NIST logo

Publications Portal

You searched on: Author: peter mell

Displaying records 11 to 20 of 37 records.
Resort by: Date / Title


11. The Common Configuration Scoring System (CCSS): Metrics for Software Security Configuration Vulnerabilities
Series: NIST Interagency/Internal Report (NISTIR)
Report Number: 7502
Published: 12/27/2010
Authors: Peter M Mell, Karen Scarfone
Abstract: The Common Configuration Scoring System (CCSS) is a set of measures of the severity of software security configuration issues. CCSS is derived from the Common Vulnerability Scoring System (CVSS), which was developed to measure the severity of vulnera ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=906165

12. Intrusion Detection and Prevention Systems
Published: 10/22/2010
Authors: Karen Ann Scarfone, Peter M Mell
Abstract: Intrusion detection is the process of monitoring the events occurring in a computer system or network and analyzing them for signs of possible incidents. An intrusion detection and prevention system (IDPS) is software that automates the intrusion de ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=901146

13. State of Security Readiness
Published: 6/10/2010
Authors: Ramaswamy Chandramouli, Peter M Mell
Abstract: Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction. However, th ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=905281

14. An Analysis of CVSS Version 2 Vulnerability Scoring
Published: 10/14/2009
Authors: Karen Ann Scarfone, Peter M Mell
Abstract: The Common Vulnerability Scoring System (CVSS) is a specification that is used to measure the relative severity of software vulnerabilities. CVSS version 2, which was finalized in June 2007, was designed to address several deficiencies discovered dur ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=903020

15. Vulnerability Scoring for Security Configuration Settings
Published: 10/29/2008
Authors: Karen Ann Scarfone, Peter M Mell
Abstract: The best-known vulnerability scoring standard, the Common Vulnerability Scoring System (CVSS), is designed to quantify the severity of security-related software flaw vulnerabilities. This paper describes our efforts to determine if CVSS could be adap ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=152154

16. Improving the Common Vulnerability Scoring System
Published: 9/28/2007
Authors: Peter M Mell, Karen Ann Scarfone
Abstract: The Common Vulnerability Scoring System is an emerging standard for scoring the impact of vulnerabilities. This paper presents the results of our analysis of the scoring system and the results of our experiment scoring a large set of vulnerabilities ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=51124

17. The Common Vulnerability Scoring System (CVSS) and its Applicability to Federal Agency Systems
Series: NIST Interagency/Internal Report (NISTIR)
Report Number: 7435
Published: 8/30/2007
Authors: Peter M Mell, Karen Ann Scarfone, Sasha Romanosky
Abstract: The Common Vulnerability Scoring System (CVSS) provides an open framework for communicating the characteristics and impacts of IT vulnerabilities. The National Vulnerability Database (NVD) provides specific CVSS scores for virtually all publicly know ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=51231

18. A Complete Guide to the Common Vulnerability Scoring System Version 2.0
Published: 7/30/2007
Authors: Peter M Mell, Karen Ann Scarfone, Sasha Romanosky
Abstract: The Common Vulnerability Scoring System (CVSS) provides an open framework for communicating the characteristics and impacts of IT vulnerabilities. CVSS consists of three groups: Base, Temporal and Environmental. Each group produces a numeric score ra ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=51198

19. CVSS-SIG Version 2 History
Published: 7/30/2007
Authors: Peter M Mell, Karen Ann Scarfone, Gavin Reid
Abstract: This document attempts to interpret the history and rationale behind changes made in the Common Vulnerability Scoring System (CVSS) from version 1 to version 2 (referred to as CVSS v1 and v2 in this document.) This document contains multiple appendic ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=51199

20. Guide to Intrusion Detection and Prevention Systems (IDPS)
Series: Special Publication (NIST SP)
Report Number: 800-94
Published: 2/20/2007
Authors: Karen Ann Scarfone, Peter M Mell
Abstract: The National Institute of Standards and Technology (NIST) developed this document in furtherance of its statutory responsibilities under the Federal Information Security Management Act (FISMA) of 2002, Public Law 107-347. This publication seeks to as ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=50951



Search NIST-wide:


(Search abstract and keywords)


Last Name:
First Name:







Special Publications:

Looking for a NIST Special Publication (NIST SP Series)? Place the series number and dash in the report number field (Example: 800-) and begin your search.

  • SP 250-XX: Calibration Services
  • SP 260-XX: Standard Reference Materials
  • SP 300-XX: Precision Measurement and Calibration
  • SP 400-XX: Semiconductor Measurement Technology
  • SP 480-XX: Law Enforcement Technology
  • SP 500-XX: Computer Systems Technology
  • SP 700-XX: Industrial Measurement Series
  • SP 800-XX: Computer Security Series
  • SP 823-XX: Integrated Services Digital Network Series