(of NIST based defense)
NIST is the National Institute of Standards and Technology
SP = Special Publication
800 series = Information Technology Security
FISMA – Federal Information Security Management Act of 2002 (aka Title III of E-Govt Act of 2002, pub law 107-347) Key documents associated with FISMA: FIPS 199 – Security Categorization – [csrc.nist.gov] FIPS 200 – Minimum Security Requirements – [csrc.nist.gov] NIST SP 800-53 – Security Controls – [csrc.nist.gov] SEE ALSO: Introduction to 800-53 Controls FIPS […]
This completes the “Overview” section.
FIPS 140-2 is the current (soon to be revised to FIPS 140-3) NIST encryption standard for government agencies protecting sensitive but unclassified information. NIST operates a Cryptographic Module Validation Program (CMVP) that offers testing of encryption (cryptographic modules) in products to ensure they are compliant with the FIPS standard. This testing involves not only which […]