 Federal Information Processing Standards Publications  (FIPS PUBS) |
|
Federal Information Processing Standards Publications (FIPS PUBS) |
| FIPS NO. |
TITLE-DATE & BRIEF DESCRIPTION |
|
Representation of calendar date to facilitate interchange of
data among information systems. This standard adopts American
National Standard ANSI X3.30-1997: Representation of Date for
Information Interchange (revision of ANSI X3.30-1985 (R1991)). - This standard provides a means of representing calendar date to facilitate interchange of data among information systems. Adopts American National Standard ANSI X3.30-1997: Representation of Date for Information Interchange (revision of ANSI X3.30-1985 (R1991)). FIPS 4-2 supersedes FIPS PUB 4-1, dated January 27, 1988, and updates the standard for representing calendar date and implements the Federal Government's commitment to use four-digit year elements (e.g., 1999, 2000, etc.) in its information technology systems. |
|||
| 5-2 |
Codes for the Identification of the States, the District of Columbia
and the Outlying Areas of the United States, and Associated Areas
-- 87 May 28 Additional information on the content of this FIPS may be obtained from the Bureau of the Census at (301) 763-1522. |
||
| 6-4 |
Counties and Equivalent Entities of the U.S., Its Possessions,
and Associated Areas -- 90 Aug 31 Additional information on the content of this FIPS may be obtained from the Bureau of the Census at (301) 763-9031. |
||
| 10-4 |
Countries, Dependencies, Areas of Special Sovereignty, and Their
Principal Administrative Divisions -- 95 Apr -- Additional information on the content of this FIPS may be obtained from the National Geospatial-Intelligence Agency (NGA) at (301) 227-1407. |
||
| 113 |
Computer Data Authentication -- 85 May 30 -Specifies a Data Authentication Algorithm (DAA) which, when applied to computer data, automatically and accurately detects unauthorized modifications, both intentional and accidental. Based on FIPS PUB 46, this standard is compatible with requirements adopted by the Department of Treasury and the banking community to protect electronic fund transfer transactions. |
||
| 140-2 |
Security Requirements for Cryptographic Modules -- 01 May
25 - This Federal Information Processing Standard
(140-2) was recently approved by the Secretary of Commerce. It
specifies the security requirements that will be satisfied by
a cryptographic module, providing four increasing, qualitative
levels intended to cover a wide range of potential applications
and environments. The areas covered, related to the secure design
and implementation of a cryptographic module, include specification;
ports and interfaces; roles, services, and authentication; finite
state model; physical security; operational environment; cryptographic
key management; electromagnetic interference/electromagnetic
compatibility (EMI/EMC); self-tests; design assurance; and mitigation
of other attacks. |
||
| 161-2 |
Electronic Data Interchange (EDI) -- 96 May 22 - FIPS 161-2 adopts, with specific conditions, the families of EDI standards known as X12, UN/EDIFACT and HL7 developed by national and international standards developing organizations. FIPS 161-2 does not mandate the implementation of EDI systems within the Federal government, but requires the use of the identified families of standards when Federal agencies and organizations implement EDI systems. |
||
| 180-2 |
Secure Hash Standard (SHS) -- 2002 August FIPS 180-2 superseded FIPS 180-1 as of February 1, 2003. | ||
| 181 |
Automated Password Generator (APG) -- 93 Oct 05 -Specifies a standard to be used by Federal organizations that require computer generated pronounceable passwords to authenticate the personal identity of an automated data processing (ADP) system user, and to authorize access to system resources. The standard describes an automated password generation algorithm that randomly creates simple pronounceable syllables as passwords. The password generator accepts input from a random number generator based on the Data Encryption Standard (DES) cryptographic algorithm defined in Federal Information Processing Standard 46-2. |
||
| 183 |
Integration Definition for Function Modeling (IDEF0) -- 93 Dec
21 - Describes the IDEF0 modeling language (semantics and syntax), and associated rules and techniques, for developing structured graphical representations of a system or enterprise. Use of this standard permits the construction of models comprising system functions (activities, actions, processes, operations), functional relationships, and data (information or objects) that support systems integration. |
||
| 184 |
Integration Definition for Information Modeling (IDEFIX) -- 93
Dec 21 - Describes the IDEF1X modeling language (semantics and syntax), and associated rules and techniques, for developing a logical model of data. IDEF1X is used to produce a graphical information model which represents the structure and semantics of information within an environment or system. Use of this standard permits the construction of semantic data models which may serve to support the management of data as a resource, the integration of information systems, and the building of computer databases. |
||
| 185 |
Escrowed Encryption Standard (EES) -- 94 Feb 09 -This non-mandatory standard provides an encryption/decryption algorithm and a Law Enforcement Access Field (LEAF) creation method which may be implemented in electronic devices and may be used at the option of government agencies to protect government telecommunications. The algorithm and the LEAF creation method are classified and are referenced, but not specified, in the standard. Electronic devices implementing this standard may be designed into cryptographic modules which are integrated into data security products and systems for use in data security applications. The LEAF is used in a key escrow system that provides for decryption of telecommunications when access to the telecommunications is lawfully authorized. |
||
| 186-2 |
