Special Publication (NIST SP)

Proceedings of the International Symposium on Forensic Science Error Management

December 27, 2016

Author(s)

John M. Butler

A total of 432 registered participants from 11 countries contributed to a successful first-ever international symposium devoted exclusively to the topic of...

Summary of NIST/SIM Chemical Metrology Working Group Training Opportunity: Isotope Dilution-Mass Spectrometry Clinical Measurement Course

December 22, 2016

Author(s)

Jeanita Pritchett, Katrice A. Lippa, Mary Bedner, Carolyn Q. Burdette, Johanna Camara, Brian E. Lang, Michael A. Nelson, Lane C. Sander, Lorna T. Sniegoski

The one week NIST-SIM chemical metrology training opportunity was designed to provide SIM NMI/DI laboratory personnel with in-depth classroom and hands-on...

Guide for Cybersecurity Event Recovery

December 22, 2016

Author(s)

Michael Bartock, Jeffrey Cichonski, Murugiah Souppaya, Matthew C. Smith, Gregory Witte, Karen Scarfone

In light of an increasing number of cybersecurity events, organizations can improve resilience by ensuring that their risk management processes include...

SHA-3 Derived Functions: cSHAKE, KMAC, TupleHash and ParallelHash

December 22, 2016

Author(s)

John M. Kelsey, Shu-jen H. Chang, Ray Perlner

This Recommendation specifies four types of SHA-3-derived functions: cSHAKE, KMAC, TupleHash, and ParallelHash, each defined for a 128- and 256-bit security...

Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations

December 20, 2016

Author(s)

Ronald S. Ross, Patrick Viscuso, Gary Guissanie, Kelley L. Dempsey, Mark Riddle

[Superseded by SP 800-171 Rev. 1 (December 2016, updated 11/28/2017): https://doi.org/10.6028/NIST.SP.800-171r1] The protection of Controlled Unclassified...

Guide Brief 6: How Communities Can Work with Communication Service Providers to Understand Communication Systems

December 13, 2016

Author(s)

Community Resilience Program NIST

This Guide Brief focuses on assisting communities with Step 2, Understand the Situation, with respect to communication systems. When characterizing...

Guide Brief 5: Assessing Energy System Dependencies

December 13, 2016

Author(s)

Community Resilience Program NIST

A major aspect of characterizing the built environment is identifying key infrastructure dependencies that may exist. Some of these dependencies are obvious...

National Checklist Program for IT Products: Guidelines for Checklist Users and Developers

December 8, 2016

Author(s)

Stephen D. Quinn, Murugiah P. Souppaya, Melanie R. Cook, Karen Scarfone

A security configuration checklist is a document that contains instructions or procedures for configuring an information technology (IT) product to an...

Guide to Securing Apple OS X 10.10 Systems for IT Professionals: A NIST Security Configuration Checklist

December 8, 2016

Author(s)

Mark L. Badger, Murugiah Souppaya, Mark R. Trapnell, Eric R. Trapnell, Dylan J. Yaga, Karen Scarfone

This publication assists IT professionals in securing Apple OS X 10.10 desktop and laptop systems within various environments. It provides detailed information...

Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems

November 14, 2016

Author(s)

Ronald S. Ross, Michael McEvilley, Janet C. Oren

[Superseded by NIST SP 800-160 (November 2016, including updates as of 01-03-2016)] With the continuing frequency, intensity, and adverse consequences of cyber...

Report of the Workshop on Software Measures and Metrics to Reduce Security Vulnerabilities (SwMM- RSV).

November 10, 2016

Author(s)

Paul E. Black, Elizabeth N. Fong

The National Institute of Standards and Technology (NIST) workshop on Software Measures and Metrics to Reduce Security Vulnerabilities (SwMM-RSV) was held on...

Report of workshop on Software Measures and Metrics to Reduce Security Vulnerabilities (SwMM-RSV)

November 1, 2016

Author(s)

Paul Black

The workshop occurred on 12 July 2016 at National Institute of Standards and Technology (NIST). The workshop's object was software as a product. 20 position...

Certification Report for SRM 2214: Density of Iso-octane for Extended Ranges of Temperature and Pressure

October 17, 2016

Author(s)

Mark O. McLinden, Jolene D. Splett

This report of analysis documents procedures used to obtain certified values and associated uncertainties of the density of iso-octane SRM 2214 over an extended...

Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication

October 6, 2016

Author(s)

Morris J. Dworkin

This Recommendation specifies a message authentication code (MAC) algorithm based on a symmetric key block cipher. This block cipher-based MAC algorithm, called...

