Link Search Menu Expand Document
NIST SP 800-12

Appendix A - References

[CSA of 1987] Computer Security Act of 1987, Public Law 100-235, 101 Stat 1724 https://www.gpo.gov/fdsys/pkg/STATUTE-101/pdf/STATUTE-101-Pg1724.pdf

[E-Gov Act] E-Government Act of 2002, Public Law 107 - 347, 116 Stat 2899. http://www.gpo.gov/fdsys/pkg/PLAW-107publ347/pdf/PLAW-107publ347.pdf

[Clinger-Cohen Act] Clinger-Cohen Act, Public Law 107-217, 116 Stat 1234. https://www.gsa.gov/graphics/staffoffices/Clinger.htm

[FISMA 2002] Federal Information Security Management Act of 2002, Pub. L. 107- 347 (Title III), 116 Stat. 2946. https://www.gpo.gov/fdsys/pkg/CHRG-107hhrg86343/pdf/CHRG-107hhrg86343.pdf

[FISMA 2014] Federal Information Security Modernization Act of 2014, Pub. L. 113-283, 128 Stat. 3073. http://www.gpo.gov/fdsys/pkg/PLAW-113publ283/pdf/PLAW-113publ283.pdf

[OMB Circular A-130] Office of Management and Budget (OMB), Managing Information as a Strategic Resource, OMB Memorandum Circular A-130, Revised July 28, 2016. https://obamawhitehouse.archives.gov/sites/default/files/omb/assets/OMB/circulars/a130/a130revised.pdf

[FIPS140-2] U.S. Department of Commerce. Security Requirements for Cryptographic Modules, Federal Information Processing Standards (FIPS) Publication 140-2, May 25, 2001 (with Change Notices through December 3, 2002), 69pp. https://doi.org/10.6028/NIST.FIPS.140-2

[FIPS180-4] U.S. Department of Commerce. Secure Hash Standard (SHS), Federal Information Processing Standards (FIPS) Publication 180-4, August 2015, 36pp. https://doi.org/10.6028/NIST.FIPS.180-4

[FIPS186-4] U.S. Department of Commerce. Digital Signature Standard (DSS), Federal Information Processing Standards (FIPS) Publication 186-4, July 2013, 130pp. https://doi.org/10.6028/NIST.FIPS.186-4

[FIPS 197] U.S. Department of Commerce. Advanced Encryption Standard, Federal Information Processing Standards (FIPS) Publication 197, November 2001, 51pp. https://doi.org/10.6028/NIST.FIPS.197

[FIPS199] U.S. Department of Commerce. Standards for Security Categorization of Federal Information and Information Systems, Federal Information Processing Standards (FIPS) Publication 199, February 2004, 13 pp. https://doi.org/10.6028/NIST.FIPS.199

[FIPS200] U.S. Department of Commerce. Minimum Security Requirements for Federal Information and Information Systems, Federal Information Processing Standards (FIPS) Publication 200, March 2006, 17pp. https://doi.org/10.6028/NIST.FIPS.200

[FIPS 202] U.S. Department of Commerce. SHA-3: Permutation-Based Hash and Extendable-Output Functions, Federal Information Processing Standards (FIPS) Publication 202, August 2015, 37pp. https://doi.org/10.6028/NIST.FIPS.202

[NISTIR 7298] Kissel, R., Glossary of Key Information Security Terms, NISTIR 7298 Revision 2, National Institute of Standards and Technology, Gaithersburg, Maryland, May 2013, 222pp. https://doi.org/10.6028/NIST.IR.7298r2

[NISTIR 8062] Brooks, S., Garcia, M., Lefkovitz, N., Lightman, S., Nadeau, E., An Introduction to Privacy Engineering and Risk Management in Federal Systems, NISTIR 8062, National Institute of Standards and Technology, Gaithersburg, Maryland, January 2017, 49pp. https://doi.org/10.6028/NIST.IR.8062

[SP800-18] NIST Special Publication (SP) 800-18 Revision 1, Guide for Developing Security Plans for Systems, National Institute of Standards and Technology, Gaithersburg, Maryland, February 2006, 48pp. https://doi.org/10.6028/NIST.SP.800-18r1

[SP800-30] NIST Special Publication (SP) 800-30 Revision 1, Guide for Conducting Risk Assessments, National Institute of Standards and Technology, Gaithersburg, Maryland, September 2012, 95pp. https://doi.org/10.6028/NIST.SP.800-30r1

[SP800-32] NIST Special Publication (SP) 800-32 , Introduction to Public Key Technology and the Federal PKI Infrastructure, National Institute of Standards and Technology, Gaithersburg, Maryland, February 2001, 54pp. https://doi.org/10.6028/NIST.SP.800-32

[SP800-34] NIST Special Publication (SP) 800-34 Revision 1, Contingency Planning Guide for Federal Information Systems, National Institute of Standards and Technology, Gaithersburg, Maryland, May 2010 (updated November 2010), 149pp. https://doi.org/10.6028/NIST.SP.800-34r1

[SP800-37] NIST Special Publication (SP) 800-37 Revision 1, Guide for Applying the Risk Management Framework to Systems: A Security Life Cycle Approach, National Institute of Standards and Technology, Gaithersburg, Maryland, February 2010 (updated June 2014), 102pp. https://doi.org/10.6028/NIST.SP.800-37r1

[SP800-39] NIST Special Publication (SP) 800-39 , Managing Information Security Risk: Organization, Mission, and Information System View, National Institute of Standards and Technology, Gaithersburg, Maryland, March 2011, 88pp. https://doi.org/10.6028/NIST.SP.800-39

