DOCSLIB.ORG

Nist Sp 800-59

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Guideline for Identifying an Information System as a National Security System NIST Special Publication 800-59 Guideline for Identifying an Information System as a National Security System William C. Barker I N F O R M A T I O N S E C U R I T Y Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 August 2003 U.S. Department of Commerce Donald L. Evans, Secretary Technology Administration Phillip J. Bond, Under Secretary of Commerce for Technology National Institute of Standards and Technology Arden L. Bement, Jr., Director Guideline for Identifying an Information System as a National Security System Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at the National Institute of Standards (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the Nation’s measurement and standards infrastructure for information technology. ITL develops tests, test methods, reference data, proof of concept implementations and technical analyses to advance the development and productive use of information technology. ITL’s responsibilities include the development of technical, physical, administrative, and management standards and guidelines for the cost-effective security and privacy of sensitive unclassified information in federal computer systems. This Special Publication 800 series reports on ITL’s research, guidance, and outreach efforts in computer security, and its collaborative activities with industry, government, and academic organizations. National Institute of Standards and Technology, Special Publication 800-59 Natl. Inst. Stand. Technol. Spec. Publ. 800-59, 21 pages (August 2003) SP 800-59 PAGE ii Guideline for Identifying an Information System as a National Security System GUIDELINE FOR IDENTIFICATION OF INFORMATION SYSTEMS AS NATIONAL SECURITY SYSTEMS Table of Contents Table of Contents.....................................................................................iii 1.0 Introduction ........................................................................................1 2.0 Basis for Identification of National Security Systems............................3 3.0 Method for Identifying National Security Systems...............................5 3.1 Determination of Responsibilities............................................................................. 5 3.2 National Security System Identification Checklist ................................................... 6 3.3 Dispute Resolution.................................................................................................... 6 Appendix A: National Security System Identification Checklist..................7 A.1 Minimum Question Set ........................................................................................... 7 A.1.1 Intelligence Activities ....................................................................................... 7 A.1.2 Cryptologic Activities ....................................................................................... 8 A.1.3 Command and Control of Military Forces........................................................ 8 A.1.4 Weapons and Weapons Systems ....................................................................... 8 A.1.5 Systems Critical to the Direct Fulfillment of Military or Intelligence Missions ..................................................................................................................................... 8 A.1.6 Classified Systems ............................................................................................ 9 A.2 Optional Checklist Material..................................................................................... 9 A.3 Checklist................................................................................................................ 10 Appendix B: References.......................................................................... 11 Appendix C: Glossary of Terms .............................................................. 13 SP 800-59 PAGE iii Guideline for Identifying an Information System as a National Security System This page intentionally left blank. SP 800-59 PAGE iv Guideline for Identifying an Information System as a National Security System 1.0 Introduction This document provides guidelines developed in conjunction with the Department of Defense, including the National Security Agency, for identifying an information system as a national security system. The basis for these guidelines is the Federal Information Security Management Act of 2002 (FISMA, Title III, Public Law 107-347, December 17, 2002), which provides government-wide requirements for information security, superseding the Government Information Security Reform Act and the Computer Security Act. FISMA both provides a framework for ensuring the effectiveness of information security controls over information resources that support Federal operations and assets and provides for the maintenance of minimum controls required to protect Federal information and information systems. Federal agencies are responsible for providing information security protection of information collected or maintained by or on behalf of the agency and information systems used or operated by or on behalf of the agency. The head of each Federal agency is also responsible for (1) assessing the risk and magnitude of the harm that could result from unauthorized access, use, disclosure, disruption, modification, or destruction of information or information systems that support operations or assets under their control; (2) determining the levels of information security appropriate to protect such information and information systems; (3) implementing policies and procedures to cost-effectively reduce risks to an acceptable level; and (4) periodically testing and evaluating information security controls and techniques to ensure that they are effectively implemented. Except for national security systems as defined by FISMA, the Secretary of Commerce is responsible for prescribing standards and guidelines pertaining to Federal information systems on the basis of standards and guidelines developed by NIST. The Committee on National Security Systems (CNSS) along with Federal agencies that operate systems falling within the definition of national security systems provide security standards and guidance for national security systems. In addition to defining the term national security system FISMA amended the NIST Act, at 15 U.SC. 278g-3(b)(3), to require NIST to provide guidelines for identifying an information system as a national security system. As stated in the House Committee report, “This guidance is not to govern such systems, but rather to ensure that agencies receive consistent guidance on the identification of systems that should be governed by national security system requirements.” Report of the Committee on Government Reform, U. S House of Representatives, Report 107-787, November 14, 2002, p. 85. The Department of Defense and the Director, Central Intelligence have authority to develop policies, guidelines, and standards for national security systems. The Director, Central Intelligence is responsible for policies relating to systems processing intelligence information. The Committee for National Security Systems, whose executive agent is the National Security Agency, was established to develop operating policies, procedures, guidelines, instructions and standards as necessary to implement provisions of the National Policy for the Security of National Security Telecommunications and SP 800-59 PAGE 1 Guideline for Identifying an Information System as a National Security System Information Systems (see NSTISSD Number 502). The Director of the Office of Management and Budget (OMB) retains responsibility for oversight of national security system information security policies and practices with respect to: • Overseeing agency compliance with the requirements of Subchapter III of Chapter 35 of Title 44, United States Code, including through any authorized action under Title 40, United States Code, section 11303, to enforce accountability for compliance with such requirements; and • Reporting to Congress no later than March 1 of each year on agency compliance with the requirements of Subchapter III of Chapter 35 of Title 44 United States Code, including – o A summary of the findings of evaluations required by 44 U.S.C. 3545; o An assessment of the development, promulgation, and adoption of, and compliance with, standards developed under 15 USC 278g-3 and promulgated under 40 U.S.C. 11331; o Significant deficiencies in agency information security practices; o Planned remedial action to address such deficiencies; and o A summary of, and OMB views on, the report prepared by NIST under 15 USC 278g-3. Accordingly, the purpose of these guidelines is not to establish requirements for national security systems, but rather to assist agencies in determining which, if any, of their systems are national security systems as defined by FISMA and are to be governed by applicable requirements for such systems, issued in accordance with law and as directed by the President. SP 800-59 PAGE 2 Guideline for Identifying an Information System as a National Security System 2.0 Basis for Identification of National Security Systems The basis for the identification of 'national security systems' is the definition provided in law (44 U.S.C. 3542(b)(2), which was established by FISMA, Title III, Public
Recommended publications
  • Use of Bioinformatics Resources and Tools by Users of Bioinformatics Centers in India Meera Yadav University of Delhi, Meeradlis@Gmail.Com

