{ "name": "NIST SP 800 / SP 1800 / FIPS 一覧", "source": "https://csrc.nist.gov/publications", "generated_at": "2026-05-16T04:34:04.694954+00:00", "total": 217, "documents": [ { "id": "800-30", "title_en": "Guide for Conducting Risk Assessments", "description_ja": "リスクアセスメント実施ガイド。脅威・脆弱性・影響度の評価手法とリスク対応の意思決定プロセスを解説。", "version": "Rev. 1", "date": "2012/09", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/30/r1/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000balw.pdf" }, { "id": "800-37", "title_en": "Risk Management Framework for Information Systems and Organizations", "description_ja": "情報システムのリスク管理フレームワーク(RMF)。準備→分類→選択→実装→評価→承認→継続監視の7ステップ。", "version": "Rev. 2", "date": "2018/12", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/37/r2/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/NIST.SP.800-37r2_JA.pdf" }, { "id": "800-53", "title_en": "Security and Privacy Controls for Information Systems and Organizations", "description_ja": "情報システム・組織向けのセキュリティ・プライバシーコントロール集。連邦政府システムの基準として広く参照される。", "version": "Rev. 5", "date": "2020/09", "status": "Final", "topics": [ "リスク管理", "プライバシー" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/53/r5/upd1/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000bbdx.pdf" }, { "id": "800-61", "title_en": "Incident Response Recommendations and Considerations for Cybersecurity Risk Management", "description_ja": "インシデント対応推奨事項(Rev.3)。CSF 2.0に準拠し、インシデント対応をサイバーセキュリティリスク管理全体に統合する手法を解説。Rev.2を置き換え。", "version": "Rev. 3", "date": "2025/04", "status": "Final", "topics": [ "インシデント対応" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/61/r3/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/j5u9nn0000007vt4.pdf" }, { "id": "800-63B", "title_en": "Digital Identity Guidelines: Authentication and Authenticator Management", "description_ja": "デジタルアイデンティティガイドライン Rev.4。認証方式・保証レベル(AAL1〜3)・パスキー対応などを規定。SP 800-63-3を置き換え(2025/08廃止)。", "version": "Rev. 4", "date": "2025/07", "status": "Final", "topics": [ "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/63/b/4/final", "url_ja": null }, { "id": "800-81", "title_en": "Secure Domain Name System (DNS) Deployment Guide", "description_ja": "セキュアDNS展開ガイド。DNSSEC・DNS over HTTPS・DNS over TLSなどの実装指針を提供。", "version": "Rev. 3", "date": "2026/03", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/81/r3/final", "url_ja": null }, { "id": "800-82", "title_en": "Guide to Operational Technology (OT) Security", "description_ja": "OT(産業制御システム・SCADA)セキュリティガイド。ICS/SCADA/PLC等の産業環境向けセキュリティ対策を解説。", "version": "Rev. 3", "date": "2023/09", "status": "Final", "topics": [ "OT・ICS" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/82/r3/final", "url_ja": "https://www.jpcert.or.jp/ics/information02.html#NISTSP800-82" }, { "id": "800-92", "title_en": "Guide to Computer Security Log Management", "description_ja": "コンピュータセキュリティログ管理ガイド。ログの収集・保存・分析・保護に関するベストプラクティスを提供。", "version": "初版", "date": "2006/09", "status": "Final", "topics": [ "ログ管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/92/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000bfnm.pdf" }, { "id": "800-160", "title_en": "Engineering Trustworthy Secure Systems", "description_ja": "信頼性の高いセキュアシステムのエンジニアリング手法。サイバーレジリエンスの概念を体系化。", "version": "Vol.2 Rev.1", "date": "2021/11", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/160/v2/r1/final", "url_ja": null }, { "id": "800-171", "title_en": "Protecting Controlled Unclassified Information in Nonfederal Systems", "description_ja": "非連邦システムにおける管理対象非機密情報(CUI)の保護要件。CMMC対応の基盤。", "version": "Rev. 3", "date": "2024/05", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/171/r3/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/about.html" }, { "id": "800-172A", "title_en": "Assessing Enhanced Security Requirements for Controlled Unclassified Information", "description_ja": "CUI強化セキュリティ要件の評価手順 Rev.3 Final(2026/05/13)。SP 800-172r3の評価ガイド。", "version": "Rev. 3", "date": "2026/05", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/172/a/r3/final", "url_ja": null }, { "id": "800-190", "title_en": "Application Container Security Guide", "description_ja": "アプリケーションコンテナセキュリティガイド。Dockerなどのコンテナ技術に関するリスクと対策を網羅。", "version": "初版", "date": "2017/09", "status": "Final", "topics": [ "クラウド" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/190/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/about.html" }, { "id": "800-207", "title_en": "Zero Trust Architecture", "description_ja": "ゼロトラストアーキテクチャの定義・原則・実装ガイダンス。「信頼しない、常に検証する」モデルの公式解説。", "version": "初版", "date": "2020/08", "status": "Final", "topics": [ "ゼロトラスト" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/207/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/about.html" }, { "id": "800-218", "title_en": "Secure Software Development Framework (SSDF)", "description_ja": "セキュアソフトウェア開発フレームワーク v1.1。EO 14028への対応支援。※Rev.1(SSDF v1.2)草案がEO 14306に基づき公開中。", "version": "v1.1", "date": "2022/02", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/218/final", "url_ja": null }, { "id": "800-219", "title_en": "Automated Secure Configuration Guidance from the macOS Security Compliance Project", "description_ja": "macOSセキュリティコンプライアンスプロジェクトによる自動セキュア構成ガイダンス。", "version": "Rev. 1", "date": "2023/06", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/219/r1/final", "url_ja": null }, { "id": "800-228", "title_en": "Guidelines for API Protection for Cloud-Native Systems", "description_ja": "クラウドネイティブシステムにおけるAPI保護のガイドライン。認証・認可・レート制限・監視のベストプラクティス。", "version": "初版", "date": "2026/03", "status": "Final", "topics": [ "クラウド" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/228/upd1/final", "url_ja": null }, { "id": "800-88", "title_en": "Guidelines for Media Sanitization", "description_ja": "メディアサニタイゼーション(データ消去)ガイドライン Rev.2。HDD・SSD・フラッシュメモリ等の適切な廃棄・消去手法を更新。", "version": "Rev. 2", "date": "2025/09", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/88/r2/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000bfmf.pdf" }, { "id": "800-90C", "title_en": "Recommendation for Random Bit Generator (RBG) Constructions", "description_ja": "乱数ビット生成器(RBG)構成のための推奨事項。SP 800-90シリーズの最終ドキュメント。暗号用・非暗号用途の高品質乱数生成を支援。", "version": "初版", "date": "2025/09", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/90/c/final", "url_ja": null }, { "id": "800-227", "title_en": "Recommendations for Key-Encapsulation Mechanisms", "description_ja": "鍵カプセル化メカニズム(KEM)の定義・特性・実装推奨事項。FIPS 203(ML-KEM)など量子耐性KEMの安全な実装ガイダンスを提供。", "version": "初版", "date": "2025/09", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/227/final", "url_ja": null }, { "id": "800-172", "title_en": "Enhanced Security Requirements for Protecting Controlled Unclassified Information", "description_ja": "CUI保護強化要件 Rev.3 Final(2026/05/13)。SP 800-53r5と整合、高価値資産・重要システム向けのサイバーレジリエンス強化要件。", "version": "Rev. 3", "date": "2026/05", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/172/r3/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/about.html" }, { "id": "800-57pt1", "title_en": "Recommendation for Key Management: Part 1 – General", "description_ja": "鍵管理推奨事項 Part 1 Rev.6(草案)。量子耐性アルゴリズム(FIPS 203/204/205)・Asconを追加。SP 800-131Aとの整合を強化。", "version": "Rev. 6", "date": "2025/12", "status": "Draft", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/57/pt1/r6/ipd", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000bbir.pdf" }, { "id": "800-126", "title_en": "Technical Specification for the Security Content Automation Protocol (SCAP) Version 1.4", "description_ja": "SCAP(セキュリティコンテンツ自動化プロトコル)v1.4技術仕様 Rev.4(草案)。要件を合理化し、現行実装に対応。", "version": "Rev. 4", "date": "2025/12", "status": "Draft", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/126/r4/ipd", "url_ja": null }, { "id": "800-12", "title_en": "An Introduction to Information Security", "description_ja": "情報セキュリティ入門 Rev.1。情報セキュリティの基本概念・原則・用語を解説する基礎ガイド。", "version": "Rev. 1", "date": "2017/06", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/12/r1/final", "url_ja": null }, { "id": "800-16", "title_en": "Information Technology Security Training Requirements", "description_ja": "ITセキュリティ訓練要件。