Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information Technology

Cybersecurity and privacy

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author

Title

Author

NIST Pub Series

Report Number

Published Date

Min

Max

Displaying 1176 - 1200 of 1521

Electronic Authentication Guideline

April 30, 2006

Author(s)

William E. Burr, Donna F. Dodson, William T. Polk

[Superseded by SP 800-63-1 (December 2011): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=910006] This recommendation provides technical guidance to Federal agencies implementing electronic authentication. The recommendation covers remote

Glossary of Key Information Security Terms

April 25, 2006

Author(s)

Richard L. Kissel

[Superseded by NISTIR 7298 Revision 1: http://www.nist.gov/manuscript-publication-search.cfm?pub_id=907638] This glossary of basic security terms has been extracted from NIST Federal Information Processing Standards (FIPS) and the Special Publication (SP)

Protecting Sensitive Information Transmitted in Public Networks

April 21, 2006

Author(s)

Shirley M. Radack

This bulletin summarizes NIST SP 800-77, Guide to IPsec VPNs, which was issued by NIST to help network architects, network administrators, security staff, technical support staff, and computer security program managers who are responsible for the technical

Targeted Search: Reducing the Time and Cost for Searching for Objects in Multi-Server Networks

April 9, 2006

Author(s)

Allen L. Roginsky

In many applications - including P2P file sharing, content distribution networks, and grid computing - a single object will be searched for in multiple servers. In this paper, we find the provably optimal search method for such applications and develop

PIV Middleware and PIV Card Application Conformance Test Guidance (SP 800-73 Compliance)

April 5, 2006

Author(s)

Ramaswamy Chandramouli, Levent Eyuboglu, Ketan Mehta

[Superseded by SP 800-85A-1 (March 2009): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=902200] This document provides derived test requirements and test assertions for generating conformance tests for the following classes of specification

Cryptographic Hash Standards ? Where Do We Go From Here?

April 1, 2006

Author(s)

William E. Burr

The two most commonly used cryptographic hash functions, MD5 and SHA-1, have been successfully attacked?it is no longer advisable to use them in some applications, although other applications are not affected. Furthermore, these attacks have triggered a

Prevailing Over Wires in Healthcare Environments: Benefits and Challenges

April 1, 2006

Author(s)

David E. Cypher, Nicolas Chevrollier, Nicolas Montavont, Nada T. Golmie

The objectives of this article are to survey the benefits and challenges that poise the deployment and operation of wireless communications in support of healthcare networks. While the main advantages of wireless communications remain to provide ubiquitous

Minimum Security Requirements for Federal Information and Information Systems: Federal Information Processing Standard (FIPS) 200 Approved by the Secretary of Commerce

March 24, 2006

Author(s)

Shirley M. Radack

This bulletin provides information on the applicability and implementation of FIPS 200, Minimum Security Requirements for Federal Information and Information Systems. It advises Federal agencies of the requirements under the Federal Information Security

Interfaces For Personal Identity Verification, 2006 Edition

March 15, 2006

Author(s)

James F. Dray Jr., Scott Guthery, Teresa T. Schwarzhoff

[Superseded by SP 800-73-2 (September 2008): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=901358] This document specifies the PIV data model, Application Programming Interface (API), and card interface requirements necessary to comply with

Collisions and Near-Collisions for Reduced-Round Tiger

March 1, 2006

Author(s)

John M. Kelsey, Stefan Lucks

We describe a collision-finding attack on 16 rounds of the Tiger hash function requiring the time for about 244 compression function invocations. This extends to a collision-finding attack on 17 rounds of the Tiger hash function in time of about 249

Fingerprint Identification and Mobile Handheld Devices: An Overview and Implementation

March 1, 2006

Author(s)

Wayne Jansen, Ronan Daniellou, Nicolas Cilleros

The use of mobile handheld devices within the workplace is expanding rapidly. These devices are no longer viewed as coveted gadgets for early technology adopters, but have instead become indispensable tools that offer competitive business advantages for

Minimum Security Requirements for Federal Information and Information Systems

March 1, 2006

Author(s)

National Institute of Standards and Technology (NIST), Ronald S. Ross, Stuart W. Katzke, L A. Johnson

