NIST logo

Publications Portal

You searched on: Author: david kuhn

Displaying records 31 to 40 of 104 records.
Resort by: Date / Title


31. Isolating Failure-Inducing Combinations in Combinatorial Testing using Test Augmentation and Classification
Published: 4/21/2012
Authors: Kiran Shakya, Tao Xie, Nuo Li, Yu Lei, Raghu N Kacker, David R Kuhn
Abstract: Combinatorial Testing (CT) is a systematic way of sampling input parameters of the software under test (SUT). A t-way combinatorial test set can exercise all behaviors of the SUT caused by interactions between t input parameters or less. Although com ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=911450

32. Vulnerability Hierarchies in Access Control Configurations
Published: 12/27/2011
Author: David R Kuhn
Abstract: This paper applies methods for analyzing fault hierarchies to the analysis of relationships among vulnerabilities in misconfigured access control rule structures. Hierarchies have been discovered previously for faults in arbitrary logic formulae, s ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=909742

33. Role Engineering: Methods and Standards
Published: 12/8/2011
Authors: Edward Coyne, Timothy Weil, David R Kuhn
Abstract: This article explains problems and approaches to designing permission structures for role based access control. RBAC and the RBAC standard are summarized, common approaches to role engineering described, and the current status and plans for the INCI ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=909664

34. Vetting Mobile Apps
Published: 7/22/2011
Authors: Stephen Quirolgico, Jeffrey Mark Voas, David R Kuhn
Abstract: Billions of copies of apps for mobile devices have been purchased in recent years. With this growth, however, comes an increase in the spread of potentially dangerous security vulnerabilities. Because of an app's low cost and high proliferation, the ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=908762

35. A Combinatorial Approach to Detecting Buffer Overflow Vulnerabilities
Published: 6/14/2011
Authors: Raghu N Kacker, Yu Lei, David R Kuhn, Wenhua Wang
Abstract: Buffer overflow vulnerabilities are program defects that can cause a buffer overflow to occur at runtime. Many security attacks exploit buffer overflow vulnerabilities to compromise critical data structures. In this paper, we present a black-box test ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=905210

36. A Survey of Binary Covering Arrays
Published: 4/7/2011
Authors: James F Lawrence, Raghu N Kacker, Yu Lei, David R Kuhn, Michael Forbes
Abstract: Two-valued covering arrays of strength t are 0--1 matrices having the property that for each t columns and each of the possible 2t sequences of t 0's and 1's, there exists a row having that sequence in that set of t columns. Covering arrays are an im ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=51256

37. Model Checking for Verification of Mandatory Access Control Models and Properties
Published: 2/28/2011
Authors: Chung Tong Hu, David R Kuhn, Tao Xie, J Hwang
Abstract: Mandatory access control (MAC) mechanisms control which users or processes have access to which resources in a system. MAC policies are increasingly specified to facilitate managing and maintaining access control. However, the correct specification o ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=903228

38. Managing Security: The Security Content Automation Protocol
Published: 2/4/2011
Authors: Shirley M. Radack, David R Kuhn
Abstract: Managing information systems security is an expensive and challenging task. Many different and complex software components- including firmware, operating systems, and applications-must be configured securely, patched when needed, and continuously mon ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=907372

39. An Application of Combinatorial Methods to Conformance Testing for Document Object Model Events
Series: NIST Interagency/Internal Report (NISTIR)
Report Number: 7773
Published: 11/1/2010
Authors: Carmelo Montanez-Rivera, David R Kuhn, Mary C Brady, Richard M Rivello, Jenise Reyes Rodriguez, Michael K. Powers
Abstract: This report describes the use of combinatorial test methods to reduce the cost of testing for the Document Object Model Events standard while maintaining an equivalent level of assurance. More than 36,000 tests - all possible combinations of equival ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=907846

40. Practical Combinatorial Testing
Series: Special Publication (NIST SP)
Report Number: 800-142
Published: 10/7/2010
Authors: David R Kuhn, Raghu N Kacker, Yu Lei
Abstract: Combinatorial testing can help detect problems like this early in the testing life cycle. The key insight underlying t-way combinatorial testing is that not every parameter contributes to every fault and most faults are caused by interactions between ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=906255



Search NIST-wide:


(Search abstract and keywords)


Last Name:
First Name:







Special Publications:

Looking for a NIST Special Publication (NIST SP Series)? Place the series number and dash in the report number field (Example: 800-) and begin your search.

  • SP 250-XX: Calibration Services
  • SP 260-XX: Standard Reference Materials
  • SP 300-XX: Precision Measurement and Calibration
  • SP 400-XX: Semiconductor Measurement Technology
  • SP 480-XX: Law Enforcement Technology
  • SP 500-XX: Computer Systems Technology
  • SP 700-XX: Industrial Measurement Series
  • SP 800-XX: Computer Security Series
  • SP 823-XX: Integrated Services Digital Network Series