役割ベース・パフォーマンスベースのモデルによるセキュリティ教育ガイドライン。", "version": "Rev. 1 Draft", "date": "2014/03", "status": "Draft", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/16/r1/3pd", "url_ja": null }, { "id": "800-18", "title_en": "Guide for Developing Security Plans for Federal Information Systems", "description_ja": "システムセキュリティ計画(SSP)作成ガイド Rev.1。連邦情報システム向けのSSP策定方法を解説。", "version": "Rev. 1", "date": "2006/02", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/18/r1/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000b15y.pdf" }, { "id": "800-22", "title_en": "A Statistical Test Suite for RNGs and PRNGs", "description_ja": "乱数生成器(RNG/PRNG)の統計的テストスイート Rev.1a。暗号アプリケーション向け。", "version": "Rev. 1a", "date": "2010/04", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/22/r1/a/final", "url_ja": null }, { "id": "800-28", "title_en": "Guidelines on Active Content and Mobile Code", "description_ja": "アクティブコンテンツとモバイルコードのガイドライン Ver.2。", "version": "Ver. 2", "date": "2008/03", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/28/v2/final", "url_ja": null }, { "id": "800-34", "title_en": "Contingency Planning Guide for Federal Information Systems", "description_ja": "連邦情報システム向けコンティンジェンシー計画ガイド Rev.1。BCP/DR計画の策定方法。", "version": "Rev. 1", "date": "2010/05", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/34/r1/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/000025327.pdf" }, { "id": "800-35", "title_en": "Guide to Information Technology Security Services", "description_ja": "ITセキュリティサービスガイド。", "version": "初版", "date": "2003/10", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/35/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000baul.pdf" }, { "id": "800-39", "title_en": "Managing Information Security Risk", "description_ja": "情報セキュリティリスク管理:組織・ミッション・情報システム視点。", "version": "初版", "date": "2011/03", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/39/final", "url_ja": null }, { "id": "800-40", "title_en": "Guide to Enterprise Patch Management Planning", "description_ja": "エンタープライズパッチ管理計画ガイド Rev.4。予防保守としてのパッチ管理。", "version": "Rev. 4", "date": "2022/04", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/40/r4/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000bb4h.pdf" }, { "id": "800-41", "title_en": "Guidelines on Firewalls and Firewall Policy", "description_ja": "ファイアウォールとポリシーガイドライン Rev.1。", "version": "Rev. 1", "date": "2009/09", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/41/r1/final", "url_ja": null }, { "id": "800-44", "title_en": "Guidelines on Securing Public Web Servers", "description_ja": "公開Webサーバーのセキュリティガイドライン Ver.2。", "version": "Ver. 2", "date": "2007/09", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/44/v2/final", "url_ja": null }, { "id": "800-45", "title_en": "Guidelines on Electronic Mail Security", "description_ja": "電子メールセキュリティガイドライン Ver.2。", "version": "Ver. 2", "date": "2007/02", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/45/v2/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000bb5d.pdf" }, { "id": "800-46", "title_en": "Guide to Enterprise Telework, Remote Access, and BYOD Security", "description_ja": "テレワーク・リモートアクセス・BYODセキュリティガイド Rev.2。", "version": "Rev. 2", "date": "2016/07", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/46/r2/final", "url_ja": null }, { "id": "800-47", "title_en": "Managing the Security of Information Exchanges", "description_ja": "情報交換のセキュリティ管理 Rev.1。", "version": "Rev. 1", "date": "2021/07", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/47/r1/final", "url_ja": null }, { "id": "800-48", "title_en": "Guide to Securing Legacy IEEE 802.11 Wireless Networks", "description_ja": "レガシーIEEE 802.11無線ネットワークのセキュリティガイド Rev.1。", "version": "Rev. 1", "date": "2008/07", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/48/r1/final", "url_ja": null }, { "id": "800-50", "title_en": "Building a Cybersecurity and Privacy Workforce", "description_ja": "サイバーセキュリティ・プライバシー人材の育成 Rev.1。意識向上・訓練プログラム。", "version": "Rev. 1", "date": "2024/09", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/50/r1/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000bb85.pdf" }, { "id": "800-52", "title_en": "Guidelines for the Selection, Configuration, and Use of TLS Implementations", "description_ja": "TLS実装の選択・構成・利用ガイドライン Rev.2。※2026/05/07 Crypto Publication Review Boardによるコメント募集開始(期限7/10)。", "version": "Rev. 2", "date": "2019/08", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/52/r2/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000bbd1.pdf" }, { "id": "800-53A", "title_en": "Assessing Security and Privacy Controls in Information Systems and Organizations", "description_ja": "セキュリティ・プライバシーコントロールの評価ガイド Rev.5。SP 800-53r5の評価手順を提供。", "version": "Rev. 5", "date": "2022/01", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/53/a/r5/final", "url_ja": null }, { "id": "800-53B", "title_en": "Control Baselines for Information Systems and Organizations", "description_ja": "コントロールベースライン Rev.5。低・中・高影響度およびプライバシー向けベースライン。", "version": "Rev. 5", "date": "2020/10", "status": "Final", "topics": [ "リスク管理", "プライバシー" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/53/b/upd1/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000bbez.pdf" }, { "id": "800-55", "title_en": "Measurement Guide for Information Security", "description_ja": "情報セキュリティ測定ガイド Vol.1〜2。メトリクス開発・運用。", "version": "Vol. 1", "date": "2024/12", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/55/v1/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000bbgd.pdf" }, { "id": "800-57pt2", "title_en": "Recommendation for Key Management: Part 2 – Best Practices for Key Management Organizations", "description_ja": "鍵管理推奨事項 Part 2 Rev.1。鍵管理組織のベストプラクティス。", "version": "Rev. 1", "date": "2019/05", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/57/pt2/r1/final", "url_ja": null }, { "id": "800-57pt3", "title_en": "Recommendation for Key Management: Part 3 – Application-Specific Key Management Guidance", "description_ja": "鍵管理推奨事項 Part 3 Rev.1。アプリ固有の鍵管理ガイダンス。", "version": "Rev. 1", "date": "2015/01", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/57/pt3/r1/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000bbke.pdf" }, { "id": "800-60", "title_en": "Guide for Mapping Types of Information and Information Systems to Security Categories", "description_ja": "情報・情報システムのセキュリティ分類マッピングガイド Rev.1 Vol.1。", "version": "Rev. 1", "date": "2008/08", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/60/v1/r1/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000bblr.pdf" }, { "id": "800-63A", "title_en": "Digital Identity Guidelines: Identity Proofing and Enrollment", "description_ja": "デジタルアイデンティティガイドライン Rev.4。身元確認・登録。", "version": "Rev. 4", "date": "2025/07", "status": "Final", "topics": [ "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/63/a/4/final", "url_ja": null }, { "id": "800-63C", "title_en": "Digital Identity Guidelines: Federation and Assertions", "description_ja": "デジタルアイデンティティガイドライン Rev.4。フェデレーション・アサーション。", "version": "Rev. 4", "date": "2025/07", "status": "Final", "topics": [ "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/63/c/4/final", "url_ja": null }, { "id": "800-66", "title_en": "Implementing the HIPAA Security Rule", "description_ja": "HIPAAセキュリティ規則実装ガイド Rev.2。医療業界向け。", "version": "Rev. 2", "date": "2024/02", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/66/r2/final", "url_ja": null }, { "id": "800-70", "title_en": "National Checklist Program for IT Products – Guidelines for Checklist Users and Developers", "description_ja": "ITプロダクト国家チェックリストプログラム Rev.5 Final(2026/05/08)。