FIPS 200 is the second standard that was specified by the Federal Information Security Management Act (FISMA). It is an integral part of the risk management framework that the National Institute of Standards and Technology (NIST) has developed to assist

Guide for Developing Security Plans for Information Technology Systems

February 24, 2006

Author(s)

Marianne M. Swanson, Joan Hash, Pauline Bowen

The objective of system security planning is to improve protection of information system resources. All federal systems have some level of sensitivity and require protection as part of good management practice. The protection of a system must be documented

Creating a Program to Manage Security Patches and Vulnerabilities: NIST Recommendations for Improving System Security

February 15, 2006

Author(s)

Shirley M. Radack

This bulletin provides information for organizational security managers who are responsible for designing and implementing security patch and vulnerability management programs and for testing the effectiveness of the programs in reducing vulnerabilities

Biometrics Standards ? Rising to the Challenge of Technology Innovation

February 1, 2006

Author(s)

Fernando L. Podio

For decades, biometric technologies were primarily used in law enforcement applications. Currently, they are increasingly being required in multiple public and private sector applications worldwide to authenticate a person?s identity, secure national

Computer Security Division 2005 Annual Report

February 1, 2006

Author(s)

Tanya L. Brewer, Matthew A. Scholl

This report covers the work conducted within the National Institute of Standards and Technology's Computer Security Division during the Fiscal Year 2005. It discusses all projects and programs within the Division, staff highlights, and publications. For

Testing and Validation of Personal Identity Verification (PIV) Components and Subsystems for Conformance to Federal Information Processing Standard 201

January 25, 2006

Author(s)

Shirley M. Radack

This bulletin provides information about testing and validation of personal identity verification (PIV) components and subsystems for conformance to Federal Information Processing Standard 201, Personal Identification Verification of Federal Employees and

Codes for the Identification of Federal and Federally Assisted Organizations (NIST SP 800-87 v1.0, Jan. 2006 edition)

January 11, 2006

Author(s)

William C. Barker, Hildegard Ferraiolo

[Superseded by SP 800-87 v1.0 (March 2007): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=51132] The Homeland Security Presidential Directive HSPD-12 called for new standards to be adopted governing the interoperable use of identity

Personal Identity Verification Card Management Report

January 6, 2006

Author(s)

James F. Dray Jr., David Corcoran

NIST Special Publication 800-73 (http://piv.nist.gov) provides technical specifications for Personal Identity Verification (PIV) cards. However, it does not contain a complete card management specification for PIV systems. This Report provides an overview

Cryptographic Primitives Can Be Fragile

January 3, 2006

Author(s)

Rene C. Peralta

We show that a well-known coin-flipping protocol is breakable in the sense that one of the parties can pre-determine the result of the coin-flip. The way in which the protocol fails is illustrative of the fact that there are insecure ways of using secure

Application of Beamforming in Wireless Location Estimation

January 1, 2006

Author(s)

Kamran Sayrafian, D Kaspar

We have implemented a quantum key distribution (QKD) system with polarization encoding at 850 nm over 1 km of optical fiber. The high-speed management of the bit-stream, generation of random numbers and processing of the sifting algorithm are all handled

Source-Assisted Direction Estimation Inside Buildings

January 1, 2006

Author(s)

Kamran Sayrafian, D Kaspar

E-Government Security Issues and Measures

December 30, 2005

Author(s)

William C. Barker

The Handbook will be a three-volume, 2,400-page reference source providing state-of-the-art information concerning the information, computer and network security with coverage of the core topics. The audience is four-year colleges and universities with

Preventing and Handling Malware Incidents: How to Protect Information Technology Systems from Malicious Code and Software

December 22, 2005

Author(s)

Shirley M. Radack

This bulletin provides information about "malware," a term used to describe malicious code and malicious software that are covertly inserted into an information technology (IT) system to compromise the confidentiality, integrity, or availability of the

Electromagnetic Signatures of Wireless Local Area Network Cards: Implementation Issues and Detection in the Presence of Interferers

December 21, 2005

Author(s)

K. Remley, Robert Johnk, Tom T. Karygiannis, Emmanouil Antonakakis

This work investigates a measurement method for detecting the radio-frequency electromagnetic characteristics of an individual 802.11b wireless local-area network (WLAN) card--its electromagnetic signature--in the presence of an interfering signal. The

Was this page helpful?