NIST logo

Publications Portal

You searched on: Author: ramaswamy chandramouli

Displaying records 11 to 20 of 61 records.
Resort by: Date / Title

11. Security Control Variations Between In-House and Cloud-Based Virtualized Infrastructures
Published: 8/19/2012
Author: Ramaswamy Chandramouli
Abstract: Virtualization-related components (such as Hypervisor, Virtual Network and Virtual Machines (VMs)) in a virtualized data center infrastructure need effective security controls. However, the differences in scope of control (among stakeholders) over th ...

12. Determining Authentication Strength for Smart Card-based Authentication Use Cases
Published: 1/30/2012
Author: Ramaswamy Chandramouli
Abstract: Smart cards are now being extensively deployed for identity verification(smart identity tokens) for controlling access to Information Technology (IT) as well as physical resources. Depending upon the sensitivity of the resources and the risk of wrong ...

13. Service Model Driven Variations in Security Measures for Cloud Environments
Published: 11/6/2011
Author: Ramaswamy Chandramouli
Abstract: With the increasing adoption of cloud computing service models - Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS), proper implementation of adequate and appropriate security protection measures has bec ...

14. Cloud Service Feature Driven Security Policies for Virtualized Infrastructures
Published: 7/19/2011
Author: Ramaswamy Chandramouli
Abstract: With the increasing maturity of various cloud service delivery models (Software as a Service (SaaS), Platform as a Service (PaaS), Infrastructure as a Service (IaaS)) and deployment models (Private, Community, Public, Hybrid), the security risk profi ...

15. Information Leakage Through the Domain Name System
Series: OTHER
Published: 3/31/2011
Authors: Scott William Rose, Anastase Nakassis, Ramaswamy Chandramouli
Abstract: The Domain Name System (DNS) is the global lookup service for network resources. It is often the first step in an Internet transaction as well as a network attack. An attacker can query an organization's DNS as reconnaissance before attacking hos ...

16. Framework for Emergency Response Official (ERO): Authentication and Authorization Infrastructure
Series: NIST Interagency/Internal Report (NISTIR)
Report Number: 7601
Published: 8/31/2010
Authors: Ramaswamy Chandramouli, Teresa T. Schwarzhoff
Abstract: This document describe a framework (with the acronym ERO-AA) for establishing an infrastructure for authentication and authorization of Emergency Response officials (ERO) who respond to various types of man-made and natural disasters. The population ...

17. PIV Card Application and Middleware Interface Test Guidelines (SP800-73-3 compliance)
Series: Special Publication (NIST SP)
Report Number: 800-85A-2
Published: 7/28/2010
Authors: Ramaswamy Chandramouli, Hildegard Ferraiolo, Ketan L Mehta
Abstract: The objective of this document is to provide test requirements and test assertions that could be used to validate the compliance/conformance of two PIV components: PIV middleware and PIV card application with the specification in NIST SP 800-73-3, In ...

18. Authentication Assurance Level Taxonomies for Smart Identity Token Deployments - A New Approach
Published: 6/21/2010
Author: Ramaswamy Chandramouli
Abstract: Authentication assurance level taxonomies that have been specified in many real-world smart identity token deployments do not fully reflect all the security properties associated with their underlying authentication mechanisms. In this paper we desc ...

19. State of Security Readiness
Published: 6/10/2010
Authors: Ramaswamy Chandramouli, Peter M Mell
Abstract: Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction. However, th ...

20. Secure Domain Name System (DNS) Deployment Guide
Series: Special Publication (NIST SP)
Report Number: 800-81 Rev 1
Published: 4/30/2010
Author: Ramaswamy Chandramouli
Abstract: [Superseded by SP 800-81-2 (September 2013):] This document provides deployment guidelines for securing the Domain Name System (DNS) in any enterprise a government agency or a corp ...

Search NIST-wide:

(Search abstract and keywords)

Last Name:
First Name:

Special Publications:

Looking for a NIST Special Publication (NIST SP Series)? Place the series number and dash in the report number field (Example: 800-) and begin your search.

  • SP 250-XX: Calibration Services
  • SP 260-XX: Standard Reference Materials
  • SP 300-XX: Precision Measurement and Calibration
  • SP 400-XX: Semiconductor Measurement Technology
  • SP 480-XX: Law Enforcement Technology
  • SP 500-XX: Computer Systems Technology
  • SP 700-XX: Industrial Measurement Series
  • SP 800-XX: Computer Security Series
  • SP 823-XX: Integrated Services Digital Network Series