NIST logo

Publications Portal

You searched on: Topic Area: Cybersecurity

Displaying records 1 to 10 of 112 records.
Resort by: Date / Title


1. Guidance for Secure Authorization of Mobile Applications in the Corporate Environment
Series: ITL Bulletin
Topic: Cybersecurity
Published: 3/19/2015
Authors: Athanasios T Karygiannis, Stephen Quirolgico, Larry Feldman, Gregory A. Witte
Abstract: This bulletin provides an overview of NIST Special Publication (SP) 800-163, "Vetting the Security of Mobile Applications." The NIST SP helps organizations understand the process for vetting the security of mobile applications, plan for the implement ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=918252

2. Fuzz Testing for Software Assurance
Topic: Cybersecurity
Published: 3/1/2015
Authors: Vadim Okun, Elizabeth Nee nee Fong
Abstract: Fuzz Testing, or fuzzing, is a software testing technique that involves providing invalid, unexpected, or random test inputs to the software system under test. The system is then monitored for crashes and other undesirable behavior. Fuzz testing can ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=917432

3. Vetting the Security of Mobile Applications
Series: Special Publication (NIST SP)
Report Number: 800-163
Topic: Cybersecurity
Published: 1/26/2015
Authors: Stephen Quirolgico, Jeffrey Mark Voas, Athanasios T Karygiannis, Christoph Michael, Karen Scarfone
Abstract: The purpose of this document is to help organizations (1) understand the process for vetting the security of mobile applications, (2) plan for the implementation of an app vetting process, (3) develop app security requirements, (4) understand the typ ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=917674

4. Public Safety Mobile Application Security Requirements Workshop Summary
Series: NIST Interagency/Internal Report (NISTIR)
Report Number: 8018
Topic: Cybersecurity
Published: 1/22/2015
Authors: Michael A Ogata, Barbara Guttman, Nelson E Hastings
Abstract: This document captures the input received from the half-day workshop titled "Public Safety Mobile Application Security Requirements" organized by the Association of Public-Safety Communications Officials (APCO) International, in cooperation with Firs ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=917397

5. Release of NIST Special Publication 800-157, Guidelines for Derived Personal Identity Verification (PIV) Credentials
Series: ITL Bulletin
Topic: Cybersecurity
Published: 12/30/2014
Authors: Hildegard Ferraiolo, Larry Feldman, Gregory A. Witte
Abstract: NIST has recently released Special Publication (SP) 800-157, Guidelines for Derived Personal Identity Verification (PIV) Credentials. Itto provide the technical details for a system by which mobile devices such as smart phones and tables are provisio ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=917746

6. Guidelines for Derived Personal Identity Verification (PIV) Credentials
Series: Special Publication (NIST SP)
Report Number: 800-157
Topic: Cybersecurity
Published: 12/19/2014
Authors: Hildegard Ferraiolo, David A Cooper, Salvatore Francomacaro, Andrew Richard Regenscheid, Mohler Jason, Sarbari Gupta, William Edward Burr
Abstract: This recommendation provides technical guidelines for the implementation of standards-based, secure, reliable, interoperable PKI-based identity credentials that are issued by Federal departments and agencies to individuals who possess and prove c ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=917541

7. Static Analysis is not enough: The Role of Architecture and Design in Software Assurance
Topic: Cybersecurity
Published: 12/1/2014
Author: Walter R. (Walt) Houser
Abstract: Static analysis testing of software source code is necessary but not sufficient. Over 40 percent of the Common Weakness Enumeration (CWE) are likely to be introduced in the architecture and design phase of the development life cycle. By their ver ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=916027

8. Avoiding Catastrophes in Cyberspace through Smarter Testing: How to prevent Heartbleed-like disasters using readily available testing technologies
Topic: Cybersecurity
Published: 10/16/2014
Authors: Apostol T Vassilev, Christopher Celi
Abstract: The recently discovered Heartbleed bug in OpenSSL‰s implementation of Internet security protocols and the aftermath from dealing with its consequences highlights a critical problem in the software industry. Software is routinely, inadequately tested ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=916849

9. A Cybersecurity Testbed for Industrial Control Systems
Topic: Cybersecurity
Published: 10/9/2014
Authors: Richard Candell, Keith A Stouffer, Dhananjay Anand
Abstract: The National Institute of Standards and Technology (NIST) is developing a cybersecurity testbed for industrial control systems (ICS). The goal of this testbed is to measure the performance of an ICS when instrumented with cybersecurity protections i ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=915876

10. Optimizing Information Set Decoding Algorithms to Attack Cyclosymetric MDPC Codes
Topic: Cybersecurity
Published: 10/3/2014
Author: Ray A Perlner
Abstract: The most important drawback to code-based cryptography has historically been its large key sizes. Recently, several promising approaches have been proposed to reduce keysizes. In particular, significant keysize reduction has been achieved by using ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=916132



Search NIST-wide:


(Search abstract and keywords)


Last Name:
First Name:







Special Publications:

Looking for a NIST Special Publication (NIST SP Series)? Place the series number and dash in the report number field (Example: 800-) and begin your search.

  • SP 250-XX: Calibration Services
  • SP 260-XX: Standard Reference Materials
  • SP 300-XX: Precision Measurement and Calibration
  • SP 400-XX: Semiconductor Measurement Technology
  • SP 480-XX: Law Enforcement Technology
  • SP 500-XX: Computer Systems Technology
  • SP 700-XX: Industrial Measurement Series
  • SP 800-XX: Computer Security Series
  • SP 823-XX: Integrated Services Digital Network Series