Federal Information Processing Standards
The Federal Information Processing Standards (FIPS) of the United States are a set of publicly announced standards that the National Institute of Standards and Technology (NIST) has developed for use in computer systems of non-military United States government agencies and contractors.[1] FIPS standards establish requirements for ensuring computer security and interoperability, and are intended for cases in which suitable industry standards do not already exist.[1] Many FIPS specifications are modified versions of standards the technical communities use, such as the American National Standards Institute (ANSI), the Institute of Electrical and Electronics Engineers (IEEE), and the International Organization for Standardization (ISO).
Specific areas of FIPS standardization
The U.S. government has developed various FIPS specifications to standardize a number of topics including:
- Codes, e.g., FIPS county codes or codes to indicate weather conditions or emergency indications. In 1994, National Oceanic and Atmospheric Administration (NOAA) began broadcasting FIPS codes along with their standard weather broadcasts from local stations. These codes identify the type of emergency and the specific geographic area, such as a county, affected by the emergency.
- Encryption standards, such as AES (FIPS 197),[2] and its predecessor, the withdrawn 56-bit DES (FIPS 46-3).[3]
Data security standards
Some FIPS standards are related to the security of data processing systems.[4] Some of these include the use of key escrow systems.[5][6]
Withdrawal of geographic codes
Some examples of FIPS Codes for geographical areas include FIPS 10-4 for country codes or region codes and FIPS 5-2 for state codes. These codes were similar to or comparable with, but not the same as, ISO 3166, or the NUTS standard of the European Union. In 2002, the National Institute of Standards and Technology (NIST) withdrew several geographic FIPS code standards, including those for countries (FIPS 10-4), U.S. states (FIPS 5-2), and counties (FIPS 6-4).[7][8] These are to be replaced by ISO 3166 and INCITS standards 38 and 31, respectively.[9] Some of the codes maintain the previous numerical system, particularly for states.[10]
In 2008, NIST withdrew the FIPS 55-3 database.[7] This database included 5-digit numeric place codes for cities, towns, and villages, or other centers of population in the United States. The codes were assigned alphabetically to places within each state, and as a result changed frequently in order to maintain the alphabetical sorting. NIST replaced these codes with the more permanent GNIS Feature ID, maintained by the U.S. Board on Geographic Names. The GNIS database is the official geographic names repository database for the United States, and is designated the only source of geographic names and locative attributes for use by the agencies of the Federal Government.[11] FIPS 8-6 "Metropolitan Areas" and 9-1 "Congressional Districts of the U.S." were also withdrawn in 2008, to be replaced with INCITS standards 454 and 455, respectively.[9]
The U.S. Census Bureau used FIPS place codes database to identify legal and statistical entities for county subdivisions, places, and American Indian areas, Alaska Native areas, or Hawaiian home lands when they needed to present census data for these areas.[12]
In response to the NIST decision, the Census Bureau is in the process of transitioning over to the GNIS Feature ID, which will be completed after the 2010 Census. Until then, previously issued FIPS place codes, renamed "Census Code", will continue to be used, with the Census bureau assigning new codes as needed for their internal use during the transition.[10][13]
See also
- Federal Information Security Management Act of 2002 (FISMA)
- FIPS 137 (Federal Standard for Linear Predictive Coding)
- FIPS 140 (Security requirements for cryptography modules)
- FIPS 153 (3D graphics)
- FIPS 197 (Rijndael / AES cipher)
- FIPS 199 (Standards for Security Categorization of Federal Information and Information Systems)
- FIPS 201 (Personal Identity Verification for Federal Employees and Contractors)
- List of FIPS region codes
- List of FIPS state codes
References
- "FIPS General Information". 2013-09-09. Retrieved 2015-04-01.
- "FIPS 197" (PDF).
- "FIPS 46-3" (PDF).
- "Minimum Security Requirements for Federal Information and Information Systems" (PDF). 2007-03-01. Retrieved 2015-04-01.
- "87-20-20 Key Escrow Encryption Policies and Technologies" (PDF). 1998-06-01. Retrieved 2015-02-14.
- "FIPS-185 Escrowed Encryption Standard" (PDF). 1994-02-01. Retrieved 2015-04-01.
- National Institute of Standards and Technology (2016-12-15). "Withdrawn FIPS Listed by Number". National Institute of Standards and Technology. Archived (PDF) from the original on 2023-05-06. Retrieved 2023-05-06.
- Turner, James M. (2008-09-02). "Announcing Approval of the Withdrawal of Ten Federal Information Processing Standards (FIPS)". NIST. Federal Register. 73: 51276. Retrieved 2017-11-02.
- "FIPS Code Replacement Chart 2012" (PDF). National Institute of Standards and Technology. 2012-06-28. Archived (PDF) from the original on 2012-05-20. Retrieved 2013-03-06.
- "American National Standards Institute (ANSI) Codes". United States Census Bureau. February 24, 2010. Retrieved 2010-08-03.
- "FIPS 55 Change Notice" (PDF). United States Geological Survey. January 1, 2006. Archived (PDF) from the original on 2006-04-14. Retrieved 2010-08-03.
- "Federal Information Processing Standard (FIPS)". United States Census Bureau. Archived from the original on 2014-02-07. Retrieved 2010-08-03.
- "2009 TIGER/Line Shapefiles Technical Documentation" (PDF). United States Census Bureau. 2009. Archived (PDF) from the original on 2015-03-06. Retrieved 2010-08-03.