Monday, 12 May 2008
Home arrow The Police State arrow NIST releases PIV interface specs
InVenice Poll
Do you feel like Local,State and Federal Agencys Care about You and your Family?
Main Menu
Home
My Tube
Local News
Clubs and Organizations
Election 2008
Grass Roots
911 investigations
The Police State
Florida News
Fun Facts :Things to Know
National News
World News
Music News
Forum
Weather
Soap Box
News Feeds
Swanny's Fun Room
Florida Facts: Things to Know
Web Links


NIST releases PIV interface specs E-mail
Written by William Jackson   
Tuesday, 18 March 2008

Final versions of computer security documents also issued

The National Institute of Standards and Technology has released a second draft of its specifications for “Interfaces for Personal Identity Verification” to be used with the standard PIV card that will be issued to all government employees and contractors working on-site.

Comments on the document, Special Publication 800-73 Rev. 2, are being accepted until April 4.

NIST has also released final versions of two other documents in its library of special publications on computer security: SP 800-61 Rev. 1, titled “Computer Security Incident Handling Guide” and SP 800-28 Version 2 , titled “Guidelines on Active Content and Mobile Code.”

NIST’s Computer Security Research Division has incorporated into the current release of the PIV interface specs a number of suggestions made on the first draft. These changes include:
  • Relaxing the Global PIN security status limitations.
  • Incorporating an optional Global and PIV PIN discovery object.
  • Adding a discovery object for the PIV card application.
  • Eliminating the previously proposed optional U-CHUID data object.
The draft is in four parts, the End-Point PIV Card Application Namespace, Data Model and Representation; End-Point PIV Card Application Interface; End-Point PIV Client Application Programming Interface, and the PIV Transitional Data Model and Interfaces.

Comments should be submitted using the comment template provided on the Web site. Comments can also be e-mailed to This e-mail address is being protected from spam bots, you need JavaScript enabled to view it , with “Comments on the 2nd Public Draft SP800-73-2” in the subject line, by the close of business April 4.

The new release of the Computer Security Incident Handling Guide, first issued in 2004, provides guidance in responding to computer security incidents. It includes guidelines on establishing an incident response program but focuses on detecting, analyzing, prioritizing and handling incidents.

Guidelines on Active Content and Mobile Code gives an overview of active content and mobile code technologies in use today, with insights for making informed decisions on their application and treatment. Active content refers to embedded software components in documents, such as JavaScript, VBScript, Java applets and ActiveX controls. The document contains information about the threats presented by mobile code and safeguards for end user systems. The original version was released in 2001.
 
 
http://www.gcn.com/online/vol1_no1/45945-1.html
 
< Prev   Next >
[ Back ]
Design by Joomlactive
© 2008 invenice.net
Joomla! is Free Software released under the GNU/GPL License.