Search Publications

Displaying 351 - 375 of 4384

Recommended Criteria for Cybersecurity Labeling of Consumer Software

February 4, 2022

Author(s)

Michael Ogata, Amy Phelps, Julie Haney

Executive Order (EO) 14028, "Improving the Nation's Cybersecurity," tasks the National Institute of Standards and Technology (NIST), in coordination with the Federal Trade Commission (FTC) and other agencies, to initiate pilot programs for cybersecurity

Secure Software Development Framework (SSDF) Version 1.1: Recommendations for Mitigating the Risk of Software Vulnerabilities

February 3, 2022

Author(s)

Karen Scarfone, Murugiah Souppaya, Donna Dodson

Few software development life cycle (SDLC) models explicitly address software security in detail, so secure software development practices usually need to be added to each SDLC model to ensure that the software being developed is well-secured. This

Personal Identity Verification (PIV) of Federal Employees and Contractors

January 24, 2022

Author(s)

National Institute of Standards and Technology (NIST), Hildegard Ferraiolo, Andrew Regenscheid, Salvatore Francomacaro, David Cooper, Ketan Mehta, Annie W. Sokol, David Temoshok, Gregory Fiumara, Justin Richer, James L. Fenton, Johnathan Gloster, nabil anwer

FIPS 201 establishes a standard for a Personal Identity Verification (PIV) system (Standard) that meets the control and security objectives of Homeland Security Presidential Directive-12 (HSPD-12). It is based on secure and reliable forms of identity

Advantage of Machine Learning over Maximum Likelihood in Limited-Angle Low-Photon X-Ray Tomography

January 20, 2022

Author(s)

Zhen Guo, Jungki Song, George Barbastathis, Michael Glinsky, Courtenay Vaughan, Kurt Larson, Bradley Alpert, Zachary H. Levine

Limited-angle X-ray tomography reconstruction is an ill-posed inverse problem in general. Especially when the projection angles are limited and the measurements are taken in a photon-limited condition, reconstructions from classical algorithms such as

Guide to Bluetooth Security

January 19, 2022

Author(s)

John Padgette, John Bahr, Mayank Batra, Rhonda Smithbey, Lily Chen, Karen Scarfone

Bluetooth wireless technology is an open standard for short-range radio frequency communication used primarily to establish wireless personal area networks (WPANs), and has been integrated into many types of business and consumer devices. This publication

Identifying Tactics of Advanced Persistent Threats with Limited Attack Traces

December 16, 2021

Author(s)

Khandakar Ashrafi Akbar, Yigong Wang, Md Islam, Anoop Singhal, Latifur Khan, Bhavani Thuraisingham1

The cyberworld being threatened by continuous imposters needs the development of intelligent methods for identifying threats while keeping in mind all the constraints that can be encountered. Advanced persistent threats (APT) have become an emerging issue

Input/Output Check Bugs Taxonomy: Injection Errors in Spotlight

November 17, 2021

Author(s)

Irena Bojanova, Carlos Eduardo Cardoso Galhardo, Sara Moshtari

In this work, we present an orthogonal classification of input/output check bugs, allowing precise structured descriptions of related software vulnerabilities. We utilize the Bugs Framework (BF) approach to define two language-independent classes that

Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management

November 12, 2021

Author(s)

Kevin Stine, Stephen Quinn, Nahla Ivy, Matthew Barrett, Greg Witte, Larry Feldman, Robert Gardner

This document supplements NIST Interagency or Internal Report 8286, Integrating Cybersecurity and Enterprise Risk Management (ERM), by providing additional detail regarding risk guidance, identification, and analysis. This report offers examples and

Parenting Digital Natives in a Tech World: Research Findings of Children's and Parents' Password Knowledge & Practices

October 25, 2021

Author(s)

Yee-Yin Choong

n/a

(DRAFT) Promoting Access to Voting: Recommendations for Addressing Barriers to Private and Independent Voting for People with Disabilities

October 21, 2021

Author(s)

Kerrianne Buchanan, Kevin C. Mangold, Sharon J. Laskowski, Karen Reczek

The Executive Summary is not available in this Draft but is provided in the final version of the Report: https://doi.org/10.6028/NIST.SP.1273

Security Auditing of Internet of Things Devices in a Smart Home

October 15, 2021

Author(s)

Suryadipta Mazumdar, Daniel Bostos, Anoop Singhal

Attacks on the Internet of Things are increasing. Unfortunately, transparency and accountability that are paramount to securing Internet of Things devices are either missing or implemented in a questionable manner. Security auditing is a promising solution

Voices of First Responders-Nationwide Public Safety Communication Survey Findings: Day to Day Technology, Phase 2, Volume 3

October 15, 2021

Author(s)

Shanee Dawkins, Kerrianne Buchanan, Sandra Spickard Prettyman

The Nationwide Public Safety Broadband Network (NPSBN) is being developed to provide a dedicated network for first responders' use during incident response. A wave of new communication technologies compatible with the NPSBN is on the horizon, as major

Calculating Voxel-Polyhedron Intersections for Meshing Images

October 9, 2021

Author(s)

Stephen A. Langer, Andrew C.E. Reid

Finite element meshes constructed from 3D images are useful in materials science and medical applications when it is necessary to model the actual geometry of a sample, rather than an idealized approximation of it. Constructing the mesh involves computing