVP批准的安全功能：CMVP验证授权机构对ISO / IEC 24759的更新	Final	3/20/2020
NISTIR	8170	Approaches for Federal Agencies to Use the Cybersecurity Framework	联邦机构使用网络安全框架的方法	Final	3/19/2020
ITL Bulletin		Security for Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Solutions	企业远程办公，远程访问和自带设备（BYOD）解决方案的安全性	Final	3/18/2020
SP	800-206	Annual Report 2018: NIST/ITL Cybersecurity Program	2018年度报告：NIST / ITL网络安全计划	Final	3/13/2020
SP	800-63A	Digital Identity Guidelines: Enrollment and Identity Proofing	数字身份准则：注册和身份证明	Final	3/02/2020
SP	800-63B	Digital Identity Guidelines: Authentication and Lifecycle Management	数字身份准则：身份验证和生命周期管理	Final	3/02/2020
SP	800-63C	Digital Identity Guidelines: Federation and Assertions	数字身份准则：联盟和断言	Final	3/02/2020
SP	800-63-3	Digital Identity Guidelines	数字身份准则	Final	3/02/2020
SP	800-171 Rev. 2	Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations	保护非联邦系统和组织中的受控未分类信息	Final	2/21/2020
NISTIR	8287	A Roadmap for Successful Regional Alliances and Multistakeholder Partnerships to Build the Cybersecurity Workforce	成功的区域联盟和多方利益相关者合作关系建立网络安全劳动力的路线图	Final	2/20/2020
White Paper		[Project Description] Protecting Information and System Integrity in Industrial Control Systems Environments: Cybersecurity for the Manufacturing Sector	[项目描述]在工业控制系统环境中保护信息和系统完整性：制造业的网络安全	Final	2/07/2020
White Paper		Case Studies in Cyber Supply Chain Risk Management: Palo Alto Networks, Inc.	网络供应链风险管理案例研究：Palo Alto Networks，Inc.	Final	2/04/2020
White Paper		Case Studies in Cyber Supply Chain Risk Management: Seagate Technology	网络供应链风险管理案例研究：希捷技术	Final	2/04/2020
White Paper		Case Studies in Cyber Supply Chain Risk Management: Mayo Clinic	网络供应链风险管理案例研究：Mayo诊所	Final	2/04/2020
White Paper		Case Studies in Cyber Supply Chain Risk Management: Anonymous Renewable Energy Company	网络供应链风险管理案例研究：匿名可再生能源公司	Final	2/04/2020
White Paper		Case Studies in Cyber Supply Chain Risk Management: Summary of Findings and Recommendations	网络供应链风险管理案例研究：发现和建议摘要	Final	2/04/2020
White Paper		Case Studies in Cyber Supply Chain Risk Management: Anonymous Consumer Goods Company	网络供应链风险管理案例研究：匿名消费品公司	Final	2/04/2020
White Paper		Case Studies in Cyber Supply Chain Risk Management: Anonymous Consumer Electronics Company	网络供应链风险管理案例研究：匿名消费电子公司	Final	2/04/2020
White Paper		On the Profitability of Selfish Mining Against Multiple Difficulty Adjustment Algorithms	基于多重难度调整算法的自私采矿的获利能力	Final	1/29/2020
White Paper		NIST Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management, Version 1.0	NIST隐私框架：一种通过企业风险管理改善隐私的工具，版本1.0	Final	1/16/2020
White Paper		A Taxonomic Approach to Understanding Emerging Blockchain Identity Management Systems	了解新兴区块链身份管理系统的分类方法	Final	1/14/2020
SP	800-189	Resilient Interdomain Traffic Exchange: BGP Security and DDoS Mitigation	弹性域间流量交换：BGP安全性和DDoS缓解	Final	12/17/2019
White Paper		[Project Description] Data Confidentiality: Identifying and Protecting Assets and Data Against Data Breaches	[项目描述]数据机密性：识别和保护资产和数据免遭数据泄露	Final	12/05/2019
White Paper		[Project Description] Data Confidentiality: Detect, Respond to, and Recover from Data Breaches	[项目描述]数据机密性：检测，响应和从数据泄露中恢复	Final	12/05/2019
SP	800-160 Vol. 2	Developing Cyber Resilient Systems: A Systems Security Engineering Approach	开发网络弹性系统：一种系统安全工程方法	Final	11/27/2019
SP	1500-4r2	NIST Big Data Interoperability Framework: Volume 4, Security and Privacy Version 3	NIST大数据互操作性框架：第4卷，安全性和隐私版本3	Final	10/21/2019
SP	800-128	Guide for Security-Focused Configuration Management of Information Systems	注重安全的信息系统配置管理指南	Final	10/10/2019
NISTIR	8268	Status Report on the First Round of the NIST Lightweight Cryptography Standardization Process	NIST轻型密码术标准化进程第一轮状态报告	Final	10/07/2019
NISTIR	8183A Vol. 1	Cybersecurity Framework Manufacturing Profile Low Impact Level Example Implementations Guide: Volume 1 – General Implementation Guidance	网络安全框架制造概要低影响级别示例实施指南：第1卷–一般实施指南	Final	9/30/2019
NISTIR	8183A Vol. 3	Cybersecurity Framework Manufacturing Profile Low Impact Level Example Implementations Guide: Volume 3 – Discrete-based Manufacturing System Use Case	网络安全框架制造概要低影响级别示例实施指南：第3卷–基于离散的制造系统用例	Final	9/30/2019
NISTIR	8183A Vol. 2	Cybersecurity Framework Manufacturing Profile Low Impact Level Example Implementations Guide: Volume 2 – Process-based Manufacturing System Use Case	网络安全框架制造概要低影响级别示例实施指南：第2卷–基于流程的制造系统用例	Final	9/30/2019
SP	800-52 Rev. 2	Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations	选择，配置和使用传输层安全性（TLS）实施准则	Final	8/29/2019
SP	1800-12	Derived Personal Identity Verification (PIV) Credentials	派生个人身份验证（PIV）凭据	Final	8/27/2019
White Paper		[Project Description] Securing the Industrial Internet of Things: Cybersecurity for Distributed Energy Resources	[项目描述]确保工业物联网的安全：分布式能源的网络安全	Final	8/15/2019
SP	800-204	Security Strategies for Microservices-based Application Systems	基于微服务的应用程序系统的安全策略	Final	8/07/2019
SP	1800-7	Situational Awareness for Electric Utilities	电力公用事业的情境意识	Final	8/07/2019
SP	800-162	Guide to Attribute Based Access Control (ABAC) Definition and Considerations	基于属性的访问控制（ABAC）定义和注意事项指南	Final	8/02/2019
NISTIR	8204	Cybersecurity Framework Online Informative References (OLIR) Submissions: Specification for Completing the OLIR Template	网络安全框架在线信息参考（OLIR）提交：完成OLIR模板的规范	Final	8/01/2019
SP	1800-17	Multifactor Authentication for E-Commerce: Risk-Based, FIDO Universal Second Factor Implementations for Purchasers	电子商务的多因素身份验证：针对购买者的基于风险的FIDO通用第二因素实现	Final	7/30/2019
White Paper		Practical Cryptanalysis of k-ary C*	kary C *的实用密码分析	Final	7/18/2019
White Paper	NIST Technical Note (TN) 2051	Cybersecurity Framework Smart Grid Profile	网络安全框架智能电网概况	Final	7/09/2019
NISTIR	7298 Rev. 3	Glossary of Key Information Security Terms	关键信息安全术语表	Final	7/03/2019
SP	1800-14	Protecting the Integrity of Internet Routing: Border Gateway Protocol (BGP) Route Origin Validation	保护Internet路由的完整性：边界网关协议（BGP）路由来源验证	Final	6/28/2019
NISTIR	8228	Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks	管理物联网（IoT）网络安全和隐私风险的注意事项	Final	6/25/2019
SP	800-205	Attribute Considerations for Access Control Systems	访问控制系统的属性注意事项	Final	6/18/2019
NISTIR	8221	A Methodology for Enabling Forensic Analysis Using Hypervisor Vulnerabilities Data	使用Hypervisor漏洞数据启用取证分析的方法	Final	6/05/2019
SP	800-57 Part 2 Rev. 1	Recommendation for Key Management: Part 2 – Best Practices for Key Management Organizations	密钥管理建议：第2部分–密钥管理组织的最佳实践	Final	5/23/2019
ITL Bulletin		FIPS 140-3 Adopts ISO/IEC Standards	FIPS 140-3采用ISO / IEC标准	Final	5/20/2019
NISTIR	8183	Cybersecurity Framework Manufacturing Profile	网络安全框架制造概况	Final	5/20/2019
White Paper		[Project Description] Securing Telehealth Remote Patient Monitoring Ecosystem: Cybersecurity for the Healthcare Sector	[项目描述]确保远程医疗远程患者监控生态系统的安全：医疗保健行业的网络安全	Final	5/13/2019
White Paper		BowTie – A deep learning feedforward neural network for sentiment analysis	BowTie –用于情感分析的深度学习前馈神经网络	Final	4/22/2019
SP	800-163 Rev. 1	Vetting the Security of Mobile Applications	审查移动应用程序的安全性	Final	4/19/2019
ITL Bulletin		Time to Standardize Threshold Schemes for Cryptographic Primitives	标准化密码基元阈值方案的时间了	Final	4/09/2019
FIPS	140-3	Security Requirements for Cryptographic Modules	加密模块的安全要求	Final	3/22/2019
SP	800-131A Rev. 2	Transitioning the Use of Cryptographic Algorithms and Key Lengths	过渡使用密码算法和密钥长度	Final	3/21/2019
SP	800-56B Rev. 2	Recommendation for Pair-Wise Key-Establishment Using Integer Factorization Cryptography	使用整数分解密码对进行明智配对密钥建立的建议	Final	3/21/2019
NISTIR	8214	Threshold Schemes for Cryptographic Primitives: Challenges and Opportunities in Standardization and Validation of Threshold Cryptography	密码原语的阈值方案：阈值密码术的标准化和验证中的挑战和机遇	Final	3/01/2019
ITL Bulletin		The Next Generation Risk Management Framework (RMF 2.0): A Holistic Methodology to Manage Information Security, Privacy and Supply Chain Risk	下一代风险管理框架（RMF 2.0）：一种用于管理信息安全，隐私和供应链风险的整体方法	Final	2/28/2019
SP	800-177 Rev. 1	Trustworthy Email	可信赖的电子邮件	Final	2/26/2019
SP	1800-4	Mobile Device Security: Cloud and Hybrid Builds	移动设备安全性：云和混合构建	Final	2/21/2019
NISTIR	8240	Status Report on the First Round of the NIST Post-Quantum Cryptography Standardization Process	NIST量子后密码学标准化进程第一轮状态报告	Final	1/31/2019
SP	800-37 Rev. 2	Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy	信息系统和组织的风险管理框架：安全和隐私的系统生命周期方法	Final	12/20/2018
ITL Bulletin		Securing Wireless Infusion Pumps	保护无线输液泵	Final	12/19/2018
NISTIR	8241	Organizational Views of NIST Cryptographic Standards and Testing and Validation Programs	NIST加密标准以及测试和验证程序的组织观点	Final	12/17/2018
NISTIR	8011 Vol. 3	Automation Support for Security Control Assessments: Software Asset Management	安全控制评估的自动化支持：软件资产管理	Final	12/06/2018
NISTIR	8200	Interagency Report on the Status of International Cybersecurity Standardization for the Internet of Things (IoT)	关于物联网（IoT）国际网络安全标准化状况的机构间报告	Final	11/29/2018
ITL Bulletin		One Block at a Time – Helping to Build Blockchain Knowledge	一次一个区块–帮助建立区块链知识	Final	10/25/2018
NISTIR	8202	Blockchain Technology Overview	区块链技术概述	Final	10/03/2018
ITL Bulletin		Automated Cryptographic Validation (ACV) Testing	自动密码验证（ACV）测试	Final	9/20/2018
White Paper		Transitioning to the Security Content Automation Protocol (SCAP) Version 2	过渡到安全内容自动化协议（SCAP）版本2	Final	9/10/2018
White Paper		The Economic Impacts of the Advanced Encryption Standard, 1996-2017	1996-2017年高级加密标准的经济影响	Final	9/07/2018
SP	1800-5	IT Asset Management	IT资产管理	Final	9/07/2018
SP	1800-8	Securing Wireless Infusion Pumps in Healthcare Delivery Organizations	保护医疗保健交付组织中的无线输液泵	Final	8/17/2018
SP	1800-1	Securing Electronic Health Records on Mobile Devices	保护移动设备上的电子健康记录	Final	7/27/2018
ITL Bulletin		Assessing Implementation of Controlled Unclassified Information (CUI) Security Requirements	评估受控未分类信息（CUI）安全要求的实施	Final	7/26/2018
SP	1800-2	Identity and Access Management for Electric Utilities	公用事业的身份和访问管理	Final	7/13/2018
SP	800-203	2017 NIST/ITL Cybersecurity Program Annual Report	2017 NIST / ITL网络安全计划年度报告	Final	7/02/2018