    Use of Bioinformatics Resources and Tools by Users of Bioinformatics Centers in India Meera Yadav University of Delhi, [email protected]

    University of Nebraska - Lincoln DigitalCommons@University of Nebraska - Lincoln Library Philosophy and Practice (e-journal) Libraries at University of Nebraska-Lincoln 2015 Use of Bioinformatics Resources and Tools by Users of Bioinformatics Centers in India meera yadav University of Delhi, [email protected] Manlunching Tawmbing Saha Institute of Nuclear Physisc, [email protected] Follow this and additional works at: http://digitalcommons.unl.edu/libphilprac Part of the Library and Information Science Commons yadav, meera and Tawmbing, Manlunching, "Use of Bioinformatics Resources and Tools by Users of Bioinformatics Centers in India" (2015). Library Philosophy and Practice (e-journal). 1254. http://digitalcommons.unl.edu/libphilprac/1254 Use of Bioinformatics Resources and Tools by Users of Bioinformatics Centers in India Dr Meera, Manlunching Department of Library and Information Science, University of Delhi, India [email protected], [email protected] Abstract Information plays a vital role in Bioinformatics to achieve the existing Bioinformatics information technologies. Librarians have to identify the information needs, uses and problems faced to meet the needs and requirements of the Bioinformatics users. The paper analyses the response of 315 Bioinformatics users of 15 Bioinformatics centers in India. The papers analyze the data with respect to use of different Bioinformatics databases and tools used by scholars and scientists, areas of major research in Bioinformatics, Major research project, thrust areas of research and use of different resources by the user. The study identifies the various Bioinformatics services and resources used by the Bioinformatics researchers. Keywords: Informaion services, Users, Inforamtion needs, Bioinformatics resources 1. Introduction ‘Needs’ refer to lack of self-sufficiency and also represent gaps in the present knowledge of the users.
  • Establishing the Basis for a CIS (Computer Information Systems) Undergraduate Program: on Seeking the Body of Knowledge

    Establishing the Basis for a CIS (Computer Information Systems) Undergraduate Program: on Seeking the Body of Knowledge

