下载前必读！！！！！！ 1.此代码是matlab代码，用的实例是Lorenz系统 2.此代码是图片格式，需要读者自行敲打键盘 3.若你们不想手敲键盘，我可代敲，具体私聊 其他说明： SP800-22测试是NIST发布的一项特殊出版物，目的是评估随机数生成器的质量和随机性。这些测试方法可以用于各种各样的随机性检测场景，并且是各种安全标准和规范的基础。 SP800-22测试提供了一系列统计测试和随机性分析，用于检查生成的随机数序列是否具有良好的统计特性和随机性。其中包括频次测试、卡方测试、最长序列测试、游程测试、秩测试等。

NIST SP800-26 中文翻译版，IT系统安全自评估NIST SP800系列，行业参考资料，中文翻译版

This Recommendation specifies the Galois/Counter Mode (GCM), an algorithm for authenticated encryption with associated data, and its specialization, GMAC, for generating a message authentication code (MAC) on data that is not encrypted. GCM and GMAC are modes of operation for an underlying approved symmetric key block cipher. KEY WORDS: authenticated encryption; authentication; block cipher; confidentiality, cryptography; encryption; information security; mode of operation.

NIST SP800-53 中文翻译

NIST 系列 风险控制 pdf 800-37

随机数熵评估标准 NIST.SP800-90B 源代码。 近似熵 最小熵

供应链网络安全风险管理最佳实践

信息安全 NIST SP 800 信息技术安全基础技术模型

T • Enabling more consistent, comparable, and repeatable assessments of security controls in federal information systems; • Promoting a better understanding of agency-related mission risks resulting from the operation of information systems; and • Creating more complete, reliable, and trustworthy information for authorizing officials—to facilitate more informed security accreditation decisions. Security certification and accreditation are important activities that support a risk management process and are an integral part of an agency’s information security program. Security accreditation is the official management decision given by a senior agency official to authorize operation of an information system and to explicitly accept the risk to agency operations, agency assets, or individuals based on the implementation of an agreed-upon set of security controls. Required by OMB Circular A-130, Appendix III, security accreditation provides a form of quality control and challenges managers and technical staffs at all levels to implement the most effective security controls possible in an information system, given mission requirements, technical constraints, operational constraints, and cost/schedule constraints. By accrediting an information system, an agency official accepts responsibility for the security of the system and is fully accountable for any adverse impacts to the agency if a breach of security occurs. Thus, responsibility and accountability are core principles that characterize security accreditation. It is essential that agency officials have the most complete, accurate, and trustworthy information possible on the security status of their information systems in order to make timely, credible, risk-based decisions on whether to authorize operation of those systems. The information and supporting evidence needed for security accreditation is developed during a detailed security review of an information system, typically referred to as security certification. Security certification is a comprehensive assessment of the management, operational, and technical security controls in an information system, made in support of security accreditation, to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system. The results of a security certification are used to reassess the risks and update the system security plan, thus providing the factual basis for an authorizing official to render a security accreditation decision.

This Recommendation specifies a message authentication code (MAC) algorithm based on a symmetric key block cipher. This block cipher-based MAC algorithm, called CMAC, may be used to provide assurance of the authenticity and, hence, the integrity of binary data. KEY WORDS: authentication; block cipher; cryptography; information security; integrity; message authentication code; mode of operation.