Jan. 26, 2005
Tech Beat Search] [Credits] [NIST Tech Beat
Contacts] [Subscription Information]
Urged for Switch to Internet Phones
agencies and other organizations that are considering switching
their telephone systems to Voice Over Internet Protocol (VOIP)
should proceed with caution and carefully consider the security
risks, says a recent report* by the National Institute of Standards
and Technology (NIST).
an important emerging technology that makes it possible to place
telephone calls using a broadband Internet connection rather
than traditional, circuit-based telephone lines. While it shows
promise for lower cost and greater flexibility, VOIP has a very
different architecture than circuit-switched telephony, and
these differences result in significant security issues. “Administrators
may mistakenly assume that since digitized voice travels in
packets, they can simply plug VOIP components into their already-secured
networks and remain secure. However, the process is not that
simple,” says the NIST report. Implementing common security
measures into VOIP, such as firewalls and encryption, can cause
poor voice quality and blocked calls if not done carefully and
with the proper equipment. Designing, deploying and securely
operating a VOIP network is a complex effort that requires careful
preparation, says the report.
to help in the transition to secure VOIP include: develop appropriate
network architecture, including separate voice and data networks
where feasible and practical; ensure that the organization can
manage and mitigate risks to their information, system operations,
and continuity of essential operations when deploying VOIP systems;
use and routinely test the security features included in VOIP
systems; update VOIP software regularly and frequently; and,
since worms, viruses and other malicious software are common
on PCs connected to the Internet, do not use “softphone”
systems that implement VOIP using a PC with a headset and special
T. Walsh, S. Fries, Security Considerations for Voice
Over IP Systems, NIST Special Publication 800-58, is available
Processing May Yield Better Molecular Devices
contact deposition on organic electronic molecules using
the NIST patented process is highly specific, an important
feature for building dense arrays of devices. Shown
here is a cross-hatched pattern of copper deposits on
10-micrometer-wide, single-layer strips of molecules
that have been bound to a gold substrate with microcontact
here to download a higher resolution version of this
simple, chemical way to attach electrical contacts to molecular-scale
electronic components has been developed by researchers
at the National Institute of Standards and Technology (NIST).
The recently patented* method attaches a layer of copper
on the ends of delicate molecular components to avoid damage
to the components that commonly occurs with conventional
carbon-based molecules to act as wires, diodes, transistors
and other microelectronic devices—is
one of the most dynamic frontiers in nanotechnology. An
area equal to the cross-section of a typical human hair
might hold about a thousand semiconductor transistors at
the current state of art, but up to 13 million
challenge in molecular electronics is making electrical
contacts to the fragile molecules, chemical chains that
are easily damaged. Currently, this is most often done by
vaporizing a metal onto the molecules that stand like blades
of grass on a metal substrate. The vaporized metal atoms
are supposed to settle on the tops of the molecules but
they also often eat away at the delicate structures, or
fall through gaps in the "turf" and short out
the device. Yields of working devices are typically only
a few percent.
researchers designed a technique in which the molecules
are synthesized with an additional chemical group attached
to the top of the molecule. The chip is immersed in a solution
including copper ions, which preferentially bind to the
added group, forming a strong, chemically bonded contact
that also protects the underlying molecule during further
metallic vapor deposition steps. Tests at NIST have demonstrated
that the technique works well on surfaces patterned with
microcontact printing, producing clean, sharply defined
edges, important for the fabrication of practical devices.
U.S. patent, no. 6,828,581 available here: http://patapsco.nist.gov/TS/220/sharedpatent/pdf/6828581.pdf.
Experiments Mimic a Star's Energy Bursts
key process that enhances the production of nuclear energy
in the interior of dense stars has been re-created in
the laboratory for the first time by physicists at the
National Institute of Standards and Technology (NIST).
The work may help scientists study topics such as nuclear
fusion as a possible energy source and demonstrates a
new method for studying and modeling dense stellar objects
such as white dwarfs.
NIST experiments, described in the Jan. 18 issue of Physical
involve temperature measurements
of ultracold crystals as they melt. First, a "plasma" of
tens of thousands of singly charged beryllium atoms is trapped
using electric and magnetic fields and then cooled to almost
absolute zero using lasers. When the lasers are turned off,
the plasma begins to heat up. At 10 milliKelvin—just
0.01 degree above absolute zero—the
temperature suddenly rises more than 10 billion times faster
than predicted by theory.
This burst of energy in a very cold system of highly interactive
particles is believed to mimic events occurring inside the
hot, dense interiors of stars, where plasmas of highly charged
atoms undergo accelerated nuclear reactions.
Beryllium ions are frequently used in NIST research on topics
such as development of future atomic clocks and quantum computing
studies. Such rapid heating was first noticed in experiments
attempting to prepare special states of beryllium ions that
can improve the precision of an atomic clock.