SP	800-116 Rev. 1	Guidelines for the Use of PIV Credentials in Facility Access	在设施访问中使用PIV凭证的准则	Final	6/29/2018
ITL Bulletin		Putting First Things First – A Model Process for Criticality Analysis	把第一件事放在首位–关键性分析的模型过程	Final	6/26/2018
SP	800-171A	Assessing Security Requirements for Controlled Unclassified Information	评估受控未分类信息的安全性要求	Final	6/13/2018
SP	800-125A Rev. 1	Security Recommendations for Server-based Hypervisor Platforms	基于服务器的虚拟机监控程序平台的安全建议	Final	6/07/2018
SP	800-171 Rev. 1	Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations	保护非联邦系统和组织中的受控未分类信息	Final	6/07/2018
White Paper		Extracting Linearization Equations from Noisy Sources	从噪声源提取线性化方程	Final	5/31/2018
White Paper		A Report to the President on Supporting the Growth and Sustainment of the Nation's Cybersecurity Workforce: Building the Foundation for a More Secure American Future	致总统的报告：支持国家网络安全劳动力的增长和维持：为更安全的美国未来奠定基础	Final	5/30/2018
White Paper		A Report to the President on Enhancing the Resilience of the Internet and Communications Ecosystem Against Botnets and Other Automated, Distributed Threats	致总统的报告，旨在增强互联网和通信生态系统对僵尸网络和其他自动分布式威胁的抵御能力	Final	5/30/2018
ITL Bulletin		Protecting Software Integrity Through Code Signing	通过代码签名保护软件完整性	Final	5/23/2018
SP	800-202	Quick Start Guide for Populating Mobile Test Devices	填充移动测试设备的快速入门指南	Final	5/10/2018
SP	800-193	Platform Firmware Resiliency Guidelines	平台固件弹性指南	Final	5/04/2018
ITL Bulletin		Improving the Trustworthiness of Email, and Beyond!	提高电子邮件的可信赖性，以及超越！	Final	4/25/2018
NISTIR	7511 Rev. 5	Security Content Automation Protocol (SCAP) Version 1.3 Validation Program Test Requirements	安全内容自动化协议（SCAP）版本1.3验证程序测试要求	Final	4/20/2018
SP	800-87 Rev. 2	Codes for Identification of Federal and Federally-Assisted Organizations	联邦和联邦协助组织识别码	Final	4/19/2018
White Paper		Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1	改善关键基础设施网络安全的框架，版本1.1	Final	4/16/2018
SP	800-56C Rev. 1	Recommendation for Key-Derivation Methods in Key-Establishment Schemes	密钥建立方案中密钥导出方法的建议	Final	4/16/2018
SP	800-56A Rev. 3	Recommendation for Pair-Wise Key-Establishment Schemes Using Discrete Logarithm Cryptography	使用离散对数密码学的明智配对密钥建立方案的建议	Final	4/16/2018
NISTIR	8179	Criticality Analysis Process Model: Prioritizing Systems and Components	关键性分析过程模型：确定系统和组件的优先级	Final	4/09/2018
ITL Bulletin		Safeguards for Securing Virtualized Servers	保护虚拟服务器的安全措施	Final	3/27/2018
SP	800-160 Vol. 1	Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems	系统安全工程：可信安全系统工程中多学科方法的考虑	Final	3/21/2018
SP	500-325	Fog Computing Conceptual Model	雾计算概念模型	Final	3/14/2018
ITL Bulletin		Securing Tomorrow's Information Through Post-Quantum Cryptography	通过后量子密码保护明天的信息	Final	2/27/2018
SP	800-70 Rev. 4	National Checklist Program for IT Products: Guidelines for Checklist Users and Developers	国家IT产品清单程序：清单用户和开发人员指南	Final	2/15/2018
SP	800-126 Rev. 3	The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.3	安全内容自动化协议（SCAP）的技术规范：SCAP版本1.3	Final	2/14/2018
SP	800-126A	SCAP 1.3 Component Specification Version Updates: An Annex to NIST Special Publication 800-126 Revision 3	SCAP 1.3组件规范版本更新：NIST特殊出版物800-126修订版3的附件	Final	2/14/2018
White Paper		[Project Description] Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events	[项目描述]数据完整性：识别和保护资产免受勒索软件和其他破坏性事件的侵害	Final	2/07/2018
White Paper		[Project Description] Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events	[项目描述]数据完整性：检测并响应勒索软件和其他破坏性事件	Final	2/07/2018
ITL Bulletin		Guidance for Improving LTE-Based Mobile Communications Security	改善基于LTE的移动通信安全性的指南	Final	1/29/2018
White Paper		Security Considerations for Code Signing	代码签名的安全注意事项	Final	1/26/2018
White Paper		[Project Description] Securing Picture Archiving and Communication System (PACS): Cybersecurity for the Healthcare Sector	[项目描述]保护图片存档和通信系统（PACS）：医疗保健行业的网络安全	Final	1/23/2018
SP	1800-6	Domain Name System-Based Electronic Mail Security	基于域名系统的电子邮件安全	Final	1/19/2018
NISTIR	8149	Developing Trust Frameworks to Support Identity Federations	开发信任框架以支持身份联合	Final	1/12/2018
NISTIR	8112	Attribute Metadata: A Proposed Schema for Evaluating Federated Attributes	属性元数据：用于评估联合属性的建议方案	Final	1/12/2018
SP	800-90B	Recommendation for the Entropy Sources Used for Random Bit Generation	对用于随机位生成的熵源的建议	Final	1/10/2018
NISTIR	8201	Internet of Things (IoT) Cybersecurity Colloquium: A NIST Workshop Proceedings	物联网（IoT）网络安全研讨会：NIST研讨会论文集	Final	12/22/2017
SP	800-187	Guide to LTE Security	LTE安全指南	Final	12/21/2017
White Paper		[Project Description] Mitigating IoT-based Distributed Denial of Service (DDOS)	[项目描述]缓解基于IoT的分布式拒绝服务（DDOS）	Final	12/14/2017
ITL Bulletin		Guidance on TDEA Block Ciphers	TDEA分组密码指南	Final	11/27/2017
SP	800-67 Rev. 2	Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher	关于三重数据加密算法（TDEA）分组密码的建议	Final	11/17/2017
White Paper		[Project Description] TLS Server Certificate Management	[项目描述] TLS服务器证书管理	Final	11/09/2017
ITL Bulletin		NIST Guidance on Application Container Security	NIST应用容器安全指南	Final	10/24/2017
White Paper		NSRL Kaspersky dataset documentation	NSRL卡巴斯基数据集文档	Final	10/23/2017
NISTIR	8176	Security Assurance Requirements for Linux Application Container Deployments	Linux应用程序容器部署的安全性保证要求	Final	10/11/2017
NISTIR	8194	Exploratory Lens Model of Decision-Making in a Potential Phishing Attack Scenario	潜在的网络钓鱼攻击场景中的决策探索性透镜模型	Final	10/10/2017
SP	800-195	2016 NIST/ITL Cybersecurity Program Annual Report	2016 NIST / ITL网络安全计划年度报告	Final	9/28/2017
ITL Bulletin		Updating the Keys for DNS Security	更新密钥以提高DNS安全性	Final	9/27/2017
SP	800-190	Application Container Security Guide	应用容器安全指南	Final	9/25/2017
NISTIR	8192	Enhancing Resilience of the Internet and Communications Ecosystem: A NIST Workshop Proceedings	增强Internet和通信生态系统的弹性：NIST研讨会论文集	Final	9/18/2017
White Paper		[Project Description] Securing Property Management Systems: Cybersecurity for the Hospitality Sector	[项目描述]保护财产管理系统的安全：酒店业的网络安全	Final	9/13/2017
ITL Bulletin		Understanding the Major Update to NIST SP 800-63: Digital Identity Guidelines	了解NIST SP 800-63的主要更新：数字身份准则	Final	8/29/2017
SP	800-181	National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework	国家网络安全教育倡议（NICE）网络安全劳动力框架	Final	8/07/2017
ITL Bulletin		Updated NIST Guidance for Bluetooth Security	更新了NIST蓝牙安全性指南	Final	7/25/2017
White Paper		An Elementary Proof of Private Random Number Generation from Bell Inequalities	贝尔不等式生成私人随机数的基本证明	Final	7/20/2017
White Paper		[Project Description] Secure Inter-Domain Routing--Part 1: Route Hijacks	[项目描述]安全的域间路由-第1部分：路由劫持	Final	7/06/2017
White Paper		SPHINCS-Simpira: Fast Stateless Hash-based Signatures with Post-quantum Security	SPHINCS-Simpira：具有后量子安全性的基于无状态哈希的快速签名	Final	6/29/2017
SP	800-192	Verification and Test Methods for Access Control Policies/Models	访问控制策略/模型的验证和测试方法	Final	6/27/2017
White Paper		Tightly Secure Short Signatures from Weak PRFs	弱PRF严格保护短签名	Final	6/27/2017
SP	800-12 Rev. 1	An Introduction to Information Security	信息安全概论	Final	6/22/2017
ITL Bulletin		Toward Standardizing Lightweight Cryptography	迈向标准化轻量化密码学	Final	6/20/2017
NISTIR	8011 Vol. 2	Automation Support for Security Control Assessments: Volume 2: Hardware Asset Management	安全控制评估的自动化支持：第2卷：硬件资产管理	Final	6/06/2017
NISTIR	8011 Vol. 1	Automation Support for Security Control Assessments: Volume 1: Overview	安全控制评估的自动化支持：第1卷：概述	Final	6/06/2017
White Paper		Graphical Methods in Device-Independent Quantum Cryptography	与设备无关的量子密码学中的图形方法	Final	5/25/2017
SP	800-121 Rev. 2	Guide to Bluetooth Security	蓝牙安全性指南	Final	5/08/2017
ITL Bulletin		Cyber-Threat Intelligence and Information Sharing	网络威胁情报和信息共享	Final	5/08/2017
ITL Bulletin		Building the Bridge Between Privacy and Cybersecurity for Federal Systems	搭建联邦系统的隐私和网络安全之间的桥梁	Final	4/18/2017
White Paper		Baldrige Cybersecurity Excellence Builder: Key questions for improving your organization's cybersecurity performance	Baldrige网络安全卓越构建器：改善组织的网络安全绩效的关键问题	Final	4/02/2017
NISTIR	8114	Report on Lightweight Cryptography	轻型密码学报告	Final	3/28/2017
ITL Bulletin		Fundamentals of Small Business Information Security	小型企业信息安全基础	Final	3/13/2017
White Paper		[Project Description] Capabilities Assessment for Securing Manufacturing Industrial Control Systems	[项目描述]保障制造业工业控制系统能力的评估	Final	3/09/2017
ITL Bulletin		Guide for Cybersecurity Incident Recovery	网络安全事件恢复指南	Final	2/17/2017
NISTIR	8165	Impact of Code Complexity on Software Analysis	代码复杂度对软件分析的影响	Final	2/09/2017
NISTIR	8136	An Overview of Mobile Application Vetting Services for Public Safety	面向公共安全的移动应用程序审查服务概述	Final	1/27/2017
ITL Bulletin		Dramatically Reducing Software Vulnerabilities	大大减少软件漏洞	Final	1/17/2017
NISTIR	8062	An Introduction to Privacy Engineering and Risk Management in Federal Systems	联邦系统中的隐私工程和风险管理简介	Final	1/04/2017
SP	800-184	Guide for Cybersecurity Event Recovery	网络安全事件恢复指南	Final	12/22/2016
SP	800-185	SHA-3 Derived Functions: cSHAKE, KMAC, TupleHash, and ParallelHash	SHA-3派生函数：cSHAKE，KMAC，TupleHash和ParallelHash	Final	12/22/2016
ITL Bulletin		Rethinking Security Through Systems Security Engineering	通过系统安全工程重新考虑安全性	Final	12/21/2016
SP	800-179	Guide to Securing Apple OS X 10.10 Systems for IT Professionals: A NIST Security Configuration Checklist	适用于IT专业人员的Apple OS X 10.10系统安全指南：NIST安全配置清单	Final	12/05/2016
NISTIR	8151	Dramatically Reducing Software Vulnerabilities: Report to the White House Office of Science and Technology Policy	大幅减少软件漏洞：向白宫科学技术政策办公室报告	Final	11/30/2016
White Paper		[Project Description] Mobile Application Single Sign-On: for Public Safety and First Responders	[项目描述]移动应用程序单点登录：公共安全和急救人员	Final	11/28/2016
ITL Bulletin		Exploring the Next Generation of Access Control Methodologies	探索下一代访问控制方法	Final	11/21/2016
SP	500-320	Report of the Workshop on Software Measures and Metrics to Reduce Security Vulnerabilities (SwMM-RSV)	减少安全漏洞的软件措施和指标研讨会的报告（SwMM-RSV）	Final	11/10/2016
NISTIR	7621 Rev. 1	Small Business Information Security: The Fundamentals	小型企业信息安全：基础知识	Final	11/03/2016
ITL Bulletin		Making Email Trustworthy	使电子邮件值得信赖	Final	10/24/2016
