Skip to main content

NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.

Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.

U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author
  • Published Date
Displaying 1 - 25 of 2282

Guidelines for Media Sanitization

September 26, 2025
Author(s)
Ramaswamy Chandramouli, Eric Hibbard
Media sanitization refers to a process that renders access to target data on the media infeasible for a given level of effort. This guide will assist organizations and system owners in setting up a media sanitization program with proper and applicable

Recommendation for Random Bit Generator (RBG) Constructions

September 25, 2025
Author(s)
Elaine Barker, John Kelsey, Kerry McKay, Allen Roginsky, Meltem Sonmez Turan
The NIST Special Publication (SP) 800-90 series of documents supports the generation of high-quality random bits for cryptographic and non-cryptographic use. SP 800-90A, Recommendation for Random Number Generation Using Deterministic Random Bit Generators

Methodology for Characterizing Network Behavior of Internet of Things Devices

August 28, 2025
Author(s)
Paul Watrobski, Murugiah Souppaya, Joshua Klosterman, William C. Barker, Jeffrey Marron, Blaine Mulugeta
This report describes an approach to capturing and documenting the network communication behavior of Internet of Things (IoT) devices. From this information, manufacturers, network administrators, and others can create and use files based on the

EVALUATING IDENTITY LEAKAGE IN SPEAKER DE-IDENTIFICATION SYSTEMS

August 21, 2025
Author(s)
Seungmin Seo, Oleg Aulov, Afzal Godil, Kevin Mangold
Speaker de-identification aims to conceal a speaker's identity while preserving intelligibility of the underlying speech. We introduce a benchmark that quantifies residual identity leak- age with three complementary error rates: equal error rate (EER)

NIST SP 800-63-4: Digital Identity Guidelines

August 1, 2025
Author(s)
David Temoshok, Yee-Yin Choong, Ryan Galluzzo, Marie LaSalle, Andrew Regenscheid, Diana Proud-Madruga, Sarbari Gupta, Naomi Lefkovitz
These guidelines cover identity proofing, authentication, and federation of users (such as employees, contractors, or private individuals) interacting with government information systems over networks. They define technical requirements in each of the

NIST SP 800-63A-4:Digital Identity Guidelines - Identity Proofing and Enrollment

August 1, 2025
Author(s)
David Temoshok, Yee-Yin Choong, Ryan Galluzzo, Marie LaSalle, Andrew Regenscheid, Christine Abruzzi, James L. Fenton, Naomi Lefkovitz
This guideline focuses on identity proofing and enrollment for use in digital authentication. During the process of identity proofing, an applicant provides evidence to a credential service provider (CSP) reliably identifying themselves, thereby allowing

NIST SP 800-63B-4:Digital Identity Guidelines - Authentication and Authenticator Management

August 1, 2025
Author(s)
David Temoshok, Yee-Yin Choong, Andrew Regenscheid, Ryan Galluzzo, James L. Fenton, Justin Richer, Naomi Lefkovitz
This guideline focuses on the authentication of subjects who interact with government information systems over networks to establish that a given claimant is a subscriber who has been previously authenticated. The result of the authentication process may

NIST SP 800-63C-4:Digital Identity Guidelines - Federation and Assertions

August 1, 2025
Author(s)
Justin Richer, James L. Fenton, Naomi Lefkovitz, David Temoshok, Ryan Galluzzo, Andrew Regenscheid, Yee-Yin Choong
This guideline focuses on the use of federated identity and the use of assertions to implement identity federations. Federation allows a given credential service provider to provide authentication attributes and (optionally) subscriber attributes to a

A Large-Scale Study of Relevance Assessments with Large Language Models: An Initial Look

July 18, 2025
Author(s)
Shivani Upadhyay, Ronak Pradeep, Nandan Thakur, Daniel Campos, Nick Craswell, Ian Soboroff, Hoa Dang, Jimmy Lin
The application of large language models to provide relevance assessments presents exciting opportunities to advance IR, NLP, and beyond, but to date many unknowns remain. In this paper, we report on the results of a large-scale evaluation (the TREC 2024

LLM-Assisted Relevance Assessments

July 13, 2025
Author(s)
Rikiya Takehi, Ellen Voorhees, Tetsuya Sakai, Ian Soboroff
Test collections are information retrieval tools that allow researchers to quickly and easily evaluate ranking algorithms. While test col- lections have become an integral part of IR research, the process of data creation involves significant efforts of

Guidelines for API Protection for Cloud-Native Systems

June 27, 2025
Author(s)
Ramaswamy Chandramouli, Zack Butcher
Modern enterprise IT systems rely on a family of application programming interfaces (APIs) for integration to support organizational business processes. Hence, a secure deployment of APIs is critical for overall enterprise security. This, in turn, requires

Hallucination Detection in Large Language Models Using Diversion Decoding

June 24, 2025
Author(s)
Basel Abdeen, S M Tahmid Siddiqui, Meah Tahmeed Ahmed, Anoop Singhal, Latifur Khan, Punya Modi, Ehab Al-Shaer
Large language models (LLMs) have emerged as a powerful tool for retrieving knowledge through seamless, human-like interactions. Despite their advanced text generation capabilities, LLMs exhibit hallucination tendencies, where they generate factually