    Information Systems Education Journal (ISEDJ) 13 (5) ISSN: 1545-679X September 2015 Establishing the Basis for a CIS (Computer Information Systems) Undergraduate Program: On Seeking the Body of Knowledge Herbert E. Longenecker, Jr. [email protected] University of South Alabama Mobile, AL 36688, USA Jeffry Babb [email protected] West Texas A&M University Canyon, TX 79016, USA Leslie J. Waguespack [email protected] Bentley University Waltham, Massachusetts 02452, USA Thomas N. Janicki [email protected] University of North Carolina Wilmington Wilmington, NC 28403, USA David Feinstein [email protected] University of South Alabama Mobile, AL 36688, USA Abstract The evolution of computing education spans a spectrum from computer science (CS) grounded in the theory of computing, to information systems (IS), grounded in the organizational application of data processing. This paper reports on a project focusing on a particular slice of that spectrum commonly labeled as computer information systems (CIS) and reflected in undergraduate academic programs designed to prepare graduates for professions as software developers building systems in government, commercial and not-for-profit enterprises. These programs with varying titles number in the hundreds. This project is an effort to determine if a common knowledge footprint characterizes CIS. If so, an eventual goal would be to describe the proportions of those essential knowledge components and propose guidelines specifically for effective undergraduate CIS curricula. Professional computing societies (ACM, IEEE, AITP (formerly DPMA), etc.) over the past fifty years have sponsored curriculum guidelines for various slices of education that in aggregate offer a compendium of knowledge areas in ©2015 EDSIG (Education Special Interest Group of the AITP) Page 37 www.aitp-edsig.org /www.isedj.org Information Systems Education Journal (ISEDJ) 13 (5) ISSN: 1545-679X September 2015 computing.
  • USA V. Leandro Aragoncillo

    USA V. Leandro Aragoncillo

    2005R00881/INDICTMENT/KHB UNITED STATES DISTRICT COURT DISTRICT OF NEW JERSEY UNITED STATES OF AMERICA : Hon. William H. Walls v. : Criminal No. 06- LEANDRO ARAGONCILLO, : 18 U.S.C. §§ 794(a) and (c) a/k/a “Juan Miguel” 18 U.S.C. § 793(e) 18 U.S.C. § 1030(a)(1) 18 U.S.C. § 2 I N D I C T M E N T The Grand Jury in and for the District of New Jersey, sitting at Newark, charges: COUNT 1 (Conspiracy to Transmit National Defense Information) The Defendant 1. At all times material to the allegations contained in this Indictment: a. Defendant LEANDRO ARAGONCILLO was enlisted in the United States Marine Corps from on or about September 30, 1983 through in or about June 2004, retiring at the rank of Gunnery Sergeant. From on or about July 26, 1999 through on or about February 13, 2002, defendant ARAGONCILLO served as a Staff Assistant to the Vice President’s Military Advisers in the Office of the Vice President (“OVP”) of the United States. b. After retiring from the Marine Corps, defendant ARAGONCILLO was employed as an Intelligence Analyst of the Federal Bureau of Investigation (“FBI”) at the Fort Monmouth Information Technology Center (“FMITC”) located in Oceanport, New Jersey, from on or about July 11, 2004 through in or about September 2005. c. In his capacity as a Staff Assistant in the OVP, and as an Intelligence Analyst at the FMITC, defendant ARAGONCILLO received security clearances in order to have access to classified documents and information. Defendant ARAGONCILLO received a “Top Secret” security clearance on or about July 23, 1999, and maintained that clearance throughout his term of service with the OVP.
  • Information Systems Foundations Theory, Representation and Reality

