Treffer: Engineering principles for information technology security (a baseline for achieving security) : recommendations of the National Institute of Standards and Technology
Title:
Engineering principles for information technology security (a baseline for achieving security) : recommendations of the National Institute of Standards and Technology Gary Stoneburner, Clark Hayden, Alexis Feringa.
Language:
English
Authors:
Publication Date:
2001
Physical Description:
1 online resource.
Series:
NIST special publication; 800-27
NIST special publication; 800-27
NIST special publication; 800-27
Publication Type:
Book
Document Type:
Buch
Monograph
Subject Terms:
Notes:
2001.
Contributed record: Metadata reviewed, not verified. Some fields updated by batch processes.
Superseded by NIST Special Publication 800-27ra.
Title from PDF title page.
Includes bibliographical references.
Contributed record: Metadata reviewed, not verified. Some fields updated by batch processes.
Superseded by NIST Special Publication 800-27ra.
Title from PDF title page.
Includes bibliographical references.
Other Authors:
Feringa, Alexis
Hayden, Clark
Stoneburner, Gary
National Institute of Standards and Technology (U.S.) Computer Security Division.
Hayden, Clark
Stoneburner, Gary
National Institute of Standards and Technology (U.S.) Computer Security Division.
OCLC:
927737517
Other Identifiers:
US GPO item number: 0247 (online)
Gov. Doc: C 13.10:800-27
Gov. Doc: C 13.10:800-27
Online Access:
Accession Number:
edsgpr.001075865
Database:
Government Publishing Office Catalog
Weitere Informationen
Abstract: The Engineering Principles for Information Technology (IT) Security (EP-ITS) presents a list of system-level security principles to be considered in the design, development, and operation of an information system. Ideally, the principles presented here would be used from the onset of a prograḿʻ́ư"Ś‚„at the beginning of, or during the design phaséʻ́ư"Ś‚„and then employed throughout the systeḿʻ́ư"Ś‚s life-cycle. However, these principles are also helpful in affirming and confirming the security posture of already deployed information systems. The principles are short and concise and can be used by organizations to develop their system life-cycle policies.