SP	800-38B	Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication	分组密码操作模式的建议：认证的CMAC模式	Final	10/06/2016
SP	800-150	Guide to Cyber Threat Information Sharing	网络威胁信息共享指南	Final	10/04/2016
SP	800-178	A Comparison of Attribute Based Access Control (ABAC) Standards for Data Service Applications: Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC)	数据服务应用的基于属性的访问控制（ABAC）标准的比较：可扩展访问控制标记语言（XACML）和下一代访问控制（NGAC）	Final	10/03/2016
ITL Bulletin		Demystifying the Internet of Things	揭开物联网的神秘面纱	Final	9/23/2016
White Paper		[Project Description] Multifactor Authentication for e-Commerce: Online Authentication for the Retail Sector	[项目描述]电子商务的多因素身份验证：零售部门的在线身份验证	Final	9/20/2016
NISTIR	8103	Advanced Identity Workshop on Applying Measurement Science in the Identity Ecosystem: Summary and Next Steps	关于在身份生态系统中应用测量科学的高级身份研讨会：摘要和后续步骤	Final	9/19/2016
SP	800-175A	Guideline for Using Cryptographic Standards in the Federal Government: Directives, Mandates and Policies	联邦政府中使用加密标准的指南：指令，授权和政策	Final	8/22/2016
SP	800-182	Computer Security Division 2015 Annual Report	计算机安全司2015年度报告	Final	8/10/2016
ITL Bulletin		NIST Updates Personal Identity Verification (PIV) Guidelines	NIST更新了个人身份验证（PIV）指南	Final	8/09/2016
SP	800-114 Rev. 1	User's Guide to Telework and Bring Your Own Device (BYOD) Security	远程办公和自带设备（BYOD）安全性用户指南	Final	7/29/2016
SP	800-46 Rev. 2	Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security	企业远程办公，远程访问和自带设备（BYOD）安全性指南	Final	7/29/2016
SP	800-183	Networks of 'Things'	“事物”网络	Final	7/28/2016
NISTIR	8080	Usability and Security Considerations for Public Safety Mobile Authentication	公共安全移动身份验证的可用性和安全性注意事项	Final	7/27/2016
ITL Bulletin		Improving Security and Software Management Through the Use of SWID Tags	通过使用SWID标签改善安全性和软件管理	Final	7/13/2016
SP	800-166	Derived PIV Application and Data Model Test Guidelines	衍生的PIV应用程序和数据模型测试准则	Final	6/06/2016
ITL Bulletin		Extending Network Security into Virtualized Infrastructure	将网络安全扩展到虚拟化基础架构	Final	6/03/2016
NISTIR	8135	Identifying and Categorizing Data Types for Public Safety Mobile Applications: Workshop Report	识别和分类公共安全移动应用程序的数据类型：研讨会报告	Final	6/01/2016
SP	800-156	Representation of PIV Chain-of-Trust for Import and Export	进出口PIV信任链的表示形式	Final	5/20/2016
White Paper		User's Guide to Running the Draft NIST SP 800-90B Entropy Estimation Suite	运行NIST SP 800-90B熵估算套件草案的用户指南	Final	5/12/2016
ITL Bulletin		Combinatorial Testing for Cybersecurity and Reliability	网络安全性和可靠性的组合测试	Final	5/12/2016
White Paper		[Project Description] Data Integrity: Recovering from a destructive malware attack	[项目描述]数据完整性：从破坏性恶意软件攻击中恢复	Final	5/09/2016
NISTIR	8105	Report on Post-Quantum Cryptography	量子后密码学报告	Final	4/28/2016
NISTIR	8040	Measuring the Usability and Security of Permuted Passwords on Mobile Platforms	测量移动平台上排列密码的可用性和安全性	Final	4/25/2016
NISTIR	8060	Guidelines for the Creation of Interoperable Software Identification (SWID) Tags	创建互操作软件标识（SWID）标签的准则	Final	4/22/2016
White Paper		Best Practices for Privileged User PIV Authentication	特权用户PIV身份验证的最佳做法	Final	4/21/2016
ITL Bulletin		New NIST Security Standard Can Protect Credit Cards, Health Information	新的NIST安全标准可以保护信用卡，健康信息	Final	4/14/2016
SP	800-85A-4	PIV Card Application and Middleware Interface Test Guidelines (SP 800-73-4 Compliance)	PIV卡应用程序和中间件接口测试指南（符合SP 800-73-4）	Final	4/13/2016
NISTIR	7977	NIST Cryptographic Standards and Guidelines Development Process	NIST加密标准和准则制定流程	Final	3/31/2016
SP	800-38G	Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption	分组密码操作模式的建议：保留格式的加密方法	Final	3/29/2016
NISTIR	8054	NSTIC Pilots: Catalyzing the Identity Ecosystem	NSTIC试点：催化身份生态系统	Final	3/15/2016
ITL Bulletin		Updates to the NIST SCAP Validation Program and Associated Test Requirements	NIST SCAP验证程序和相关测试要求的更新	Final	3/15/2016
SP	800-125B	Secure Virtual Network Configuration for Virtual Machine (VM) Protection	用于虚拟机（VM）保护的安全虚拟网络配置	Final	3/07/2016
Building Block		[Project Description] Domain Name System-Based Security for Electronic Mail	[项目描述]基于域名系统的电子邮件安全性	Final	3/04/2016
ITL Bulletin		Implementing Trusted Geolocation Services in the Cloud	在云中实施可信的地理位置服务	Final	2/17/2016
SP	800-73-4	Interfaces for Personal Identity Verification	个人身份验证界面	Final	2/12/2016
NISTIR	7511 Rev. 4	Security Content Automation Protocol (SCAP) Version 1.2 Validation Program Test Requirements	安全内容自动化协议（SCAP）1.2版验证程序测试要求	Final	1/28/2016
NISTIR	8055	Derived Personal Identity Verification (PIV) Credentials (DPC) Proof of Concept Research	概念研究的派生个人身份验证（PIV）凭证（DPC）证明	Final	1/20/2016
ITL Bulletin		Securing Interactive and Automated Access Management Using Secure Shell (SSH)	使用安全外壳（SSH）保护交互式和自动访问管理的安全	Final	1/11/2016
NISTIR	8074 Vol. 2	Supplemental Information for the Interagency Report on Strategic U.S. Government Engagement in International Standardization to Achieve U.S. Objectives for Cybersecurity	关于美国政府战略性参与国际标准化以实现美国网络安全目标的机构间报告的补充信息	Final	12/23/2015
NISTIR	8074 Vol. 1	Interagency Report on Strategic U.S. Government Engagement in International Standardization to Achieve U.S. Objectives for Cybersecurity	关于美国政府战略参与国际标准化以实现美国网络安全目标的机构间报告	Final	12/23/2015
ITL Bulletin		Stopping Malware and Unauthorized Software through Application Whitelisting	通过应用白名单停止恶意软件和未经授权的软件	Final	12/15/2015
NISTIR	7904	Trusted Geolocation in the Cloud: Proof of Concept Implementation	云中的可信地理位置：概念验证实施	Final	12/10/2015
Use Case		[Project Description] Wireless Medical Infusion Pumps: Medical Device Security	[项目描述]无线医用输液泵：医疗设备安全	Final	12/01/2015
ITL Bulletin		Tailoring Security Controls for Industrial Control Systems	定制工业控制系统的安全控制	Final	11/16/2015
SP	800-152	A Profile for U.S. Federal Cryptographic Key Management Systems (CKMS)	美国联邦密码密钥管理系统（CKMS）的配置文件	Final	10/28/2015
SP	800-167	Guide to Application Whitelisting	申请白名单指南	Final	10/28/2015
NISTIR	7987 Rev. 1	Policy Machine: Features, Architecture, and Specification	策略机器：功能，体系结构和规范	Final	10/27/2015
White Paper		The Number of Boolean Functions with Multiplicative Complexity 2	具有乘法复杂度的布尔函数数2	Final	10/27/2015
NISTIR	8053	De-Identification of Personal Information	取消个人信息识别	Final	10/22/2015
ITL Bulletin		Protection of Controlled Unclassified Information	保护受控的非保密信息	Final	10/19/2015
NISTIR	7966	Security of Interactive and Automated Access Management Using Secure Shell (SSH)	使用安全外壳（SSH）的交互式自动访问管理的安全性	Final	10/15/2015
ITL Bulletin		Additional Secure Hash Algorithm Standards Offer New Opportunities for Data Protection	其他安全哈希算法标准为数据保护提供了新的机会	Final	9/24/2015
White Paper		Multiplicative Complexity of Vector Value Boolean Functions	向量值布尔函数的乘法复杂度	Final	9/21/2015
Building Block		[Project Description] Software Asset Management: Continuous Monitoring	[项目描述]软件资产管理：持续监控	Final	9/16/2015
SP	800-176	Computer Security Division 2014 Annual Report	计算机安全司2014年度报告	Final	8/20/2015
ITL Bulletin		Recommendation for Random Number Generation Using Deterministic Random Bit Generators	使用确定性随机位生成器生成随机数的建议	Final	8/13/2015
FIPS	180-4	Secure Hash Standard (SHS)	安全哈希标准（SHS）	Final	8/04/2015
FIPS	202	SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions	SHA-3标准：基于置换的哈希和可扩展输出函数	Final	8/04/2015
SP	800-79-2	Guidelines for the Authorization of Personal Identity Verification Card Issuers (PCI) and Derived PIV Credential Issuers (DPCI)	授权个人身份验证卡发行人（PCI）和派生PIV凭证发行人（DPCI）的准则	Final	7/30/2015
ITL Bulletin		Improved Security and Mobility Through Updated Interfaces for PIV Cards	通过更新的PIV卡接口提高了安全性和移动性	Final	7/21/2015
SP	800-90A Rev. 1	Recommendation for Random Number Generation Using Deterministic Random Bit Generators	使用确定性随机位生成器生成随机数的建议	Final	6/24/2015
SP	500-304	Conformance Testing Methodology Framework for ANSI/NIST-ITL 1-2011 Update: 2013, Data Format for the Interchange of Fingerprint, Facial & Other Biometric Information	ANSI / NIST-ITL 1-2011更新的一致性测试方法框架，2013年，指纹，面部和其他生物识别信息互换的数据格式	Final	6/24/2015
NISTIR	7863	Cardholder Authentication for the PIV Digital Signature Key	PIV数字签名密钥的持卡人身份验证	Final	6/18/2015
ITL Bulletin		Increasing Visibility and Control of Your ICT Supply Chains	增强ICT供应链的可见性和控制力	Final	6/15/2015
White Paper		Final Report: Leveraging the Cyber Risk Portal as A Teaching & Education Tool	最终报告：利用网络风险门户作为教学工具	Final	6/10/2015
SP	800-82 Rev. 2	Guide to Industrial Control Systems (ICS) Security	工业控制系统（ICS）安全性指南	Final	6/03/2015
SP	800-78-4	Cryptographic Algorithms and Key Sizes for Personal Identity Verification	用于个人身份验证的密码算法和密钥大小	Final	5/29/2015
ITL Bulletin		Authentication Considerations for Public Safety Mobile Networks	公共安全移动网络的身份验证注意事项	Final	5/14/2015
ITL Bulletin		Is Your Replication Device Making An Extra Copy For Someone Else?	您的复制设备是否为其他人制作了额外的副本？	Final	4/16/2015
NISTIR	8041	Proceedings of the Cybersecurity for Direct Digital Manufacturing (DDM) Symposium	直接数字制造（DDM）网络安全研讨会论文集	Final	4/10/2015
SP	800-161	Supply Chain Risk Management Practices for Federal Information Systems and Organizations	联邦信息系统和组织的供应链风险管理实践	Final	4/08/2015
White Paper		Analysis of VAES3 (FF2)	VAES3（FF2）的分析	Final	4/02/2015
Building Block	V.2	[Project Description] Attribute Based Access Control	[项目描述]基于属性的访问控制	Final	4/01/2015
NISTIR	8014	Considerations for Identity Management in Public Safety Mobile Networks	公共安全移动网络中身份管理的注意事项	Final	3/30/2015
ITL Bulletin		Guidance for Secure Authorization of Mobile Applications in the Corporate Environment	企业环境中移动应用程序的安全授权指南	Final	3/19/2015
White Paper		User's Guide to Running the Draft NIST SP 800-90B Section 9 Entropy Estimation Tests	NIST SP 800-90B草案运行用户指南第9节熵估算测试	Final	3/10/2015
NISTIR	7823	Advanced Metering Infrastructure Smart Meter Upgradeability Test Framework	先进的计量基础设施智能电表可升级性测试框架	Final	3/02/2015
NISTIR	8023	Risk Management for Replication Devices	复制设备的风险管理	Final	2/23/2015
ITL Bulletin		NIST Special Publication 800-88 Revision 1, Guidelines for Media Sanitization	NIST特别出版物800-88修订版1，媒体清理准则	Final	2/05/2015
ITL Bulletin		Release of NIST Special Publication 800-53A, Revision 4, Assessing Security and Privacy Controls in Federal Information Systems and Organizations	NIST特别出版物800-53A，修订版4的发布，评估联邦信息系统和组织中的安全性和隐私控制	Final	1/29/2015
