Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information Technology

Cybersecurity and privacy

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author

Title

Author

NIST Pub Series

Report Number

Published Date

Min

Max

Displaying 1126 - 1150 of 1521

Guidelines for Securing Radio Frequency Identification (RFID) Systems

April 6, 2007

Author(s)

Tom T. Karygiannis, Bernard Eydt, Greg Barber, Lynn Bunn, T. Phillips

This publication seeks to assist organizations in understanding the risks of RFID technology and security measures to mitigate those risks. It provides practical, real-world advice on how to initiate, design, implement and operate RFID systems in a manner

A Power Management Proxy with a New Best-of-N Bloom Filter Design to Reduce False Positives

April 2, 2007

Author(s)

Miguel Jimeno, Allen L. Roginsky, K Christensen

Bloom filters are a probabilistic data structure used to evaluate set membership. A group of hash functions are used to map elements into a Bloom filter and to test elements for membership. In this paper, we propose using multiple groups of hash functions

Improving the Security of Electronic Mail: Updated Guidelines Issued by NIST

March 28, 2007

Author(s)

Shirley M. Radack

This bulletin summarizes the recommendations developed by NIST to assist organizations in designing, implementing and operating email systems that are secure. Topics covered in the bulletin include a description of the contents and the appendices of the

Cell Phone Forensic Tools: An Overview and Analysis Update

March 21, 2007

Author(s)

Richard Ayers, Wayne Jansen, Aurelien M. Delaitre, Ludovic Moenner

Cell phones and other handheld devices incorporating cell phone capabilities (e.g., Personal Digital Assistant (PDA) phones) are ubiquitous. Rather than just placing calls, certain phones allow users to perform additional tasks such as SMS (Short Message

Computer Security Division 2006 Annual Report

March 21, 2007

Author(s)

Tanya L. Brewer, Kevin M. Stine

This report covers the work conducted within the National Institute of Standards and Technology's Computer Security Division during the Fiscal Year 2006. It discusses all projects and programs within the Division, staff highlights, and publications. For

Recommendation for Pair-Wise Key Establishment Using Discrete Logarithm Cryptography (Revised)

March 14, 2007

Author(s)

Elaine B. Barker, Don Johnson, Miles E. Smid

[Superseded by SP 800-56A Rev. 2 (May 2013): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=913431] This Recommendation provides the specifications of key establishment schemes that are appropriate for use by the U.S. Federal Government

Recommendation for Random Number Generation Using Deterministic Random Bit Generators (Revised)

March 14, 2007

Author(s)

Elaine B. Barker, John M. Kelsey

[Superseded by SP 800-90A (January 2012): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=910345] This Recommendation specifies mechanisms for the generation of random bits using deterministic methods. The methods provided are based on either

Codes for the Identification of Federal and Federally-Assisted Organizations (NIST SP 800-87 v1.0, March 2007 edition)

March 7, 2007

Author(s)

William C. Barker, Hildegard Ferraiolo

[Superseded by SP 800-87 Rev. 1 (April 2008): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=152125] The Homeland Security Presidential Directive HSPD-12 called for new standards to be adopted governing the interoperable use of identity

Recommendation for Key Management - Part 1: General (Revised) (March 2007 edition)

March 1, 2007

Author(s)

Elaine B. Barker, William C. Barker, William E. Burr, William T. Polk, Miles Smid

[Superseded by SP 800-57 Part 1 Rev. 3 (July 2012): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=910342] This Recommendation provides cryptographic key management guidance. It consists of three parts. Part 1 provides general guidance and

Intrustion Detection and Prevention Systems

February 26, 2007

Author(s)

Shirley M. Radack

This bulletin summarizes the recommendations developed by NIST for organizations in the effective use of intrusion detection and prevention systems (IDPS). These software systems help organizations to monitor and analyze events occurring in their

Guide to Intrusion Detection and Prevention Systems (IDPS)

February 20, 2007

Author(s)

Karen A. Scarfone, Peter M. Mell

The National Institute of Standards and Technology (NIST) developed this document in furtherance of its statutory responsibilities under the Federal Information Security Management Act (FISMA) of 2002, Public Law 107-347. This publication seeks to assist

Guidelines on Electronic Mail Security

February 20, 2007

Author(s)

Miles C. Tracy, Wayne Jansen, Karen A. Scarfone, Jason Butterfield

This document was developed in furtherance of NIST's statutory responsibilities under the Federal Information Security Management Act (FISMA) of 2002, Public Law 107-347. The purpose of the publication is to recommend security practices for designing

Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i

February 7, 2007

Author(s)

Sheila E. Frankel, Bernard Eydt, L Owens, Karen Kent Scarfone

This report provides readers with a detailed explanation of next generation 802.11 wireless security. It describes the inherently flawed Wired Equivalent Privacy (WEP) and explains 802.11i's two-step approach (interim and long-term)to providing effective

Security Controls for Information Systems: Revised Guidelines Issued by NIST

January 31, 2007

Author(s)

Shirley M. Radack

This bulletin summarizes the information provided in NIST SP 800-53, concerning the guidance developed for federal agencies in selecting and specifying security controls for their information systems. The bulletin discusses the contents of SP 800-53 and

Information Security Guide for Government Executives

January 1, 2007

Author(s)

Pauline Bowen, Elizabeth Chew, Joan Hash

Information Security Guide for Government Executives provides a broad overview of information security program concepts to assist senior leaders in understanding how to oversee and support the development and implementation of information security programs

Program Review for Information Security Management Assistance (PRISMA)

January 1, 2007

Author(s)

Pauline Bowen, Richard L. Kissel

Several sources of guidance, policies, standards and legislative acts provide many requirements for the federal agencies when protecting entrusted information. Various assessments, reviews, and inspections are an outcome of these information security

Role-Based Access Control, Second Edition

December 31, 2006

Author(s)

David F. Ferraiolo, David R. Kuhn, Ramaswamy Chandramouli

[ISBN-13: 978-1-59693-113-8] This newly revised edition of "Role-Based Access Control" offers the latest details on a security model aimed at reducing the cost and complexity of security administration for large networked applications. The second edition

PIV Card to Reader Interoperability Guidelines

December 29, 2006

Author(s)

James F. Dray Jr., April Giles, Michael Kelley, Ramaswamy Chandramouli

The purpose of this document is to present recommendations for Personal Identity Verification (PIV) card readers in the area of performance and communications characteristics to foster interoperability. This document is not intended to re-state or

Managing Enterprise Risk in Today's World of Sophisticated Threats: A Framework for Developing Broad-based, Cost-effective Information Security Programs

December 28, 2006

Author(s)

Ronald S. Ross

The Federal Information Security Management Act of 2002 places significant requirements on federal agencies for the protection of information and information systems including those systems comprising the critical infrastructure of the United States. The

Maintaining Effective Information Technology (IT) Security Through Test, Training, and Exercise Programs

December 19, 2006

Author(s)

Shirley M. Radack

This bulletin summarizes the information provided in NIST SP 800-84, concerning the need to design, develop, conduct, and evaluate Test, Training, and Exercise (TT&E) activities. The bulletin provides information on how organizations can prepare for

Recommended Security Controls for Federal Information Systems

December 19, 2006

Author(s)

Ronald S. Ross, Stuart W. Katzke, L A. Johnson, Marianne M. Swanson, G Stoneburner, G Rogers

[Superseded by NIST SP 800-53 Revision 2 (December 2007): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=51351] The purpose of this publication is to provide guidelines for selecting and specifying security controls for information systems

Information Security Handbook: A Guide for Managers

December 1, 2006

Author(s)

Pauline Bowen, Joan Hash, Mark Wilson

This Information Security Handbook provides a broad overview of information security program elements to assist managers in understanding how to establish and implement an information security program. Typically, the organization looks to the program for

Recommendation for Obtaining Assurances for Digital Signature Applications

November 30, 2006

Author(s)

Elaine B. Barker

Entities participating in the generation or verification of digital signatures depend on the authenticity of the process. This Recommendation specifies methods for obtaining the assurances necessary for valid digital signatures: assurance of domain

Guide to Securing Computers Using Windows XP Home Edition

November 22, 2006

Author(s)

Shirley M. Radack

This bulletin summarizes the information provided in NIST SP 800-69 concerning the need to secure Windows XP Home Edition computers, and discusses the security protections that are available to reduce weaknesses, protect privacy, stop attacks and preserve

Specification for the Extensible Configuration Checklist Description Format (XCCDF), Version 1.1

November 1, 2006

Author(s)

Neal Ziring, Timothy Grance

This document specifies the data model and XML representation for the Extensible Configuration Checklist Description Format (XCCDF). An XCCDF document is a structured collection of security configuration rules for some set of target systems. The XCCDF

Was this page helpful?