Search CSRC

Conference: 4th Seminar on the DoD Computer Security Initiative Abstract: The Proceedings of the Fourth Seminar of the DoD Computer Security Initiative, held August 10-12, 1981, in Gaithersburg, Maryland. [This seminar later became the National Computer Security Conference, in 1985.]

Conference: 3rd Seminar on the DoD Computer Security Initiative Program Abstract: The Proceedings of the Third Seminar of the DoD Computer Security Initiative, held November 18-20, 1980, in Gaithersburg, Maryland. [This seminar later became the National Computer Security Conference, in 1985.]

Conference: 2nd Seminar on the DoD Computer Security Initiative Program Abstract: The Proceedings of the Second Seminar of the DoD Computer Security Initiative, held January 15-17, 1980, in Gaithersburg, Maryland. [This seminar later became the National Computer Security Conference, in 1985.]

Conference: Seminar on the DoD Computer Security Initiative Program Abstract: The Proceedings of the [first] Seminar of the DoD Computer Security Initiative, held July 17-18, 1979, in Gaithersburg, Maryland. [This seminar later became the National Computer Security Conference, in 1985.]

Abstract: Cost becomes an early concern in applying privacy safeguards to any computerized record-keeping system. To determine privacy cost impact one requires a concrete and rigorous approach that permits repeated analysis of carefully documented assumptions. Such a methodology appears in the work reported i...

Conference: 4th Data Communications Symposium Abstract: Encryption can be an effective process for protecting data during transmission within distributed computer systems and networks. The degree of protection provided by encryption depends on the encryption algorithm employed, the implementation of the algorithm and the administrative procedures regulat...

Abstract: On February 20, 1975, nine informed EDP professionals were invited by the Systems and Software Division of the Institute for Computer Sciences and Technology to discuss the costs Federal agencies should anticipate in complying with the Privacy Act of 1974. The invitees came from Federal agencies, pr...

Abstract: A report has been prepared of the NBS/ ACM Workshop on Controlled Accessibility, December 1972, Rancho Santa Fe, California. The Workshop was divided into five separate working groups: access controls, audit, EDP management controls, identification, and measurements. The report contains t...

Abstract: This publication summarizes the proceedings of a conference held for the purpose of highlighting the needs and problems of Federal, State, and local governments in safeguarding individual privacy and protecting confidential data contained in computer systems from loss or misuse. The Conference was h...

Abstract: This booklet has been prepared for an audience of executives and managers, other than computer and ADP managers, in organizations using computers to help them understand the necessity for computer security and the problems encountered in providing for it. There are still many gaps in our knowledge....

Abstract: A bibliography of 96 references on controlled accessibility has been compiled. The purpose in compiling this limited bibliography was to free the effort to solve the problems of controlled accessibility from domination by discussion of the issues of privacy. Insofar as possible, except when the two...

NIST is pleased to announce the release of Special Publication (SP) 800-108r1, Recommendation for Key Derivation Using Pseudorandom Functions.

NIST requests public comments on the initial public draft (ipd) of NIST IR 8214B, Notes on Threshold EdDSA/Schnorr Signatures. 

The Zero Trust Architecture (ZTA) team at NIST’s National Cybersecurity Center of Excellence (NCCoE) invites public comments on volumes C-D of a preliminary draft practice guide “Implementing a Zero Trust Architecture”. Deadline to submit comments is September 9, 2022.

The initial public draft of NIST Special Publication (SP) 800-215, Guide to a Secure Enterprise Network Landscape, provides guidance for navigating this new enterprise network landscape from a secure operations perspective. The deadline to submit comments is September 19, 2022.

NIST is posting two draft Special Publications (SP) on the Enterprise Impact of Information and Communications Technology (ICT) Risk, with a public comment period open through September 6, 2022.

The initial public draft of NIST Special Publication (SP) 800-66r2 (Revision 2), Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule:  A Cybersecurity Resource Guide, is now available for public comment. Deadline to submit comments is September 21, 2022.

The National Cybersecurity Center of Excellence (NCCoE) has released a new draft project description, Software Supply Chain and DevOps Security Practices: Implementing a Risk-Based Approach to DevSecOps. 

NIST announces the publication of NIST Internal Report 8235, "Security Guidance for First Responder Mobile and Wearable Devices."

NIST seeks information for a planned update of the Controlled Unclassified Information series of publications (SP 800-171, -171A, -172, and -172A). The public comment period is open through September 16, 2022.

Participate in the inaugural 30-day comment period for a minor (errata) release of SP 800-53 Rev. 5. Submit your comments on proposed changes through August 12, 2022.

NIST is announcing four Post-Quantum Cryptography candidates for standardization, plus candidates for a fourth round of analysis.

The initial public draft of NIST IR 8323r1, Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services, is available for comment. Public comment period is open through August 12, 2022.

NIST has released the final version of Special Publication (SP) 800-219, Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP). 

The National Cybersecurity Center of Excellence (NCCoE) has released the initial public draft of NIST SP 1800-34, Validating the Integrity of Computing Devices. Comments are due July 25, 2022.