Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information Technology

Cybersecurity and privacy

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author

Title

Author

NIST Pub Series

Report Number

Published Date

Min

Max

Displaying 1176 - 1200 of 1509

Guide for Developing Security Plans for Information Technology Systems

February 24, 2006

Author(s)

Marianne M. Swanson, Joan Hash, Pauline Bowen

The objective of system security planning is to improve protection of information system resources. All federal systems have some level of sensitivity and require protection as part of good management practice. The protection of a system must be documented

Creating a Program to Manage Security Patches and Vulnerabilities: NIST Recommendations for Improving System Security

February 15, 2006

Author(s)

Shirley M. Radack

This bulletin provides information for organizational security managers who are responsible for designing and implementing security patch and vulnerability management programs and for testing the effectiveness of the programs in reducing vulnerabilities

Biometrics Standards ? Rising to the Challenge of Technology Innovation

February 1, 2006

Author(s)

Fernando L. Podio

For decades, biometric technologies were primarily used in law enforcement applications. Currently, they are increasingly being required in multiple public and private sector applications worldwide to authenticate a person?s identity, secure national

Computer Security Division 2005 Annual Report

February 1, 2006

Author(s)

Tanya L. Brewer, Matthew A. Scholl

This report covers the work conducted within the National Institute of Standards and Technology's Computer Security Division during the Fiscal Year 2005. It discusses all projects and programs within the Division, staff highlights, and publications. For

Testing and Validation of Personal Identity Verification (PIV) Components and Subsystems for Conformance to Federal Information Processing Standard 201

January 25, 2006

Author(s)

Shirley M. Radack

This bulletin provides information about testing and validation of personal identity verification (PIV) components and subsystems for conformance to Federal Information Processing Standard 201, Personal Identification Verification of Federal Employees and

Codes for the Identification of Federal and Federally Assisted Organizations (NIST SP 800-87 v1.0, Jan. 2006 edition)

January 11, 2006

Author(s)

William C. Barker, Hildegard Ferraiolo

[Superseded by SP 800-87 v1.0 (March 2007): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=51132] The Homeland Security Presidential Directive HSPD-12 called for new standards to be adopted governing the interoperable use of identity

Personal Identity Verification Card Management Report

January 6, 2006

Author(s)

James F. Dray Jr., David Corcoran

NIST Special Publication 800-73 (http://piv.nist.gov) provides technical specifications for Personal Identity Verification (PIV) cards. However, it does not contain a complete card management specification for PIV systems. This Report provides an overview

Cryptographic Primitives Can Be Fragile

January 3, 2006

Author(s)

Rene C. Peralta

We show that a well-known coin-flipping protocol is breakable in the sense that one of the parties can pre-determine the result of the coin-flip. The way in which the protocol fails is illustrative of the fact that there are insecure ways of using secure

Application of Beamforming in Wireless Location Estimation

January 1, 2006

Author(s)

Kamran Sayrafian, D Kaspar

We have implemented a quantum key distribution (QKD) system with polarization encoding at 850 nm over 1 km of optical fiber. The high-speed management of the bit-stream, generation of random numbers and processing of the sifting algorithm are all handled

Source-Assisted Direction Estimation Inside Buildings

January 1, 2006

Author(s)

Kamran Sayrafian, D Kaspar

E-Government Security Issues and Measures

December 30, 2005

Author(s)

William C. Barker

The Handbook will be a three-volume, 2,400-page reference source providing state-of-the-art information concerning the information, computer and network security with coverage of the core topics. The audience is four-year colleges and universities with

Preventing and Handling Malware Incidents: How to Protect Information Technology Systems from Malicious Code and Software

December 22, 2005

Author(s)

Shirley M. Radack

This bulletin provides information about "malware," a term used to describe malicious code and malicious software that are covertly inserted into an information technology (IT) system to compromise the confidentiality, integrity, or availability of the

Electromagnetic Signatures of Wireless Local Area Network Cards: Implementation Issues and Detection in the Presence of Interferers

December 21, 2005

Author(s)

K. Remley, Robert Johnk, Tom T. Karygiannis, Emmanouil Antonakakis

This work investigates a measurement method for detecting the radio-frequency electromagnetic characteristics of an individual 802.11b wireless local-area network (WLAN) card--its electromagnetic signature--in the presence of an interfering signal. The