Net-Zero Energy Residential Building Component Cost Estimates and Comparisons

October 4, 2016

Author(s)

Joshua D. Kneifel, Eric G. O'Rear

Homeowners and builders have increasingly strived to build low energy homes. As building materials, equipment, and methods have improved and renewable energy...

Guide to Cyber Threat Information Sharing

October 4, 2016

Author(s)

Christopher S. Johnson, Mark L. Badger, David A. Waltermire, Julie Snyder, Clem Skorupka

Cyber threat information is any information that can help an organization identify, assess, monitor, and respond to cyber threats. Cyber threat information...

A Comparison of Attribute Based Access Control (ABAC) Standards for Data Service Applications

October 3, 2016

Author(s)

David F. Ferraiolo, Ramaswamy Chandramouli, Chung Tong Hu, David R. Kuhn

Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC) are very different attribute based access control (ABAC) standards...

Guide Brief 3: Existing Community Resilience Activities Identifying Solutions to Address Resilience Gaps

September 30, 2016

Author(s)

Community Resilience Program NIST

Once a community identifies its resilience gaps, the challenge shifts to identifying solutions to close those gaps. One of the most helpful actions is to...

Guide Brief 4A: Example for Determining Anticipated Performance

September 30, 2016

Author(s)

Community Resilience Program NIST

This Guide Brief provides an example of how to determine the anticipated performance of water and wastewater systems subjected to an earthquake and tsunami...

Guide Brief 4 - Determining Anticipated Performance

September 30, 2016

Author(s)

Community Resilience Program NIST

This Guide Brief provides guidance for determining the anticipated performance of building clusters and infrastructure systems when subjected to hazard events...

Guide Brief 1 - Characterize the Population

September 30, 2016

Author(s)

Community Resilience Program NIST

This Guide Brief provides additional rationale and guidance regarding the first part of Step 2 in the Guide, Characterize social functions and dependencies...

Guide Brief 2 - Identify Social Institutions

September 30, 2016

Author(s)

Community Resilience Program NIST

This Guide Brief provides additional rationale and guidance regarding Step 2 in the GuideUnderstand the Situation for how to Identify Social Institutions...

Trustworthy Email

September 6, 2016

Author(s)

Ramaswamy Chandramouli, Simson L. Garfinkel, J. S. Nightingale, Scott W. Rose

This document gives recommendations and guidelines for enhancing trust in email. The primary audience includes enterprise email administrators, information...

Mobile ID Device Best Practice Recommendation Version 2.1

September 6, 2016

Author(s)

Kevin Mangold

Guideline for Using Cryptographic Standards in the Federal Government: Directives, Mandates and Policies

August 22, 2016

Author(s)

Elaine B. Barker, William C. Barker

This document is part of a series intended to provide guidance to the Federal Government for using cryptography and NIST's cryptographic standards to protect...

Guideline for Using Cryptographic Standards in the Federal Government: Cryptographic Mechanisms

August 22, 2016

Author(s)

Elaine B. Barker

This document is intended to provide guidance to the Federal Government for using cryptography and NIST's cryptographic standards to protect sensitive, but...

Data Format for the Interchange of Fingerprint, Facial & Other Biometric Information ANSI/NIST-ITL 1-2011 NIST Special Publication 500-290 Edition 3

August 21, 2016

Author(s)

Kevin C. Mangold

This is the 2015 Update to the ANSI/NIST-ITL Standard

Operation of the Millrock Quanta Series Freeze Dryer PC/PLC: Production of Freeze Dried Standard Reference and Control Materials (SRMs/CMs) at the NIST Reference Material Production Facility

August 11, 2016

Author(s)

Amanda J. Moors, Rebecca S. Pugh, Paul R. Becker

Standard Operation Procedures (SOPs) for the Palla VM-KT Vibrating Cryomill: Production of Fresh Frozen Standard Reference and Control Materials (SRMs/CMs) at the NIST Reference Material Production Facility

August 11, 2016

Author(s)

Amanda J. Moors, Rebecca S. Pugh, Jody R. Evans, Jennifer M. Ness, Debra L. Ellisor, Melannie J. Bachman

The NIST Reference Materials Production (RMP) Facility at the Hollings Marine Laboratory produces fresh, frozen powder materials which are used as Standard...

Certification Pathway for Downsampling 1000 ppi Fingerprint Friction Ridge Imagery to 500 ppi

August 11, 2016

Author(s)

John M. Libert, John D. Grantham, Craig I. Watson

The document describes the procedure by which fingerprint image downsampling procedures will be evaluated with respect to conformance to the NIST guidance for...