前版Rev.4を置き換え。", "version": "Rev. 5", "date": "2026/05", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/70/r5/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000bd9c.pdf" }, { "id": "800-77", "title_en": "Guide to IPsec VPNs", "description_ja": "IPsec VPNガイド Rev.1。", "version": "Rev. 1", "date": "2020/06", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/77/r1/final", "url_ja": null }, { "id": "800-79", "title_en": "Guidelines for the Authorization of Personal Identity Verification Card Issuers", "description_ja": "PIVカード発行者の認可ガイドライン Rev.2。", "version": "Rev. 2", "date": "2015/07", "status": "Final", "topics": [ "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/79/r2/final", "url_ja": null }, { "id": "800-83", "title_en": "Guide to Malware Incident Prevention and Handling for Desktops and Laptops", "description_ja": "デスクトップ・ノートPC向けマルウェアインシデント予防・対処ガイド Rev.1。", "version": "Rev. 1", "date": "2013/07", "status": "Final", "topics": [ "インシデント対応" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/83/r1/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000beyo.pdf" }, { "id": "800-84", "title_en": "Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities", "description_ja": "IT計画・能力のテスト・訓練・演習プログラムガイド。", "version": "初版", "date": "2006/09", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/84/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000bezp.pdf" }, { "id": "800-85A", "title_en": "PIV Card Application and Middleware Interface Test Guidelines", "description_ja": "PIVカードアプリ・ミドルウェアインターフェイステストガイド Rev.4。", "version": "Rev. 4", "date": "2016/04", "status": "Final", "topics": [ "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/85/a/r4/final", "url_ja": null }, { "id": "800-86", "title_en": "Guide to Integrating Forensic Techniques into Incident Response", "description_ja": "インシデント対応へのフォレンジック技術統合ガイド。", "version": "初版", "date": "2006/08", "status": "Final", "topics": [ "インシデント対応" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/86/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000bf0q.pdf" }, { "id": "800-87", "title_en": "Codes for Identification of Federal and Federally-Assisted Organizations", "description_ja": "連邦・連邦支援組織識別コード Rev.2。", "version": "Rev. 2", "date": "2018/04", "status": "Final", "topics": [ "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/87/r2/final", "url_ja": null }, { "id": "800-89", "title_en": "Recommendation for Obtaining Assurances for Digital Signature Applications", "description_ja": "デジタル署名アプリケーションの保証取得推奨事項。", "version": "初版", "date": "2006/11", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/89/final", "url_ja": null }, { "id": "800-90A", "title_en": "Recommendation for Random Number Generation Using Deterministic Random Bit Generators", "description_ja": "決定論的乱数ビット生成器(DRBG)による乱数生成推奨事項 Rev.1。", "version": "Rev. 1", "date": "2015/06", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/90/a/r1/final", "url_ja": null }, { "id": "800-90B", "title_en": "Recommendation for the Entropy Sources Used for Random Bit Generation", "description_ja": "乱数ビット生成のエントロピーソース推奨事項。", "version": "初版", "date": "2018/01", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/90/b/final", "url_ja": null }, { "id": "800-94", "title_en": "Guide to Intrusion Detection and Prevention Systems (IDPS)", "description_ja": "侵入検知・防止システム(IDPS)ガイド。", "version": "初版", "date": "2007/02", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/94/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000bfom.pdf" }, { "id": "800-95", "title_en": "Guide to Secure Web Services", "description_ja": "セキュアWebサービスガイド。", "version": "初版", "date": "2007/08", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/95/final", "url_ja": null }, { "id": "800-100", "title_en": "Information Security Handbook: A Guide for Managers", "description_ja": "情報セキュリティハンドブック:管理者向けガイド。", "version": "初版", "date": "2006/10", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/100/upd1/final", "url_ja": null }, { "id": "800-113", "title_en": "Guide to SSL VPNs", "description_ja": "SSL VPNガイド。", "version": "初版", "date": "2008/07", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/113/final", "url_ja": null }, { "id": "800-115", "title_en": "Technical Guide to Information Security Testing and Assessment", "description_ja": "情報セキュリティテスト・アセスメント技術ガイド。", "version": "初版", "date": "2008/09", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/115/final", "url_ja": null }, { "id": "800-116", "title_en": "Guidelines for the Use of PIV Credentials in Facility Access", "description_ja": "施設アクセスにおけるPIV資格情報の利用ガイドライン Rev.1。", "version": "Rev. 1", "date": "2018/06", "status": "Final", "topics": [ "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/116/r1/final", "url_ja": null }, { "id": "800-121", "title_en": "Guide to Bluetooth Security", "description_ja": "Bluetoothセキュリティガイド Rev.2。", "version": "Rev. 2", "date": "2017/05", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/121/r2/upd1/final", "url_ja": null }, { "id": "800-122", "title_en": "Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)", "description_ja": "個人識別情報(PII)の機密性保護ガイド。", "version": "初版", "date": "2010/04", "status": "Final", "topics": [ "プライバシー" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/122/final", "url_ja": null }, { "id": "800-124", "title_en": "Guidelines for Managing the Security of Mobile Devices in the Enterprise", "description_ja": "エンタープライズモバイルデバイスセキュリティ管理ガイドライン Rev.2。", "version": "Rev. 2", "date": "2023/05", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/124/r2/final", "url_ja": null }, { "id": "800-125", "title_en": "Guide to Security for Full Virtualization Technologies", "description_ja": "完全仮想化技術のセキュリティガイド。", "version": "初版", "date": "2011/01", "status": "Final", "topics": [ "クラウド" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/125/final", "url_ja": null }, { "id": "800-128", "title_en": "Guide for Security-Focused Configuration Management of Information Systems", "description_ja": "セキュリティ重視の構成管理ガイド。", "version": "初版", "date": "2011/08", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/128/upd1/final", "url_ja": null }, { "id": "800-131A", "title_en": "Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths", "description_ja": "暗号アルゴリズム・鍵長の移行推奨事項 Rev.2。", "version": "Rev. 2", "date": "2019/03", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/131/a/r2/final", "url_ja": null }, { "id": "800-137", "title_en": "Information Security Continuous Monitoring (ISCM)", "description_ja": "情報セキュリティ継続監視(ISCM)ガイド。", "version": "初版", "date": "2011/09", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/137/final", "url_ja": null }, { "id": "800-144", "title_en": "Guidelines on Security and Privacy in Public Cloud Computing", "description_ja": "パブリッククラウドコンピューティングのセキュリティ・プライバシーガイドライン。", "version": "初版", "date": "2011/12", "status": "Final", "topics": [ "クラウド", "プライバシー" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/144/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/000025366.pdf" }, { "id": "800-145", "title_en": "The NIST Definition of Cloud Computing", "description_ja": "NISTによるクラウドコンピューティングの定義。