Digital Signature Standard (DSS) -- 00 January 27 - This standard specifies algorithms appropriate for applications requiring a digital, rather than written, signature. A digital signature is represented in a computer as a string of binary digits. A digital signature is computed using a set of rules and a set of parameters such that the identity of the signatory and integrity of the data can be verified. An algorithm provides the capability to generate and verify signatures. Signature generation makes use of a private key to generate a digital signature. Signature verification makes use of a public key which corresponds to, but is not the same as, the private key. Each user possesses a private and public key pair. Private keys are kept secret; public keys may be shared. Anyone can verify the signature of a user by employing that user's public key. Signature generation can be performed only by the possessor of the user's private key. This revision supersedes FIPS 186-1 in its entirety. |
||
| 188 |
Standard Security Label for Information Transfer -- 94 Sept 6 -Defines a security label syntax for information exchanged over data networks and provides label encodings for use at the Application and Network Layers. ANSI/TIA/EIA-606-1993 |
||
| 190 |
Guideline for the Use of Advanced Authentication Technology Alternatives
-- 94 Sept 28 -Describes the primary alternative methods for verifying the identities of computer system users, and provides recommendations to Federal agencies and departments for the acquisition and use of technology which supports these methods. |
||
| 191 |
Guideline for the Analysis of Local Area Network Security --
94 Nov 9 - Discusses threats and vulnerabilities and considers technical security services and security mechanisms. |
||
|
192 |
Application Profile for the Government Information Locator Service
(GILS) -- 94 Dec 7 - Describes an application profile for the GILS, which is based primarily on ANSI/NISO Z39.50-1992. GILS is a decentralized collection of servers and associated information services that will be used by the public either directly or through intermediaries to find public information throughout the Federal government. |
||
|
192-1 (a)& (b) |
Application Profile for the Government Information Locator Service
(GILS) -- 97 Aug 1 - Describes the United States Federal government use of the international application profile for the GILS, also known as the Global Information Locator Service. The GILS Profile is based primarily on ISO 23950, presently equivalent to the ANSI/NISO Z39.50-1995/Version 2. GILS is a decentralized collection of servers and associated information services that will be used by the public either directly or through intermediaries to find public information throughout the Federal government. |
||
| 196 |
Entity Authentication Using Public Key Cryptography -- 1997 Feb
18 - Specifies two challenge-response protocols by which entitites in a computer system may authenticate their identities to one another. These protocols may be used during session initiation, and at any other time that entity authentication is necessary. Depending on which protocol is implemented, either one or both entities involved may be authenticated. The defined protocols are derived from an international standard for entity authentication based on public key cryptography, which uses digital signatures and random number challenges. |
||
| 197 | Advanced Encryption Standard (AES), 2001 November 26. -The Advanced Encryption Standard (AES) specifies a FIPS-approved cryptographic algorithm that can be used to protect electronic data. The AES algorithm is a symmetric block cipher that can encrypt (encipher) and decrypt (decipher) information. Encryption converts data to an unintelligible form called ciphertext; decrypting the ciphertext converts the data back into its original form, called plaintext. |
||
| 198 | The Keyed-Hash Message Authentication Code (HMAC), 2002 March.
-This standard describes a keyed-hash message authentication code (HMAC), a mechanism for message authentication using cryptographic hash functions. HMAC can be used with any iterative Approved cryptographic hash function, in combination with a shared secret key. The cryptographic strength of HMAC depends on the properties of the underlying hash function. The HMAC specification in this standard is a generalization of Internet RFC 2104, HMAC, Keyed-Hashing for Message Authentication, and ANSI X9.71, Keyed Hash Message Authentication Code. |
||
| 199 | Standards for Security Categorization of Federal Information
and Information Systems, 2004 February FIPS 199 addresses one of the requirements specified in the Federal Information Security Management Act (FISMA) of 2002, which requires all federal agencies to develop, document, and implement agency-wide information security programs for the information and information systems that support the operations and the assets of the agency, including those provided or managed by another agency, contractor, or other source. FIPS 199 provides security categorization standards for information and information systems. Security categorization standards make available a common framework and method for expressing security. They promote the effective management and oversight of information security programs, including the coordination of information security efforts throughout the civilian, national security, emergency preparedness, homeland security, and law enforcement communities. Such standards also enable consistent reporting to OMB and Congress on the adequacy and effectiveness of information security policies, procedures, and practices. |
||
| 200 | Minimum Security Requirements for Federal Information and Information Systems, 2006 March FIPS 200 is the second standard that was specified by the Federal Information Security Management Act of 2002 (FISMA). It is an integral part of the risk management framework that NIST has developed to assist federal agencies in providing levels of information security based on levels of risk. FIPS 200 specifies minimum security requirements for federal information and information systems and a risk-based process for selecting the security controls necessary to satisfy the minimum requirements. |
||
| 201-1 | Personal Identity Verification
for Federal Employees and Contractors, 2006 March |
| TO
TOP |