SP	800-53 Rev. 4	Security and Privacy Controls for Federal Information Systems and Organizations	联邦信息系统和组织的安全和隐私控制	Final	1/22/2015
NISTIR	8018	Public Safety Mobile Application Security Requirements Workshop Summary	公共安全移动应用安全要求研讨会总结	Final	1/22/2015
SP	800-57 Part 3 Rev. 1	Recommendation for Key Management, Part 3: Application-Specific Key Management Guidance	密钥管理建议，第3部分：特定于应用程序的密钥管理指南	Final	1/22/2015
ITL Bulletin		Release Of NIST Special Publication 800-157, Guidelines For Derived Personal Identity Verification (PIV) Credentials	发布NIST特别出版物800-157，派生个人身份验证（PIV）凭据准则	Final	12/30/2014
SP	800-157	Guidelines for Derived Personal Identity Verification (PIV) Credentials	派生个人身份验证（PIV）凭据准则	Final	12/19/2014
SP	800-53A Rev. 4	Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans	评估联邦信息系统和组织中的安全和隐私控制：建立有效的评估计划	Final	12/18/2014
SP	800-88 Rev. 1	Guidelines for Media Sanitization	媒体消毒准则	Final	12/17/2014
ITL Bulletin		Cryptographic Module Validation Program (CMVP)	密码模块验证程序（CMVP）	Final	12/01/2014
ITL Bulletin		Release of NIST Special Publication 800-147B, BIOS Protection Guidelines for Servers	NIST特殊出版物800-147B，服务器的BIOS保护准则的发布	Final	10/29/2014
ITL Bulletin		Release of NIST Interagency Report 7628 Revision 1, Guidelines for Smart Grid Cybersecurity	发布NIST Inter机构间报告7628修订版1，《智能电网网络安全指南》	Final	9/29/2014
NISTIR	7628 Rev. 1	Guidelines for Smart Grid Cybersecurity	智能电网网络安全准则	Final	9/25/2014
Building Block	V.2	[Project Description] Mobile Device Security for Enterprises	[项目描述]企业移动设备安全	Final	9/12/2014
SP	800-170	Computer Security Division 2013 Annual Report	计算机安全部2013年度报告	Final	9/04/2014
SP	800-147B	BIOS Protection Guidelines for Servers	服务器的BIOS保护准则	Final	8/28/2014
ITL Bulletin		Policy Machine: Towards a General-Purpose Enterprise-Wide Operating Environment	策略机器：迈向通用的企业范围操作环境	Final	8/28/2014
ITL Bulletin		Release of NIST Interagency Report 7946, CVSS Implementation Guidance	发布NIST机构间报告7946，CVSS实施指南	Final	7/10/2014
SP	800-168	Approximate Matching: Definition and Terminology	近似匹配：定义和术语	Final	7/02/2014
ITL Bulletin		ITL Forensic Science Program	ITL法医学计划	Final	6/05/2014
SP	800-101 Rev. 1	Guidelines on Mobile Device Forensics	移动设备取证准则	Final	5/15/2014
ITL Bulletin		Small and Medium-Size Business Information Security Outreach Program	中小型企业信息安全推广计划	Final	5/13/2014
NISTIR	7946	CVSS Implementation Guidance	CVSS实施指南	Final	4/28/2014
NISTIR	7991	United States Federal Employees' Password Management Behaviors – A Department of Commerce Case Study	美国联邦雇员的密码管理行为–商务部案例研究	Final	4/08/2014
ITL Bulletin		Attribute Based Access Control (ABAC) Definition and Considerations	基于属性的访问控制（ABAC）定义和注意事项	Final	3/07/2014
NISTIR	7849	A Methodology for Developing Authentication Assurance Level Taxonomy for Smart Card-based Identity Verification	开发用于基于智能卡的身份验证的身份验证保证级别分类法的方法	Final	3/05/2014
White Paper		NISTIR 7628 User's Guide	NISTIR 7628用户指南	Final	2/26/2014
White Paper		Summary of NIST SP 800-53, Revision 4: Security and Privacy Controls for Federal Information Systems and Organizations	NIST SP 800-53，修订版4的摘要：联邦信息系统和组织的安全和隐私控制	Final	2/19/2014
ITL Bulletin		Framework for Improving Critical Infrastructure Cybersecurity	改善关键基础设施网络安全的框架	Final	2/19/2014
White Paper		Framework for Improving Critical Infrastructure Cybersecurity, Version 1.0	改进关键基础设施网络安全的框架，版本1.0	Final	2/12/2014
NISTIR	7983	Report: Authentication Diary Study	报告：认证日记研究	Final	2/04/2014
ITL Bulletin		A Profile of the Key Management Framework for the Federal Government	联邦政府关键管理框架简介	Final	1/09/2014
ITL Bulletin		The National Vulnerability Database (NVD): Overview	国家漏洞数据库（NVD）：概述	Final	12/18/2013
NISTIR	7970	Taxonomic Rules for Password Policies: Translating the Informal to the Formal Language	密码策略的分类规则：将非正式语言转换为正式语言	Final	12/09/2013
Use Case		Identity and Access Management: Securing Networked Infrastructure for the Energy Sector	身份和访问管理：确保能源部门的网络基础架构安全	Final	11/05/2013
ITL Bulletin		ITL Releases Preliminary Cybersecurity Framework	ITL发布初步网络安全框架	Final	11/04/2013
ITL Bulletin		ITL Updates Federal Information Processing Standard (FIPS) for Personal Identity Verification (PIV) of Federal Employees and Contractors	ITL更新了联邦信息处理标准（FIPS），用于联邦雇员和承包商的个人身份验证（PIV）	Final	10/22/2013
NISTIR	7956	Cryptographic Key Management Issues & Challenges in Cloud Services	云服务中的密码密钥管理问题和挑战	Final	9/18/2013
NISTIR	7957	Conformance Test Architecture and Test Suite for ANSI/NIST-ITL 1-2011 NIEM XML Encoded Transactions	ANSI / NIST-ITL 1-2011 NIEM XML编码交易的一致性测试架构和测试套件	Final	9/18/2013
SP	800-81-2	Secure Domain Name System (DNS) Deployment Guide	安全域名系统（DNS）部署指南	Final	9/18/2013
ITL Bulletin		NIST Opens Draft Special Publication 800-90A, Recommendation for Random Number Generation Using Deterministic Random Bit Generators, For Review and Comment (Supplemental ITL Bulletin for September 2013)	NIST公开了特别出版物草案800-90A，《使用确定性随机位发生器生成随机数的建议》，以供审查和评论（2013年9月补充ITL公告）	Final	9/09/2013
FIPS	201-2	Personal Identity Verification (PIV) of Federal Employees and Contractors	联邦雇员和承包商的个人身份验证（PIV）	Final	9/05/2013
ITL Bulletin		ITL Publishes Guidance on Preventing and Handling Malware Incidents	国际交易日志发布了预防和处理恶意软件事件的指南	Final	8/22/2013
SP	800-130	A Framework for Designing Cryptographic Key Management Systems	设计密码密钥管理系统的框架	Final	8/15/2013
ITL Bulletin		ITL Publishes Guidance on Enterprise Patch Management Technologies	ITL发布有关企业补丁管理技术的指南	Final	8/08/2013
SP	800-165	Computer Security Division 2012 Annual Report	计算机安全司2012年度报告	Final	7/22/2013
SP	800-40 Rev. 3	Guide to Enterprise Patch Management Technologies	企业补丁管理技术指南	Final	7/22/2013
SP	800-83 Rev. 1	Guide to Malware Incident Prevention and Handling for Desktops and Laptops	台式机和笔记本电脑的恶意软件事件预防和处理指南	Final	7/22/2013
FIPS	186-4	Digital Signature Standard (DSS)	数字签名标准（DSS）	Final	7/19/2013
ITL Bulletin		ITL Issues Guidelines for Managing the Security of Mobile Devices	ITL发行管理移动设备安全性的准则	Final	7/15/2013
SP	800-76-2	Biometric Specifications for Personal Identity Verification	个人身份验证的生物识别规范	Final	7/11/2013
White Paper		Summary of the Workshop on Information and Communication Technologies Supply Chain Risk Management, National Institute of Standards and Technology, October 15-16, 2012	美国国家标准技术研究院信息与通信技术供应链风险管理研讨会摘要，2012年10月15日至16日	Final	7/10/2013
SP	800-124 Rev. 1	Guidelines for Managing the Security of Mobile Devices in the Enterprise	企业中移动设备安全性管理准则	Final	6/21/2013
NISTIR	7933	Requirements and Conformance Test Assertions for ANSI/NIST-ITL 1-2011 Record Type 18 - DNA Record	ANSI / NIST-ITL 1-2011记录类型18的要求和一致性测试断言-DNA记录	Final	6/21/2013
ITL Bulletin		ITL Publishes Security And Privacy Controls For Federal Agencies	ITL为联邦机构发布安全和隐私控制	Final	5/01/2013
ITL Bulletin		Security Content Automation Protocol (SCAP) Version 1.2 Validation Program Test Requirements	安全内容自动化协议（SCAP）1.2版验证程序测试要求	Final	4/10/2013
ITL Bulletin		NIST to Develop a Cybersecurity Framework to Protect Critical Infrastructure	NIST将开发网络安全框架来保护关键基础设施	Final	3/21/2013
NISTIR	7916	Proceedings of the Cybersecurity in Cyber-Physical Systems Workshop, April 23-24, 2012	网络物理系统网络安全研讨会论文集，2012年4月23日至24日	Final	2/15/2013
ITL Bulletin		Managing Identity Requirements for Remote Users of Information Systems to Protect System Security and Information Privacy	管理信息系统远程用户的身份要求以保护系统安全性和信息隐私	Final	1/29/2013
White Paper		Summary of the Workshop on Cryptographic Key Management Systems (CKMS), National Institute of Standards and Technology, September 10-11, 2012	美国国家标准与技术研究院密码密钥管理系统（CKMS）研讨会摘要，2012年9月10日至11日	Final	1/10/2013
ITL Bulletin		Generating Secure Cryptographic Keys: A Critical Component of Cryptographic Key Management and the Protection of Sensitive Information	生成安全的密码密钥：密码密钥管理和敏感信息保护的重要组成部分	Final	12/19/2012
SP	800-38F	Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping	分组密码操作模式的建议：密钥包装方法	Final	12/13/2012
White Paper		Proof of Concept for an ICT SCRM Enterprise Assessment Package	ICT SCRM企业评估包的概念验证	Final	12/01/2012
NISTIR	7817	A Credential Reliability and Revocation Model for Federated Identities	联合身份的凭证可靠性和撤销模型	Final	11/29/2012
ITL Bulletin		Practices for Managing Supply Chain Risks to Protect Federal Information Systems	管理供应链风险以保护联邦信息系统的实践	Final	11/27/2012
White Paper		Challenging Security Requirements for US Government Cloud Computing Adoption	挑战美国政府采用云计算的安全性要求	Final	11/19/2012
NISTIR	7896	Third-Round Report of the SHA-3 Cryptographic Hash Algorithm Competition	SHA-3密码哈希算法竞赛的第三轮报告	Final	11/15/2012
NISTIR	7878	Combinatorial Coverage Measurement	组合覆盖率测量	Final	10/26/2012
ITL Bulletin		Conducting Information Security-Related Risk Assessments: Updated Guidelines for Comprehensive Risk Management Programs	进行与信息安全相关的风险评估：全面风险管理计划的最新准则	Final	10/25/2012
NISTIR	7622	Notional Supply Chain Risk Management Practices for Federal Information Systems	联邦信息系统的名义供应链风险管理实践	Final	10/16/2012
ITL Bulletin		Revised Guide Helps Organizations Handle Security Related Incidents	经修订的指南可帮助组织处理与安全相关的事件	Final	9/27/2012
SP	800-30 Rev. 1	Guide for Conducting Risk Assessments	进行风险评估指南	Final	9/17/2012
NISTIR	7877	BioCTS 2012: Advanced Conformance Test Architectures and Test Suites for Biometric Data Interchange Formats and Biometric Information Records	BioCTS 2012：适用于生物识别数据交换格式和生物识别信息记录的高级一致性测试体系结构和测试套件	Final	9/14/2012
NISTIR	7874	Guidelines for Access Control System Evaluation Metrics	访问控制系统评估指标准则	Final	9/14/2012
SP	800-107 Rev. 1	Recommendation for Applications Using Approved Hash Algorithms	使用经认可的哈希算法的应用建议	Final	8/24/2012
White Paper		The Role of the National Institute of Standards and Technology in Mobile Security	美国国家标准技术研究院在移动安全中的作用	Final	8/23/2012
ITL Bulletin		Security of Bluetooth Systems and Devices: Updated Guide Issued by the National Institute of Standards and Technology (NIST)	蓝牙系统和设备的安全性：美国国家标准技术研究院（NIST）发布的更新指南	Final	8/13/2012
SP	800-61 Rev. 2	Computer Security Incident Handling Guide	计算机安全事件处理指南	Final	8/06/2012