SaaS/PaaS/IaaS/4配置モデル。", "version": "初版", "date": "2011/09", "status": "Final", "topics": [ "クラウド" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/145/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/about.html" }, { "id": "800-146", "title_en": "Cloud Computing Synopsis and Recommendations", "description_ja": "クラウドコンピューティング概要と推奨事項。", "version": "初版", "date": "2012/05", "status": "Final", "topics": [ "クラウド" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/146/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/about.html" }, { "id": "800-147", "title_en": "BIOS Protection Guidelines", "description_ja": "BIOS保護ガイドライン。", "version": "初版", "date": "2011/04", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/147/final", "url_ja": null }, { "id": "800-150", "title_en": "Guide to Cyber Threat Information Sharing", "description_ja": "サイバー脅威情報共有ガイド。", "version": "初版", "date": "2016/10", "status": "Final", "topics": [ "インシデント対応" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/150/final", "url_ja": null }, { "id": "800-152", "title_en": "A Profile for U.S. Federal Cryptographic Key Management Systems (CKMS)", "description_ja": "米連邦暗号鍵管理システム(CKMS)プロファイル。", "version": "初版", "date": "2015/10", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/152/final", "url_ja": null }, { "id": "800-153", "title_en": "Guidelines for Securing Wireless Local Area Networks (WLANs)", "description_ja": "無線LAN(WLAN)セキュリティガイドライン。", "version": "初版", "date": "2012/02", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/153/final", "url_ja": null }, { "id": "800-154", "title_en": "Guide to Data-Centric System Threat Modeling", "description_ja": "データ中心型システム脅威モデリングガイド(Draft)。", "version": "Draft", "date": "2016/03", "status": "Draft", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/154/ipd", "url_ja": null }, { "id": "800-161", "title_en": "Cybersecurity Supply Chain Risk Management Practices", "description_ja": "サイバーセキュリティサプライチェーンリスク管理(C-SCRM)実践 Rev.1。", "version": "Rev. 1", "date": "2022/05", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/161/r1/upd1/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/about.html" }, { "id": "800-162", "title_en": "Guide to Attribute Based Access Control (ABAC) Definition and Considerations", "description_ja": "属性ベースアクセス制御(ABAC)ガイド。", "version": "初版", "date": "2014/01", "status": "Final", "topics": [ "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/162/upd1/final", "url_ja": null }, { "id": "800-163", "title_en": "Vetting the Security of Mobile Applications", "description_ja": "モバイルアプリのセキュリティ審査 Rev.1。", "version": "Rev. 1", "date": "2019/04", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/163/r1/final", "url_ja": null }, { "id": "800-167", "title_en": "Guide to Application Whitelisting", "description_ja": "アプリケーションホワイトリストガイド。", "version": "初版", "date": "2015/10", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/167/final", "url_ja": null }, { "id": "800-175A", "title_en": "Guideline for Using Cryptographic Standards in the Federal Government: Directives, Mandates and Policies", "description_ja": "連邦政府における暗号標準の利用ガイドライン Part A。", "version": "初版", "date": "2016/08", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/175/a/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/about.html" }, { "id": "800-175B", "title_en": "Guideline for Using Cryptographic Standards in the Federal Government: Cryptographic Mechanisms", "description_ja": "連邦政府における暗号標準の利用ガイドライン Part B Rev.1。", "version": "Rev. 1", "date": "2020/03", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/175/b/r1/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/about.html" }, { "id": "800-177", "title_en": "Trustworthy Email", "description_ja": "信頼できる電子メール Rev.1。SPF/DKIM/DMARCなど。", "version": "Rev. 1", "date": "2019/02", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/177/r1/final", "url_ja": null }, { "id": "800-178", "title_en": "A Comparison of Attribute Based Access Control (ABAC) Standards", "description_ja": "ABAC標準の比較。", "version": "初版", "date": "2016/10", "status": "Final", "topics": [ "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/178/final", "url_ja": null }, { "id": "800-179", "title_en": "Guide to Securing Apple macOS Systems for IT Professionals", "description_ja": "IT技術者向けmacOSシステムセキュリティガイド Rev.1(Draft)。", "version": "Rev. 1 Draft", "date": "2018/10", "status": "Draft", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/179/r1/ipd", "url_ja": null }, { "id": "800-181", "title_en": "Workforce Framework for Cybersecurity (NICE Framework)", "description_ja": "NICEサイバーセキュリティ人材フレームワーク Rev.1。", "version": "Rev. 1", "date": "2020/11", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/181/r1/final", "url_ja": null }, { "id": "800-184", "title_en": "Guide for Cybersecurity Event Recovery", "description_ja": "サイバーセキュリティイベント復旧ガイド。", "version": "初版", "date": "2016/12", "status": "Final", "topics": [ "インシデント対応" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/184/final", "url_ja": null }, { "id": "800-188", "title_en": "De-Identifying Government Datasets: Techniques and Governance", "description_ja": "政府データセット非識別化:技術とガバナンス。", "version": "初版", "date": "2023/09", "status": "Final", "topics": [ "プライバシー" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/188/final", "url_ja": null }, { "id": "800-189", "title_en": "Resilient Interdomain Traffic Exchange: BGP Security and DDoS Mitigation", "description_ja": "レジリエントなドメイン間トラフィック交換:BGPセキュリティ・DDoS緩和。", "version": "初版", "date": "2019/12", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/189/final", "url_ja": null }, { "id": "800-192", "title_en": "Verification and Test Methods for Access Control Policies/Models", "description_ja": "アクセス制御ポリシー・モデルの検証・テスト手法。", "version": "初版", "date": "2017/06", "status": "Final", "topics": [ "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/192/final", "url_ja": null }, { "id": "800-193", "title_en": "Platform Firmware Resiliency Guidelines", "description_ja": "プラットフォームファームウェアレジリエンシーガイドライン。", "version": "初版", "date": "2018/05", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/193/final", "url_ja": null }, { "id": "800-201", "title_en": "NIST Cloud Computing Forensic Reference Architecture", "description_ja": "NISTクラウドフォレンジック参照アーキテクチャ。", "version": "初版", "date": "2024/08", "status": "Final", "topics": [ "クラウド", "インシデント対応" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/201/final", "url_ja": null }, { "id": "800-202", "title_en": "Quick Start Guide for Populating Mobile Test Devices", "description_ja": "モバイルテストデバイスのデータ投入クイックスタートガイド。", "version": "初版", "date": "2018/05", "status": "Final", "topics": [ "インシデント対応" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/202/final", "url_ja": null }, { "id": "800-203", "title_en": "2017 NIST/ITL Cybersecurity Program Annual Report", "description_ja": "2017年 NIST/ITLサイバーセキュリティプログラム年次報告。", "version": "初版", "date": "2018/08", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/203/final", "url_ja": null }, { "id": "800-204", "title_en": "Security Strategies for Microservices-based Application Systems", "description_ja": "マイクロサービスアプリのセキュリティ戦略。", "version": "初版", "date": "2019/08", "status": "Final", "topics": [ "クラウド" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/204/final", "url_ja": null }, { "id": "800-204A", "title_en": "Building Secure Microservices-based Applications Using Service-Mesh Architecture", "description_ja": "サービスメッシュによるマイクロサービスのセキュア構築。", "version": "初版", "date": "2020/05", "status": "Final", "topics": [ "クラウド" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/204/a/final", "url_ja": null }, { "id": "800-204B", "title_en": "Attribute-based Access Control for Microservices-based Applications Using a Service Mesh", "description_ja": "サービスメッシュ環境のマイクロサービス向けABAC。", "version": "初版", "date": "2021/08", "status": "Final", "topics": [ "クラウド", "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/204/b/final", "url_ja": null }, { "id": "800-204C", "title_en": "Implementation of DevSecOps for a Microservices-based Application with Service Mesh", "description_ja": "サービスメッシュを用いたマイクロサービスアプリのDevSecOps実装。", "version": "初版", "date": "2022/03", "status": "Final", "topics": [ "クラウド" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/204/c/final", "url_ja": null }, { "id": "800-204D", "title_en": "Strategies for the Integration of Software Supply Chain Security in DevSecOps CI/CD Pipelines", "description_ja": "CI/CDパイプラインへのソフトウェアサプライチェーンセキュリティ統合戦略。", "version": "初版", "date": "2024/02", "status": "Final", "topics": [ "クラウド", "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/204/d/final", "url_ja": null }, { "id": "800-205", "title_en": "Attribute Considerations for Access Control Systems", "description_ja": "アクセス制御システムの属性考慮事項。", "version": "初版", "date": "2019/06", "status": "Final", "topics": [ "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/205/final", "url_ja": null }, { "id": "800-208", "title_en": "Recommendation for Stateful