Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).

View the beta site
NIST logo

Publications Portal

You searched on: Topic Area: Cybersecurity

Displaying records 21 to 30 of 137 records.
Resort by: Date / Title

21. Guidance for Secure Authorization of Mobile Applications in the Corporate Environment
Series: ITL Bulletin
Topic: Cybersecurity
Published: 3/19/2015
Authors: Athanasios T Karygiannis, Stephen Quirolgico, Larry Feldman, Gregory A. Witte
Abstract: This bulletin provides an overview of NIST Special Publication (SP) 800-163, "Vetting the Security of Mobile Applications." The NIST SP helps organizations understand the process for vetting the security of mobile applications, plan for the implement ...

22. SATE V Workshop - CVE-selected Analysis Results
Topic: Cybersecurity
Published: 3/14/2015
Author: Bertrand Clement Stivalet

23. Fuzz Testing for Software Assurance
Topic: Cybersecurity
Published: 3/1/2015
Authors: Vadim Okun, Elizabeth Nee nee Fong
Abstract: Fuzz Testing, or fuzzing, is a software testing technique that involves providing invalid, unexpected, or random test inputs to the software system under test. The system is then monitored for crashes and other undesirable behavior. Fuzz testing can ...

24. Vetting the Security of Mobile Applications
Series: Special Publication (NIST SP)
Report Number: 800-163
Topic: Cybersecurity
Published: 1/26/2015
Authors: Stephen Quirolgico, Jeffrey Mark Voas, Athanasios T Karygiannis, Christoph Michael, Karen Scarfone
Abstract: The purpose of this document is to help organizations (1) understand the process for vetting the security of mobile applications, (2) plan for the implementation of an app vetting process, (3) develop app security requirements, (4) understand the typ ...

25. Public Safety Mobile Application Security Requirements Workshop Summary
Series: NIST Interagency/Internal Report (NISTIR)
Report Number: 8018
Topic: Cybersecurity
Published: 1/22/2015
Authors: Michael A Ogata, Barbara Guttman, Nelson E Hastings
Abstract: This document captures the input received from the half-day workshop titled "Public Safety Mobile Application Security Requirements" organized by the Association of Public-Safety Communications Officials (APCO) International, in cooperation with Firs ...

26. Measuring Impact of Cybersecurity on the Performance of Industrial Control Systems
Topic: Cybersecurity
Published: 12/31/2014
Authors: Keith A Stouffer, Richard Candell
Abstract: The National Institute of Standards and Technology (NIST) is developing a cybersecurity testbed for industrial control systems (ICS). The goal of the testbed is to measure the performance of ICS when instrumented with cybersecurity countermeasure ...

27. Release of NIST Special Publication 800-157, Guidelines for Derived Personal Identity Verification (PIV) Credentials
Series: ITL Bulletin
Topic: Cybersecurity
Published: 12/30/2014
Authors: Hildegard Ferraiolo, Larry Feldman, Gregory A. Witte
Abstract: NIST has recently released Special Publication (SP) 800-157, Guidelines for Derived Personal Identity Verification (PIV) Credentials. Itto provide the technical details for a system by which mobile devices such as smart phones and tables are provisio ...

28. Guidelines for Derived Personal Identity Verification (PIV) Credentials
Series: Special Publication (NIST SP)
Report Number: 800-157
Topic: Cybersecurity
Published: 12/19/2014
Authors: Hildegard Ferraiolo, David A Cooper, Salvatore Francomacaro, Andrew Richard Regenscheid, Jason Mohler, Sarbari Gupta, William Edward Burr
Abstract: This recommendation provides technical guidelines for the implementation of standards-based, secure, reliable, interoperable PKI-based identity credentials that are issued by Federal departments and agencies to individuals who possess and prove c ...

29. Metrics of Security
Topic: Cybersecurity
Published: 12/15/2014
Authors: Yi Cheng, Julia Deng, Jason Li, Scott DeLoach, Anoop Singhal, Xinming Ou
Abstract: Discussion of challenges and ways of improving Cyber Situational Awareness dominated our previous chapters. However, we have not yet touched on how to quantify any improvement we might achieve. Indeed, to get an accurate assessment of network securit ...

30. Static Analysis is not enough: The Role of Architecture and Design in Software Assurance
Topic: Cybersecurity
Published: 12/1/2014
Author: Walter R. (Walt) Houser
Abstract: Static analysis testing of software source code is necessary but not sufficient. Over 40 percent of the Common Weakness Enumeration (CWE) are likely to be introduced in the architecture and design phase of the development life cycle. By their ver ...

Search NIST-wide:

(Search abstract and keywords)

Last Name:
First Name:

Special Publications:

Looking for a NIST Special Publication (NIST SP Series)? Place the series number and dash in the report number field (Example: 800-) and begin your search.

  • SP 250-XX: Calibration Services
  • SP 260-XX: Standard Reference Materials
  • SP 300-XX: Precision Measurement and Calibration
  • SP 400-XX: Semiconductor Measurement Technology
  • SP 480-XX: Law Enforcement Technology
  • SP 500-XX: Computer Systems Technology
  • SP 700-XX: Industrial Measurement Series
  • SP 800-XX: Computer Security Series
  • SP 823-XX: Integrated Services Digital Network Series