NISTIR	7867 Rev. 2012	Usability of PIV Smartcards for Logical Access	PIV智能卡用于逻辑访问的可用性	Final	8/01/2012
NISTIR	7870	NIST Test Personal Identity Verification (PIV) Cards	NIST测试个人身份验证（PIV）卡	Final	7/12/2012
ITL Bulletin		Preparing for and Responding to Certification Authority Compromise and Fraudulent Certificate Issuance	准备和响应证书颁发机构的妥协和欺诈性证书颁发	Final	7/10/2012
NISTIR	7864	The Common Misuse Scoring System (CMSS): Metrics for Software Feature Misuse Vulnerabilities	常见滥用评分系统（CMSS）：软件功能滥用漏洞的度量标准	Final	7/10/2012
ITL Bulletin		Cloud Computing: A Review of Features, Benefits, and Risks, and Recommendations for Secure, Efficient Implementations	云计算：功能，收益和风险的回顾，以及有关安全，高效实施的建议	Final	6/27/2012
SP	800-146	Cloud Computing Synopsis and Recommendations	云计算简介和建议	Final	5/29/2012
ITL Bulletin		Secure Hash Standard: Updated Specifications Approved and Issued as Federal Information Processing Standard (FIPS) 180-4	安全哈希标准：更新的规范已批准并发布为联邦信息处理标准（FIPS）180-4	Final	5/09/2012
NISTIR	7816	Computer Security Division 2011 Annual Report	计算机安全司2011年度报告	Final	5/08/2012
White Paper		Adaptive Preimage Resistance Analysis Revisited: Requirements, Subtleties and Implications	自适应原像电阻分析：要求，细微之处和启示	Final	4/16/2012
ITL Bulletin		Guidelines for Improving Security and Privacy in Public Cloud Computing	在公共云计算中提高安全性和隐私性的准则	Final	3/28/2012
SP	800-126 Rev. 2	The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.2	安全内容自动化协议（SCAP）的技术规范：SCAP版本1.2	Final	3/19/2012
NISTIR	7275 Rev. 4	Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2	可扩展配置清单描述格式（XCCDF）版本1.2的规范	Final	3/01/2012
ITL Bulletin		Guidelines for Securing Wireless Local Area Networks (WLANs)	保护无线局域网（WLAN）的准则	Final	2/27/2012
SP	800-153	Guidelines for Securing Wireless Local Area Networks (WLANs)	保护无线局域网（WLAN）的准则	Final	2/21/2012
ITL Bulletin		Advancing Security Automation and Standardization: Revised Technical Specifications Issued for the Security Content Automation Protocol (SCAP)	推进安全自动化和标准化：针对安全内容自动化协议（SCAP）发布的修订的技术规范	Final	1/24/2012
SP	800-135 Rev. 1	Recommendation for Existing Application-Specific Key Derivation Functions	有关现有的特定于应用程序的密钥派生功能的建议	Final	12/23/2011
ITL Bulletin		Revised Guideline for Electronic Authentication of Users Helps Organizations Protect the Security of Their Information Systems	修订的用户电子身份验证指南可帮助组织保护其信息系统的安全性	Final	12/22/2011
SP	800-144	Guidelines on Security and Privacy in Public Cloud Computing	公共云计算中的安全性和隐私准则	Final	12/09/2011
White Paper		The ICT SCRM Community Framework Development Project: Final Report	ICT SCRM社区框架开发项目：最终报告	Final	12/01/2011
ITL Bulletin		Continuous Monitoring of Information Security: An Essential Component of Risk Management	持续监控信息安全：风险管理的重要组成部分	Final	10/25/2011
SP	800-137	Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations	联邦信息系统和组织的信息安全连续监视（ISCM）	Final	9/30/2011
SP	800-145	The NIST Definition of Cloud Computing	NIST云计算的定义	Final	9/28/2011
ITL Bulletin		Managing the Configuration of Information Systems with a Focus on Security	以安全为中心来管理信息系统的配置	Final	9/26/2011
NISTIR	7802	Trust Model for Security Automation Data 1.0 (TMSAD)	安全自动化数据1.0（TMSAD）的信任模型	Final	9/20/2011
NISTIR	7806	ANSI/NIST-ITL 1-2011 Requirements and Conformance Test Assertions	ANSI / NIST-ITL 1-2011要求和一致性测试断言	Final	9/16/2011
NISTIR	7682	Information System Security Best Practices for UOCAVA-Supporting Systems	UOCAVA支持系统的信息系统安全最佳实践	Final	9/15/2011
NISTIR	7711	Security Best Practices for the Electronic Transmission of Election Materials for UOCAVA Voters	UOCAVA选民的电子传输选举材料的安全最佳实践	Final	9/15/2011
ITL Bulletin		Protecting Industrial Control Systems – Key Components of Our Nation's Critical Infrastructures	保护工业控制系统–国家关键基础设施的关键组成部分	Final	8/24/2011
NISTIR	7698	Common Platform Enumeration: Applicability Language Specification Version 2.3	通用平台枚举：适用语言规范版本2.3	Final	8/19/2011
NISTIR	7696	Common Platform Enumeration: Name Matching Specification Version 2.3	通用平台枚举：名称匹配规范版本2.3	Final	8/19/2011
NISTIR	7697	Common Platform Enumeration: Dictionary Specification Version 2.3	通用平台枚举：字典规范版本2.3	Final	8/19/2011
NISTIR	7695	Common Platform Enumeration: Naming Specification Version 2.3	通用平台枚举：命名规范版本2.3	Final	8/19/2011
NISTIR	7788	Security Risk Analysis of Enterprise Networks Using Probabilistic Attack Graphs	使用概率攻击图的企业网络安全风险分析	Final	8/01/2011
NISTIR	7815	Access Control for SAR Systems	SAR系统的访问控制	Final	7/01/2011
ITL Bulletin		Guidelines for Protecting Basic Input/Output System (BIOS) Firmware	保护基本输入/输出系统（BIOS）固件的准则	Final	6/28/2011
NISTIR	7791	Conformance Test Architecture and Test Suite for ANSI/NIST-ITL 1-2007	ANSI / NIST-ITL 1-2007的一致性测试体系结构和测试套件	Final	6/22/2011
NISTIR	7694	Specification for Asset Reporting Format 1.1	资产报告格式规范1.1	Final	6/21/2011
White Paper		A depth-16 circuit for the AES S-box	AES S盒的深度16电路	Final	6/17/2011
NISTIR	7693	Specification for Asset Identification 1.1	资产识别规范1.1	Final	6/17/2011
NISTIR	7751	Computer Security Division 2010 Annual Report	计算机安全司2010年度报告	Final	5/31/2011
ITL Bulletin		Using Security Configuration Checklists and the National Checklist Program	使用安全配置清单和国家清单清单程序	Final	5/25/2011
SP	800-147	BIOS Protection Guidelines	BIOS保护准则	Final	4/29/2011
ITL Bulletin		Full Virtualization Technologies: Guidelines for Secure Implementation and Management	完全虚拟化技术：安全实施和管理准则	Final	4/25/2011
NISTIR	7692	Specification for the Open Checklist Interactive Language (OCIL) Version 2.0	开放清单交互语言（OCIL）2.0版规范	Final	4/07/2011
White Paper		Assessing SCRM Capabilities and Perspectives of the IT Vendor Community: Toward a Cyber-Supply Chain Code of Practice	评估SCRM能力和IT供应商社区的观点：迈向网络供应链实践准则	Final	4/01/2011
ITL Bulletin		Managing Information Security Risk: Organization, Mission and Information System View	管理信息安全风险：组织，任务和信息系统视图	Final	3/22/2011
SP	800-39	Managing Information Security Risk: Organization, Mission, and Information System View	管理信息安全风险：组织，任务和信息系统视图	Final	3/01/2011
NISTIR	7771	Conformance Test Architecture for Biometric Data Interchange Formats - Version Beta 2.0	生物识别数据交换格式的一致性测试体系结构-Beta 2.0版	Final	2/28/2011
SP	800-51 Rev. 1	Guide to Using Vulnerability Naming Schemes	使用漏洞命名方案的指南	Final	2/25/2011
SP	800-126 Rev. 1	The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.1	安全内容自动化协议（SCAP）的技术规范：SCAP版本1.1	Final	2/25/2011
NISTIR	7764	Status Report on the Second Round of the SHA-3 Cryptographic Hash Algorithm Competition	SHA-3密码哈希算法竞赛第二轮状态报告	Final	2/23/2011
NISTIR	7770	Security Considerations for Remote Electronic UOCAVA Voting	远程电子UOCAVA投票的安全注意事项	Final	2/21/2011
ITL Bulletin		Internet Protocol Version 6 (IPv6): NIST Guidelines Help Organizations Manage the Secure Deployment of the New Network Protocol	Internet协议版本6（IPv6）：NIST指南可帮助组织管理新网络协议的安全部署	Final	1/31/2011
SP	800-125	Guide to Security for Full Virtualization Technologies	完整虚拟化技术的安全性指南	Final	1/28/2011
SP	800-119	Guidelines for the Secure Deployment of IPv6	安全部署IPv6的准则	Final	12/29/2010
ITL Bulletin		Securing WiMAX Wireless Communications	保护WiMAX无线通信	Final	12/27/2010
NISTIR	7502	The Common Configuration Scoring System (CCSS): Metrics for Software Security Configuration Vulnerabilities	通用配置评分系统（CCSS）：软件安全配置漏洞的衡量指标	Final	12/27/2010
SP	800-132	Recommendation for Password-Based Key Derivation: Part 1: Storage Applications	基于密码的密钥派生建议：第1部分：存储应用程序	Final	12/22/2010
White Paper		Economic Analysis of Role-Based Access Control: Final Report	基于角色的访问控制的经济分析：最终报告	Final	12/19/2010
ITL Bulletin		The Exchange of Health Information: Designing a Security Architecture to Provide Information Security and Privacy	健康信息的交换：设计提供信息安全性和隐私性的安全体系结构	Final	11/23/2010
SP	800-34 Rev. 1	Contingency Planning Guide for Federal Information Systems	联邦信息系统应急计划指南	Final	11/11/2010
NISTIR	7773	An Application of Combinatorial Methods to Conformance Testing for Document Object Model Events	组合方法在文档对象模型事件一致性测试中的应用	Final	11/01/2010
SP	800-38A Addendum	Recommendation for Block Cipher Modes of Operation: Three Variants of Ciphertext Stealing for CBC Mode	分组密码操作模式的建议：CBC模式的三种密文窃取方式	Final	10/21/2010
SP	800-142	Practical Combinatorial Testing	实用组合测试	Final	10/07/2010
NISTIR	7497	Security Architecture Design Process for Health Information Exchanges (HIEs)	健康信息交换（HIE）的安全体系结构设计过程	Final	9/30/2010
ITL Bulletin		Security Content Automation Protocol (SCAP): Helping Organizations Maintain and Verify the Security of Their Information Systems	安全内容自动化协议（SCAP）：帮助组织维护和验证其信息系统的安全性	Final	9/27/2010
NISTIR	7601	Framework for Emergency Response Officials (ERO): Authentication and Authorization Infrastructure	紧急响应官员（ERO）框架：身份验证和授权基础结构	Final	8/31/2010
ITL Bulletin		Contingency Planning for Information Systems: Updated Guide for Federal Organizations	信息系统应急计划：联邦组织的最新指南	Final	7/20/2010
NISTIR	7559	Forensics Web Services (FWS)	取证Web服务（FWS）	Final	6/30/2010
ITL Bulletin		How to Identify Personnel with Significant Responsibilities for Information Security	如何识别对信息安全负有重大责任的人员	Final	6/22/2010
NISTIR	7676	Maintaining and Using Key History on Personal Identity Verification (PIV) Cards	维护和使用个人身份验证（PIV）卡上的密钥历史记录	Final	6/18/2010
SP	800-22 Rev. 1a	A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications	用于密码学应用的随机和伪随机数生成器的统计测试套件	Final	4/30/2010
ITL Bulletin		Guide to Protecting Personally Identifiable Information	保护个人身份信息指南	Final	4/28/2010
SP	800-122	Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)	保护个人身份信息（PII）机密性指南	Final	4/06/2010
NISTIR	7657	A Report on the Privilege (Access) Management Workshop	特权（访问）管理研讨会的报告	Final	3/30/2010
ITL Bulletin		Revised Guide Helps Federal Organizations Improve Their Risk Management Practices and Information System Security	经修订的指南可帮助联邦组织改善其风险管理实践和信息系统安全性	Final	3/29/2010
NISTIR	7653	Computer Security Division 2009 Annual Report	计算机安全司2009年度报告	Final	3/23/2010
ITL Bulletin		Secure Management of Keys in Cryptographic Applications: Guidance for Organizations	加密应用程序中密钥的安全管理：组织指南	Final	2/24/2010
NISTIR	7658	Guide to SIMfill Use and Development	SIMfill使用和开发指南	Final	2/24/2010
ITL Bulletin		Security Metrics: Measurements to Support the Continued Development of Information Security Technology	安全指标：支持信息安全技术持续发展的措施	Final	1/27/2010
