ABSTRACT

Introduction to Computer Security: The NIST Handbook   [open pdf - 2MB]

"This handbook provides assistance in securing computer-based resources (including hardware, software, and information) by explaining important concepts, cost considerations, and interrelationships of security controls. It illustrates the benefits of security controls, the major techniques or approaches for each control, and important related considerations. The handbook provides a broad overview of computer security to help readers understand their computer security needs and develop a sound approach to the selection of appropriate security controls. It does not describe detailed steps necessary to implement a computer security program, provide detailed implementation procedures for security controls, or give guidance for auditing the security of specific systems. General references are provided at the end of this chapter, and references of 'how-to' books and articles are provided at the end of each chapter in Parts II, III and IV. The purpose of this handbook is not to specify requirements but, rather, to discuss the benefits of various computer security controls and situations in which their application may be appropriate. Some requirements for federal systems are noted in the text. This document provides advice and guidance; no penalties are stipulated. The handbook was written primarily for those who have computer security responsibilities and need assistance understanding basic concepts and techniques. Within the federal government, this includes those who have computer security responsibilities for sensitive systems. For the most part, the concepts presented in the handbook are also applicable to the private sector."

Report Number:
NIST Special Publication 800-12
Publisher:
Date:
1995-10
Copyright:
Public Domain
Retrieved From:
National Institute of Standards and Technology: http://www.nist.gov/
Format:
pdf
Media Type:
application/pdf
URL:
Help with citations