Hash-Based Signature Schemes", "description_ja": "ステートフルハッシュベース署名スキーム推奨事項(量子耐性)。", "version": "初版", "date": "2020/10", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/208/final", "url_ja": null }, { "id": "800-209", "title_en": "Security Guidelines for Storage Infrastructure", "description_ja": "ストレージインフラセキュリティガイドライン。", "version": "初版", "date": "2020/10", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/209/final", "url_ja": null }, { "id": "800-210", "title_en": "General Access Control Guidance for Cloud Systems", "description_ja": "クラウドシステム向け一般アクセス制御ガイダンス。", "version": "初版", "date": "2020/07", "status": "Final", "topics": [ "クラウド", "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/210/final", "url_ja": null }, { "id": "800-213", "title_en": "IoT Device Cybersecurity Guidance for the Federal Government", "description_ja": "連邦政府向けIoTデバイスサイバーセキュリティガイダンス。", "version": "初版", "date": "2021/11", "status": "Final", "topics": [ "AI・IoT" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/213/final", "url_ja": null }, { "id": "800-216", "title_en": "Recommendations for Federal Vulnerability Disclosure Guidelines", "description_ja": "連邦脆弱性開示ガイドライン推奨事項。", "version": "初版", "date": "2023/05", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/216/final", "url_ja": null }, { "id": "800-221", "title_en": "Enterprise Impact of Information and Communications Technology Risk", "description_ja": "ICTリスクのエンタープライズインパクト。", "version": "初版", "date": "2024/02", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/221/final", "url_ja": null }, { "id": "800-223", "title_en": "High-Performance Computing Security: Architecture, Threats, and Mitigations", "description_ja": "HPCセキュリティ:アーキテクチャ・脅威・緩和策。", "version": "初版", "date": "2024/02", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/223/final", "url_ja": null }, { "id": "800-225", "title_en": "Fiscal Year 2022 Cybersecurity and Privacy Annual Report", "description_ja": "FY2022 サイバーセキュリティ・プライバシー年次報告。", "version": "初版", "date": "2023/06", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/225/final", "url_ja": null }, { "id": "800-226", "title_en": "Guidelines for Evaluating Differential Privacy Guarantees", "description_ja": "差分プライバシー保証の評価ガイドライン。", "version": "初版", "date": "2025/03", "status": "Final", "topics": [ "プライバシー" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/226/final", "url_ja": null }, { "id": "1800-15", "title_en": "Securing Small-Business and Home IoT Devices", "description_ja": "小規模事業者・家庭用IoTデバイスのセキュリティ。MUDによるネットワーク制限。", "version": "初版", "date": "2021/05", "status": "Final", "topics": [ "AI・IoT" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/15/final", "url_ja": null }, { "id": "1800-16", "title_en": "Securing Web Transactions: TLS Server Certificate Management", "description_ja": "Webトランザクションセキュリティ:TLS証明書管理。", "version": "初版", "date": "2020/06", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/16/final", "url_ja": null }, { "id": "1800-21", "title_en": "Mobile Device Security: Corporate-Owned Personally-Enabled (COPE)", "description_ja": "モバイルデバイスセキュリティ:COPE環境。", "version": "初版", "date": "2020/09", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/21/final", "url_ja": null }, { "id": "1800-22", "title_en": "Mobile Device Security: Bring Your Own Device (BYOD)", "description_ja": "モバイルデバイスセキュリティ:BYOD環境。", "version": "初版", "date": "2023/09", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/22/final", "url_ja": null }, { "id": "1800-25", "title_en": "Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events", "description_ja": "データ完全性:ランサムウェア対策。識別・保護フェーズ。", "version": "初版", "date": "2020/12", "status": "Final", "topics": [ "インシデント対応" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/25/final", "url_ja": null }, { "id": "1800-26", "title_en": "Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events", "description_ja": "データ完全性:ランサムウェア検知・対応フェーズ。", "version": "初版", "date": "2020/12", "status": "Final", "topics": [ "インシデント対応" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/26/final", "url_ja": null }, { "id": "1800-27", "title_en": "Securing Property Management Systems", "description_ja": "ホスピタリティ業界の資産管理システムセキュリティ。", "version": "初版", "date": "2021/03", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/27/final", "url_ja": null }, { "id": "1800-28", "title_en": "Data Confidentiality: Identifying and Protecting Assets Against Data Breaches", "description_ja": "データ機密性:データ漏洩対策(識別・保護)。", "version": "初版", "date": "2023/02", "status": "Final", "topics": [ "プライバシー" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/28/final", "url_ja": null }, { "id": "1800-29", "title_en": "Data Confidentiality: Detect, Respond to, and Recover from Data Breaches", "description_ja": "データ機密性:データ漏洩の検知・対応・復旧。", "version": "初版", "date": "2023/02", "status": "Final", "topics": [ "インシデント対応" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/29/final", "url_ja": null }, { "id": "1800-31", "title_en": "Improving Enterprise Patching for General IT Systems", "description_ja": "エンタープライズIT向けパッチ管理の改善。", "version": "初版", "date": "2024/04", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/31/final", "url_ja": null }, { "id": "1800-32", "title_en": "Securing Distributed Energy Resources", "description_ja": "分散型エネルギー資源のセキュリティ。", "version": "初版", "date": "2022/02", "status": "Final", "topics": [ "OT・ICS" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/32/final", "url_ja": null }, { "id": "1800-34", "title_en": "Validating the Integrity of Computing Devices", "description_ja": "コンピューティングデバイスの完全性検証(サプライチェーン)。", "version": "初版", "date": "2022/12", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/34/final", "url_ja": null }, { "id": "1800-35", "title_en": "Implementing a Zero Trust Architecture", "description_ja": "ゼロトラストアーキテクチャ実装ガイド。SP 800-207を補完するNCCoE実装事例。", "version": "初版", "date": "2025/06", "status": "Final", "topics": [ "ゼロトラスト" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/35/final", "url_ja": null }, { "id": "1800-36", "title_en": "Trusted IoT Device Network-Layer Onboarding and Lifecycle Management", "description_ja": "信頼できるIoTデバイスのネットワーク層オンボーディング・ライフサイクル管理。", "version": "初版", "date": "2025/11", "status": "Final", "topics": [ "AI・IoT" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/36/final", "url_ja": null }, { "id": "1800-37", "title_en": "Addressing Visibility Challenges with TLS 1.3 within the Enterprise", "description_ja": "エンタープライズ内のTLS 1.3可視性対策。", "version": "初版", "date": "2025/09", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/37/final", "url_ja": null }, { "id": "1800-38", "title_en": "Migration to Post-Quantum Cryptography", "description_ja": "ポスト量子暗号への移行ガイド(草案)。", "version": "Draft", "date": "2024/12", "status": "Draft", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/38/iprd", "url_ja": null }, { "id": "FIPS 140-3", "title_en": "Security Requirements for Cryptographic Modules", "description_ja": "暗号モジュールセキュリティ要件。FIPS 140-2を置き換え。CAVP/CMVP認定の基盤。", "version": "初版", "date": "2019/03", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/fips/140-3/final", "url_ja": null }, { "id": "FIPS 180-4", "title_en": "Secure Hash Standard (SHS)", "description_ja": "セキュアハッシュ標準。SHA-1, SHA-2ファミリー(SHA-224/256/384/512)。", "version": "初版", "date": "2015/08", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/fips/180-4/upd1/final", "url_ja": null }, { "id": "FIPS 186-5", "title_en": "Digital Signature Standard (DSS)", "description_ja": "デジタル署名標準。RSA, ECDSA, EdDSAの署名スキームを規定。", "version": "初版", "date": "2023/02", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/fips/186-5/final", "url_ja": null }, { "id": "FIPS 197", "title_en": "Advanced Encryption Standard (AES)", "description_ja": "高度暗号化標準(AES)。