    Information Systems Foundations Theory, Representation and Reality

    Information Systems Foundations Theory, Representation and Reality Information Systems Foundations Theory, Representation and Reality Dennis N. Hart and Shirley D. Gregor (Editors) Workshop Chair Shirley D. Gregor ANU Program Chairs Dennis N. Hart ANU Shirley D. Gregor ANU Program Committee Bob Colomb University of Queensland Walter Fernandez ANU Steven Fraser ANU Sigi Goode ANU Peter Green University of Queensland Robert Johnston University of Melbourne Sumit Lodhia ANU Mike Metcalfe University of South Australia Graham Pervan Curtin University of Technology Michael Rosemann Queensland University of Technology Graeme Shanks University of Melbourne Tim Turner Australian Defence Force Academy Leoni Warne Defence Science and Technology Organisation David Wilson University of Technology, Sydney Published by ANU E Press The Australian National University Canberra ACT 0200, Australia Email: [email protected] This title is also available online at: http://epress.anu.edu.au/info_systems02_citation.html National Library of Australia Cataloguing-in-Publication entry Information systems foundations : theory, representation and reality Bibliography. ISBN 9781921313134 (pbk.) ISBN 9781921313141 (online) 1. Management information systems–Congresses. 2. Information resources management–Congresses. 658.4038 All rights reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying or otherwise, without the prior permission of the publisher. Cover design by Brendon McKinley with logo by Michael Gregor Authors’ photographs on back cover: ANU Photography Printed by University Printing Services, ANU This edition © 2007 ANU E Press Table of Contents Preface vii The Papers ix Theory Designing for Mutability in Information Systems Artifacts, Shirley Gregor and Juhani Iivari 3 The Eect of the Application Domain in IS Problem Solving: A Theoretical Analysis, Iris Vessey 25 Towards a Unied Theory of Fit: Task, Technology and Individual, Michael J.
  • Information System Owner

    Information System Owner

    DOE CYBERSECURITY: CORE COMPETENCY TRAINING REQUIREMENTS Key Cybersecurity Role: Information System Owner Role Definition: The Information System Owner (also referred to as System Owner) is the individual responsible for the overall procurement, development, integration, modification, operation, maintenance, and retirement of an information system. The System Owner is a key contributor in developing system design specifications to ensure the security and user operational needs are documented, tested, and implemented. Competency Area: Data Security Functional Requirement: Design Competency Definition: Refers to the application of the principles, policies, and procedures necessary to ensure the confidentiality, integrity, availability, and privacy of data in all forms of media (i.e., electronic and hardcopy) throughout the data life cycle. Behavioral Outcome: The System Owner will understand the policies and procedures required to protect all categories of information as well as have a working knowledge of data access controls required to ensure the confidentiality, integrity, and availability of information. He/she will apply this knowledge during all phases of the System Development Life Cycle (SDLC). Training concepts to be addressed at a minimum: Identify and document the appropriate level of protection for data, including use of encryption. Specify data and information classification, sensitivity, and need-to-know requirements by information type on a system in terms of its confidentiality, integrity, and availability. Utilize DOE M 205.1-5 to determine the information impacts for unclassified information and DOE M 205.1-4 to determine the Consequence of Loss for classified information. Create authentication and authorization system for users to gain access to data based on assigned privileges and permissions.
  • Information System Development Using Augmented Reality Tools*

    Information System Development Using Augmented Reality Tools*

    Information system development using augmented reality tools* Grigorev Rostislav Aleksandrovich Valijanov Bahrom Adhamdzon-ugli Kazan Federal University Kazan Federal University Kazan, Russia Kazan, Russia [email protected] [email protected] Medvedeva Olga Anatolievna Mustafina Svetlana Anatol’evna Kazan Federal University Bashkir State University Kazan, Russia Ufa, Russia [email protected] [email protected] Abstract This work is devoted to the issues of visualization and information processing, in particular, to improving the visualization of 3D objects using augmented reality technology. The concept of augmented reality offers a more advanced user interface for visualization due to a combination of natural ways to control the change of angle of an object and visualization in a real context. In the process of performing the work, computer graphics, algorithms, and modeling methods were used. The experimental part of the work was carried out using a set of development tools for tracking Vuforia and Unity development tools. Introduction Augmented reality (AR) is an interactive experience of a real-world environment where the objects that reside in the real world are enhanced by computer-generated perceptual information, sometimes across multiple sensory modalities, including visual, auditory, haptic, somatosensory and olfactory. AR can be defined as a system that fulfills three basic features: a combination of real and virtual worlds, real-time interaction, and accurate 3D registration of virtual and real objects. The overlaid sensory information can be constructive (i.e. additive to the natural environment), or destructive (i.e. masking of the natural environment). This experience is seamlessly interwoven with the physical world such that it is perceived as an immersive aspect of the real environment.
  • Administration of Barack H. Obama, 2009

