Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information Technology

Cybersecurity and privacy

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author

Title

Author

NIST Pub Series

Report Number

Published Date

Min

Max

Displaying 1151 - 1175 of 1521

RFID Security: A Taxonomy of Risk

October 27, 2006

Author(s)

A Karygiannis, T. Phillips, A. Tsibertzopoulos

Radio Frequency Indentification (RFID) and other automated identification technologies (AIT) are being used by government and industry to replace barcodes and existing pen and paper processes in areas such as asset tracking, toll collection, supply chain

Log Management: Using Computer and Network Records to Improve Information Security

October 25, 2006

Author(s)

Shirley M. Radack

NIST SP 800-92 helps organizations develop, implement and maintain effective processes for managing logs, which contain information about specific events occurring within information technology (IT) systems and networks. The information is recorded in logs

An Ontology of Identity Credentials Part 1: Background and Formulation

October 6, 2006

Author(s)

William I. MacGregor

The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the Nation s measurement and standards infrastructure. ITL develops

Programmable Active Services for SIP

October 1, 2006

Author(s)

Jean Deruelle, Mudumbai Ranganathan, Douglas C. Montgomery

We have implemented a quantum key distribution (QKD) system with polarization encoding at 850 nm over 1 km of optical fiber. The high-speed management of the bit-stream, generation of random numbers and processing of the sifting algorithm are all handled

Study of BGP Peering Session Attacks and Their Impacts on Routing Performance

October 1, 2006

Author(s)

Kotikalapudi Sriram, Douglas C. Montgomery, Oliver Borchert, Okhee Kim, David R. Kuhn

We present a detailed study of the potential impact of BGP peering session attacks and the resulting exploitation of Route Flap Damping (RFD) that cause network-wide routing disruptions. We consider canonical grid as well as down-sampled realistic

Assessment of Access Control Systems

September 29, 2006

Author(s)

Chung Tong Hu, David F. Ferraiolo, David R. Kuhn

Access control is perhaps the most basic aspect of computer security. Nearly all applications that deal with financial, privacy, safety, or defense include some form of access control. In many systems access control takes the form of a simple password

Guidance for Securing Microsoft Windows XP Home Edition: A NIST Security Configuration Checklist

September 29, 2006

Author(s)

Karen A. Scarfone, Murugiah Souppaya, John Connor

The National Institute of Standards and Technology (NIST) developed this document in furtherance of its statutory responsibilities under the Federal Information Security Management Act (FISMA) of 2002, Public Law 107-347. This publication seeks to assist

Forensic Techniques: Helping Organizations Improve Their Responses to Information Security Incidents

September 27, 2006

Author(s)

Shirley M. Radack

This bulletin explains the need for the use of digital forensic techniques, which can help organizations respond more effectively to information security incidents, and protect the confidentially, integrity and availability of their information and systems

Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities

September 21, 2006

Author(s)

Timothy Grance, Tamara Nolan, Kristin Burke, Rich Dudley, Gregory White, Travis Good

Guide to Computer Security Log Management

September 13, 2006

Author(s)

Karen A. Scarfone, Murugiah Souppaya

The National Institute of Standards and Technology (NIST) developed this document in furtherance of its statutory responsibilities under the Federal Information security Management Act (FISMA) of 2002, Public Law 107-347. This publication seeks to assist

Guide to Integrating Forensic Techniques into Incident Response

September 1, 2006

Author(s)

Timothy Grance, Suzanne Chevalier, Karen A. Scarfone, Hung Dang

This publication is intended to help organizations in investigating computer security incidents and troubleshooting some information technology (IT) operational problems by providing practical guidance on performing computer and network forensics. The

Guidelines for Media Sanitization

September 1, 2006

Author(s)

Richard L. Kissel, Matthew A. Scholl, Steven Skolochenko, Xiang Li

Information systems capture, process, and store information using a wide variety of media. This information is located not only on the intended storage media but also on devices used to create, process, or transmit this information. These media may require

Personal Identity Verification Demonstration Summary

August 31, 2006

Author(s)

