Standards Organizations Essay

Submitted By dustindavis1979
Words: 1193
Pages: 5

Standards are essential for progress in the 21st century and everyone from individual users to manufacturers share a vested interest in consensus on common standards. The standards for communication technology are now a global concern as the world moves closer to a global network with e-commerce becoming the most evident example. A few of the many issues regarding how standards are developed, tested, sanctioned, and adopted involve age old disputes between market forces and government regulation, voluntary vs. mandated standards, and copyright/patent vs. open standards. This paper will focus specifically on three standards organizations, the International Organization for Standardization (ISO), American National
Standards Institute (ANSI), and Institute of Electrical and Electronics Engineers (IEEE) as well as the need for a government regulating body, the National Institute of Standards and
Technology (NIST). Congress passed the Computer Security Act of 1987 which required, among other things,
“developing standards and guidelines for Federal computer systems, including responsibility for developing cost-effective security and privacy of sensitive information in Federal computer systems…” (Computer Security Act 1987). NIST, a U.S. Department of Commerce division, was commissioned for this purpose and according to their website “promote[s] U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.” The government clearly has an obligation to protect their own computer systems, at a minimum, as well as ensuring the protection of communications infrastructure, etc. NIST has “issued 18 special publications offering management, operational and technical security guidance, and has updated several
Federal Information Processing Standard publications covering hash algorithms and digital signatures.” (GCN.com http://gcn.com/Articles/2009/03/09/NIST-security-metrics.aspx?Page=3)
. These standards and guidelines enable the federal agencies, and private organizations conducting business with them, to comply with the Computer Security Act as well as the more recent Federal Information Security Management Act (FISMA). Standards, as they relate to communications technology, can be thought of as the rules or protocols to develop layers of infrastructure, the communications infrastructure relied upon by nearly every person, government, organization, and corporation connecting to the Internet. Certainly, standards can be, and are, established and widely adopted without government involvement but the most successful tend to be a collaborative effort between government and private organizations.
TCP/IP is one relevant example of a highly successful collaborative effort:
Due to the decentralized structure of the Internet, the use of uniform and open standards is of particular importance. Only in the days of the Internet’s forerunner Arpanet could standards be hierarchically imposed. Switching from an earlier network control protocol to TCP/IP was mandated by the U.S. Department of Defense (DOD) through its Advanced Research Project Agency (ARPA) back in 1982. Beginning in 1985, after the period of absolute governance and ownership by the DOD, the network was opened up to develop into an academic and research network. In the decade from 1985 to 1995, when the U.S. National Science Foundation funded the central components of the Internet, two organizations evolved which have provided the vast majority of standards used in the Internet. (Holznagel and Werle. Pg. 23)
Further justification for NIST lies in the testing NIST provides for other Standards
Development Organizations (SDO’s). “Traditionally, in the IT industry, vendors have self-certified standards compliance. Thus standards developed by traditional SDO’s are not developed with testing