Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).
NIST Authors in Bold
|Author(s):||Karen A. Scarfone; Daniel R. Benigni; Timothy Grance;|
|Title:||Cyber Security Standards|
|Published:||June 15, 2009|
|Abstract:||The goal of cyber security standards is to improve the security of information technology (IT) systems, networks, and critical infrastructures. A cyber security standard defines both functional and assurance requirements within a product, system, process, or technology environment. Well-developed cyber security standards enable consistency among product developers and serve as a reliable metric for purchasing security products. Cyber security standards cover a broad range of granularity, from the mathematical definition of a cryptographic algorithm to the specification of security features in a Web browser, and are typically implementation-independent. A standard must address user needs, but must also be practical since cost and technological limitations must be considered in building products to meet the standard. Additionally, a standard s requirements must be verifiable; otherwise, users cannot assess security even when products are tested against the standard.|
|Citation:||Wiley Handbook of Science and Technology for Homeland Security|
|Publisher:||John Wiley & Sons, Inc., Hoboken, NJ|
|Keywords:||cyber security, information technology, standards, standardization|
|Research Areas:||Computer Security|
|PDF version:||Click here to retrieve PDF version of paper (70KB)|