New NIST Draft Pubs: Enterprise Patch Management Technologies; Random Bit Generator (RBG) Constructions; Entropy Sources Used for RBG

Sep 06

NIST has released the following three draft publications for comment:

—  Draft NIST Special Publication (SP) 800-40 Revision 3, Guide to Enterprise Patch Management Technologies.

Patch management is the process for identifying, acquiring, installing, and verifying patches for products and systems. This publication is designed to assist organizations in understanding the basics of enterprise patch management technologies. It explains the importance of patch management and examines the challenges inherent in performing patch management. It provides an overview of enterprise patch management technologies and it also briefly discusses metrics for measuring the technologies’ effectiveness. Draft NIST SP 800-40 Revision 3 replaces the previous release (version 2), which was published in 2005.

NIST requests comments on draft SP 800-40 Revision 3 by Friday, October 5. Please send comments to 800-40comments@nist.gov, with the subject “SP 800-40 Comments

NIST is Proud to Announce the Release of 2 DRAFT Publications: Special Publication 800-90 B, Recommendation for the Entropy Sources Used for Random Bit Generation — AND — Special Publication 800-90C, ecommendation for Random Bit Generator (RBG) Constructions

NIST requests comments on two Draft publications for random bit generation: Draft SP 800-90B, Recommendation for the Entropy Sources Used for Random Bit Generation and Draft SP 800-90C, Recommendation for Random Bit Generator (RBG) Constructions.

—  Draft Special Publication 800-90B specifies the design principles and requirements for the entropy sources used by Random Bit Generators, and the tests for the validation of entropy sources.

A list of questions relating to SP 800-90B is also provided for reviewers.

Please send comments to rbg_comments@nist.gov by December 5, 2012. For the comments on SP 800-90B, please put “Comments on Entropy Sources” in the subject line.

Draft Special Publication 800-90C specifies constructions for the implementation of random bit generators (RBGs).

An RBG may be a deterministic random bit generator (DRBG) or a non-deterministic random bitgenerator (NRBG). The constructed RBGs consist of DRBG  mechanisms as specified SP 800-90A and entropy sources as specified in SP 800-90B. SP 800-90A is available at http://csrc.nist.gov/publications/PubsSPs.html#800-90A.

Please send comments to rbg_comments@nist.gov by December 5, 2012. For the comments on SP 800-90C, please put “Comments on RBG Constructions” in the subject line.

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Leave a Reply

Your email address will not be published.

Please Answer: *