HL7 Experimental Registry

December 12, 2005

Author(s)

William J. Majurski, A Mccaffrey, Mary T. Laamanen

Our results extending Kuhn's fault class hierarchy provide a justification for the focus of fault-based testing strategies on detecting particular faults and ignoring others. We develop a novel analytical technique that allows us to elegantly prove that

Guide to IPsec VPNs: Recommendations of the National Institute of Standards and Technology

December 1, 2005

Author(s)

Sheila E. Frankel, Karen Kent, Ryan Lewkowski, Angela Orebaugh, Ronald Ritchey, Steven Sharma

IPsec is a framework of open standards for ensuring private communications over public networks. It has become the most common network layer security control, typically used to create a virtual private network (VPN). A VPN is a virtual network ,built on

Guideline for Implementing Cryptography In the Federal Government [Second Edition]

December 1, 2005

Author(s)

Elaine B. Barker, William C. Barker

[Superseded by SP 800-175A (August 2016): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=921233; and SP 800-175B (August 2016): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=921185] This Second Edition of NIST Special

Securing Microsoft Windows XP Systems: NIST Recommendations for Using a Security Configuration Checklist

November 30, 2005

Author(s)

Shirley M. Radack

This bulletin summarizes NIST Special Publication 800-68, Guidance for Securing Microsoft Windows XP Systems for IT Professionals: A NIST Security Configuration Checklist. The bulletin discusses the security components offered by the Windows XP

Guide to Malware Incident Prevention and Handling

November 23, 2005

Author(s)

Peter M. Mell, Karen Kent, Joseph Nusbaum

[Superseded by SP 800-83 Rev. 1 (July 2013): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=913930] This publication provides recommendations for improving an organizations malware incident prevention measures. It also gives extensive

Creating a Patch and Vulnerability Management Program

November 16, 2005

Author(s)

Peter M. Mell, Tiffany Bergeron, Dave Henning

[Superseded by SP 800-40 Rev. 3 (July 2013): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=913929] This document provides guidance on creating a security patch and vulnerability management program and testing the effectiveness of that

An Integrity Verification Scheme for DNS Zone File based on Security Impact Analysis

November 1, 2005

Author(s)

Ramaswamy Chandramouli, Scott W. Rose

The Domain Name System (DNS) is the worlds largest distributed computing system that performs the key function of translating user-friendly domain names to IP Addresses through a process called Name Resolution. After looking at the protection measures for

National Vulnerability Database: Helping Information Technology System Users and Developers Find Current Information about Cyber Security Vulnerabilities

October 27, 2005

Author(s)

Shirley M. Radack

This ITL bulletin provides information about the National Vulnerability Database (NVD), a comprehensive database of cyber security vulnerabilities in information technology (IT) products that was developed by NIST with the support of the National Cyber

Guidance for Securing Microsoft Windows XP Systems for IT Professionals: A NIST Security Configuration Checklist

October 20, 2005

Author(s)

Murugiah P. Souppaya, Paul M. Johnson, Karen Kent

[Superseded by SP 800-68 Rev. 1 (October 2008): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=914530] NIST Special Publication 800-68 has been created to assist IT professionals, in particularly Windows XP system administrators and

PIV Middleware and PIV Card Application Conformance Test Guidance (SP 800-73 Compliance)

October 19, 2005

Author(s)

Ramaswamy Chandramouli, Levent Eyuboglu, Ketan Mehta

[Superseded by: SP 800-85A (April 2006): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=151318 and SP 800-85B (July 2006): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=50848] This document specifies the test plan, processes

The New FISMA Standards and GuidelinesChanging the Dynamic of Information Security for the Federal Government

October 19, 2005

Author(s)

Ronald S. Ross, Stuart W. Katzke, Patricia R. Toth

The Federal Information Security Management Act (FISMA) of 2002 places significant requirements on federal agencies for the protection of information and information systems; and places significant requirements on the National Institute of Standards and

Codes for the Identification of Federal and Federally Assisted Organizations Version 1.0 (NIST SP 800-87 v1.0)

October 14, 2005

Author(s)

William C. Barker, Hildegard Ferraiolo

[Superseded by SP 800-87 v1.0(January 2005): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=150589] The Homeland Security Presidential Directive HSPD-12 called for new standards to be adopted governing the interoperable use of identity

Was this page helpful?