这是indexloc提供的服务,不要输入任何密码

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Publications

Drafts Open for Comment

Feeds:      RSS/Atom      JSON

Many of NIST's cybersecurity and privacy publications are posted as drafts for public comment. Comment periods are still open for the following publications. Select the publication title to access downloads, related content, and instructions for submitting comments. Your thoughtful reviews and comments are greatly appreciated and help us to improve our standards and guidance.

Also see a complete list of public drafts that includes those whose comment periods have closed.

The system security plan, system privacy plan, and cybersecurity supply chain risk management plan–collectively referred to as system plans– consolidate information about the assets and individuals being protected within an authorization boundary and its interconnected systems. System plans serve as...

This draft CSF 2.0 Profile provides a voluntary, risk-based approach for managing cybersecurity activities and reducing cybersecurity risk to semiconductor manufacturing. The semiconductor manufacturing environment is a complex ecosystem of device makers, equipment OEMs, suppliers and solution...

The NIST National Cybersecurity Center of Excellence (NCCoE) identified a potential application for a chatbot to support its mission and developed a secure, internal-use chatbot to assist NCCoE staff with discovering and summarizing cybersecurity guidelines tailored to specific audiences or use...

High-performance computing (HPC) systems provide fundamental computing infrastructure for large-scale artificial intelligence (AI) and machine learning (ML) model training, big data analysis, and complex simulations at exceptional speeds. Securing HPC systems is essential for safeguarding AI models,...

SummaryA cryptographic accordion is a tweakable block cipher mode that is itself a cipher on variable-length input. NIST proposes to develop three general-purpose accordions:Acc128 to support typical usage (birthday bounds) with the Advanced Encryption Standard (AES)Acc256 to support typical usage...

The National Cybersecurity Center of Excellence (NCCoE) has developed the draft two-pager NIST Special Publication (SP) 1334, Reducing the Cybersecurity Risks of Portable Storage Media in OT Environments. The cybersecurity considerations in this two-pager are intended to help operational technology...

Advances in computing capabilities, cryptographic research, and cryptanalytic techniques necessitate the replacement of cryptographic algorithms that no longer provide adequate security. A typical algorithm transition is costly, takes time, raises interoperability issues, and disrupts operations....

Sanitization refers to a process that renders access to target data on the media infeasible for a given level of effort. This guide outlines the important elements of a sanitization program to assist organizations and system owners in making practical sanitization decisions based on the sensitivity...