NIST releases new drafts of IT security documents

The National Institute of Standards and Technology has published a pair of draft IT security documents for public comment.

The documents, Special Publication 800-60, Guide for Mapping Types of Information and Information Systems to Security Categories, and Special Publication 800-67, Recommendation for the Triple Data Encryption Algorithm Block Cipher, are available online at csrc.nist.gov/publications/drafts.html.

NIST is responsible for establishing federal standards and guidelines for computer security.

SP 800-60 is a second draft of the guide to mapping information to security categories, incorporating suggestions made in February at an interagency workshop. It provides guidance for identifying different types of information and IT systems, and assigning levels of impact to each for violations of confidentiality, integrity or availability. It is published in two volumes, available as separate PDF files.

Comments about the document should be made by May 1 to [email protected].

SP 800-67 gives specifications for the Triple Data Encryption Algorithm, including its primary cryptographic engine, the Data Encryption Algorithm. When properly implemented in a cryptographic module compliant with Federal Information Processing Standard 140-2, the algorithm may be used to protect sensitive but unclassified federal information.

Comments should be made by April 15 to [email protected].

About the Author

William Jackson is a Maryland-based freelance writer.

Featured

  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected