网络安全教育支持机构
| 全国网络联盟(NCL) | NCL是一个501(c)(3)非营利组织,成立于2011年5月,为参与者提供持续的虚拟培训场地, practice, 并使用下一代高保真仿真环境验证他们的网络安全知识和技能. |
|---|---|
| 国家网络监视中心 | The 国家网络监视中心 is a consortium of higher education institutions, 公立和私立学校, businesses, and government agencies focused on collaborative efforts to advance cybersecurity education and strengthen the national cybersecurity workforce. 买世界杯app推荐 is a member of 国家网络监视中心. |
| National Information Assurance Education and Training Program (NIETP) | NSA and the Department of Homeland Security (DHS) jointly sponsor the National Centers of Academic Excellence in Cyber Defense (CD) Education (CAE-CDE), Two-Year Education (CAE-2Y) and Research (CAE-R) programs. The goal of these programs is to reduce vulnerability in our national information infrastructure by promoting higher education and research in CD and producing a growing number of professionals with CD expertise in various disciplines. Students attending CAE-CDE and CAE-R schools are eligible to apply for scholarships and grants through the Department of Defense Information Assurance Scholarship Program and the Federal Cyber Service Scholarship for Service Program. |
| National Initiative for Cybersecurity Education (NICE) | The National Initiative for Cybersecurity Education (NICE), led by the National Institute of Standards and Technology (NIST), 是政府间的伙伴关系吗, academia, and the private sector focused on cybersecurity education, training, 劳动力发展. NICE的使命是激励和促进一个强大的网络安全教育生态系统, training, 劳动力发展. NICE fulfills this mission by coordinating with government, academic, and industry partners to build on existing successful programs, 促进变革和创新, 并发挥领导力和远见,增加熟练的网络安全专业人员的数量,帮助维护我们国家的安全. |
| 美国国家科学基金会 |
The 美国国家科学基金会 is an independent federal agency created by Congress in 1950 "to promote the progress of science; to advance the national health, prosperity, and welfare; to secure the national defense...“国家科学基金会至关重要,因为我们支持基础研究和人们创造改变未来的知识. 这种类型的支持:
|
联邦网络安全组织
| 国防技术信息中心 (DTIC) | 国防技术信息中心(DTIC®)已经服务于国防社区的信息需求超过70年. DTIC reports to the Assistant Secretary of Defense For Research and Engineering (ASD(R&E)). DTIC的使命是提供必要的技术研究、开发、测试和评估(RDT)&E) information rapidly, accurately and reliably to support DoD needs. |
|---|---|
| 资讯保障局 (IAD) | 美国国家安全局(NSA)的信息保障(IA)任务所起的作用不同于任何其他美国情报机构.S. Government entity. National Security Directive (NSD) 42 authorizes NSA to secure National Security Systems, 其中包括处理机密信息或对军事或情报活动至关重要的系统. IAD partners with government, industry, and academia to execute the Information Assurance mission. |
| 资讯保障支援环境 (IASE) |
信息保障支持环境(IASE)提供一站式的网络安全信息访问, policy, guidance and training for cybersecurity professionals throughout the DoD. 该网站的某些部分也可供联邦政府其他部门和公众使用. These resources are provided to enable the user to comply with rules, regulations, 最佳实践和联邦法律. DISA is mandated to support and sustain the IASE as directed by DoD 8500.1 and DODD 8140.01. |
| 国家信息保障伙伴关系 (NIAP) | NIAP负责美国.S. 共同准则的实施, 包括NIAP通用标准评估和验证方案(CCEVS)验证机构的管理. NIAP manages a national program for developing Protection Profiles, 评价方法, 以及确保可实现的政策, repeatable, 以及可测试的需求. 与NIST合作, NIAP also approves Common Criteria Testing Laboratories to conduct these security evaluations in private sector operations across the U.S. |
| United States Computer Emergency Readiness Team (US-CERT) |
US-CERT致力于一个更安全的, stronger Internet for all Americans by responding to major incidents, analyzing threats, and exchanging critical cybersecurity information with trusted partners around the world. |
社团及组织
| 计算机协会 (ACM) | ACM, the world's largest educational and scientific computing society, delivers resources that advance computing as a science and a profession. ACM provides the computing field's premier Digital Library and serves its members and the computing profession with leading-edge publications, conferences, 职业资源. |
|---|---|
| Institute of Electrical and Electronics Engineers (IEEE) |
IEEE是世界上最大的技术专业组织,致力于推动技术进步,造福人类. IEEE and its members inspire a global community through its highly cited publications, conferences, technology standards, 以及专业和教育活动. |
| International Information System Security Certification Consortium (ISC)² |
