U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information technology

Cybersecurity and privacy

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author
Published Date
Displaying 1351 - 1375 of 1528

Report on the Second Modes of Operation Workshop

October 1, 2001
Author(s)
Morris J. Dworkin
NIST sponsored a public workshop for the analysis of block cipher modes of operation on August 24, 2001, in Goleta, California. This report summarizes the presentations and discussions at that workshop.

Security Self-Assessment Guide for Information Technology Systems

September 5, 2001
Author(s)
Marianne M. Swanson, Elizabeth B. Lennon
This ITL Bulletin summarizes Special Publication (SP) 800-26, Security Self-Assessment Guide for Information Technology Systems. Adequate security of information and the systems that process it is a fundamental management responsibility. Agency officials

The Policy Machine for Security Policy Management

July 17, 2001
Author(s)
Chung Tong Hu, Deborah A. Frincke, David F. Ferraiolo
Many different access controls policies and models have been developed to suit a variety of goals: these include Role-Based Access Control, One-directional Information Flow, Chinese Wall, Clark-Wilson, N-person Control, and DAC, in addition to more

Security - Revenue Generator and Mission Enabler

June 21, 2001
Author(s)
G Stoneburner
We need to facilitate a change in user perception of security from a hindrance to an essential revenue generator and mission enabler. The Common Criteria protection profile (PP) and security target (ST) constructs can be used to help achieve this need. Yet

Engineering Principles for Information Technology Security

June 1, 2001
Author(s)
G Stoneburner
In June 2001, ITL released NIST Special Publication (SP) 800-27, Engineering Principles for Information Technology Security (EP-ITS), by Gary Stoneburner, Clark Hayden, and Alexis Feringa. Engineering Principles for Information Technology (IT) Security (EP

Security Requirements for Cryptographic Modules [includes Change Notices as of 12/3/2002]

May 25, 2001
Author(s)
National Institute of Standards and Technology (NIST), Annabelle Lee, Miles E. Smid, Stanley R. Snouffer
This Federal Information Processing Standard (140-2) specifies the security requirements that will be satisfied by a cryptographic module, providing four increasing, qualitative levels intended to cover a wide range of potential applications and

A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications

May 15, 2001
Author(s)
Andrew L. Rukhin, Juan Soto, James R. Nechvatal, Miles E. Smid, Elaine B. Barker, Stefan D. Leigh, M Levenson, M Vangel, D L. Banks, Nathanael A. Heckert, James F. Dray Jr., S C. Vo
[Superseded by SP 800-22 Revision 1a (April 2010): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=906762] This paper discusses some aspects of selecting and testing random and pseudorandom number generators. The outputs of such generators may

An Introduction to IPsec (Internet Protocol Security)

March 30, 2001
Author(s)
Sheila E. Frankel
IPsec (Internet Protocol Security) is an attempt to utilize cryptographic techniques in a global solution to the problem of Internet security. Rather than requiring each email program or Web browser to implement its own security mechanisms, IPsec involves

Introduction to Public Key Technology and the Federal PKI Infrastructure

February 26, 2001
Author(s)
D. Richard Kuhn, Vincent C. Hu, William Polk, Shu-jen H. Chang
This publication was developed to assist agency decision-makers in determining if a PKI is appropriate for their agency, and how PKI services can be deployed most effectively within a Federal agency. It is intended to provide an overview of PKI functions

Federal Information Technology Security Assessment Framework

November 28, 2000
Author(s)
E Roback
[Prepared for the CIO Council's Security, Privacy, and Critical Infrastructure Committee] The Federal Information Technology (IT) Security Assessment Framework (or Framework) provides a method for agency officials to 1) determine the current status of

Security for Private Branch Exchange Systems

August 1, 2000
Author(s)
David R. Kuhn
This document provides an introduction to security for private branch exchange systems (PBXs). The primary audience is agency system administrators and others responsible for the installation and operation of PBX systems. Major threat classes are explained

Application of XML Tools for Enterprise-Wide RBAC Implementation Tasks

July 27, 2000
Author(s)
Ramaswamy Chandramouli
The use of Extensible Markup Language (XML) and its associated APIs, for information modeling and information interchange applications is being actively explored by the research community. In this paper we develop an XML Document Type Definition (DTD) for
Was this page helpful?