128/192/256ビット鍵長の対称ブロック暗号。", "version": "Upd 1", "date": "2023/05", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/fips/197/final", "url_ja": null }, { "id": "FIPS 198-1", "title_en": "The Keyed-Hash Message Authentication Code (HMAC)", "description_ja": "キー付きハッシュメッセージ認証コード(HMAC)。", "version": "初版", "date": "2008/07", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/fips/198-1/final", "url_ja": null }, { "id": "FIPS 199", "title_en": "Standards for Security Categorization of Federal Information and Information Systems", "description_ja": "連邦情報・情報システムのセキュリティ分類標準。低・中・高影響度。", "version": "初版", "date": "2004/02", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/fips/199/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/000025321.pdf" }, { "id": "FIPS 200", "title_en": "Minimum Security Requirements for Federal Information and Information Systems", "description_ja": "連邦情報・情報システムの最小セキュリティ要件。", "version": "初版", "date": "2006/03", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/fips/200/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000b07o.pdf" }, { "id": "FIPS 201-3", "title_en": "Personal Identity Verification (PIV) of Federal Employees and Contractors", "description_ja": "連邦職員・契約業者の個人識別検証(PIV)。", "version": "初版", "date": "2022/01", "status": "Final", "topics": [ "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/fips/201-3/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000b0xr.pdf" }, { "id": "FIPS 202", "title_en": "SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions", "description_ja": "SHA-3標準。Keccakベースのハッシュ関数とSHAKE。", "version": "初版", "date": "2015/08", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/fips/202/final", "url_ja": null }, { "id": "FIPS 203", "title_en": "Module-Lattice-Based Key-Encapsulation Mechanism Standard (ML-KEM)", "description_ja": "モジュール格子ベース鍵カプセル化メカニズム標準(ML-KEM, 旧Kyber)。量子耐性。", "version": "初版", "date": "2024/08", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/fips/203/final", "url_ja": null }, { "id": "FIPS 204", "title_en": "Module-Lattice-Based Digital Signature Standard (ML-DSA)", "description_ja": "モジュール格子ベースデジタル署名標準(ML-DSA, 旧Dilithium)。量子耐性。", "version": "初版", "date": "2024/08", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/fips/204/final", "url_ja": null }, { "id": "FIPS 205", "title_en": "Stateless Hash-Based Digital Signature Standard (SLH-DSA)", "description_ja": "ステートレスハッシュベースデジタル署名標準(SLH-DSA, 旧SPHINCS+)。量子耐性。", "version": "初版", "date": "2024/08", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/fips/205/final", "url_ja": null }, { "id": "FIPS 206", "title_en": "Module-Lattice-Based Digital Signature Algorithm (FN-DSA)", "description_ja": "モジュール格子ベースデジタル署名アルゴリズム(FN-DSA, 旧Falcon, 草案)。量子耐性。", "version": "Draft", "date": "2024/12", "status": "Draft", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/fips/206/iprd", "url_ja": null }, { "id": "800-38", "title_en": "Block Cipher Modes of Operation: Methods and Techniques (suite)", "description_ja": "ブロック暗号動作モードシリーズ (A-G)。CBC, CTR, GCM, CMAC, XTS-AES, CCMなど。", "version": "A-G", "date": "2001-2017", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/38/a/final", "url_ja": null }, { "id": "800-56A", "title_en": "Recommendation for Pair-Wise Key-Establishment Schemes Using Discrete Logarithm Cryptography", "description_ja": "離散対数暗号によるペアワイズ鍵確立スキーム推奨事項 Rev.3。", "version": "Rev. 3", "date": "2018/04", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/56/a/r3/final", "url_ja": null }, { "id": "800-56B", "title_en": "Recommendation for Pair-Wise Key-Establishment Schemes Using Integer Factorization Cryptography", "description_ja": "整数因数分解暗号によるペアワイズ鍵確立スキーム Rev.2。", "version": "Rev. 2", "date": "2019/03", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/56/b/r2/final", "url_ja": null }, { "id": "800-56C", "title_en": "Recommendation for Key-Derivation Methods in Key-Establishment Schemes", "description_ja": "鍵確立スキームにおける鍵導出方法推奨事項 Rev.2。", "version": "Rev. 2", "date": "2020/08", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/56/c/r2/final", "url_ja": null }, { "id": "800-67", "title_en": "Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher", "description_ja": "Triple DES(TDEA)ブロック暗号推奨事項 Rev.2。", "version": "Rev. 2", "date": "2017/11", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/67/r2/final", "url_ja": null }, { "id": "800-73", "title_en": "Interfaces for Personal Identity Verification (3 Parts)", "description_ja": "PIV(個人識別検証)インターフェース Rev.5。Part 1(データモデル)/Part 2(カードコマンド)/Part 3(API)の3部構成。FIPS 201-3準拠。", "version": "Rev. 5", "date": "2024/07", "status": "Final", "topics": [ "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/73/pt1/5/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000be8c.pdf" }, { "id": "800-76", "title_en": "Biometric Specifications for Personal Identity Verification", "description_ja": "PIVのバイオメトリクス仕様 Rev.2。", "version": "Rev. 2", "date": "2013/07", "status": "Final", "topics": [ "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/76/2/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000bevk.pdf" }, { "id": "800-78", "title_en": "Cryptographic Algorithms and Key Sizes for Personal Identity Verification", "description_ja": "PIVの暗号アルゴリズム・鍵サイズ Rev.5。", "version": "Rev. 5", "date": "2024/03", "status": "Final", "topics": [ "暗号", "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/78/5/final", "url_ja": null }, { "id": "800-97", "title_en": "Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i", "description_ja": "ロバストセキュリティネットワーク(IEEE 802.11i)構築ガイド。", "version": "初版", "date": "2007/02", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/97/final", "url_ja": null }, { "id": "800-98", "title_en": "Guidelines for Securing Radio Frequency Identification (RFID) Systems", "description_ja": "RFIDシステムセキュリティガイドライン。", "version": "初版", "date": "2007/04", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/98/final", "url_ja": null }, { "id": "800-101", "title_en": "Guidelines on Mobile Device Forensics", "description_ja": "モバイルデバイスフォレンジックガイドライン Rev.1。", "version": "Rev. 1", "date": "2014/05", "status": "Final", "topics": [ "インシデント対応" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/101/r1/final", "url_ja": null }, { "id": "800-102", "title_en": "Recommendation for Digital Signature Timeliness", "description_ja": "デジタル署名の適時性推奨事項。", "version": "初版", "date": "2009/09", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/102/final", "url_ja": null }, { "id": "800-106", "title_en": "Randomized Hashing for Digital Signatures", "description_ja": "デジタル署名のランダム化ハッシュ。", "version": "初版", "date": "2009/02", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/106/final", "url_ja": null }, { "id": "800-107", "title_en": "Recommendation for Applications Using Approved Hash Algorithms", "description_ja": "承認済みハッシュアルゴリズムを使用するアプリ向け推奨事項 Rev.1。", "version": "Rev. 1", "date": "2012/08", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/107/r1/final", "url_ja": null }, { "id": "800-108", "title_en": "Recommendation for Key Derivation Using Pseudorandom Functions", "description_ja": "擬似乱数関数を用いた鍵導出推奨事項 Rev.1 Upd1。", "version": "Rev. 1", "date": "2022/08", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/108/r1/upd1/final", "url_ja": null }, { "id": "800-114", "title_en": "User's Guide to Telework and Bring Your Own Device (BYOD) Security", "description_ja": "テレワーク・BYODセキュリティユーザーガイド Rev.1。", "version": "Rev. 1", "date": "2016/07", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/114/r1/final", "url_ja": null }, { "id": "800-117", "title_en": "Guide to Adopting and Using the Security Content Automation Protocol (SCAP) Version 1.0", "description_ja": "SCAP 1.0採用・利用ガイド。", "version": "初版", "date": "2010/07", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/117/final", "url_ja": null }, { "id": "800-119", "title_en": "Guidelines for the Secure Deployment of IPv6", "description_ja": "IPv6セキュア展開ガイドライン。", "version": "初版", "date": "2010/12", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/119/final", "url_ja": null }, { "id": "800-123", "title_en": "Guide to General Server Security", "description_ja": "一般サーバーセキュリティガイド。", "version": "初版", "date": "2008/07", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/123/final", "url_ja": null }, { "id": "800-127", "title_en": "Guide to Securing WiMAX Wireless Communications", "description_ja": "WiMAX無線通信セキュリティガイド。", "version": "初版", "date": "2010/09", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/127/final", "url_ja": null }, { "id": "800-130", "title_en": "A Framework for Designing Cryptographic Key Management Systems", "description_ja": "暗号鍵管理システム(CKMS)設計フレームワーク。", "version": "初版", "date": "2013/08", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/130/final", "url_ja": "https://www.ipa.go.jp/security/reports/oversea/nist/ug65p90000019cp4-att/begoj9000000bfpi.pdf" }, { "id": "800-132", "title_en": "Recommendation for Password-Based Key Derivation: Part 1 — Storage Applications", "description_ja": "パスワードベース鍵導出推奨事項 Part 1。", "version": "初版", "date": "2010/12", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/132/final", "url_ja": null }, { "id": "800-133", "title_en": "Recommendation for Cryptographic Key Generation", "description_ja": "暗号鍵生成推奨事項 Rev.2。