SP	800-38E	Recommendation for Block Cipher Modes of Operation: the XTS-AES Mode for Confidentiality on Storage Devices	块密码模式的建议：存储设备的机密性的XTS-AES模式	Final	1/18/2010
NISTIR	7609	Cryptographic Key Management Workshop Summary -- June 8-9, 2009	加密密钥管理研讨会摘要-2009年6月8日至9日	Final	1/08/2010
NISTIR	7665	Proceedings of the Privilege Management Workshop, September 1-3, 2009	特权管理研讨会论文集，2009年9月1-3日	Final	1/01/2010
ITL Bulletin		Cybersecurity Fundamentals for Small Business Owners	小型企业所有者的网络安全基础知识	Final	11/19/2009
ITL Bulletin		Protecting Information Systems with Firewalls: Revised Guidelines on Firewall Technologies and Policies	使用防火墙保护信息系统：修订的防火墙技术和策略指南	Final	10/29/2009
NISTIR	7617	Mobile Forensic Reference Materials: a Methodology and Reification	流动取证参考材料：方法论和修正	Final	10/14/2009
SP	800-108	Recommendation for Key Derivation Using Pseudorandom Functions (Revised)	使用伪随机函数推导密钥的建议（修订版）	Final	10/01/2009
NISTIR	7581	System and Network Security Acronyms and Abbreviations	系统和网络安全首字母缩写词和缩写	Final	9/30/2009
SP	800-41 Rev. 1	Guidelines on Firewalls and Firewall Policy	防火墙和防火墙策略准则	Final	9/28/2009
SP	800-102	Recommendation for Digital Signature Timeliness	关于数字签名及时性的建议	Final	9/23/2009
NISTIR	7620	Status Report on the First Round of the SHA-3 Cryptographic Hash Algorithm Competition	SHA-3密码哈希算法竞赛第一轮状态报告	Final	9/23/2009
NISTIR	7611	Use of ISO/IEC 24727	使用ISO / IEC 24727	Final	8/14/2009
ITL Bulletin		Risk Management Framework: Helping Organizations Implement Effective Information Security Programs	风险管理框架：帮助组织实施有效的信息安全计划	Final	7/23/2009
NISTIR	7564	Directions in Security Metrics Research	安全指标研究的方向	Final	4/30/2009
ITL Bulletin		The Cryptographic Hash Algorithm Family: Revision of the Secure Hash Standard and Ongoing Competition for New Hash Algorithms	密码哈希算法系列：安全哈希标准的修订以及新哈希算法的持续竞争	Final	3/25/2009
NISTIR	7536	Computer Security Division 2008 Annual Report	计算机安全司2008年度报告	Final	3/16/2009
ITL Bulletin		Using Personal Identity Verification (Piv) Credentials in Physical Access Control Systems (PACS)	在物理访问控制系统（PACS）中使用个人身份验证（Piv）凭据	Final	2/26/2009
SP	800-106	Randomized Hashing for Digital Signatures	数字签名的随机散列	Final	2/25/2009
NISTIR	7539	Symmetric Key Injection onto Smart Cards	将对称密钥注入智能卡	Final	12/22/2008
NISTIR	7551	A Threat Analysis on UOCAVA Voting Systems	UOCAVA投票系统的威胁分析	Final	12/19/2008
ITL Bulletin		Guide to Information Security Testing and Assessment	信息安全测试与评估指南	Final	12/18/2008
SP	800-66 Rev. 1	An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule	实施《健康保险可移植性和责任法案》（HIPAA）安全规则的入门资源指南	Final	10/23/2008
ITL Bulletin		Keeping Information Technology (IT) System Servers Secure: A General Guide to Good Practices	确保信息技术（IT）系统服务器的安全：良好实践通则	Final	10/15/2008
SP	800-115	Technical Guide to Information Security Testing and Assessment	信息安全测试与评估技术指南	Final	9/30/2008
ITL Bulletin		Using Performance Measurements to Evaluate and Strengthen Information System Security	使用性能度量来评估和增强信息系统安全性	Final	9/18/2008
NISTIR	7516	Forensic Filtering of Cell Phone Protocols	手机协议的取证过滤	Final	8/27/2008
SP	800-22 Rev. 1	A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications	用于密码学应用的随机和伪随机数生成器的统计测试套件	Final	8/01/2008
SP	800-60 Vol. 2 Rev. 1	Guide for Mapping Types of Information and Information Systems to Security Categories: Appendices	将信息和信息系统的类型映射到安全类别的指南：附录	Final	8/01/2008
SP	800-60 Vol. 1 Rev. 1	Guide for Mapping Types of Information and Information Systems to Security Categories	将信息和信息系统的类型映射到安全类别的指南	Final	8/01/2008
SP	800-123	Guide to General Server Security	通用服务器安全性指南	Final	7/25/2008
ITL Bulletin		Guidelines on Implementing A Secure Sockets Layer (SSL) Virtual Private Network (VPN)	实施安全套接字层（SSL）虚拟专用网（VPN）的准则	Final	7/23/2008
FIPS	198-1	The Keyed-Hash Message Authentication Code (HMAC)	密钥哈希消息认证码（HMAC）	Final	7/16/2008
SP	800-55 Rev. 1	Performance Measurement Guide for Information Security	信息安全性能评估指南	Final	7/16/2008
SP	800-113	Guide to SSL VPNs	SSL VPN指南	Final	7/01/2008
ITL Bulletin		New Cryptographic Hash Algorithm Family: NIST Holds a Public Competition to Find New Algorithms	新的密码哈希算法系列：NIST举行公开比赛以寻找新算法	Final	5/28/2008
ITL Bulletin		Using Active Content and Mobile Code and Safeguarding the Security of Information Technology Systems	使用活动内容和移动代码并保护信息技术系统的安全	Final	4/24/2008
NISTIR	7442	Computer Security Division 2007 Annual Report	计算机安全司2007年度报告	Final	4/01/2008
SP	800-28 Version 2	Guidelines on Active Content and Mobile Code	有效内容和移动代码准则	Final	3/07/2008
ITL Bulletin		Federal Desktop Core Configuration (FDCC): Improving Security for Windows Desktop Operating Systems	联邦桌面核心配置（FDCC）：提高Windows桌面操作系统的安全性	Final	2/27/2008
ITL Bulletin		Secure Web Servers Protecting Web Sites that are Accessed by the Public	安全的Web服务器保护公众访问的网站	Final	1/31/2008
NISTIR	7275 Rev. 3	Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.1.4	可扩展配置清单描述格式（XCCDF）版本1.1.4的规范	Final	1/01/2008
NISTIR	7452	Secure Biometric Match-on-Card Feasibility Report	安全生物识别卡片匹配可行性报告	Final	11/30/2007
SP	800-38D	Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC	块密码模式的建议：伽罗瓦/计数器模式（GCM）和GMAC	Final	11/28/2007
ITL Bulletin		Using Storage Encryption Technologies to Protect End User Devices	使用存储加密技术保护最终用户设备	Final	11/26/2007
SP	800-111	Guide to Storage Encryption Technologies for End User Devices	最终用户设备的存储加密技术指南	Final	11/15/2007
ITL Bulletin		The Common Vulnerability Scoring System (CVSS)	通用漏洞评分系统（CVSS）	Final	10/25/2007
SP	800-44 Version 2	Guidelines on Securing Public Web Servers	保护公共Web服务器的准则	Final	10/09/2007
NISTIR	7427	6th Annual PKI R&D Workshop "Applications-Driven PKI" Proceedings	第六届PKI年度研发研讨会“应用驱动的PKI”会议记录	Final	9/13/2007
NISTIR	7435	The Common Vulnerability Scoring System (CVSS) and its Applicability to Federal Agency Systems	通用漏洞评分系统（CVSS）及其对联邦机构系统的适用性	Final	8/30/2007
SP	800-95	Guide to Secure Web Services	安全Web服务指南	Final	8/29/2007
ITL Bulletin		Secure Web Services	安全的网络服务	Final	8/23/2007
SP	800-38C	Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality	分组密码操作模式的建议：身份验证和机密性的CCM模式	Final	7/20/2007
ITL Bulletin		Forensic Techniques for Cell Phones	手机取证技术	Final	6/27/2007
ITL Bulletin		Securing Radio Frequency Identification (RFID) Systems	保护射频识别（RFID）系统	Final	5/17/2007
NISTIR	7275 Rev. 2	Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.1.3	可扩展配置清单描述格式（XCCDF）版本1.1.3的规范	Final	4/30/2007
SP	800-98	Guidelines for Securing Radio Frequency Identification (RFID) Systems	保护射频识别（RFID）系统的准则	Final	4/06/2007
ITL Bulletin		Improving The Security of Electronic Mail: Updated Guidelines Issued by NIST	提高电子邮件的安全性：NIST发布的更新指南	Final	3/28/2007
NISTIR	7399	Computer Security Division 2006 Annual Report	计算机安全司2006年度报告	Final	3/21/2007
NISTIR	7387	Cell Phone Forensic Tools: an Overview and Analysis Update	手机取证工具：概述和分析更新	Final	3/21/2007
SP	800-100	Information Security Handbook: A Guide for Managers	信息安全手册：经理指南	Final	3/07/2007
ITL Bulletin		Intrusion Detection and Prevention Systems	入侵检测与防御系统	Final	2/26/2007
SP	800-45 Version 2	Guidelines on Electronic Mail Security	电子邮件安全准则	Final	2/20/2007
SP	800-94	Guide to Intrusion Detection and Prevention Systems (IDPS)	入侵检测和防御系统（IDPS）指南	Final	2/20/2007
SP	800-97	Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i	建立无线健壮的安全网络：IEEE 802.11i指南	Final	2/07/2007
NISTIR	7359	Information Security Guide for Government Executives	政府主管人员信息安全指南	Final	1/01/2007
NISTIR	7358	Program Review for Information Security Management Assistance (PRISMA)	信息安全管理援助计划审查（PRISMA）	Final	1/01/2007
SP	800-96	PIV Card to Reader Interoperability Guidelines	PIV卡与读取器的互操作性指南	Final	12/29/2006
ITL Bulletin		Maintaining Effective Information Technology (IT) Security Through Test, Training, and Exercise Programs	通过测试，培训和演习计划维护有效的信息技术（IT）安全	Final	12/19/2006
SP	800-89	Recommendation for Obtaining Assurances for Digital Signature Applications	获得数字签名应用保证的建议	Final	11/30/2006
ITL Bulletin		Guide to Securing Computers Using Windows XP Home Edition	使用Windows XP Home Edition保护计算机安全的指南	Final	11/22/2006
NISTIR	7275	Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.1	可扩展配置清单描述格式（XCCDF）版本1.1的规范	Final	11/01/2006
ITL Bulletin		Log Management: Using Computer and Network Records to Improve Information Security	日志管理：使用计算机和网络记录来提高信息安全性	Final	10/25/2006
NISTIR	7316	Assessment of Access Control Systems	评估访问控制系统	Final	9/29/2006
ITL Bulletin		Forensic Techniques: Helping Organizations Improve Their Responses to Information Security Incidents	法证技术：帮助组织改善对信息安全事件的响应	Final	9/27/2006
SP	800-84	Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities	IT计划和功能的测试，培训和练习计划指南	Final	9/21/2006
SP	800-92	Guide to Computer Security Log Management	计算机安全日志管理指南	Final	9/13/2006
SP	800-86	Guide to Integrating Forensic Techniques into Incident Response	将法医技术整合到事件响应中的指南	Final	9/01/2006
NISTIR	7337	Personal Identity Verification Demonstration Summary	个人身份验证演示摘要	Final	8/31/2006
ITL Bulletin		Protecting Sensitive Information Processed and Stored in Information Technology (IT) Systems	保护在信息技术（IT）系统中处理和存储的敏感信息	Final	8/30/2006
SP	800-85B	PIV Data Model Test Guidelines	PIV数据模型测试准则	Final	7/31/2006
NISTIR	7313	5th Annual PKI R&D Workshop "Making PKI Easy to Use" Proceedings	第五届PKI年度研发研讨会“使PKI易于使用”会议记录	Final	7/18/2006
ITL Bulletin		Protecting Sensitive Information Transmitted in Public Networks	保护在公共网络中传输的敏感信息	Final	4/21/2006
ITL Bulletin		Minimum Security Requirements for Federal Information and Information Systems: Federal Information Processing Standard (FIPS) 200 Approved by the Secretary of Commerce	联邦信息和信息系统的最低安全要求：商务部长批准的联邦信息处理标准（FIPS）200	Final	3/24/2006
NISTIR	7308	An Algorithm for Generating Very Large Covering Arrays	生成非常大的覆盖数组的算法	Final	3/20/2006
NISTIR	7290	Fingerprint Identification and Mobile Handheld Devices: An Overview and Implementation	指纹识别和移动手持设备：概述和实现	Final	3/01/2006
FIPS	200	Minimum Security Requirements for Federal Information and Information Systems	联邦信息和信息系统的最低安全要求	Final	3/01/2006
SP	800-18 Rev. 1	Guide for Developing Security Plans for Federal Information Systems	联邦信息系统安全计划制定指南	Final	2/24/2006