Scientists have suspected for decades that the fusion of
atoms that powers stars is enhanced when the plasmas at their
cores somehow reduce the natural repulsion between charged
ions, increasing the chances that pairs of ions will collide
and produce nuclear reactions. NIST researchers found that,
at a certain temperature, their trapped beryllium ions also
collided more frequently and that the plasma temperature
suddenly shot up. In this case, the collisions resulted in
a transfer of energy between two types of motions made by
The research was supported in part by the Office of Naval
Research and National Science Foundation.
Jensen, T. Hasegawa, J.J. Bollinger, and D.H.E Dubin. 2004.
Rapid heating of a strongly coupled plasma near the solid-liquid
phase transition. Physical Review Letters, Jan. 18.
Applications Heat Up for Carbon Nanotubes
hot nanotechnology with many potential uses—may
find one of its quickest applications in the next generation
of standards for optical power measurements, which are essential
for laser systems used in manufacturing, medicine, communications,
lithography, space-based sensors and other technologies.
in a forthcoming paper in Applied
at the National Institute of Standards and Technology (NIST)
and the National Renewable Energy Laboratory have made prototype
pyroelectric detectors coated with carbon nanotubes. Pyroelectric
detectors and other thermal detectors are the basis for all
primary standards used to ensure that laser power and energy
measurements are traceable to fundamental units. The coating
absorbs laser light and converts it to heat, which is conducted
to a detector underneath made of pyroelectric material. The
detector's rise in temperature generates a current, which
is measured to determine the power of the laser.
cylinders made of carbon atoms—conduct
heat hundreds of times better than today's detector
coating materials. Nanotubes are also resistant to laser
damage and, because of their texture and crystal properties,
absorb light efficiently. Scientists hope that the nanotubes'
resistance to aging and hardening will allow them to extend
the range of NIST laser power standards to ultraviolet wavelengths,
which would support the development and calibration of sensors
for detecting chemical and biological weapons. The research
also may contribute to the use of carbon nanotubes in fuel
in the paper, the NIST-led research team was first to demonstrate
the use of an airbrush technique to apply carbon nanotubes
to a thermal detector. The team also will report, at a workshop
on carbon nanotubes at NIST Jan. 26-28, growing multiwalled
nanotubes directly on detectors with a chemical vapor deposition
process. The team is now measuring the optical and thermal
properties of various tube compositions and topologies, using
an unusual approach that is much faster than conventional
Lehman, C. Engtrakul, T. Gennett, and A.C. Dillon. 2005. Single-wall
carbon nanotube coating on a pyroelectric detector. Applied
Optics, Vol. 44. Slated at press time for Feb. 1.
Language Formats Checklists for IT Security
make it easier to measure the security of an information
technology product or system, researchers at the National
Institute of Standards and Technology (NIST) and the National
Security Agency (NSA) have developed a common specification
Configuration Checklist Description Format (XCCDF)—for writing security checklists and related
computers and other information technology products are vulnerable
to multiple threats including viruses, worms and identity or
information theft. One basic, yet effective, security tool is
the security configuration checklist—a
series of instructions for configuring an information technology
(IT) product to a baseline or benchmark level of security. Configuring
a system into conformance with a benchmark or other security
specification is a time-consuming and very technical task. Automated
tools are available to help system administrators determine
a system’s conformance and recommend corrective measures.
However, most of these tools are designed for a particular IT
product or system.
an XML-based format that is flexible, vendor-neutral and suited
for a wide variety of checklist applications including measuring
conformance of an IT system to security benchmarks and generating
a record of a benchmark test. (XML is a language—analogous
to the HTML codes used to format web pages—that
describes information in a standard way to allow computers to
exchange information and act on it.)
common format will help security professionals, vendors and
system auditors to more quickly exchange information and improve
automation of security testing and configuration checking,”
said John Wack, a researcher in NIST's Computer Security Division.
specification document, Specification for the Extensible
Configuration Checklist Description Format (XCCDF) (NISTIR
7188), is available at http://csrc.nist.gov/checklists/.
NIST, in conjunction with the Department of Homeland Security,
NSA, and other organizations, is developing computer security
checklists for many IT products widely used by government agencies.
Join Forces for Medical Innovation
National Institute of Standards and Technology (NIST)
has signed a Memorandum of Understanding (MOU) with
the Department of Health and Human Services to collaborate
on programs that facilitate the development and delivery
of innovative medical technologies. NIST has been
working closely with a variety of HHS agencies, including
the National Institutes of Health and the Food and
Drug Administration, and the new MOU now provides
an umbrella agreement to expand and strengthen those
and HHS bureaus agreed to collaborate in four main
areas: strategic, policy and program coordination;
streamlining the pathway from discovery to delivery;
educational and informational initiatives; and research
to the new agreement, the interface of the physical
sciences and life sciences is likely to "spawn
the most revolutionary technological developments."
The MOU, "bridges a biological/medical Department
with one steeped in the physical science and engineering
tradition of quantitative measurement."
Text of the full agreement is available at www.nist.gov/public_affairs/techbeat/mou_hhs_doc.pdf.
new MOU was released Jan. 13, 2005, in conjunction
with the release of a new HHS report, Moving Medical
Innovations Forward. The report is available