[SP800-53] NIST Special Publication (SP) 800-53 Revision 4 , Security and Privacy Controls for Systems and Organizations, National Institute of Standards and Technology, Gaithersburg, Maryland, April 2013 (updated January 2015), 462pp. https://doi.org/10.6028/NIST.SP.800-53r4

[SP800-53A] NIST Special Publication (SP) 800-53A Revision 4, Assessing Security and Privacy Controls in Systems and Organizations, National Institute of Standards and Technology, Gaithersburg, Maryland, December 2014, 487pp. https://doi.org/10.6028/NIST.SP.800-53Ar4

[SP800-57 part 1] NIST Special Publication (SP) 800-57 part 1 Revision 4, Recommendation for Key Management, Part 1: General, National Institute of Standards and Technology, Gaithersburg, Maryland, January 2016, 160pp. https://doi.org/10.6028/NIST.SP.800-57pt1r4

[SP800-57 part 2] NIST Special Publication (SP) 800-57 part 2, Recommendation for Key Management, Part 2: Best Practices for Key Management Organizations, National Institute of Standards and Technology, Gaithersburg, Maryland, August 2005, 79pp. https://doi.org/10.6028/NIST.SP.800-57p2

[SP800-57 part 3] NIST Special Publication (SP) 800-57 part 3 Revision 1, Recommendation for Key Management, Part 3: Application-Specific Key Management Guidance, National Institute of Standards and Technology, Gaithersburg, Maryland, January 2015, 102pp. https://doi.org/10.6028/NIST.SP.800-57Pt3r1

[SP800-60] NIST Special Publication (SP) 800-60 volume 1 Revision 1, Guide for Mapping Types of Information Systems to Security Categories, National Institute of Standards and Technology, Gaithersburg, Maryland, August 2008, 53pp. https://doi.org/10.6028/NIST.SP.800-60v1r1

[SP800-61] NIST Special Publication (SP) 800-61 Revision 2 , Computer Security Incident Handling Guide, National Institute of Standards and Technology, Gaithersburg, Maryland, August 2012, 79pp. https://doi.org/10.6028/NIST.SP.800-61r2

[SP800-82] NIST Special Publication (SP) 800-82 Revision 2, Guide to Industrial Control Systems (ICS) Security, National Institute of Standards and Technology, Gaithersburg, Maryland, May 2015, 247pp. https://doi.org/10.6028/NIST.SP.800-82r2

[SP800-95] NIST Special Publication (SP) 800-95 , Guide to Secure Web Services, National Institute of Standards and Technology, Gaithersburg, Maryland, August 2007, 128pp. https://doi.org/10.6028/NIST.SP.800-95

[SP800-122] NIST Special Publication (SP) 800-122 , Guide to Protecting the Confidentiality of Personally Identifiable Information (PII), National Institute of Standards and Technology, Gaithersburg, Maryland, April 2010, 59pp. https://doi.org/10.6028/NIST.SP.800-122

[SP800-128] NIST Special Publication (SP) 800-128 , Guide for Security-Focused Configuration Management of Information Systems, National Institute of Standards and Technology, Gaithersburg, Maryland, August 2011, 88pp. https://doi.org/10.6028/NIST.SP.800-128

[SP800-137] NIST Special Publication (SP) 800-137 , Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations, National Institute of Standards and Technology, Gaithersburg, Maryland, September 2011, 80pp. https://doi.org/10.6028/NIST.SP.800-137

[SP800-147] NIST Special Publication (SP) 800-147 , BIOS Protection Guidelines, National Institute of Standards and Technology, Gaithersburg, Maryland, April 2011, 26pp. https://doi.org/10.6028/NIST.SP.800-147

[SP800-152] NIST Special Publication (SP) 800-152 , A Profile for U.S. Federal Cryptographic Key Management Systems (CKMS), National Institute of Standards and Technology, Gaithersburg, Maryland, October 2015, 147pp. https://doi.org/10.6028/NIST.SP.800-152

[SP800-155] NIST Special Publication (SP) 800-155 (DRAFT), BIOS Integrity Measurement Guidelines, National Institute of Standards and Technology, Gaithersburg, Maryland, December 2011, 47pp. http://csrc.nist.gov/publications/drafts/800-155/draft-SP800-155_Dec2011.pdf

[SP800-160] NIST Special Publication (SP) 800-160, Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems, National Institute of Standards and Technology, Gaithersburg, Maryland, May 2016, 307pp. https://doi.org/10.6028/NIST.SP.800-160

[SP800-161] NIST Special Publication (SP) 800-161, Supply Chain Risk Management Practices for Federal Information Systems and Organizations, National Institute of Standards and Technology, Gaithersburg, Maryland, April 2015, 282pp. https://doi.org/10.6028/NIST.SP.800-161

[SP800-162] NIST Special Publication (SP) 800-162, Guide to Attribute Based Access Control (ABAC) Definition and Considerations, National Institute of Standards and Technology, Gaithersburg, Maryland, January 2014, 46pp. https://doi.org/10.6028/NIST.SP.800-162

[SP800-175A] NIST Special Publication (SP) 800-175A, Guideline for Using Cryptographic Standards in the Federal Government: Directives, Mandates and Policies, National Institute of Standards and Technology, Gaithersburg, Maryland, April 2016, 44pp. https://doi.org/10.6028/NIST.SP.800-175A

[SP800-175B] NIST Special Publication (SP) 800-175B, Guideline for Using Cryptographic Standards in the Federal Government: Cryptographic Mechanisms, National Institute of Standards and Technology, Gaithersburg, Maryland, March 2016, 81pp. https://doi.org/10.6028/NIST.SP.800-175B