(ISC)²是一个国际性的非营利性会员协会,致力于建立一个安全可靠的网络世界. 最著名的是广受赞誉的认证信息系统安全专家(CISSP)认证, (ISC)² offers a portfolio of credentials that are part of a holistic, 程序化的安全方法. Universally recognized as the Gold Standard in information security certifications. |
| 资讯系统保安协会 (ISSA) | The 资讯系统保安协会 (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. 它提供教育论坛, publications, and peer interaction opportunities that enhance the knowledge, skill, 以及会员的专业成长. |
| Internet Society (ISOC) |
互联网协会(ISOC)是一个美国人, non-profit organization founded in 1992 to provide leadership in Internet-related standards, education, access, and policy. It states that its mission is "to promote the open development, evolution and use of the Internet for the benefit of all people throughout the world". |
| 美国国家科学院 | The 美国国家科学院 was established in 1863 by an Act of Congress, 林肯总统签名, as a private, nongovernmental institution to advise the nation on issues related to science and technology. Members are elected by their peers for outstanding contributions to research. |
| National Institute of Standards and Technology (NIST) | 美国国家标准与技术研究所(NIST)成立于1901年,现在是美国标准与技术研究所的一部分.S. 商务部. NIST is one of the nation's oldest physical science laboratories. Congress established the agency to remove a major challenge to U.S. 当时的产业竞争力. NIST是一个测量标准实验室, and a non-regulatory agency of the United States 商务部. Its mission is to promote innovation and industrial competitiveness. |
| 开放Web应用程序安全项目 (OWASP) | The 开放Web应用程序安全项目 (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations are able to make informed decisions. OWASP is in a unique position to provide impartial, practical information about AppSec to individuals, corporations, universities, government agencies and other organizations worldwide. Operating as a community of like-minded professionals, OWASP issues software tools and knowledge-based documentation on application security. |
| SANS Institute | The SANS Institute (officially the Escal Institute of Advanced Technologies) is a private U.S. 营利性公司成立于1989年,专门从事信息安全和网络安全培训. Topics available for training include cyber and network defenses, penetration testing, incident response, digital forensics, and audit. 信息安全课程是通过涉及管理员的共识过程开发的, security managers, 信息安全专业人员. The courses cover security fundamentals and technical aspects of information security. The Institute has been recognized for its training programs[3] and certification programs.[4] SANS stands for SysAdmin, Audit, Network and Security. |
| 数字证据科学工作组 (SWGDE) | The 数字证据科学工作组 (SWGDE) brings together organizations actively engaged in the field of digital and multimedia evidence to foster communication and cooperation as well as to ensure quality and consistency within the forensic community. |
标准组织
| 美国国家标准协会 (ANSI) |
研究所负责监督创作, promulgation and use of thousands of norms and guidelines that directly impact businesses in nearly every sector: from acoustical devices to construction equipment, from dairy and livestock production to energy distribution, and many more. ANSI还积极参与认证-评估组织确定符合标准的能力. |
|---|---|
| Institute of Electrical and Electronics Engineers (IEEE) |
IEEE是世界上最大的技术专业组织,致力于推动技术进步,造福人类. IEEE and its members inspire a global community through its highly cited publications, conferences, technology standards, 以及专业和教育活动. |
| 国际标准化组织 (ISO) |
ISO是一个独立的, non-governmental international organization with a membership of 163 national standards bodies. Through its members, it brings together experts to share knowledge and develop voluntary, consensus-based, 推广相关的国际标准,支持创新并为全球挑战提供解决方案. 国际标准让事情运转起来. They give world-class specifications for products, 服务和系统, to ensure quality, 安全与效率. They are instrumental in facilitating international trade. |
| 互联网架构委员会 (IAB) | The IAB is chartered both as a committee of 互联网工程任务组(IETF) and as an advisory body of the Internet Society (ISOC). Its responsibilities include architectural oversight of IETF activities, Internet Standards Process oversight and appeal, 以及RFC编辑的任命. The IAB is also responsible for the management of the IETF protocol parameter registries. |
| 互联网号码分配机构 (IANA) |
IANA allocates and maintains unique codes and numbering systems that are used in the technical standards (“protocols”) that drive the Internet.
