NIST logo

Publications Portal

You searched on:
Author: david kuhn

Displaying records 31 to 40 of 101 records.
Resort by: Date / Title


31. Vetting Mobile Apps
Published: 7/22/2011
Authors: Stephen Quirolgico, Jeffrey Mark Voas, David R Kuhn
Abstract: Billions of copies of apps for mobile devices have been purchased in recent years. With this growth, however, comes an increase in the spread of potentially dangerous security vulnerabilities. Because of an app's low cost and high proliferation, the ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=908762

32. A Combinatorial Approach to Detecting Buffer Overflow Vulnerabilities
Published: 6/14/2011
Authors: Raghu N Kacker, Yu Lei, David R Kuhn, Wenhua Wang
Abstract: Buffer overflow vulnerabilities are program defects that can cause a buffer overflow to occur at runtime. Many security attacks exploit buffer overflow vulnerabilities to compromise critical data structures. In this paper, we present a black-box test ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=905210

33. A Survey of Binary Covering Arrays
Published: 4/7/2011
Authors: James F Lawrence, Raghu N Kacker, Yu Lei, David R Kuhn, Michael Forbes
Abstract: Two-valued covering arrays of strength t are 0--1 matrices having the property that for each t columns and each of the possible 2t sequences of t 0's and 1's, there exists a row having that sequence in that set of t columns. Covering arrays are an im ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=51256

34. Model Checking for Verification of Mandatory Access Control Models and Properties
Published: 2/28/2011
Authors: Chung Tong Hu, David R Kuhn, Tao Xie, J Hwang
Abstract: Mandatory access control (MAC) mechanisms control which users or processes have access to which resources in a system. MAC policies are increasingly specified to facilitate managing and maintaining access control. However, the correct specification o ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=903228

35. Managing Security: The Security Content Automation Protocol
Published: 2/4/2011
Authors: Shirley M. Radack, David R Kuhn
Abstract: Managing information systems security is an expensive and challenging task. Many different and complex software components- including firmware, operating systems, and applications-must be configured securely, patched when needed, and continuously mon ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=907372

36. An Application of Combinatorial Methods to Conformance Testing for Document Object Model Events
Series: NIST Interagency/Internal Report (NISTIR)
Report Number: 7773
Published: 11/1/2010
Authors: Carmelo Montanez-Rivera, David R Kuhn, Mary C Brady, Richard M Rivello, Jenise Reyes Rodriguez, Michael K. Powers
Abstract: This report describes the use of combinatorial test methods to reduce the cost of testing for the Document Object Model Events standard while maintaining an equivalent level of assurance. More than 36,000 tests - all possible combinations of equival ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=907846

37. Practical Combinatorial Testing
Series: Special Publication (NIST SP)
Report Number: 800-142
Published: 10/7/2010
Authors: David R Kuhn, Raghu N Kacker, Yu Lei
Abstract: Combinatorial testing can help detect problems like this early in the testing life cycle. The key insight underlying t-way combinatorial testing is that not every parameter contributes to every fault and most faults are caused by interactions between ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=906255

38. Introduction: Cybersecurity
Published: 8/31/2010
Author: David R Kuhn
Abstract: Enterprise security, often considered a burden for system administrators and users alike, is one of the most rapidly evolving areas of IT. The articles in this issue can help IT professionals who want to be intelligent providers or consumers of secur ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=905995

39. Vulnerability Trends: Measuring Progress
Published: 7/19/2010
Authors: David R Kuhn, Christopher S. Johnson
Abstract: What is the state of security engineering today? Are we as an industry making progress? What are prospects for the future? To address these questions we analyze data from the National Vulnerability Database (NVD).
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=905737

40. Adding Attributes to Role Based Access Control
Published: 6/1/2010
Authors: David R Kuhn, Edward Coyne, Timothy Weil
Abstract: Role based access control (RBAC) is a popular model for information security. It helps reduce the complexity of security administration and supports the review of permissions assigned to users, a feature critical to organizations that must determine ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=905425



Search NIST-wide:


(Search abstract and keywords)


Last Name:
First Name:







Special Publications:

Looking for a NIST Special Publication (NIST SP Series)? Place the series number and dash in the report number field (Example: 800-) and begin your search.

  • SP 250-XX: Calibration Services
  • SP 260-XX: Standard Reference Materials
  • SP 300-XX: Precision Measurement and Calibration
  • SP 400-XX: Semiconductor Measurement Technology
  • SP 480-XX: Law Enforcement Technology
  • SP 500-XX: Computer Systems Technology
  • SP 700-XX: Industrial Measurement Series
  • SP 800-XX: Computer Security Series
  • SP 823-XX: Integrated Services Digital Network Series