Home | | Information Security | NIST Security Models

Chapter: Information Security : Logical Design

NIST Security Models

This refers to “The National Security Telecommunications and Information systems Security Committee” document. This document presents a comprehensive model for information security. The model consists of three dimensions.

NIST SECURITY MODELS

 

ü This refers to “The National Security Telecommunications and Information systems Security Committee” document. This document presents a comprehensive model for information security. The model consists of three dimensions.

 

ü Another possible approach available is described in the many documents available from the Computer Security Resource Center of the National Institute for Standards and Technology (csrc.nist.gov).

 

ü The following NIST documents can assist in the design of a security framework:

 

–   NIST SP 800-12 : An Introduction to Computer Security: The NIST Handbook

 

NIST SP 800-14 : Generally Accepted Security Principles and Practices for Securing IT Systems

 

–   NIST SP 800-18 : The Guide for Developing Security Plans for IT Systems

 

–   NIST SP 800-26: Security Self-Assessment Guide for IT systems.

 

–   NIST SP 800-30: Risk Management for IT systems.

 

ü           NIST Special Publication SP 800-12

 

- SP 800-12 is an excellent reference and guide for the security manager or administrator in the routine management of information security.

 

- It provides little guidance, however, on design and implementation of new security systems, and therefore should be used only as a valuable precursor to understanding an information security blueprint.

 

ü           NIST Special Publication SP 800-14

 

Generally accepted Principles and practices for Security Information Technology Systems.

 

 

- Provides best practices and security principles that can direct the security team in the development of Security Blue Print.

 

- The scope of NIST SP 800-14 is broad. It is important to consider each of the security principles it presents, and therefore the following sections examine some of the more significant points in more detail:

 

–   Security Supports the Mission of the Organization

 

–   Security is an Integral Element of Sound Management

 

–   Security Should Be Cost-Effective

 

–   Systems Owners Have Security Responsibilities Outside Their Own Organizations

 

–   Security Responsibilities and Accountability Should Be Made Explicit

 

–   Security Requires a Comprehensive and Integrated Approach

 

–   Security Should Be Periodically Reassessed

 

–   Security is Constrained by Societal Factors

 

–   33 Principles enumerated

 

Study Material, Lecturing Notes, Assignment, Reference, Wiki description explanation, brief detail
Information Security : Logical Design : NIST Security Models |

Related Topics

Information Security
Information Security : Logical Design
Information Security Policy
Standard and Practice - Security Models
NIST Security Models
VISA International Security Model
Design of Security Architecture
Contingency Planning (CP)
Important Short Questions and Answers: Logical Design


Privacy Policy, Terms and Conditions, DMCA Policy and Compliant

Copyright © 2018-2024 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.