Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).

View the beta site
NIST logo

Publications Portal

You searched on: Author: david kuhn

Displaying records 61 to 70 of 114 records.
Resort by: Date / Title

61. Introducing "Insecure IT"
Published: 1/20/2009
Authors: David R Kuhn, Hart Rossman, Simon Liu
Abstract: This article introduces a new department for IT Professional that will cover security in IT systems, ranging from desktops to global e-commerce networks. Our goal is to offer ideas to improve IT security, both by looking at ways it can go wrong as we ...

62. Property Verification for Generic Access Control Models
Published: 12/20/2008
Authors: Chung Tong Hu, David R Kuhn, Tao Xie
Abstract: To formally and precisely capture the security properties that access control should adhere to, access control models are usually written to bridge the rather wide gap in abstraction between policies and mechanisms. In this paper, we propose a new ge ...

63. Refining the In-Parameter-Order Strategy for Constructing Covering Arrrays
Series: Journal of Research (NIST JRES)
Published: 9/1/2008
Authors: Michael Forbes, James F Lawrence, Yu Lei, Raghu N Kacker, David R Kuhn
Abstract: Covering arrays are structures for well-representing extremely large input spaces and are used to efficiently implement blackbox testing for software and hardware. This paper proposes refinements over the In-Parameter-Order strategy (for arbitrary $t ...

64. Automated Combinatorial Test Methods: Beyond Pairwise Testing
Published: 6/2/2008
Authors: David R Kuhn, Raghu N Kacker, Yu Lei
Abstract: Pairwise testing has become a popular approach to software quality assurance because it often provides effective error detection at low cost. However, pairwise (2-way) coverage is not sufficient for assurance of mission-critical software. Combinatori ...

65. Practical Combinatorial Testing: Beyond Pairwise
Published: 6/1/2008
Authors: David R Kuhn, Yu Lei, Raghu N Kacker
Abstract: With new algorithms and tools, developers can apply high-strength combinatorial testing to detect elusive failures that occur only when multiple components interact. In pairwise testing, all possible pairs of parameter values are covered by at least ...

66. RBAC Standard Rationale: Comments on "A Critique of the ANSI Standard on Role Based Access Control"
Published: 12/12/2007
Authors: David F Ferraiolo, David R Kuhn, R. Sandhu
Abstract: [This is a response to comments on INCITS Standard 359-2004, Role Based Access Control. For original paper see Ninghui Li et al., IEEE Security & Privacy, vol. 5, no. 6, p.41, (2007).] Some notion of roles for access control predates the research ...

67. IPOG/IPOG-D: Efficient Test Generation for Multi-way Combinatorial Testing
Published: 11/29/2007
Authors: Yu Lei, Raghu N Kacker, David R Kuhn, Vadim Okun, James F Lawrence
Abstract: We present two strategies for multi-way testing (i.e., t-way testing with t > 2). The first strategy generalizes an existing strategy, called In-Parameter-Order, from pairwise testing to multi-way testing. This strategy requires all t-way combination ...

68. Border Gateway Protocol Security
Series: Special Publication (NIST SP)
Report Number: 800-54
Published: 7/17/2007
Authors: David R Kuhn, Kotikalapudi Sriram, Douglas C Montgomery
Abstract: This document introduces the Border Gateway Protocol (BGP), explains its importance to the internet, and provides a set of best practices that can help in protecting BGP. Best practices described here are intended to be implementable on nearly al ...

69. IPOG: A General Strategy for t-Way Software Testing
Published: 3/29/2007
Authors: Yu Lei, Raghu N Kacker, David R Kuhn, Vadim Okun, James F Lawrence
Abstract: Most existing work on t-way testing has focused on 2-way (or pairwise) testing, which aims to detect faults caused by interactions between any two parameters. However, faults can also be caused by interactions involving more than two parameters. In t ...

70. Role-Based Access Control, Second Edition
Published: 12/31/2006
Authors: David F Ferraiolo, David R Kuhn, Ramaswamy Chandramouli
Abstract: [ISBN-13: 978-1-59693-113-8] This newly revised edition of "Role-Based Access Control" offers the latest details on a security model aimed at reducing the cost and complexity of security administration for large networked applications. The second edi ...

Search NIST-wide:

(Search abstract and keywords)

Last Name:
First Name:

Special Publications:

Looking for a NIST Special Publication (NIST SP Series)? Place the series number and dash in the report number field (Example: 800-) and begin your search.

  • SP 250-XX: Calibration Services
  • SP 260-XX: Standard Reference Materials
  • SP 300-XX: Precision Measurement and Calibration
  • SP 400-XX: Semiconductor Measurement Technology
  • SP 480-XX: Law Enforcement Technology
  • SP 500-XX: Computer Systems Technology
  • SP 700-XX: Industrial Measurement Series
  • SP 800-XX: Computer Security Series
  • SP 823-XX: Integrated Services Digital Network Series