NIST logo

Publications Portal

You searched on:
Author: david kuhn

Displaying records 41 to 50 of 88 records.
Resort by: Date / Title


41. Combinatorial Software Testing
Published: 8/7/2009
Authors: David R Kuhn, Raghu N Kacker, Yu Lei, Justin Hunter
Abstract: Developers of large data-intensive software often notice an interesting - though not surprising - phenomenon: when usage of an application jumps dramatically, components that have operated for months without trouble suddenly develop previously unde ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=903128

42. Understanding Insecure IT: Practical Risk Assessment
Published: 5/27/2009
Authors: Simon Liu, David R Kuhn, Hart Rossman
Abstract: IT systems have long been at risk from vulnerable software, malicious actions, or inadvertent user errors, in addition to run-of-the-mill natural and human-made disasters. As we discussed in the last issue ( Surviving Insecure IT: Effective Patch Man ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=902426

43. Surviving Insecure IT: Effective Patch Management
Published: 3/21/2009
Authors: Simon Liu, David R Kuhn, Hart Rossman
Abstract: The amount of time to protect enterprise systems against potential vulnerability continues to shrink. Enterprises need an effective patch management mechanism to survive the insecure IT environment. Effective patch management is a systematic and repe ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=901613

44. Introducing "Insecure IT"
Published: 1/20/2009
Authors: David R Kuhn, Hart Rossman, Simon Liu
Abstract: This article introduces a new department for IT Professional that will cover security in IT systems, ranging from desktops to global e-commerce networks. Our goal is to offer ideas to improve IT security, both by looking at ways it can go wrong as we ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=901185

45. Property Verification for Access Control Models via Model Checking
Published: 12/17/2008
Authors: Chung Tong Hu, David R Kuhn, Tao Xie
Abstract: To formally and precisely capture the security properties that access control should adhere to, access control models are usually written, bridging the rather wide gap in abstraction between policies and mechanisms. In this paper, we propose a new ge ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=51328

46. Refining the In-Parameter-Order Strategy for Constructing Covering Arrrays
Series: Journal of Research (NIST JRES)
Published: 9/1/2008
Authors: Michael Forbes, James F Lawrence, Yu Lei, Raghu N Kacker, David R Kuhn
Abstract: Covering arrays are structures for well-representing extremely large input spaces and are used to efficiently implement blackbox testing for software and hardware. This paper proposes refinements over the In-Parameter-Order strategy (for arbitrary $t ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=152141

47. Automated Combinatorial Test Methods Beyond Pairwise Testing
Published: 6/2/2008
Authors: David R Kuhn, Raghu N Kacker, Yu Lei
Abstract: Pairwise testing has become a popular approach to software quality assurance because it often provides effective error detection at low cost. However, pairwise (2-way) coverage is not sufficient for assurance of mission-critical software. Combinatori ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=152162

48. Practical Combinatorial Testing: Beyond Pairwise
Published: 6/1/2008
Authors: David R Kuhn, Raghu N Kacker, Yu Lei
Abstract: With new algorithms and tools, developers can apply high-strength combinatorial testing to detect elusive failures that occur only when multiple components interact.
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=152161

49. Security for Private Branch Exchange Systems
Series: ITL Bulletin
Published: 4/30/2008
Author: David R Kuhn
Abstract: This document provides an introduction to security for private branch exchange systems (PBXs). The primary audience is agency system administrators and others responsible for the installation and operation of PBX systems. Major threat classes are e ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=151230

50. RBAC Standard Rationale: Comments on "A Critique of the ANSI Standard on Role Based Access Control"
Published: 12/12/2007
Authors: David F Ferraiolo, David R Kuhn, R. Sandhu
Abstract: [This is a response to comments on INCITS Standard 359-2004, Role Based Access Control. For original paper see Ninghui Li et al., IEEE Security & Privacy, vol. 5, no. 6, p.41, (2007).] Some notion of roles for access control predates the research ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=150626



Search NIST-wide:


(Search abstract and keywords)


Last Name:
First Name:







Special Publications:

Looking for a NIST Special Publication (NIST SP Series)? Place the series number and dash in the report number field (Example: 800-) and begin your search.

  • SP 250-XX: Calibration Services
  • SP 260-XX: Standard Reference Materials
  • SP 300-XX: Precision Measurement and Calibration
  • SP 400-XX: Semiconductor Measurement Technology
  • SP 480-XX: Law Enforcement Technology
  • SP 500-XX: Computer Systems Technology
  • SP 700-XX: Industrial Measurement Series
  • SP 800-XX: Computer Security Series
  • SP 823-XX: Integrated Services Digital Network Series