Wednesday, September 23, 2009

NIST Computer Security Resource Center Special Publications (NIST 800-XX) Update

NIST Compuber Security Division Released 4 Publications - 1 Draft Special Publication (SP) and 3 Final Special Publications

Publication #1: Draft SP 800-127 --
NIST announces the public comment release of Draft Special Publication 800-127, Guide to Security for WiMAX Technologies. Worldwide Interoperability for Microwave Access (WiMAX) is a wireless metropolitan area network communications technology based on the IEEE 802.16 standard. WiMAX technologies were originally developed to provide last-mile broadband wireless access, but are now more focused on cellular-like mobile architectures. Draft SP 800-127 explains the basics of WiMAX, provides information on the security capabilities of WiMAX, and gives recommendations on securing WiMAX technologies effectively. It also explains the security differences among the major versions of the IEEE 802.16 standard.

NIST requests comments on draft SP 800-127 by October 30, 2009. Please submit comments to with "Comments SP 800-127" in the subject line.


Publication #2: SP 800-41 Revision 1 --
NIST announces the release of Special Publication 800-41 Revision 1, Guidelines on Firewalls and Firewall Policy. It provides recommendations on developing firewall policies and on selecting, configuring, testing, deploying, and managing firewalls. The publication covers a number of firewall technologies, including packet filtering, stateful inspection, application-proxy gateways, host-based, and personal firewalls. SP 800-41 Revision 1 updates the original publication, which was released in 2002.

URL to SP 800-41 Rev. 1:

Publication #3: SP 800-102 --
NIST announces the completion of Special Publication 800-102, Recommendation for Digital Signature Timeliness. Establishing the time when a digital signature was generated is often a critical consideration. A signed message that includes the (purported) signing time provides no assurance that the private key was used to sign the message at that time unless the accuracy of the time can be trusted. With the appropriate use of digital signature-based timestamps from a Trusted Timestamp Authority (TTA) and/or verifier-supplied data that is included in the signed message, the signatory can provide some level of assurance about the time that the message was signed.

URL to SP 800-102:

Publication #4: SP 800-120 --
The National Institute of Standards and Technology (NIST) is pleased to announce the release of Special Publication 800-120. Recommendation for EAP Methods Used in Wireless Network Access Authentication. This Recommendation formalizes core security requirements for EAP methods when employed by the U.S. Federal Government for wireless authentication and key establishment.

URL to SP 800-120:

Cybertelecom :: Federal Internet Law & Policy ::
bobArlington :: Bunkum from bArlington ::
Twitter & Facebook: rcannon100

Post a Comment