An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Raghu N. Kacker, David R. Kuhn, Huadong Feng, Yu J. Lei
Big data applications are now widely used to process massive amounts of data we create every day. When a failure occurs in a big data application, debugging at the system-level input can be expensive due to the large amount of data being processed. This
The concept of attack surface has seen many applications in various domains, e.g., software security, cloud security, mobile device security, Moving Target Defense (MTD), etc. However, in contrast to the original attack surface metric, which is formally
This publication describes the Risk Management Framework (RMF) and provides guidelines for applying the RMF to information systems and organizations. The RMF provides a disciplined, structured, and flexible process for managing security and privacy risk
The Security Content Automation Protocol (SCAP) data model for source data stream collections standardizes the packaging of security content into self-contained bundles for easy deployment. But no single data model can satisfy all requirements. The source
Kelley L. Dempsey, Nedim S. Goren, Paul Eavy, George Moore
The NISTIR 8011 volumes focus on each individual information security capability, adding tangible detail to the more general overview given in NISTIR 8011 Volume 1, and providing a template for transition to a detailed, NIST standards-compliant automated
Thousands of new words have been invented in the last decade to help us talk about technology. An analysis of the NIST glossary database shows insights into how we invent and define these words, and the impact of those definitions.
Correct and accurate mission impact assessment is the essential prerequisite of mission-aware cyber resilience. However, an overlooked gap has been existing between mission impact assessment and cyber resilience. This article attempts to bridge the gap by
The Interagency International Cybersecurity Standardization Working Group (IICS WG) was established in December 2015 by the National Security Council's Cyber Interagency Policy Committee (NSC Cyber IPC). Its purpose is to coordinate on major issues in
Aurelien M. Delaitre, Bertrand C. Stivalet, Paul E. Black, Vadim Okun, Terry S. Cohen, Athos Ribeiro
Software assurance has been the focus of the National Institute of Standards and Technology (NIST) Software Assurance Metrics and Tool Evaluation (SAMATE) team for many years.The Static Analysis Tool Exposition (SATE) is one of the teams prominent
Jason D. Kahn, Anthony Trevino, San Antonio Police Dept, Heather M. Evans, Joe Fournier, Canada's Centre for Security Science, David Lund, Public Safety Communication Europe Forum, Gordon Shipley, UK Home Office Emergency Service Mobile Communications Programme, Dereck R. Orr, Jeff Bratcher, Rich Reed, Salim Patel, AT&T Technology Architecture Planning, Ryan Felts, Marc Leh, Mary F. Theofanos, Kristen Greene
This document is a compilation of the slides presented during Day 2 of the 2017 Public Safety Communications Research Program's (PSCR) Annual Stakeholder Conference. Day 2 topics include PSCR research plans and results for Crowdsourcing Open Innovation
Dereck R. Orr, Richard A. Rouil, Jeremy E. Benson, David W. Griffith, Fidel Liberal, Robert Escalle, Sonim Technologies, Richard Lau, Vencore Labs, Paul Sutton, Software Radio Systems LTD, Sumit Roy, Sean Sangodoyin, David A. Howe, Fabio C. Da Silva, Alicia Evangelista, Yet2, Brienne Engel, Yet2, John S. Garofolo
This document is a compilation of the slides presented during Day 3 of the 2017 Public Safety Communications Research Program's (PSCR) Annual Stakeholder Conference. Day 3 topics include PSCR research plans and results for Mission Critical Voice, Indoor
Apostol T. Vassilev, Larry Feldman, Gregory A. Witte
This bulletin summarizes the NIST Automated Cryptographic Validation (ACV) Testing project. NIST selects and standardizes cryptographic algorithms as NIST-approved for use within the U.S. Federal Government. The Computer Security Division specifies the
Patrick D. O'Reilly, Kristina G. Rigopoulos, Gregory A. Witte, Larry Feldman
Title III of the E-Government Act of 2002, entitled the Federal Information Security Management Act (FISMA) of 2002, requires NIST to prepare an annual public report on activities undertaken in the previous year, and planned for the coming year, to carry