Smart Card Guy

Smart Card, Java Card, PCI DSS, IoT Device Security

NIST - ITL - CSD - SP, FIPSの関係

概要

  • NIST(National Institute of Standards and Technology): 米国国立標準技術研究所
  • NISTは下記の6つのLabで構成 Link
    • Communications Technology Laboratory (CTL)
    • Engineering Laboratory (EL)
    • Information Technology Laboratory (ITL) ITL Link
    • Material Measurement Laboratory (MML)
    • NIST Center for Neutron Research (NCNR)
    • Physical Measurement Laboratory (PML)
  • 上記のInformation Technology Laboratory (ITL)は下記の7つのDivisionに分かれる
    • Advanced Network Technologies Division
    • Applied and Computational Mathematics Division
    • Applied Cybersecurity Division
    • Computer Security Division (CSD) ITL - CSD Link
    • Information Access Division
    • Software and Systems Division
    • Statistical Engineering Division
  • 上記のComputer Security Divisionが発行する文書は下記の種類がある Computer Security Resource Center - Publications
    • SP (NIST Special Publications): Guidelines, technical specifications, recommendations and reference materials, comprising multiple sub-series:
      • SP 800: Computer security
      • SP 1800: Cybersecurity practice guides
      • SP 500: Information technology (relevant documents)
    • FIPS (Federal Information Processing Standards): Security standards
  • SPはUS政府機関、民間企業を問わず有益な情報セキュリティ文書
  • FIPSは特にUS政府機関が遵守しないといけないセキュリティ要件
    • SPよりもっと厳しい基準。米国商務長官(Secretary of Commerce)の承認を受けた文書

Link