Analysis of Propagation of Regular, Extended, and Large BGP Communities

June 20, 2025
Author(s)
Lilia Hannachi, Kotikalapudi Sriram, Douglas Montgomery
This study focuses on the analysis of propagation of Regular, Extended, and Large Communities in the Border Gateway Protocol (BGP). Once added, these communities are often intended to be transitive by default, meaning that they should be propagated from

Implementing a Zero Trust Architecture: High-Level Document

June 10, 2025
Author(s)
Alper Kerman, Oliver Borchert, Gema Howell, Scott Rose, Murugiah Souppaya, Jason Ajmo, Yemi Fashina, Parisa Grayeli, Joseph Hunt, Jason Hurlburt, Nedu Irrechukwu, Joshua Klosterman, Oksana Slivina, Susan Symington, Allen Tan, Karen Scarfone, William Barker, Peter Gallagher, Aaron Palermo, Madhu Balaji, Adam Cerini, Rajarshi Das, Jacob Barosin, Kyle Black, Scott Gordon, Jerry Haskins, Keith Luck, Dale McKay, Sunjeet Randhawa, Brian Butler, Mike Delaguardia, Matthew Hyatt, Randy Martin, Peter Romness, Corey Bonnell, Dean Coclin, Ryan Johnson, Dung Lam, Darwin Tolbert, Tim Jones, Tom May, Christopher Altman, Alex Bauer, Marco Genovese, Andrew Campagna, John Dombroski, Adam Frank, Nalini Kannan, Priti Patil, Harmeet Singh, Mike Spisak, Krishna Yellepeddy, Nicholas Herrmann, Corey Lund, Farhan Saifudin, Madhu Dodda, Tim LeMaster, Ken Durbin, James Elliott, Earl Matthews, David Pricer, Joey Cruz, Tarek Dawoud, Carmichael Patton, Alex Pavlovsky, Brandon Stephenson, Clay Taylor, Bob Lyons, Vinu Panicker, Peter Bjork, Hans Drolshagen, Imran Bashir, Ali Haider, Nishit Kothari, Sean Morgan, Seetal Patel, Norman Wong, Zack Austin, Shawn Higgins, Rob Woodworth, Mitchell Lewars, Bryan Rosensteel, Don Coltrain, Wade Ellery, Deborah McGinn, Frank Briguglio, Ryan Tighe, Chris Jensen, Joshua Moll, Jason White, Joe Brown, Gary Bradt, Jeffrey Adorno, Syed Ali, Bob Smith
A zero trust architecture (ZTA) enables secure authorized access to enterprise resources that are distributed across on-premises and multiple cloud environments, while enabling a hybrid workforce and partners to access resources from anywhere, at any time

Data Frequency Coverage Impact on AI Performance

April 15, 2025
Author(s)
Erin Lanus, Brian Lee, Jaganmohan Chandrasekaran, Laura Freeman, M S Raunak, Raghu Kacker, David Kuhn
Artificial Intelligence (AI) models use statistical learning over data to solve complex problems for which straightforward rules or algorithms may be difficult or impossible to design; however, a side effect is that models that are complex enough to

IEEE 1451.0-based Web of Thing (WoT) Ontology

March 10, 2025
Author(s)
Eugene Song, Helbert da Rocha, Antonio Espirito-Santo, Riccardo Brama
Internet of Things (IoT) ecosystems are highly heterogeneous in terms of smart sensors/devices, connectivity, communication protocols, data formats, and platforms. The major challenges of IoT ecosystems are fragmentation or disintegration and cross-domain

Security for IEEE P1451.1.6-based Sensor Networks for IoT Applications

March 10, 2025
Author(s)
Eugene Song, Kang B. Lee, Hiroaki Nishi, Janaka Wejekoon
There are many challenges for Internet of Things (IoT) sensor networks including the lack of robust standards, diverse wireline and wireless connectivity, interoperability, security, and privacy. Addressing these challenges, the Institute of Electrical and

Semantics for Enhancing Communications- and Edge-Intelligence-enabled Smart Sensors: A Practical Use Case in Federated Automotive Diagnostics

March 10, 2025
Author(s)
Eugene Song, Thomas Roth, David A. Wollman, Eoin Jordan, Martin Serrano, Amelie Gyrard
Modern edge artificial intelligence (AI) chipsets and edge-intelligence-enabled smart sensors frameworks support real-time data processing and event detection at the signal source. Beyond just measuring local conditions and transmitting corresponding

A Security Perspective on the Web3 Paradigm

February 25, 2025
Author(s)
Dylan Yaga, Peter Mell
Web3 is a proposed vision for the future of the internet that is restructured to be more user-centric with an emphasis on decentralized data. Users would own and manage their personal data, and systems would be decentralized and distributed. Digital tokens
Was this page helpful?