SANS NewsBites Vol. 10 Num. 86 (fwd)
Fri, 31 Oct 2008
STANDARDS
--NIST Releases Documents on Key Management, Security in System Development Life Cycle and HIPAA Rule Implementation (October 27, 2008) The National Institute of Standards and Technology (NIST) has released three documents. Special Publication 800-57, "Recommendation for Key Management Part 3: Application Specific Key Management Guidance," is a draft document aimed at helping "system administrators and system installers adequately secure applications based on product availability and organizational needs and to support organizational decisions about future procurements." Comments on the draft document will be accepted through January 16, 2009. Special Publication 800-64, "Security Considerations in the System Development Life Cycle," is a document in its final form that "has been developed to assist federal government agencies in integrating essential IT security steps into their established IT system development life cycle." Special Publication 800-66, "An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule,"
also in its final form.
http://www.gcn.com/online/vol1_no1/47450-1.html?topic=security
http://csrc.nist.gov/publications/nistpubs/800-64-Rev2/SP800-64-Revision2.pdf
http://csrc.nist.gov/publications/nistpubs/800-66-Rev1/SP-800-66-Revision1.pdf
No comments:
Post a Comment