Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information Technology

Cybersecurity and privacy

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author

Title

Author

NIST Pub Series

Report Number

Published Date

Min

Max

Displaying 1101 - 1125 of 1521

Information Security - 10th International Conference, ISC 2007

October 12, 2007

Author(s)

Rene C. Peralta

Guidelines on Securing Public Web Servers

October 9, 2007

Author(s)

Miles C. Tracy, Wayne Jansen, Karen A. Scarfone, Theodore Winograd

Web servers are often the most targeted and attacked hosts on organizations' networks. As a result, it is essential to secure Web servers and the network infrastructure that supports them. This document is intended to assist organizations in installing

Metastability of Fair Bandwidth Sharing Under Fluctuating Demand and Necessity of Flow Admission control

September 17, 2007

Author(s)

Vladimir V. Marbukh

A flow-level Markov model for fair bandwidth sharing with packet retransmissions under random flow arrivals/departures is proposed and discussed. Fluctuations in the numbers of flows in progress cause the network instability even under light load. The

6th Annual PKI R&D Workshop "Applications-Driven PKI" Proceedings

September 13, 2007

Author(s)

William T. Polk, Kent Seamons

NIST hosted the sixth Annual Public Key Infrastructure (PKI) Research Workshop on April 17-19, 2007. The two and a half day event brought together PKI experts from academia, industry, and government had a particular interest in novel approaches to

A New Taxonomy for Analyzing Smart Card-based Authentication Processes

September 7, 2007

Author(s)

Ramaswamy Chandramouli

As part of E-Government and security initiatives, smart cards are now being increasingly deployed as authentication tokens. The existing classification of authentication factors into What you Know, What You Have and What You Are- does not provide a good

Infrastructure Standards for Smart ID-Cards Deployment

September 7, 2007

Author(s)

Ramaswamy Chandramouli, Philip Lee

Smart cards are being increasingly deployed for many applications. Typical applications are Subscriber Identification Module (SIM) cards (in Telecommunication), Micropayment (in Financial Transactions), Commuter Cards (in Urban Transportation Systems) and

Fair Bandwidth Sharing Under Flow Arrivals/Departures: Effect of Retransmissions on Stability and Performance

September 1, 2007

Author(s)

Vladimir V. Marbukh

A flow-level Markov model for fair bandwidth sharing with packet retransmissions and random flow arrivals/departures is proposed. The model accounts for retransmissions by assuming that file transfer rates are determined by the end-to-end goodputs rather

The Common Vulnerability Scoring System (CVSS) and its Applicability to Federal Agency Systems

August 30, 2007

Author(s)

Peter M. Mell, Karen A. Scarfone, Sasha Romanosky

The Common Vulnerability Scoring System (CVSS) provides an open framework for communicating the characteristics and impacts of IT vulnerabilities. The National Vulnerability Database (NVD) provides specific CVSS scores for virtually all publicly known

Guide to Secure Web Services

August 29, 2007

Author(s)

Anoop Singhal, Theodore Winograd, Karen A. Scarfone

The advance of Web services technologies promises to have far-reaching effects on the Internet and enterprise networks. Web services based on the eXtensible Markup Language (XML), SOAP, and related open standards, and deployed in Service Oriented

Secure Web Services

August 23, 2007

Author(s)

Shirley M. Radack

This bulletin provides information on current and emerging standards that have been developed for Web services, and provides background information on the most common security threats to service-oriented architectures (SOAs). The bulletin discusses Web

Where EAP Security Claims Fail

August 14, 2007

Author(s)

Katrin Hoeper, Lei Chen

The Extensible Authentication Protocol (EAP) is widely used as an authentication framework to control the access to wireless networks, e.g. in IEEE 802.11 and IEEE 802.16 networks. In this paper, we discuss limitations of EAP security and demonstrate how

Cryptographic Algorithms and Key Sizes for Personal Identity Verification

August 1, 2007

Author(s)

William T. Polk, Donna F. Dodson, William E. Burr

[Superseded by SP 800-78-2(February 2010): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=904962] SP 800-78-1 has been modified to enhance interoperability, simplify the development of relying party applications, and enhance alignment with

A Complete Guide to the Common Vulnerability Scoring System Version 2.0

July 30, 2007

Author(s)