    Administration of Barack H. Obama, 2009

    Administration of Barack H. Obama, 2009 Executive Order 13526—Classified National Security Information December 29, 2009 This order prescribes a uniform system for classifying, safeguarding, and declassifying national security information, including information relating to defense against transnational terrorism. Our democratic principles require that the American people be informed of the activities of their Government. Also, our Nation's progress depends on the free flow of information both within the Government and to the American people. Nevertheless, throughout our history, the national defense has required that certain information be maintained in confidence in order to protect our citizens, our democratic institutions, our homeland security, and our interactions with foreign nations. Protecting information critical to our Nation's security and demonstrating our commitment to open Government through accurate and accountable application of classification standards and routine, secure, and effective declassification are equally important priorities. Now, Therefore, I, Barack Obama, by the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby ordered as follows: PART 1—ORIGINAL CLASSIFICATION Section 1.1. Classification Standards. (a) Information may be originally classified under the terms of this order only if all of the following conditions are met: (1) an original classification authority is classifying the information; (2) the information is owned by, produced by or for, or is under the control of the United States Government; (3) the information falls within one or more of the categories of information listed in section 1.4 of this order; and (4) the original classification authority determines that the unauthorized disclosure of the information reasonably could be expected to result in damage to the national security, which includes defense against transnational terrorism, and the original classification authority is able to identify or describe the damage.
  • Introduction to Bioinformatics (Elective) – SBB1609

    Introduction to Bioinformatics (Elective) – SBB1609

    SCHOOL OF BIO AND CHEMICAL ENGINEERING DEPARTMENT OF BIOTECHNOLOGY Unit 1 – Introduction to Bioinformatics (Elective) – SBB1609 1 I HISTORY OF BIOINFORMATICS Bioinformatics is an interdisciplinary field that develops methods and software tools for understanding biologicaldata. As an interdisciplinary field of science, bioinformatics combines computer science, statistics, mathematics, and engineering to analyze and interpret biological data. Bioinformatics has been used for in silico analyses of biological queries using mathematical and statistical techniques. Bioinformatics derives knowledge from computer analysis of biological data. These can consist of the information stored in the genetic code, but also experimental results from various sources, patient statistics, and scientific literature. Research in bioinformatics includes method development for storage, retrieval, and analysis of the data. Bioinformatics is a rapidly developing branch of biology and is highly interdisciplinary, using techniques and concepts from informatics, statistics, mathematics, chemistry, biochemistry, physics, and linguistics. It has many practical applications in different areas of biology and medicine. Bioinformatics: Research, development, or application of computational tools and approaches for expanding the use of biological, medical, behavioral or health data, including those to acquire, store, organize, archive, analyze, or visualize such data. Computational Biology: The development and application of data-analytical and theoretical methods, mathematical modeling and computational simulation techniques to the study of biological, behavioral, and social systems. "Classical" bioinformatics: "The mathematical, statistical and computing methods that aim to solve biological problems using DNA and amino acid sequences and related information.” The National Center for Biotechnology Information (NCBI 2001) defines bioinformatics as: "Bioinformatics is the field of science in which biology, computer science, and information technology merge into a single discipline.
  • Bioinformatics: Benefits to Mankind

    Bioinformatics: Benefits to Mankind

    International Journal of PharmTech Research CODEN (USA): IJPRIF, ISSN: 0974-4304 Vol.9, No.4, pp 242-248, 2016 Bioinformatics: Benefits to Mankind Himanshu Singh* Dept. of Biotechnology, Lovely Professional University, Phagwara, India Abstract: The storage and analysis of biological data using certain algorithms and computer softwares is called bioinformatics. The applications that bioinformatics offer to the civilized world are more than just being a researcher's tool for structural and functional analysis. Development and implementation of computational algorithms and software tools facilitate an understanding of the biological processes with the goal to serve primarily agriculture and pharmaceutical sectors. In this paper, we highlight the role of bioinformatics in health care, drug discovery, forensic analysis, crop improvement, food analysis and biodiversity management. Some ethical issues related to bioinformatics research are also covered. Keywords : Bioinformatics, Computational Biology, Drug Discovery, Chemiinformatics. Introduction Bioinformatics is defined as “a scientific discipline that encompasses all aspects of biological information acquisition, processing, storage, distribution, analysis, and interpretation that combines the tools and techniques of mathematics, computer science, and biology with the aim of understanding the biological significance of a variety of data” [1]. Bioinformatics-tools include any products that store, organize, evaluate, integrate, analyse, and/or distribute biological data [2]. Bioinformatics
  • Evaluating the Acquisition and Operation of Information Systems

