NIST logo

Publications Portal

You searched on:
Topic Area: Cybersecurity

Displaying records 111 to 120 of 228 records.
Resort by: Date / Title


111. Toward Privacy Standards Based on Empirical Studies
Topic: Cybersecurity
Published: 4/28/2011
Authors: Serge M. (Serge) Egelman, Erika McCallister
Abstract: In this paper, we argue that if privacy standards are created to guide ,do-not-trackŠ technologies, it is imperative that these standards are created with the primary stakeholder in mind: the data subject. Previous privacy and security standards ha ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=908282

112. Full Virtualization Technologies: Guidelines for Secure Implementation and Management
Series: ITL Bulletin
Topic: Cybersecurity
Published: 4/25/2011
Author: Shirley M. Radack
Abstract: This bulletin summarizes the information presented in NIST SP 800-125, Guide To Security for Full Virtualization Technologies: Recommendations of the National Institute of Standards and Technology, which was written by Karen Scarfone of G2, Inc., Mu ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=908456

113. Specification for the Open Checklist Interactive Language (OCIL) Version 2.0
Series: NIST Interagency/Internal Report (NISTIR)
Report Number: 7692
Topic: Cybersecurity
Published: 4/7/2011
Authors: David Anthony Waltermire, Karen Scarfone, Maria Casipe
Abstract: This report defines version 2.0 of the Open Checklist Interactive Language (OCIL). The intent of OCIL is to provide a standardized basis for expressing questionnaires and related information, such as answers to questions and final questionnaire resul ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=907944

114. The Policy Machine: a Novel Architecture and Framework for Access Control Policy Specification and Enforcement
Topic: Cybersecurity
Published: 4/1/2011
Authors: David F Ferraiolo, Vijay (Vijay) Atluri, Serban Ilie Gavrila
Abstract: The ability to control access to sensitive data in accordance with policy is perhaps the most fundamental security requirement. Despite over four decades of security research, the limited ability for existing access control mechanisms to generically ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=905440

115. Managing Information Security Risk: Organization, Mission, and Information System View
Series: ITL Bulletin
Topic: Cybersecurity
Published: 3/22/2011
Author: Shirley M. Radack
Abstract: This bulletin summarizes the information presented in NIST Special Publication (SP) 800-39, Integrated Enterprise-Wide Risk Management: Organization, Mission and Information System View. This publication was developed by the Joint Task Force Transf ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=908207

116. Thoughts on Higher Education and Scientific Research
Topic: Cybersecurity
Published: 3/22/2011
Authors: Jeffrey Mark Voas, George Hurlburt, Keith Miller, Phillip Laplante, Bret Michael
Abstract: The notion of a "tipping point" isn't new, al though the concept has relevance in differing ways. Academia seems to be at a tipping point, whereby the steady state of disciplinary specialization is about to give way to an interdisciplinary, collabora ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=906871

117. It's All About The Benjamins: Fair Trade botnets and incentivizing users to ignore security advice
Topic: Cybersecurity
Published: 2/28/2011
Authors: Serge M. (Serge) Egelman, Nicolas Christin, Timothy Vidas, Jens Grossklags
Abstract: We examine the cost for an attacker to pay users to execute arbitrary code---potentially malware. We created an Amazon's Mechanical Turk task wherein users were asked to download and run for an hour an executable we wrote. While this program was ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=907421

118. Guide to Using Vulnerability Naming Schemes
Series: Special Publication (NIST SP)
Report Number: 800-51 Rev 1
Topic: Cybersecurity
Published: 2/25/2011
Authors: David Anthony Waltermire, Karen Scarfone
Abstract: This publication provides recommendations for using two vulnerability naming schemes: Common Vulnerabilities and Exposures (CVE) and Common Configuration Enumeration (CCE). Draft SP 800-51 Revision 1 gives an introduction to both naming schemes and m ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=907934

119. National Checklist Program for IT Products Guidelines for Checklist Users and Developers
Series: Special Publication (NIST SP)
Report Number: 800-70 Rev 2
Topic: Cybersecurity
Published: 2/25/2011
Authors: Stephen D Quinn, Murugiah P Souppaya, Melanie Cook, Karen Scarfone
Abstract: Special Publication 800-70 Revision 2 - National Checklist Program for IT Products Guidelines for Checklist Users and Developers describes security configuration checklists and their benefits, and it explains how to use the NIST National Checklist Pr ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=907732

120. The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.1
Series: Special Publication (NIST SP)
Report Number: 800-126 Rev 1
Topic: Cybersecurity
Published: 2/25/2011
Authors: David Anthony Waltermire, Stephen D Quinn, Karen Scarfone
Abstract: This document provides the definitive technical specification for Version 1.1 of the Security Content Automation Protocol (SCAP). SCAP consists of a suite of specifications for standardizing the format and nomenclature by which security software comm ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=907893



Search NIST-wide:


(Search abstract and keywords)


Last Name:
First Name:







Special Publications:

Looking for a NIST Special Publication (NIST SP Series)? Place the series number and dash in the report number field (Example: 800-) and begin your search.

  • SP 250-XX: Calibration Services
  • SP 260-XX: Standard Reference Materials
  • SP 300-XX: Precision Measurement and Calibration
  • SP 400-XX: Semiconductor Measurement Technology
  • SP 480-XX: Law Enforcement Technology
  • SP 500-XX: Computer Systems Technology
  • SP 700-XX: Industrial Measurement Series
  • SP 800-XX: Computer Security Series
  • SP 823-XX: Integrated Services Digital Network Series