|
| Internet Corporation for Assigned Names and Numbers (ICANN) | ICANN is a not-for-profit public-benefit corporation with participants from all over the world dedicated to keeping the Internet secure, 稳定且可互操作. It promotes competition and develops policy on the Internet's unique identifiers. Through its coordination role of the Internet's naming system, it does have an important impact on the expansion and evolution of the Internet. ICANN coordinates the allocation and assignment of names in the root zone of the Domain Name System ("DNS") and coordinates the development and implementation of policies concerning the registration of second-level domain names in generic top-level domains ("gTLDs"). |
| 互联网工程任务组 (IETF) | The IETF's mission is "to make the Internet work better," but it is the Internet Engineering Task Force, so this means: make the Internet work better from an engineering point of view. We try to avoid policy and business questions, as much as possible. If you're interested in these general aspects, consider joining the Internet Society. Most participants in the IETF are engineers with knowledge of networking protocols and software. Many of them know a lot about networking hardware too. |
| 互联网研究专责小组 (IRTF) | The 互联网研究专责小组 (IRTF) focuses on longer term research issues related to the Internet while the parallel organization, 互联网工程任务组(IETF), focuses on the shorter term issues of engineering and standards making. The IRTF is a composed of a number of focused and long-term Research Groups. 这些小组研究与互联网协议、应用程序、体系结构和技术相关的主题. Research Groups have the stable long term membership needed to promote the development of research collaboration and teamwork in exploring research issues. Participation is by individual contributors, rather than by representatives of organizations. |
| Internet Society (ISOC) | 互联网协会(ISOC)是一个美国人, non-profit organization founded in 1992 to provide leadership in Internet-related standards, education, access, and policy. It states that its mission is "to promote the open development, evolution and use of the Internet for the benefit of all people throughout the world". |
| 国际电信联盟 (ITU) | ITU allocates global radio spectrum and satellite orbits, develop the technical standards that ensure networks and technologies seamlessly interconnect, 并努力改善全球服务欠缺社区获得信息和通信技术的机会. |
| National Institute of Standards and Technology (NIST) | 美国国家标准与技术研究所(NIST)成立于1901年,现在是美国标准与技术研究所的一部分.S. 商务部. NIST is one of the nation's oldest physical science laboratories. Congress established the agency to remove a major challenge to U.S. 当时的产业竞争力. NIST是一个测量标准实验室, and a non-regulatory agency of the United States 商务部. Its mission is to promote innovation and industrial competitiveness. |
| NIST -信息技术 | Advancing the state-of-the-art in IT in such applications as cyber security and biometrics, NIST accelerates the development and deployment of systems that are reliable, usable, interoperable, and secure; advances measurement science through innovations in mathematics, statistics, and computer science; and conducts research to develop the measurements and standards infrastructure for emerging information technologies and applications. |
|
对象管理组 (OMG) |
OMG的网络安全标准有助于保护软件资产免受未经授权的访问和渗透, outages, data corruption, 以及其他操作问题. OMG®建模语言标准还确保预先将安全性设计为原则性设计过程的一部分. Cyber threats facing a nation's critical infrastructure, 任务关键系统, 或任何物联网(IoT)系统, demand a cyber infrastructure that matches their combined enormity and complexity. |
| PCI Security | The PCI Security Standards Council is a global open body formed to develop, enhance, disseminate and assist with the understanding of security standards for payment account security. PCI帮助商家和金融机构理解和实施安全策略标准, 保护其支付系统免遭持卡人数据泄露和盗窃的技术和持续流程. PCI helps vendors understand and implement standards for creating secure payment solutions. |