    Evaluating the Acquisition and Operation of Information Systems

    United States General Accounting Office Information Management and GAO Technology Division July lYS6 Evaluating the Acquisition and Operation of Information Systems Technical Guideline 2 Preface The federal government is becoming increasin ly dependent on information technology to meet its mission an cf program goals, presentin new challenges for the audit community. Collective 7 y, the government is the single largest user of information technology in the world and spends billions of dollars annually on its information resources--hardware, software, data, and people. This growing reliance on information technology emphasizes the need to economically acquire, develop, operate, and maintain information resources to effectively and efficiently achieve a ency mission and objectives. The Information Management and f ethnology Division (IMTEC) is the General Accountmg Office’s (GAO) focal point for evaluating how well the government manages its substantial investment in information resources. This guide provides GAO and IMTEC staff, as well as other interested officials in the federal audit community, with a logical framework for evaluating government agencies’ ac uisition and operation of computer-based information systems. i!t is structured around a matrix that outlines two broad information system life cycle phases--acquisition/development and operation/ maintenance--as they relate to five basic ob ectives, As described in the guide, agencies should achieve the fo1 lowing objectives in acquiring and operating their information systems: l Ensure system effectiveness. l Promote system economy and efficiency. l Protect data integrity. l Safeguard information resources. l Comply with laws and regulations. The guide also provides general criteria for evaluating agencies’ performance in achieving these objectives by hi hlightin key practices that should occur during the system li I?e cycle.
  • Government Information Availability and Secrecy. Rhonda E

    Government Information Availability and Secrecy. Rhonda E

    Eastern Michigan University DigitalCommons@EMU University Library Faculty Scholarship University Library Summer 2007 I've Got a Secret: Government Information Availability and Secrecy. Rhonda E. Fowler Eastern Michigan University, [email protected] Follow this and additional works at: http://commons.emich.edu/lib_sch Part of the Library and Information Science Commons Recommended Citation Fowler, Rhonda E., "I've Got a Secret: Government Information Availability and Secrecy." (2007). University Library Faculty Scholarship. Paper 3. http://commons.emich.edu/lib_sch/3 This Article is brought to you for free and open access by the University Library at DigitalCommons@EMU. It has been accepted for inclusion in University Library Faculty Scholarship by an authorized administrator of DigitalCommons@EMU. For more information, please contact lib- [email protected]. I’ve Got a Secret Government Information Availability and Secrecy Rhonda E. Fowler “The United States has the most open government in the world, but it also has the most secretive government in the world, if you measure it by the production of new secrets.”—Steven Aftergood, director of the Project on Government Secrecy at the Federation of American Scientists1 ecrets and information, what do they have in com- accessible, the public’s right to know is jeopardized. But mon? A secret is something you don’t want anyone just how concerned is the public? A poll conducted in 2000 Sto know, something you keep to yourself or those by the Center for Survey Research and Analysis at the Uni- you trust. “Knowledge obtained from investigation” is the versity of Connecticut asked the question: “Government definition of information, according to Webster’s Dictionary.
  • Data Management in Systems Biology I

    Data Management in Systems Biology I

    Data management in systems biology I – Overview and bibliography Gerhard Mayer, University of Stuttgart, Institute of Biochemical Engineering (IBVT), Allmandring 31, D-70569 Stuttgart Abstract Large systems biology projects can encompass several workgroups often located in different countries. An overview about existing data standards in systems biology and the management, storage, exchange and integration of the generated data in large distributed research projects is given, the pros and cons of the different approaches are illustrated from a practical point of view, the existing software – open source as well as commercial - and the relevant literature is extensively overviewed, so that the reader should be enabled to decide which data management approach is the best suited for his special needs. An emphasis is laid on the use of workflow systems and of TAB-based formats. The data in this format can be viewed and edited easily using spreadsheet programs which are familiar to the working experimental biologists. The use of workflows for the standardized access to data in either own or publicly available databanks and the standardization of operation procedures is presented. The use of ontologies and semantic web technologies for data management will be discussed in a further paper. Keywords: MIBBI; data standards; data management; data integration; databases; TAB-based formats; workflows; Open Data INTRODUCTION the foundation of a new journal about biological The large amount of data produced by biological databases [24], the foundation of the ISB research projects grows at a fast rate. The 2009 (International Society for Biocuration) and special edition of the annual Nucleic Acids Research conferences like DILS (Data Integration in the Life database issue mentions 1170 databases [1]; alone Sciences) [25].