Here at Gatelink we strive to comply to the relevant international standards and regulations and to provide high quality solutions and services. Please feel free to familiarize yourself with a non-exhaustive list of the standards that stay behind the solutions and services we provide to you as our client.

  • ISO 9797: Data cryptographic techniques – Data integrity mechanism using a cryptographic check function employing a block cipher algorithm;
  • ISO 9798-2: Information technology — Security techniques — Entity authentication mechanisms — Part 2: Entity authentication using symmetric techniques.
  • ISO 10116: Information Processing — Modes of Operation for an n-bit block cipher algorithm.
  • ISO 10118-2: Information technology — Security techniques — Hash-functions — Part 2: Hash-functions using an n-bit block cipher algorithm.
  • ISO 11770-2: Information technology — Security techniques — Key management — Part 2: Key management mechanisms using symmetric techniques.

Applicable USA standards:

  • Encryption: Data Encryption Standard (DES)-FIPS 46-3;
  • Encryption: DES Modes of Operation – FIPS 81;
  • Encryption: Advanced Encryption Standard (AES) – FIPS 197 (with keys sizes of 128 and 256 bits);
  • Hashing: Secure Hash Algorithm – FIPS 180-2 (using SHA-256 and SHA-384);
  • Guidelines on Electronic Mail Security – Special Publication 800-45 Version 2;

Relationship To Government Publishing

  • NSC-63 – PRESIDENTIAL DECISION DIRECTIVE/NSC-63 (PDD-63 1998 г., Hspd-8 2003 г.).
  • H.R.145 – 100th Congress (1987-1988).
  • NSDD 145 – National Security Decision Directive.
  • 10450 – Security requirements for government employees.
  • 10501 – Safeguarding official information in the interests of the defense of the United States.
  • 10865 – Safeguarding classified information within industry.
  • 12829 – National industrial security program.
  • 12968 – Access to classified information.

Rules related to personal data protection:

  • Privacy Act of 1974 – Privacy Act of 1974.
  • Privacy Act of 1980 – Privacy Protection Act of 1980.
  • Directive 95/46/EC – Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995.
  • DProtection – Data Protection of personal data in the European Union.
  • Directive 95/46/EC – Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995.
  • Safeguarding privacy in a connected world – A Europe Data Protection Framework for the 21 century.
  • General Data Protection Regulation – (EU) 2016/679 (“GDPR”).

Relationship To Other NIST Documents
( Standards for Security Categorization of Federal Information and Information, FIPS 199)

  • NIST SP 800-60, (Guide for Mapping Types of Information and Information Systems to Security Categories) provides guidance for establishing the security categorization for a system’s confidentiality. This categorization will impact the level of assurance an organization should require in making sanitization decisions.
  • FIPS 200, (Minimum Security Requirements for Federal Information and Information Systems) sets a base of security requirements that requires organizations to have a media sanitization program.
  • NIST SP 800-53, (Recommended Security Controls for Federal Information Systems) provides minimum recommended security controls, including sanitization, for Federal systems based on their overall system security categorization.
  • NIST SP 800-53A, (Guide for Assessing the Security Controls in Federal Information Systems) provides guidance for assessing security controls, including sanitization, for federal systems based on their overall system security categorization.