概要

• NIST(National Institute of Standards and Technology): 米国国立標準技術研究所。US Department of Commerce（商務省）傘下機関。
• NISTは下記の6つのLabで構成 Link
  • Communications Technology Laboratory (CTL)
  • Engineering Laboratory (EL)
  • Information Technology Laboratory (ITL) ITL Link
  • Material Measurement Laboratory (MML)
  • NIST Center for Neutron Research (NCNR)
  • Physical Measurement Laboratory (PML)
• 上記のInformation Technology Laboratory (ITL)は下記の7つのDivisionに分かれる
  • Advanced Network Technologies Division
  • Applied and Computational Mathematics Division
  • Applied Cybersecurity Division
  • Computer Security Division (CSD) ITL - CSD Link
  • Information Access Division
  • Software and Systems Division
  • Statistical Engineering Division
• 上記のComputer Security Divisionが発行する文書は下記の種類がある Computer Security Resource Center - Publications
  • SP (NIST Special Publications): Guidelines, technical specifications, recommendations and reference materials, comprising multiple sub-series:
    • SP 800: Computer security
    • SP 1800: Cybersecurity practice guides
    • SP 500: Information technology (relevant documents)
  • FIPS (Federal Information Processing Standards): Security standards
• SPはUS政府機関、民間企業を問わず有益な情報セキュリティ文書
• FIPSは特にUS政府機関が遵守しないといけないセキュリティ要件
  • SPよりもっと厳しい基準。米国商務長官(Secretary of Commerce)の承認を受けた文書

Link

• IPA - セキュリティ関連NIST文書
• IPA - 【概要説明】 NIST及びNIST発行の情報セキュリティ関連文書