None
The CKMS requirements specified in [NIST SP 800-130].
Source(s):
NIST SP 800-152
under Framework (for CKMS)
A layered structure indicating what kind of programs can or should be built and how they would interrelate. Some computer system frameworks also include actual programs, specify programming interfaces, or offer programming tools for using the frameworks. A framework may be for a set of functions within a system and how they interrelate; the layers of an operating system; the layers of an application subsystem; how communication should be standardized at some level of a network; and so forth. A framework is generally more comprehensive than a protocol and more prescriptive than a structure.
Source(s):
NIST SP 800-95
whatis.com, https://whatis.techtarget.com
The Cybersecurity Framework developed for defining protection of critical infrastructure. It provides a common language for understanding, managing, and expressing cybersecurity risk both internally and externally. Includes activities to achieve specific cybersecurity outcomes, and references examples of guidance to achieve those outcomes.
Source(s):
NISTIR 8183
NISTIR 8183A Vol. 1
NISTIR 8183A Vol. 2
NISTIR 8183A Vol. 3
A risk-based approach to reducing cybersecurity risk composed of three parts: the Framework Core, the Framework Profile, and the Framework Implementation Tiers. Also known as the “Cybersecurity Framework.”
Source(s):
NIST Cybersecurity Framework Version 1.1
A structured description of a topic of interest, including a detailed statement of the problem(s) to be solved and the goal(s) to be achieved. An annotated outline of all the issues that must be addressed while developing acceptable solutions to the problem(s). A description and analysis of the constraints that must be satisfied by an acceptable solution and detailed specifications of acceptable approaches to solving the problems(s).
Source(s):
FIPS 201
[version unknown]