FIPS PUB 112 : 0
Withdrawn
A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.
1. Terms and Conventions
1.1 Access Password
1.2 Authentication Process
1.3 Authorization Process
1.4 Compromise (Verb)
1.5 Cryptographic Key
1.6 Data
1.7 Data Encrypting Key
1.8 Encryption
1.9 Key Encrypting Key
1.10 Passphrase
1.11 Password System
1.12 Personal Identifier
1.13 Personal Password
1.14 Replace
1.15 Security Manager
1.16 System Manager
1.17 Valid Password
1.18 Virtual Password
2. Factors
2.1 Composition
2.2 Length Range
2.3 Lifetime
2.4 Source
2.5 Ownership
2.6 Distribution
2.7 Storage
2.8 Entry
2.9 Transmission
2.10 Authentication Period
3. Acceptable Basic Criteria
3.1 Composition
3.2 Length Range
3.3 Lifetime
3.4 Source
3.5 Ownership
3.6 Distribution
3.7 Storage
3.8 Entry
3.9 Transmission
3.10 Authentication Period
APPENDICES
APPENDIX A. PASSWORD USAGE GUIDELINES
1. Introduction
2. Background
3. Factors
4. Examples of password Systems
APPENDIX B. EXAMPLES OF COMPLIANCE AND PROCUREMENT DOCUMENTS
1. Example of a Minimum Security Compliance Document
2. Example of a Procurement Specification for a Minimum Security
Password System
3. Example of a Medium Security Compliance Document
4. Example of a Procurement Specification of a medium Security
Password System
APPENDIX C. 95-Character Graphic Subset from FIPS PUB 1-2
APPENDIX D. PASSWORD ENCRYPTION AND PASSPHRASE TRANSFORMATION
APPENDIX E. PASSWORD MANAGEMENT GUIDELINE
1. Introduction
2. Scope
3. Control Objectives
4. Definitions
5. Guidelines
APPENDIX E.1 PASSWORD GENERATION ALGORITHM
1. Password Space
2. Random seeds
3. Pseudo-Random Number Generator
4. "User-Friendly" Passwords
APPENDIX E.2 PASSWORD ENCRYPTION ALGORITHM
1. Encryption Algorithm
2. Assurance for Unique Encrypted Passwords
APPENDIX E.3 DETERMINING PASSWORD LENGTH
1. Relationship
2. Guess Rate
3. Password Lifetime
4. Password Space
5. A Procedure For Determining Password Length
6. Worked Examples
7. Passphrases
APPENDIX E.4 PROTECTION BASIS FOR PASSWORDS
1. Systems Containing Only Unclassified Information
2. Systems Containing Classified Information
APPENDIX E.5 FEATURES FOR USE IN VERY SENSITIVE APPLICATIONS
1. One-Time Passwords
2. Failed Login Attempts Limits
APPENDIX E.6 ON THE PROBABILITY OF GUESSING A PASSWORD
APPENDIX E.7 REFERENCES
| Committee |
AREA IPSC
|
| DocumentType |
Standard
|
| PublisherName |
US Military Specs/Standards/Handbooks
|
| Status |
Withdrawn
|
| ASTM E 1762 : 1995 | Standard Guide for Electronic Authentication of Health Care Information |
| ASTM E 1762 : 1995 : R2009 | Standard Guide for Electronic Authentication of Health Care Information |
| ASTM E 1985 : 1998 : R2013 | Standard Guide for User Authentication and Authorization (Withdrawn 2017) |
| 13/30284056 DC : 0 | BS EN 62055-41 - ELECTRICITY METERING - PAYMENT SYSTEMS - PART 41: STANDARD TRANSFER SPECIFICATION (STS) - APPLICATION LAYER PROTOCOL FOR ONE-WAY TOKEN CARRIER SYSTEMS |
| IEC 62055-41:2014 RLV | Electricity metering – Payment systems – Part 41: Standard transfer specification (STS) – Application layer protocol for one-way token carrier systems |
| ASTM E 1762 : 1995 : R2013 | Standard Guide for Electronic Authentication of Health Care Information (Withdrawn 2017) |
| ASTM E 1762 : 1995 : R2003 | Standard Guide for Electronic Authentication of Health Care Information |
| BS IEC 62055-41:2014 | Electricity metering. Payment systems Standard transfer specification (STS). Application layer protocol for one-way token carrier systems |
| IEC 62055-41:2018 RLV | Electricity metering - Payment systems - Part 41: Standard transfer specification (STS) - Application layer protocol for one-way token carrier systems |
| ASTM E 1985 : 1998 | Standard Guide for User Authentication and Authorization |
| ASTM E 1985 : 1998 : R2005 | Standard Guide for User Authentication and Authorization |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.