Guideline for implementing cryptography in the federal government / Elaine B. Barker, William C. Barker, Annabelle Lee.

Format:

Book

Government document

Author/Creator:

Barker, Elaine B.

Contributor:

Barker, William C. (William Curt)

Lee, Annabelle

National Institute of Standards and Technology (U.S.)

Series:

NIST special publication ; 800-21.

NIST special publication. Information security

NIST special publication ; 800-21. Information security

Language:

English

Subjects (All):

Data encryption (Computer science)--United States.

Data encryption (Computer science).

Public records--Access control--United States.

Public records.

Computer security--Standards--United States.

Computer security.

Computer security--Standards.

Public records--Access control.

United States.

Physical Description:

viii, 89 pages : digital, PDF file.

Edition:

2nd ed.

Place of Publication:

Gaithersburg, MD : U.S. Dept. of Commerce, Technology Administration, National Institute of Standards and Technology, [2005]

Summary:

This Second Edition of NIST Special Publication (SP) 800-21, updates and replaces the November 1999 edition of Guideline for Implementing Cryptography in the Federal Government. Many of the references and cryptographic techniques contained in the first edition of NIST SP 800-21 have been amended, rescinded, or superseded since its publication. The current publication offers new tools and techniques. NIST SP 800-21 is intended to provide a structured, yet flexible set of guidelines for selecting, specifying, employing, and evaluating cryptographic protection mechanisms in Federal information systems?and thus, makes a significant contribution toward satisfying the security requirements of the Federal Information Security Management Act (FISMA) of 2002, Public Law 107-347. The current publication also reflects the elimination of the waiver process by the Federal Information Security Management Act (FISMA) of 2002. SP 800-21 includes background information, describes the advantages of using cryptography; defines the role and use of standards and describes standards organizations that are outside the Federal government; describes the methods that are available for symmetric and asymmetric key cryptography; describes implementation issues (e.g., key management); discusses assessments, including the Cryptographic Module Validation Program (CMVP), the Common Criteria (CC), and Certification and Accreditation (C&A); and describes the process of choosing the types of cryptography to be used and selecting a cryptographic method or methods to fulfill a specific requirement.

Notes:

Title from title screen (viewed on July 20, 2006).

"December 2005."

Includes bibliographical references (pages 80-84).

OCLC:

70786903

Publisher Number:

GOVPUB-C13-a53a5570f6653eb56ce529f65d6bd35c