ITL Bulletin		Creating a Program to Manage Security Patches and Vulnerabilities: NIST Recommendations for Improving System Security	创建程序来管理安全补丁和漏洞：NIST关于提高系统安全性的建议	Final	2/15/2006
NISTIR	7285	Computer Security Division 2005 Annual Report	计算机安全司2005年度报告	Final	2/01/2006
ITL Bulletin		Testing and Validation of Personal Identity Verification (PIV) Components and Subsystems for Conformance to Federal Information Processing Standard 201	测试和验证个人身份验证（PIV）组件和子系统是否符合联邦信息处理标准201	Final	1/25/2006
NISTIR	7284	Personal Identity Verification Card Management Report	个人身份验证卡管理报告	Final	1/06/2006
NISTIR	7250	Cell Phone Forensic Tools: an Overview and Analysis	手机取证工具：概述和分析	Final	10/19/2005
NISTIR	7219	Computer Security Division 2004 Annual Report	计算机安全司2004年度报告	Final	8/01/2005
NISTIR	7224	4th Annual PKI R&D Workshop "Multiple Paths to Trust" Proceedings	第四届PKI年度研发研讨会“多途径信任”会议记录	Final	8/01/2005
ITL Bulletin		Implementation of FIPS 201, Personal Identity Verification (PIV) of Federal Employees and Contractors	实施FIPS 201，联邦雇员和承包商的个人身份验证（PIV）	Final	8/01/2005
NISTIR	7206	Smart Cards and Mobile Device Authentication: an Overview and Implementation	智能卡和移动设备身份验证：概述和实现	Final	7/01/2005
NISTIR	7200	Proximity Beacons and Mobile Device Authentication: an Overview and Implementation	邻近信标和移动设备身份验证：概述和实现	Final	6/01/2005
ITL Bulletin		Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule	实施《健康保险携带与责任法案（HIPAA）安全规则》	Final	4/01/2005
ITL Bulletin		Integrating IT Security into the Capital Planning and Investment Control Process	将IT安全集成到资本计划和投资控制流程中	Final	1/27/2005
NISTIR	7188	Specification for the Extensible Configuration Checklist Description Format (XCCDF)	可扩展配置清单描述格式（XCCDF）规范	Final	1/01/2005
SP	800-58	Security Considerations for Voice Over IP Systems	IP语音系统的安全注意事项	Final	1/01/2005
SP	800-72	Guidelines on PDA Forensics	PDA取证准则	Final	11/01/2004
ITL Bulletin		Understanding the New NIST Standards and Guidelines Required by FISMA: How Three Mandated Documents are Changing the Dynamic of Information Security for the Federal Government	了解FISMA要求的新NIST标准和指南：三份强制性文件如何改变联邦政府信息安全的动态	Final	11/01/2004
ITL Bulletin		Securing Voice Over Internet Protocol (IP) Networks	保护互联网协议（IP）网络上的语音	Final	10/01/2004
NISTIR	7122	3rd Annual PKI Research Workshop Proceedings	第三届PKI年度研究研讨会论文集	Final	9/08/2004
ITL Bulletin		Information Security Within the System Development Life Cycle (SDLC)	系统开发生命周期（SDLC）中的信息安全	Final	9/01/2004
NISTIR	7100	PDA Forensic Tools: an Overview and Analysis	PDA取证工具：概述和分析	Final	8/01/2004
ITL Bulletin		Information Technology Security Services: How to Select, Implement, and Manage	信息技术安全服务：如何选择，实施和管理	Final	6/01/2004
NISTIR	7111	Computer Security Division 2003 Annual Report	计算机安全司2003年度报告	Final	4/30/2004
ITL Bulletin		Selecting Information Technology Security Products	选择信息技术安全产品	Final	4/28/2004
NISTIR	6529-A	Common Biometric Exchange Formats Framework (CBEFF)	通用生物特征识别交换格式框架（CBEFF）	Final	4/05/2004
NISTIR	7085	2nd Annual PKI Research Workshop Proceedings	第二届PKI年度研究研讨会论文集	Final	4/01/2004
ITL Bulletin		Federal Information Processing Standard (FIPS) 199, Standards for Security Categorization of Federal Information and Information Systems	联邦信息处理标准（FIPS）199，联邦信息和信息系统安全分类标准	Final	3/01/2004
NISTIR	7056	Card Technology Developments and Gap Analysis Interagency Report	卡技术发展与差距分析跨机构报告	Final	3/01/2004
FIPS	199	Standards for Security Categorization of Federal Information and Information Systems	联邦信息和信息系统安全分类标准	Final	2/01/2004
NISTIR	7059	1st Annual PKI Research Workshop Proceedings	第一届PKI年度研究研讨会论文集	Final	11/12/2003
ITL Bulletin		Information Technology Security Awareness, Training, Education, and Certification	信息技术安全意识，培训，教育和认证	Final	10/15/2003
SP	800-35	Guide to Information Technology Security Services	信息技术安全服务指南	Final	10/09/2003
SP	800-50	Building an Information Technology Security Awareness and Training Program	建立信息技术安全意识和培训计划	Final	10/01/2003
SP	800-59	Guideline for Identifying an Information System as a National Security System	将信息系统识别为国家安全系统的准则	Final	8/20/2003
NISTIR	7046	A Framework for Multi-mode Authentication: Overview and Implementation Guide	多模式身份验证框架：概述和实施指南	Final	8/01/2003
NISTIR	6887 2003 Edition	Government Smart Card Interoperability Specification, Version 2.1	政府智能卡互操作性规范，版本2.1	Final	7/16/2003
NISTIR	7007	An Overview of Issues in Testing Intrusion Detection Systems	测试入侵检测系统的问题概述	Final	7/11/2003
ITL Bulletin		Testing Intrusion Detection Systems	测试入侵检测系统	Final	7/01/2003
NISTIR	7030	Picture Password: A Visual Login Technique for Mobile Devices	图片密码：移动设备的可视登录技术	Final	7/01/2003
NISTIR	6977	Vulnerabilities in Quantum Key Distribution Protocols	量子密钥分发协议中的漏洞	Final	5/01/2003
NISTIR	6985	COTS Security Protection Profile - Operating Systems (CSPP-OS) (Worked Example Applying Guidance of NISTIR-6462, CSPP) Version 1.0	COTS安全保护配置文件-操作系统（CSPP-OS）（应用NISTIR-6462，CSPP指导的工作示例）版本1.0	Final	4/01/2003
NISTIR	6981	Policy Expression and Enforcement for Handheld Devices	手持设备的策略表达和执行	Final	4/01/2003
ITL Bulletin		Secure Interconnections for Information Technology Systems	信息技术系统的安全互连	Final	2/26/2003
FIPS	140-2	Security Requirements for Cryptographic Modules	加密模块的安全要求	Final	12/03/2002
SP	800-49	Federal S/MIME V3 Client Profile	联邦S / MIME V3客户端配置文件	Final	11/05/2002
SP	800-47	Security Guide for Interconnecting Information Technology Systems	互连信息技术系统的安全指南	Final	9/01/2002
ITL Bulletin		Techniques for System and Data Recovery	系统和数据恢复技术	Final	4/01/2002
White Paper		The Economic Impact of Role-Based Access Control	基于角色的访问控制的经济影响	Final	3/01/2002
SP	800-38A	Recommendation for Block Cipher Modes of Operation: Methods and Techniques	分组密码操作模式的建议：方法和技术	Final	12/01/2001
FIPS	197	Advanced Encryption Standard (AES)	高级加密标准（AES）	Final	11/26/2001
White Paper		The Economic Impacts of NIST's Data Encryption Standard (DES) Program	NIST数据加密标准（DES）计划的经济影响	Final	10/01/2001
White Paper		Report on the Second Modes of Operation Workshop	第二种运作方式研讨会报告	Final	10/01/2001
SP	800-32	Introduction to Public Key Technology and the Federal PKI Infrastructure	公钥技术和联邦PKI基础结构简介	Final	2/26/2001
White Paper		Report on the Symmetric Key Block Cipher Modes of Operation Workshop	对称密钥块密码操作模式研讨会报告	Final	12/01/2000
White Paper		Federal Information Technology Security Assessment Framework	联邦信息技术安全评估框架	Final	11/28/2000
SP	800-25	Federal Agency Use of Public Key Technology for Digital Signatures and Authentication	联邦机构使用公钥技术进行数字签名和认证	Final	10/01/2000
NISTIR	6483	Randomness Testing of the Advanced Encryption Standard Finalist Candidates	高级加密标准决赛入围者的随机性测试	Final	4/01/2000
White Paper		Report of the Workshop on Key Management Using Public Key Cryptography	使用公共密钥密码学进行密钥管理研讨会的报告	Final	2/28/2000
NISTIR	6462	CSPP - Guidance for COTS Security Protection Profiles (Formerly: CS2 - Protection Profile Guidance for Near-Term COTS) Version 1.0	CSPP-COTS安全保护配置文件指南（以前：CS2-短期COTS保护配置文件指南）版本1.0	Final	12/01/1999
NISTIR	6416	Applying Mobile Agents to Intrusion Detection and Response	将移动代理应用于入侵检测和响应	Final	10/01/1999
NISTIR	6390	Randomness Testing of the Advanced Encryption Standard Candidate Algorithms	高级加密标准候选算法的随机性测试	Final	9/01/1999
NISTIR	6192	A Revised Model for Role Based Access Control	基于角色的访问控制的修订模型	Final	7/09/1998
SP	800-16	Information Technology Security Training Requirements: a Role- and Performance-Based Model	信息技术安全培训要求：基于角色和绩效的模型	Final	4/01/1998
SP	800-15	MISPC Minimum Interoperability Specification for PKI Components, Version 1	MISPC最小互操作性规范，用于PKI组件，版本1	Final	1/01/1998
NISTIR	6068	Report on the TMACH Experiment	关于TMACH实验的报告	Final	7/01/1997
NISTIR	5820	Distributed Communication Methods and Role-Based Access Control for Use in Health Care Applications	用于医疗保健应用程序的分布式通信方法和基于角色的访问控制	Final	4/01/1996
NISTIR	5788	Public Key Infrastructure Invitational Workshop September 28, 1995, MITRE Corporation, McLean, Virginia	公钥基础结构邀请研讨会，1995年9月28日，MITRE公司，弗吉尼亚州麦克莱恩	Final	11/01/1995
NISTIR	5540	Multi-Agency Certification and Accreditation (C&A) Process: A Worked Example	多机构认证和鉴定（C＆A）流程：一个可行的示例	Final	12/01/1994
NISTIR	5570	An Assessment of the DOD Goal Security Architecture (DGSA) for Non-Military Use	国防部非军事用途目标安全架构（DGSA）的评估	Final	11/01/1994
NISTIR	5472	A Head Start on Assurance: Proceedings of an Invitational Workshop on Information Technology (IT) Assurance and Trustworthiness, March 21-23, 1994	保证的开端：1994年3月21日至23日举行的信息技术（IT）保证与信任邀请研讨会的议事录	Final	8/01/1994
NISTIR	5468	Report of the NIST Workshop on Key Escrow Encryption	NIST密钥托管加密研讨会报告	Final	6/01/1994
NISTIR	5590	Proceedings Report of the International Invitation Workshop on Developmental Assurance	发展保证国际邀请研讨会的会议记录报告	Final	6/01/1994
White Paper		Auditing Password Usage	审核密码使用情况	Final	9/01/1988
White Paper		DoD Rainbow Series	国防部彩虹系列	Final	12/26/1985
White Paper	NBS Technical Note (TN) 906	A Methodology for Evaluating Alternative Technical and Information Management Approaches to Privacy Requirements	评估隐私要求的替代技术和信息管理方法的方法论	Final	6/01/1976
White Paper	NBS Technical Note (TN) 876	Exploring Privacy and Data Security Costs: A Summary of a Workshop	探索隐私和数据安全成本：研讨会总结	Final	8/01/1975
White Paper	NBS Technical Note (TN) 827	Controlled Accessibility Workshop Report	受控辅助功能研讨会报告	Final	5/01/1974
White Paper	NBS Technical Note (TN) 809	Government Looks at Privacy and Security in Computer Systems: Summary of a Conference held at the National Bureau of Standards, Gaithersburg, Maryland, November 19-20, 1973	政府关注计算机系统的隐私和安全性：1973年11月19日至20日在马里兰州盖瑟斯堡国家标准局举行的会议摘要	Final	2/01/1974
White Paper	NBS Technical Note (TN) 780	Controlled Accessibility Bibliography	受控无障碍书目	Final	6/01/1973
	8278A	National Cybersecurity Online Informative References (OLIR) Program: Submission Guidance for OLIR Developers	国家网络安全在线信息参考（OLIR）程序：针对OLIR开发人员的提交指南		8/04/2020
NISTIR	8278	National Cybersecurity Online Informative References (OLIR) Program: Program Overview and OLIR Uses (2nd Draft)	国家网络安全在线信息参考（OLIR）计划：计划概述和OLIR使用（第二稿）	Draft	8/04/2020