※Rev.3 Initial Public Draft(2026/04/17公開)レビュー期限 2026/06/01。", "version": "Rev. 2", "date": "2020/06", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/133/r2/final", "url_ja": null }, { "id": "800-135", "title_en": "Recommendation for Existing Application-Specific Key Derivation Functions", "description_ja": "既存アプリ固有の鍵導出関数推奨事項 Rev.1。", "version": "Rev. 1", "date": "2011/12", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/135/r1/final", "url_ja": null }, { "id": "800-140", "title_en": "FIPS 140-3 Derived Test Requirements (DTR) Series", "description_ja": "FIPS 140-3導出試験要件シリーズ(A-Fほか)。CMVP評価基準。", "version": "シリーズ", "date": "2020-2023", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/140/final", "url_ja": null }, { "id": "800-142", "title_en": "Practical Combinatorial Testing", "description_ja": "実践的組み合わせテスト。", "version": "初版", "date": "2010/10", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/142/final", "url_ja": null }, { "id": "800-155", "title_en": "BIOS Integrity Measurement Guidelines (Draft)", "description_ja": "BIOS完全性測定ガイドライン(草案)。", "version": "Draft", "date": "2011/12", "status": "Draft", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/155/ipd", "url_ja": null }, { "id": "800-156", "title_en": "Representation of PIV Chain-of-Trust for Import and Export", "description_ja": "PIV信頼チェーンの輸出入表現。", "version": "初版", "date": "2016/05", "status": "Final", "topics": [ "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/156/final", "url_ja": null }, { "id": "800-157", "title_en": "Guidelines for Derived Personal Identity Verification (PIV) Credentials", "description_ja": "派生PIV資格情報ガイドライン Rev.1。", "version": "Rev. 1", "date": "2024/12", "status": "Final", "topics": [ "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/157/r1/final", "url_ja": null }, { "id": "800-165", "title_en": "Computer Security Division 2012 Annual Report", "description_ja": "コンピュータセキュリティ部門2012年次報告。", "version": "初版", "date": "2013/09", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/165/final", "url_ja": null }, { "id": "800-166", "title_en": "Derived PIV Application and Data Model Test Guidelines", "description_ja": "派生PIVアプリ・データモデルテストガイドライン。", "version": "初版", "date": "2016/06", "status": "Final", "topics": [ "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/166/final", "url_ja": null }, { "id": "800-168", "title_en": "Approximate Matching: Definition and Terminology", "description_ja": "近似マッチング:定義と用語。", "version": "初版", "date": "2014/07", "status": "Final", "topics": [ "インシデント対応" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/168/final", "url_ja": null }, { "id": "800-173", "title_en": "(Withdrawn / merged into 800-171)", "description_ja": "SP 800-171に統合・廃止。", "version": "Withdrawn", "date": "-", "status": "Withdrawn", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/publications/sp800", "url_ja": null }, { "id": "800-176", "title_en": "(Reserved)", "description_ja": "予約番号。", "version": "-", "date": "-", "status": "Withdrawn", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/publications/sp800", "url_ja": null }, { "id": "800-180", "title_en": "NIST Definition of Microservices, Application Containers and System Virtual Machines (Draft)", "description_ja": "マイクロサービス・アプリコンテナ・システム仮想マシンの定義(草案)。", "version": "Draft", "date": "2017/02", "status": "Draft", "topics": [ "クラウド" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/180/ipd", "url_ja": null }, { "id": "800-183", "title_en": "Networks of 'Things'", "description_ja": "モノのネットワーク(IoTの基盤定義)。", "version": "初版", "date": "2016/07", "status": "Final", "topics": [ "AI・IoT" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/183/final", "url_ja": null }, { "id": "800-185", "title_en": "SHA-3 Derived Functions: cSHAKE, KMAC, TupleHash, and ParallelHash", "description_ja": "SHA-3派生関数:cSHAKE/KMAC/TupleHash/ParallelHash。", "version": "初版", "date": "2016/12", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/185/final", "url_ja": null }, { "id": "800-186", "title_en": "Recommendations for Discrete Logarithm-based Cryptography: Elliptic Curve Domain Parameters", "description_ja": "離散対数ベース暗号推奨事項:楕円曲線ドメインパラメータ。", "version": "初版", "date": "2023/02", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/186/final", "url_ja": null }, { "id": "800-187", "title_en": "Guide to LTE Security", "description_ja": "LTEセキュリティガイド。", "version": "初版", "date": "2017/12", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/187/final", "url_ja": null }, { "id": "800-191", "title_en": "The NIST Cybersecurity Framework Implementation Guidance for Federal Agencies (Draft)", "description_ja": "連邦機関向けCSF実装ガイダンス(草案)。", "version": "Draft", "date": "2018/05", "status": "Draft", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/191/ipd", "url_ja": null }, { "id": "800-195", "title_en": "2016 NIST/ITL Cybersecurity Program Annual Report", "description_ja": "2016年 NIST/ITLサイバーセキュリティプログラム年次報告。", "version": "初版", "date": "2017/09", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/195/final", "url_ja": null }, { "id": "800-211", "title_en": "2019 NIST/ITL Cybersecurity Program Annual Report", "description_ja": "2019年 NIST/ITLサイバーセキュリティプログラム年次報告。", "version": "初版", "date": "2020/08", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/211/final", "url_ja": null }, { "id": "800-214", "title_en": "2020 Cybersecurity and Privacy Annual Report", "description_ja": "2020年サイバーセキュリティ・プライバシー年次報告。", "version": "初版", "date": "2021/12", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/214/final", "url_ja": null }, { "id": "800-215", "title_en": "Guide to a Secure Enterprise Network Landscape", "description_ja": "セキュアなエンタープライズネットワーク環境ガイド。", "version": "初版", "date": "2022/11", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/215/final", "url_ja": null }, { "id": "800-217", "title_en": "Guidelines for Personal Identity Verification (PIV) Federation", "description_ja": "PIVフェデレーションガイドライン。", "version": "初版", "date": "2025/03", "status": "Final", "topics": [ "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/217/final", "url_ja": null }, { "id": "800-220", "title_en": "2021 Cybersecurity and Privacy Annual Report", "description_ja": "2021年サイバーセキュリティ・プライバシー年次報告。", "version": "初版", "date": "2022/11", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/220/final", "url_ja": null }, { "id": "800-229", "title_en": "Fiscal Year 2023 Cybersecurity and Privacy Annual Report", "description_ja": "FY2023サイバーセキュリティ・プライバシー年次報告。", "version": "初版", "date": "2024/11", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/229/final", "url_ja": null }, { "id": "800-230", "title_en": "Additional SLH-DSA Parameter Sets for Limited Signature Use Cases", "description_ja": "制限的署名用途向け追加SLH-DSAパラメータセット(草案)。