Peter M. Mell, Karen A. Scarfone, Sasha Romanosky

The Common Vulnerability Scoring System (CVSS) provides an open framework for communicating the characteristics and impacts of IT vulnerabilities. CVSS consists of three groups: Base, Temporal and Environmental. Each group produces a numeric score ranging

CVSS-SIG Version 2 History

July 30, 2007

Author(s)

Peter M. Mell, Karen A. Scarfone, Gavin Reid

This document attempts to interpret the history and rationale behind changes made in the Common Vulnerability Scoring System (CVSS) from version 1 to version 2 (referred to as CVSS v1 and v2 in this document.) This document contains multiple appendices

Border Gateway Protocol Security

July 26, 2007

Author(s)

Shirley M. Radack

The Border Gateway Protocol (BGP) plays a critical role in the effective operation of the Internet. BGP is used to update routing information between major systems, which makes it possible for systems connected to the Internet to receive and transmit

Conformance Checking of Access Control Policies Specified in XACML

July 24, 2007

Author(s)

Vincent C. Hu, Evan Martin, Tao Xie

Access control is one of the most fundamental and widely used security mechanisms. Access control mechanisms control which principals such as users or processes have access to which resources in a system. To facilitate managing and maintaining access

Border Gateway Protocol Security

July 17, 2007

Author(s)

D. Richard Kuhn, Kotikalapudi Sriram, Douglas Montgomery

This document introduces the Border Gateway Protocol (BGP), explains its importance to the internet, and provides a set of best practices that can help in protecting BGP. Best practices described here are intended to be implementable on nearly all

NIST Delivers Strong and Flexible Security Standards Managing Enterprise Risk in a World of Sophisticated Cyber Threats

July 9, 2007

Author(s)

Ronald S. Ross

This article summarizes the fundamental concepts of the FISMA project and reinforces the core principles that have guided the project from its initiation in 2003.

Forensic Techniques for Cell Phones

June 27, 2007

Author(s)

Shirley M. Radack

The data that is captured on mobile phones can be a source of valuable information to organizations that are investigating crimes, policy violations and other security incidents. The science of recovering digital evidence from mobile phones, using

Securing Radio Frequency Identification (RFID) Systems

May 17, 2007

Author(s)

Karen A. Scarfone

Radio frequency identification (RFID) is a form of automatic identification and data capture technology that uses electric or magnetic fields at radio frequencies to transmit information. An RFID system can be used to identify many types of objects, such

Access Control Policy Combinations for the Grid Using the Policy Machine

May 14, 2007

Author(s)

Vincent C. Hu, David F. Ferraiolo, Karen A. Scarfone

Many researchers have tackled the architecture and requirements aspects of grid security, concentrating on the authentication or authorization mediation instead of authorization techniques, especially the topic of policy combination. Policy combination is

Specification for the Extensible Configuration Checklist Description Format (XCCDF), Version 1.1.3

April 30, 2007

Author(s)

Neal Ziring, Stephen Quinn

The Cyber Security Research and Development Act of 2002 tasks the National Institute of Standards and Technology (NIST) to "develop, and revise as necessary, a checklist setting forth settings and option selections that minimize the security risks

Specification-Driven Testing of Smart Card Interface Using a Formal Model

April 30, 2007

Author(s)

Ramaswamy Chandramouli, Mark Blackburn

Model-Driven Engineering (MDE) is emerging as a promising approach that uses models to support various phases of system development lifecycle such as Code Generation and Verification/Validation (V &V). In this paper, we describe the application of a model

Securing Wireless Networks

April 26, 2007

Author(s)

Shirley M. Radack

This bulletin summarizes the recommendations developed by NIST to assist organizations in establishing and maintaining robust security for wireless local area networks (WLAN) using the new security features that were developed for IEEE 802.11i. Topics

A Power Management Proxy With a New Best-of-N Bloom Filter Design to Reduce False Positives

April 12, 2007

Author(s)

Miguel Jimeno, K Christensen, Allen L. Roginsky

Bloom filters are a probabilistic data structure used to evaluate set membership. A group of hash functions are used to map elements into a Bloom filter and to test elements for membership. In this paper, we propose using multiple groups of hash functions

Was this page helpful?