SP	800-53B	Control Baselines for Information Systems and Organizations	信息系统和组织的控制基准	Draft	7/31/2020
SP	800-209	Security Guidelines for Storage Infrastructure	存储基础结构安全准则	Draft	7/21/2020
SP	800-181 Rev. 1	Workforce Framework for Cybersecurity (NICE Framework)	网络安全劳动力框架（NICE框架）	Draft	7/15/2020
NISTIR	8286	Integrating Cybersecurity and Enterprise Risk Management (ERM) (2nd Draft)	整合网络安全与企业风险管理（ERM）（第二稿）	Draft	7/09/2020
SP	800-172	Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171 (Final Public Draft)	保护受控的未分类信息的增强的安全性要求：NIST特别出版物800-171（最终公共草案）的补充	Draft	7/06/2020
SP	800-63-4	PRE-DRAFT Call for Comments: Digital Identity Guidelines	征求意见稿：数字身份准则	Draft	6/08/2020
White Paper		Getting Ready for Post-Quantum Cryptography: Explore Challenges Associated with Adoption and Use of Post-Quantum Cryptographic Algorithms	准备进行量子后密码学：探索与采用和使用量子后密码算法相关的挑战	Draft	5/26/2020
White Paper		Hardware-Enabled Security for Server Platforms: Enabling a Layered Approach to Platform Security for Cloud and Edge Computing Use Cases	服务器平台的硬件启用安全性：为云和边缘计算用例启用分层的平台安全性方法	Draft	4/28/2020
SP	1800-19	Trusted Cloud: Security Practice Guide for VMware Hybrid Cloud Infrastructure as a Service (IaaS) Environments	可信云：VMware混合云基础架构即服务（IaaS）环境的安全实践指南	Draft	4/13/2020
White Paper		Methodology for Characterizing Network Behavior of Internet of Things Devices	表征物联网设备网络行为的方法	Draft	4/01/2020
SP	800-56C Rev. 2	Recommendation for Key-Derivation Methods in Key-Establishment Schemes	密钥建立方案中密钥导出方法的建议	Draft	3/24/2020
SP	800-124 Rev. 2	Guidelines for Managing the Security of Mobile Devices in the Enterprise	企业中移动设备安全性管理准则	Draft	3/24/2020
White Paper		[Project Description] Implementing a Zero Trust Architecture	[项目描述]实现零信任架构	Draft	3/17/2020
SP	800-53 Rev. 5	Security and Privacy Controls for Information Systems and Organizations (Final Public Draft)	信息系统和组织的安全和隐私控制（最终公开草案）	Draft	3/16/2020
NISTIR	8272	Impact Analysis Tool for Interdependent Cyber Supply Chain Risks	相互依赖的网络供应链风险的影响分析工具	Draft	3/13/2020
NISTIR	8183 Rev. 1	Cybersecurity Framework Version 1.1 Manufacturing Profile	网络安全框架版本1.1制造概要	Draft	3/04/2020
SP	800-207	Zero Trust Architecture (2nd Draft)	零信任架构（第二稿）	Draft	2/13/2020
NISTIR	8246	National Vulnerability Database (NVD) Metadata Submission Guidelines for Common Vulnerabilities and Exposures (CVE) Numbering Authorities (CNAs) and Authorized Data Publishers	常见漏洞和披露（CVE）编号颁发机构（CNA）和授权数据发布者的国家漏洞数据库（NVD）元数据提交准则	Draft	2/10/2020
SP	800-161 Rev. 1	PRE-DRAFT Call for Comments: Supply Chain Risk Management Practices for Federal Information Systems and Organizations	草案前征求意见：联邦信息系统和组织的供应链风险管理实践	Draft	2/04/2020
NISTIR	8276	Key Practices in Cyber Supply Chain Risk Management: Observations from Industry	网络供应链风险管理的关键实践：行业观察	Draft	2/04/2020
SP	1800-26	Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events	数据完整性：检测并响应勒索软件和其他破坏性事件	Draft	1/27/2020
SP	1800-25	Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events	数据完整性：识别和保护资产免受勒索软件和其他破坏性事件的侵害	Draft	1/27/2020
SP	800-208	Recommendation for Stateful Hash-Based Signature Schemes	有状态的基于哈希的签名方案的建议	Draft	12/11/2019
White Paper		[Project Description] Validating the Integrity of Servers and Client Devices: Supply Chain Assurance	[项目描述]验证服务器和客户端设备的完整性：供应链保证	Draft	11/22/2019
SP	1800-15	Securing Small Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage Description (MUD)	保护小型企业和家庭物联网（IoT）设备的安全：使用制造商使用说明（MUD）缓解基于网络的攻击	Draft	11/21/2019
FIPS	186-5	Digital Signature Standard (DSS)	数字签名标准（DSS）	Draft	10/31/2019
SP	800-186	Recommendations for Discrete Logarithm-Based Cryptography: Elliptic Curve Domain Parameters	基于离散对数密码的建议：椭圆曲线域参数	Draft	10/31/2019
NISTIR	8269	A Taxonomy and Terminology of Adversarial Machine Learning	对抗机器学习的分类和术语	Draft	10/30/2019
White Paper		[Project Description] Improving Cybersecurity of Managed Service Providers (Supporting Small- and Medium-Sized Businesses)	[项目描述]改善托管服务提供商的网络安全性（支持中小型企业）	Draft	10/08/2019
NISTIR	8267	Security Review of Consumer Home Internet of Things (IoT) Products	消费者家庭物联网（IoT）产品的安全性审查	Draft	10/01/2019
SP	1800-24	Securing Picture Archiving and Communication System (PACS)	保护图片存档和通信系统（PACS）	Draft	9/16/2019
SP	1800-21	Mobile Device Security: Corporate-Owned Personally-Enabled (COPE)	移动设备安全性：公司拥有的个人启用（COPE）	Draft	7/22/2019
White Paper		[Project Description] Continuous Monitoring for IT Infrastructure: Techniques for auditing user activity and detecting irregular activity events within small and medium-size businesses	[项目描述] IT基础结构的连续监视：审计用户活动并检测中小型企业中不规则活动事件的技术	Draft	6/17/2019
SP	1800-13	Mobile Application Single Sign-On: Improving Authentication for Public Safety First Responders (2nd Draft)	移动应用程序单点登录：提高公共安全第一响应者的身份验证（第二稿）	Draft	5/29/2019
White Paper		An Application of Combinatorial Methods for Explainability in Artificial Intelligence and Machine Learning	可解释性组合方法在人工智能与机器学习中的应用	Draft	5/22/2019
NISTIR	8213	A Reference for Randomness Beacons: Format and Protocol Version 2	随机信标的参考：格式和协议版本2	Draft	5/06/2019
SP	800-38G Rev. 1	Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption	分组密码操作模式的建议：保留格式的加密方法	Draft	2/28/2019
White Paper		[Project Description] Security for IoT Sensor Networks: Building Management Case Study	[项目描述] IoT传感器网络的安全性：楼宇管理案例研究	Draft	2/01/2019
SP	800-179 Rev. 1	Guide to Securing Apple macOS 10.12 Systems for IT Professionals: A NIST Security Configuration Checklist	适用于IT专业人员的Apple macOS 10.12系统安全指南：NIST安全配置清单	Draft	10/19/2018
White Paper		Internet of Things (IoT) Trust Concerns	物联网（IoT）信任问题	Draft	10/17/2018
SP	1800-18	Privileged Account Management for the Financial Services Sector	金融服务业的特权账户管理	Draft	9/28/2018
SP	800-71	Recommendation for Key Establishment Using Symmetric Block Ciphers	使用对称块密码建立密钥的建议	Draft	7/02/2018
White Paper		A Data Structure for Integrity Protection with Erasure Capability	具有擦除能力的完整性保护的数据结构	Draft	5/31/2018
White Paper		[Project Description] Energy Sector Asset Management: For Electric Utilities, Oil & Gas Industry	[项目描述]能源部门资产管理：用于电力，石油和天然气行业	Draft	1/16/2018
NISTIR	8193	National Initiative for Cybersecurity Education (NICE) Framework Work Role Capability Indicators: Indicators for Performing Work Roles	国家网络安全教育倡议（NICE）框架工作角色能力指标：履行工作角色的指标	Draft	11/08/2017
White Paper		[Project Description] Privileged Account Management: Securing Privileged Accounts for the Financial Services Sector	[项目描述]特权帐户管理：保护金融服务部门的特权帐户	Draft	10/12/2017
SP	1800-3	Attribute Based Access Control (2nd Draft)	基于属性的访问控制（第二稿）	Draft	9/20/2017
SP	1800-11	Data Integrity: Recovering from Ransomware and Other Destructive Events	数据完整性：从勒索软件和其他破坏性事件中恢复	Draft	9/06/2017
SP	1800-9	Access Rights Management for the Financial Services Sector	金融服务业的访问权限管理	Draft	8/31/2017
NISTIR	8139	Identifying Uniformity with Entropy and Divergence	用熵和散度识别均匀性	Draft	2/02/2017
SP	800-188	De-Identifying Government Datasets (2nd Draft)	取消识别政府数据集（第二稿）	Draft	12/15/2016
NISTIR	8138	Vulnerability Description Ontology (VDO): a Framework for Characterizing Vulnerabilities	漏洞描述本体（VDO）：表征漏洞的框架	Draft	9/30/2016
White Paper		[Project Description] Authentication for Law Enforcement Vehicle Systems	[项目描述]执法车辆系统认证	Draft	9/13/2016
NISTIR	8144	Assessing Threats to Mobile Devices & Infrastructure: the Mobile Threat Catalogue	评估对移动设备和基础架构的威胁：移动威胁目录	Draft	9/12/2016
White Paper		[Concept Paper] Identity and Access Management for Smart Home Devices	[概念文件]智能家居设备的身份和访问管理	Draft	6/06/2016
White Paper		[Project Description] Securing Non-Credit Card, Sensitive Consumer Data: Consumer Data Security for the Retail Sector	[项目描述]保护非信用卡，敏感的消费者数据：零售部门的消费者数据安全	Draft	5/09/2016
SP	800-90C	Recommendation for Random Bit Generator (RBG) Constructions	随机位发生器（RBG）结构的建议	Draft	4/13/2016
SP	800-154	Guide to Data-Centric System Threat Modeling	以数据为中心的系统威胁建模指南	Draft	3/14/2016
SP	800-180	NIST Definition of Microservices, Application Containers and System Virtual Machines	NIST微服务，应用程序容器和系统虚拟机的定义	Draft	2/18/2016
NISTIR	8085	Forming Common Platform Enumeration (CPE) Names from Software Identification (SWID) Tags	从软件标识（SWID）标记形成通用平台枚举（CPE）名称	Draft	12/17/2015
NISTIR	8058	Security Content Automation Protocol (SCAP) Version 1.2 Content Style Guide: Best Practices for Creating and Maintaining SCAP 1.2 Content	安全内容自动化协议（SCAP）1.2版内容样式指南：创建和维护SCAP 1.2内容的最佳做法	Draft	5/01/2015
NISTIR	8050	Executive Technical Workshop on Improving Cybersecurity and Consumer Privacy: Summary and Next Steps	执行技术研讨会，旨在提高网络安全性和消费者隐私：摘要和后续步骤	Draft	4/02/2015
SP	800-85B-4	PIV Data Model Test Guidelines	PIV数据模型测试准则	Draft	8/06/2014
NISTIR	8006	NIST Cloud Computing Forensic Science Challenges	NIST云计算法医学挑战	Draft	6/23/2014
NISTIR	7924	Reference Certificate Policy (2nd Draft)	参考证书政策（第二稿）	Draft	5/29/2014
NISTIR	7981	Mobile, PIV, and Authentication	移动，PIV和身份验证	Draft	3/07/2014
SP	500-299	NIST Cloud Computing Security Reference Architecture	NIST云计算安全参考架构	Draft	5/05/2013
SP	800-164	Guidelines on Hardware-Rooted Security in Mobile Devices	移动设备中基于硬件的安全性准则	Draft	10/31/2012
SP	800-94 Rev. 1	Guide to Intrusion Detection and Prevention Systems (IDPS)	入侵检测和防御系统（IDPS）指南	Draft	7/25/2012
NISTIR	7848	Specification for the Asset Summary Reporting Format 1.0	资产汇总报告格式1.0规范	Draft	5/07/2012
NISTIR	7800	Applying the Continuous Monitoring Technical Reference Model to the Asset, Configuration, and Vulnerability Management Domains	将持续监视技术参考模型应用于资产，配置和漏洞管理域	Draft	1/20/2012
NISTIR	7799	Continuous Monitoring Reference Model Workflow, Subsystem, and Interface Specifications	连续监控参考模型工作流程，子系统和接口规范	Draft	1/06/2012
NISTIR	7756	CAESARS Framework Extension: An Enterprise Continuous Monitoring Technical Reference Architecture	CAESARS框架扩展：企业持续监控技术参考架构	Draft	1/06/2012
SP	800-155	BIOS Integrity Measurement Guidelines	BIOS完整性测量准则	Draft	12/08/2011

DarkN0te

关注

10
点赞
踩
40

收藏

觉得还不错? 一键收藏
3
评论
NIST 网络安全相关标准美国（简单整理）

系列编号英文名中文名状态时间 ITL Bulleti 　 Security Considerations for Exchanging Files Over the Internet 通过Internet交换文件的安全注意事项 Final 8/03/2020 SP 800-210 General Access Control Guidance for Cloud Syste...
复制链接

扫一扫