| 电讯工业协会 (TIA) | The 电讯工业协会 (TIA) is the leading trade association representing the global information and communications technology (ICT) industry through standards development, policy initiatives, 商业机会, 市场情报和网络活动. 在数百名成员的支持下, TIA enhances the business environment for companies involved in telecom, broadband, mobile wireless, 信息技术, networks, cable, satellite, 统一通信, emergency communications and the greening of technology. TIA被美国国家标准协会(ANSI)认可为“标准开发组织(SDO)”。. |
| Wi-Fi Alliance |
Wi-Fi Alliance is a non-profit organization that promotes Wi-Fi technology and certifies Wi-Fi products if they conform to certain standards of interoperability. Not every IEEE 802.11-compliant device is submitted for certification to the Wi-Fi Alliance, sometimes because of costs associated with the certification process. 没有Wi-Fi标识并不一定意味着该设备与Wi-Fi设备不兼容. Wi-Fi联盟拥有Wi-Fi商标. 制造商可以使用该商标来标记经过互操作性测试的认证产品. |
| 万维网联盟 (W3C) | The 万维网联盟 (W3C) is an international community where Member organizations, a full-time staff, and the public work together to develop Web standards. The W3C mission is to lead the World Wide Web to its full potential by developing protocols and guidelines that ensure the long-term growth of the Web. |
Useful Web Sites
| BABEL | A Glossary of Computer Oriented Abbreviations and Acronyms |
|---|---|
| CERT |卡耐基梅隆大学 | Working with software vendors, CERT helps resolve software vulnerabilities. CERT develops tools, products, and methods to help organizations conduct forensic examinations, 分析漏洞, 监控大规模网络. CERT helps organizations determine how effective their security-related practices are. And CERT shares their work at conferences; in blogs, webinars, and podcasts; and through our many articles, technical reports, and white papers. CERT collaborates with high-level government organizations, such as the U.S. Department of Defense and the Department of Homeland Security (DHS); law enforcement, including the FBI; the intelligence community; and many industry organizations. |
| 常见漏洞和暴露 (CVE) | CVE是一个常用名称的字典.e., CVE Identifiers) for publicly known cybersecurity vulnerabilities. CVE的通用标识符使得在不同的网络安全数据库和工具之间共享数据变得更加容易, and provide a baseline for evaluating the coverage of an organization’s security tools. If a report from one of your security tools incorporates CVE Identifiers, 然后,您可以快速准确地访问一个或多个独立的cve兼容数据库中的修复信息,以修复问题. |
| CyberWatch West (CWW) | The CyberWatch West Center is committed to improving the quantity and quality of existing cybersecurity resources and building upon these resources to develop effective training and teaching modules. By concentrating on student development; professional development; and curriculum development, revision, and dissemination, 网络观察西部整合了有效的外展工作,以提高认识并在学术界和工业界之间建立可行的伙伴关系. |
| 计算机科学期刊 |
计算机科学期刊目录 |
| 免费在线计算机词典 (FOLDOC) | FOLDOC是一个可搜索的缩略词字典, jargon, 编程语言, tools, architecture, operating systems, networking, theory, conventions, standards, mathematics, telecoms, electronics, institutions, companies, projects, products, history, 事实上,任何与计算机有关的东西. |
| 信息保障杂志 & Cybersecurity (JIACS) | JIACS is a peer reviewed international journal presenting scholarly works on information security to the benefit of the industrial and academic community, as well as to the cognizant government agencies. 《买世界杯app推荐》为希望展示其原创科学发现——理论的作者提供了一个论坛, methodologies, and applications — to the global information security community. |
| NICE网络安全劳动力框架(NCWF) | NCWF NIST特别出版物800-181, is a national resource that categorizes and describes cybersecurity work. NCWF为雇主提供服务, employees, educators, students, and training providers with a common language to define cybersecurity work as well as a common set of tasks and skills required to perform cybersecurity work. 通过识别网络安全工作人员和使用一套标准术语的过程,我们可以共同努力进行教育, recruit, train, develop, 并留住高素质的劳动力. |
| SWEET (安全Web开发教学) | SWEET (Secure WEb Development Teaching)是一套便携式的安全WEb开发教学模块. SWEET有八个教学模块, 六个项目模块和一个虚拟的网络开发平台,允许教师进行动手实验室练习. The purpose of this project is to enhance the learning experience of computing students through standardized teaching modules and environment in secure web development. 我们在本科和研究生课程中都采用了这个教学工具来介绍网络安全的概念. Each SWEET teaching module will be enough for a three-hour class containing lecture materials and hands-on laboratory exercises that are relevant to the contents in the lectures. |