Barker, E.
, Barker, W.
, Burr, W.
, Polk, W.
and Smid, M.
(2005),
Recommendation for Key Management - Part 2: Best Practices for Key Management Organization, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.SP.800-57p2
(Accessed April 18, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Recommendation for Key Management - Part 2: Best Practices for Key Management Organization
Published
Author(s)
, , , , Miles E. Smid
Abstract
Best Practices for Key Management Organization, Part 2 of the Recommendation for Key Management is intended primarily to address the needs of system owners and managers. It provides context, principles, and implementation guidelines to assist in implementation and management of institutional key management systems. It identifies applicable laws and directives concerning security planning and management, and suggests approaches to satisfying those laws and directives with a view to minimizing the impact of management overhead on organizational resources and efficiency. This guideline acknowledges that planning and documentation requirements associated with small scale or single system cryptographic applications will not need to be as elaborate as those required for large and diverse government agencies supported by a number of general support systems and major applications. However, any organization that employs cryptography to provide security services is required to have policy, practices and planning documentation at some level or number of levels.Part 2 of the Recommendation for Key Management first identifies the structural and functional elements common to effective key management systems; second, identifies security planning requirements, general security policies and practices necessary to effective institutional key management; and finally, offers suggestions regarding how key management policies and procedures might be incorporated into security planning documentation that is already required by various Federal laws and directives.Citation
Special Publication (NIST SP) - 800-57 Pt2
Report Number
800-57 Pt2
NIST Pub Series
Pub Type
NIST Pubs
Superceded By Publication
Download Paper
Keywords
accreditation, certification, cryptographic key, digital signature, key management, key management policy, public key, public key infrastructure, security plan
Citation
Created August 24, 2005, Updated October 12, 2021