Erika McCallister, Hildegard Ferraiolo

This paper provides a summary of the NIST Personal Identity Verification (PIV) Demonstration. The PIV Demonstration took place from May 15 to June 14, 2006. Forty-four companies voluntarily participated through a Cooperative Research and Development

Protecting Sensitive Information Processed and Stored in Information Technology (IT) Systems

August 30, 2006

Author(s)

Shirley M. Radack

This bulletin explains the need for media sanitization, which is the process for removing confidential data from storage media, with reasonable assurance that the data cannot be retrieved and reconstructed. NIST recommendations to help organizations and

Concrete Multiplicative Complexity of Symmetric Functions

August 1, 2006

Author(s)

Joan Boyar, Rene Peralta

The multiplicative complexity of a Boolean function f is defined as the minimum number of binary conjunction (AND) gates required to construct a circuit representing f, when only exclusive-or, conjunction and negation gates may be used. This article

5th Annual PKI R&D Workshop "Making PKI Easy to Use" Proceedings

July 18, 2006

Author(s)

William T. Polk, Nelson E. Hastings, Kent Seamons

NIST hosted the fifth annual Public Key Infrastructure (PKI) Research Workshop on April 4-6, 2006. The two and a half day event brought together PKI experts from academia, industry, and government to explore the remaining challenges in deploying public key

Domain Name System (DNS) Services: NIST Recommendations for Secure Deployment

July 2, 2006

Author(s)

Shirley M. Radack

This bulletin explains the Domain Name System (DNS) infrastructure, and discusses NIST's recommendations to help organizations analyze their operating environments and the threats to their DNS services, and to apply appropriate risk-based security measures

Personal Identity Verification (PIV) of Federal Employees and Contractors

June 26, 2006

Author(s)

National Institute of Standards and Technology (NIST), William I. MacGregor, Ketan Mehta

[Superseded by FIPS 201-2(August 2013): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=914530] This document was developed to satisfy the requirements of HSPD-12, approved by the Secretary of Commerce, and issued on March 2006. This change

The Computational Complexity of Enforceability Validation for Generic Access Control Rules

June 14, 2006

Author(s)

Chung Tong Hu, David R. Kuhn, David F. Ferraiolo

In computer security, many researches have tackled on the possibility of a unified model of access control, which could enforce any access control policies within a single unified system. One issue that must be considered is the efficiency of such systems

Recommendation for Random Number Generation Using Deterministic Random Bit Generators

June 13, 2006

Author(s)

Elaine B. Barker, John M. Kelsey

[Superseded by SP 800-90 Revised (March 2007): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=50814] This Recommendation specifies mechanisms for the generation of random bits using deterministic methods. The methods provided are based on

Power Control in Multihop CSMA

June 1, 2006

Author(s)

Hamid Gharavi, Bo Yan

An Update on Cryptographic Standards, Guidelines, and Testing Requirements

May 24, 2006

Author(s)

Shirley M. Radack

This bulletin discusses the cryptographic methods that have been used to maintain the confidentiality and integrity of information, to verify that information was not changed after it was sent, and to authenticate the originator of the information. As

Secure Domain Name System (DNS) Deployment Guide

May 16, 2006

Author(s)

Ramaswamy Chandramouli, Scott W. Rose

[Superseded by SP 800-81 Rev. 1 (April 2010): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=905113] We examine the performance of multimodal biometric authentication systems using state-of-the-art Commercial Off-the-Shelf (COTS) fingerprint

Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography

May 3, 2006

Author(s)

Elaine B. Barker, Don Johnson, Miles Smid

[Superseded by SP 800-56A Revised (March 2007): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=150618] This Recommendation specifies key establishment schemes using discrete logarithm cryptography, based on standards developed by the

Recommendation for Key Management - Part 1: General (Revised) (May 2006 edition)

May 1, 2006

Author(s)

Elaine B. Barker, William C. Barker, William E. Burr, William T. Polk, Miles Smid

[Superseded by SP 800-57 Part 1 Revised (March 2007): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=917473] This Recommendation provides cryptographic key management guidance. It consists of three parts. Part 1 provides general guidance and

Was this page helpful?