コメント期限 2026/06/12。", "version": "Draft", "date": "2026/04", "status": "Draft", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/230/ipd", "url_ja": null }, { "id": "1800-1", "title_en": "Securing Electronic Health Records on Mobile Devices", "description_ja": "モバイルデバイス上の電子カルテ保護。", "version": "初版", "date": "2018/07", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/1/final", "url_ja": null }, { "id": "1800-2", "title_en": "Identity and Access Management for Electric Utilities", "description_ja": "電力会社のID・アクセス管理。", "version": "初版", "date": "2018/07", "status": "Final", "topics": [ "ID・認証", "OT・ICS" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/2/final", "url_ja": null }, { "id": "1800-3", "title_en": "Attribute Based Access Control", "description_ja": "属性ベースアクセス制御(ABAC)実装。", "version": "初版", "date": "2017/09", "status": "Final", "topics": [ "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/3/final", "url_ja": null }, { "id": "1800-4", "title_en": "Mobile Device Security: Cloud and Hybrid Builds", "description_ja": "モバイルデバイスセキュリティ:クラウド・ハイブリッド構成。", "version": "初版", "date": "2019/02", "status": "Final", "topics": [ "クラウド" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/4/final", "url_ja": null }, { "id": "1800-5", "title_en": "IT Asset Management for Financial Services", "description_ja": "金融サービス業界のIT資産管理。", "version": "初版", "date": "2018/09", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/5/final", "url_ja": null }, { "id": "1800-6", "title_en": "Domain Name System-Based Electronic Mail Security", "description_ja": "DNSベースの電子メールセキュリティ(DANE)。", "version": "初版", "date": "2017/12", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/6/final", "url_ja": null }, { "id": "1800-7", "title_en": "Situational Awareness for Electric Utilities", "description_ja": "電力会社向けシチュエーショナルアウェアネス。", "version": "初版", "date": "2019/08", "status": "Final", "topics": [ "OT・ICS" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/7/final", "url_ja": null }, { "id": "1800-8", "title_en": "Securing Wireless Infusion Pumps in Healthcare Delivery", "description_ja": "医療現場の無線輸液ポンプセキュリティ。", "version": "初版", "date": "2018/08", "status": "Final", "topics": [ "AI・IoT" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/8/final", "url_ja": null }, { "id": "1800-10", "title_en": "Protecting Information and System Integrity in Industrial Control System Environments", "description_ja": "ICS環境における情報・システム完全性保護。", "version": "初版", "date": "2022/03", "status": "Final", "topics": [ "OT・ICS" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/10/final", "url_ja": null }, { "id": "1800-11", "title_en": "Data Integrity: Recovering from Ransomware and Other Destructive Events", "description_ja": "データ完全性:ランサムウェア等からの復旧。", "version": "初版", "date": "2020/09", "status": "Final", "topics": [ "インシデント対応" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/11/final", "url_ja": null }, { "id": "1800-12", "title_en": "Derived Personal Identity Verification (PIV) Credentials", "description_ja": "派生PIV資格情報の実装。", "version": "初版", "date": "2019/08", "status": "Final", "topics": [ "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/12/final", "url_ja": null }, { "id": "1800-13", "title_en": "Mobile Application Single Sign-On", "description_ja": "モバイルアプリのシングルサインオン。", "version": "初版", "date": "2020/06", "status": "Final", "topics": [ "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/13/final", "url_ja": null }, { "id": "1800-14", "title_en": "Protecting the Integrity of Internet Routing: BGP Route Origin Validation", "description_ja": "インターネットルーティング完全性保護:BGPルートオリジン検証(RPKI)。", "version": "初版", "date": "2019/06", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/14/final", "url_ja": null }, { "id": "1800-17", "title_en": "Multifactor Authentication for E-Commerce", "description_ja": "Eコマース向け多要素認証。", "version": "初版", "date": "2019/07", "status": "Final", "topics": [ "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/17/final", "url_ja": null }, { "id": "1800-18", "title_en": "Privileged Account Management for the Financial Services Sector", "description_ja": "金融サービス業界の特権アカウント管理。", "version": "初版", "date": "2018/09", "status": "Final", "topics": [ "ID・認証" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/18/final", "url_ja": null }, { "id": "1800-19", "title_en": "Trusted Cloud: Security Practice Guide for VMware Hybrid Cloud", "description_ja": "信頼できるクラウド:VMwareハイブリッドクラウド向け実装ガイド。", "version": "初版", "date": "2022/04", "status": "Final", "topics": [ "クラウド" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/19/final", "url_ja": null }, { "id": "1800-23", "title_en": "Energy Sector Asset Management", "description_ja": "エネルギー業界の資産管理。", "version": "初版", "date": "2019/05", "status": "Final", "topics": [ "OT・ICS" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/23/final", "url_ja": null }, { "id": "1800-24", "title_en": "Securing Picture Archiving and Communication System (PACS)", "description_ja": "医療画像システム(PACS)のセキュリティ。", "version": "初版", "date": "2020/12", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/24/final", "url_ja": null }, { "id": "1800-30", "title_en": "Securing Telehealth Remote Patient Monitoring Ecosystem", "description_ja": "テレヘルス遠隔患者モニタリング生態系のセキュリティ。", "version": "初版", "date": "2022/02", "status": "Final", "topics": [ "AI・IoT" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/30/final", "url_ja": null }, { "id": "1800-33", "title_en": "5G Cybersecurity", "description_ja": "5Gサイバーセキュリティ。", "version": "初版", "date": "2024/05", "status": "Final", "topics": [ "リスク管理" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/33/final", "url_ja": null }, { "id": "1800-39", "title_en": "Implementing Data Classification Practices", "description_ja": "データ分類実践の実装(草案)。", "version": "Draft", "date": "2026/02", "status": "Draft", "topics": [ "プライバシー" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/39/ipd", "url_ja": null }, { "id": "1800-40", "title_en": "Securing Industrial Control Systems for the Manufacturing Sector", "description_ja": "製造業のICSセキュリティ。", "version": "初版", "date": "2024/12", "status": "Final", "topics": [ "OT・ICS" ], "url_en": "https://csrc.nist.gov/pubs/sp/1800/40/final", "url_ja": null }, { "id": "FIPS 140-2", "title_en": "Security Requirements for Cryptographic Modules (Withdrawn)", "description_ja": "暗号モジュールセキュリティ要件 旧版。FIPS 140-3に置き換え(2026/09廃止予定)。", "version": "初版", "date": "2001/05", "status": "Withdrawn", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/fips/140-2/upd2/final", "url_ja": null }, { "id": "800-234", "title_en": "High-Performance Computing (HPC) Security Overlay", "description_ja": "HPC(高性能計算)システム向けセキュリティオーバーレイ。SP 800-53Bモデレートベースラインに基づき、AI/ML訓練・大規模シミュレーション環境向けに60項目のコントロールを調整。", "version": "初版", "date": "2026/05", "status": "Final", "topics": [ "リスク管理", "AI・IoT" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/234/final", "url_ja": null }, { "id": "800-218A", "title_en": "Secure Software Development Practices for Generative AI and Dual-Use Foundation Models", "description_ja": "生成AI・デュアルユース基盤モデル向けセキュアソフトウェア開発実践 SSDF Community Profile。EO 14110対応。SP 800-218の補完文書。", "version": "初版", "date": "2024/07", "status": "Final", "topics": [ "リスク管理", "AI・IoT" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/218/a/final", "url_ja": null }, { "id": "800-218r1", "title_en": "Secure Software Development Framework (SSDF) Version 1.2", "description_ja": "SSDF v1.2草案(Rev.1 IPD、2025/12公開)。EO 14306に対応。SP 800-218 v1.1の改訂版。", "version": "Rev. 1 Draft", "date": "2025/12", "status": "Draft", "topics": [ "リスク管理", "AI・IoT" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/218/r1/ipd", "url_ja": null }, { "id": "800-38F", "title_en": "Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping", "description_ja": "ブロック暗号モード:鍵ラッピング手法。AES Key Wrap(KW)・KWP・TKWを規定。※2026/05改訂のpre-draftコメント募集中(期限7/10)、TKW廃止予定。", "version": "初版", "date": "2012/12", "status": "Final", "topics": [ "暗号" ], "url_en": "https://csrc.nist.gov/pubs/sp/800/38/f/final", "url_ja": null } ] }