U.S. Government Publications

The U.S. government offers many of its publications on the web. The U.S. Department of Homeland Security (https://www.us-cert.gov/security-publications) publishes security information. Also, the National Institute of Standards and Technology (NIST) publishes articles on computer security. The following are a sample of the publications that can be accessed on the NIST Special Publications site (https://csrc.nist.gov/publications/sp).

• An Introduction to Computer Security: The NIST Handbook . SP 800-12, October 1995.

• Computer Security Incident Handling Guide . SP 800-61 Rev 2, August 2012.

• (Draft) Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations . SP 800-52 Rev 2, November 2017.

• Guidelines on Electronic Mail Security . SP 800-45 Version 2, February 2007.

• Guidelines on Securing Public Web Servers . SP 800-44 Version 2, September 2007.

• Guidelines on Firewalls and Firewall Policy . SP 800-41 Rev 1, September 2009.

• Building an Information Technology Security Awareness and Training Program . SP 800-61, October 2003. Includes a useful glossary.

• Guide to General Server Security . SP 800-123, July 2008.

• National Checklist Program for IT Products: Guidelines for Checklist Users and Developers . SP 800-70 Rev 4, February 2018.

• Usability and Security Considerations for Public Safety Mobile Authentication . NISTIR 8080, July 2016.

• Security of Interactive and Automated Access Management Using Secure Shell (SSH) . NISTIR 7966, October 2015.