NIST releases new drafts of IT security guides
The National Institute of Standards and Technology has published a pair of draft IT security documents for public comment.
The documents, Special Publication 800-60, Guide for Mapping Types of Information and Information Systems to Security Categories, and Special Publication 800-67, Recommendation for the Triple Data Encryption Algorithm Block Cipher, can be seen by going to www.gcn.com and entering 228 in the GCN.com/box.
SP 800-60 is a second draft of the guide to mapping information to security categories, incorporating suggestions made in February at an interagency workshop. It provides guidance for identifying different types of information and IT systems, and assigning levels of impact to each for violations of confidentiality, integrity or availability.
SP 800-67 gives specifications for the Triple Data Encryption Algorithm, including its primary cryptographic engine, the Data Encryption Algorithm.
William Jackson is a senior writer of GCN and the author of the CyberEye blog.