Publications Portal

You searched on:
Author: Ramaswamy Chandramouli

Displaying records 1 to 10 of 48 records.
Resort by: Date / Title

1. Security Assurance Requirements for Hypervisor Deployment Features
Published: 2/24/2013
Author: Ramaswamy Chandramouli
Abstract: Virtualized hosts provide abstraction of the hardware resources (i.e., CPU, Memory etc) enabling multiple computing stacks to be run on a single physical machine. The Hypervisor is the core software that enables this virtualization and hence must be ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=912746

2. Security Control Variations Between In-House and Cloud-Based Virtualized Infrastructures
Published: 8/19/2012
Author: Ramaswamy Chandramouli
Abstract: Virtualization-related components (such as Hypervisor, Virtual Network and Virtual Machines (VMs)) in a virtualized data center infrastructure need effective security controls. However, the differences in scope of control (among stakeholders) over th ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=911036

3. Determining Authentication Strength for Smart Card-based Authentication Use Cases
Published: 1/30/2012
Author: Ramaswamy Chandramouli
Abstract: Smart cards are now being extensively deployed for identity verification(smart identity tokens) for controlling access to Information Technology (IT) as well as physical resources. Depending upon the sensitivity of the resources and the risk of wrong ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=908626

4. Service Model Driven Variations in Security Measures for Cloud Environments
Published: 11/6/2011
Author: Ramaswamy Chandramouli
Abstract: With the increasing adoption of cloud computing service models – Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS), proper implementation of adequate and appropriate security protection measures has bec ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=909131

5. Cloud Service Feature Driven Security Policies for Virtualized Infrastructures
Published: 7/19/2011
Author: Ramaswamy Chandramouli
Abstract: With the increasing maturity of various cloud service delivery models (Software as a Service (SaaS), Platform as a Service (PaaS), Infrastructure as a Service (IaaS)) and deployment models (Private, Community, Public, Hybrid), the security risk profi ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=908387

6. Information Leakage Through the Domain Name System
Series: OTHER
Published: 3/31/2011
Authors: Scott William Rose, Anastase Nakassis, Ramaswamy Chandramouli
Abstract: The Domain Name System (DNS) is the global lookup service for network resources. It is often the first step in an Internet transaction as well as a network attack. An attacker can query an organization's DNS as reconnaissance before attacking hos ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=900237

7. Framework for Emergency Response Official (ERO): Authentication and Authorization Infrastructure
Series: NIST Interagency/Internal Report (NISTIR)
Report Number: 7601
Published: 8/31/2010
Authors: Ramaswamy Chandramouli, Teresa Schwarzhoff
Abstract: This document describe a framework (with the acronym ERO-AA) for establishing an infrastructure for authentication and authorization of Emergency Response officials (ERO) who respond to various types of man-made and natural disasters. The population ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=903025

8. Secure Domain Name System (DNS) Deployment Guide
Series: Special Publication (NIST SP)
Report Number: 800-81rev1
Published: 8/27/2010
Author: Ramaswamy Chandramouli
Abstract: This document provides deployment guidelines for securing the Domain Name System (DNS) in any enterprise a government agency or a corporate entity. The deployment guidelines follow from an analysis of security objectives and consequent protection a ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=905113

9. NIST SP 800-85A-2: PIV Card Application and Middleware Interface Test Guidelines (SP800-73-3 compliance)
Series: Special Publication (NIST SP)
Report Number: 800-85
Published: 7/28/2010
Authors: Ramaswamy Chandramouli, Hildegard Ferraiolo, Ketan Lalitkumar Mehta
Abstract: The objective of this document is to provide test requirements and test assertions that could be used to validate the compliance/conformance of two PIV components: PIV middleware and PIV card application with the specification in NIST SP 800-73-3, In ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=906167

10. Authentication Assurance Level Taxonomies for Smart Identity Token Deployments - A New Approach
Published: 6/21/2010
Author: Ramaswamy Chandramouli
Abstract: Authentication assurance level taxonomies that have been specified in many real-world smart identity token deployments do not fully reflect all the security properties associated with their underlying authentication mechanisms. In this paper we desc ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=905274