Search Publications

Displaying 651 - 675 of 4391

The Next Generation Risk Management Framework (RMF 2.0): A Holistic Methodology to Manage Information Security, Privacy and Supply Chain Risk

February 28, 2019

Author(s)

Victoria Y. Pillitteri

This bulletin summarizes the information found in NIST SP 800-37, Revision 2: Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy which provides guidelines for applying the RMF to

Case Study - Exploring Children's Password Knowledge and Practices

February 23, 2019

Author(s)

Yee-Yin Choong, Mary Theofanos, Karen Renaud, Suzanne Prior

Children use technology from a very young age, and often have to authenticate themselves. Yet very little attention has been paid to designing authentication specifically for this particular target group. The usual practice is to deploy the ubiquitous

A Layered Graphical Model for Cloud Forensic and Mission Impact Analysis

February 1, 2019

Author(s)

Changwei Liu, Anoop Singhal, Duminda Wijesekera

In this paper, we describe a layered graphical model to analyze the impact of cyber attacks on business processes and services. Our model has three layers: the upper layer models the business processes and their dependencies. The middle layer constructs

A Method Level Test Generation Framework for Debugging Big Data Applications

January 24, 2019

Author(s)

Huadong Feng, Jagan Chandrasekaran, Yu Lei, Raghu N. Kacker, D. Richard Kuhn

When a failure occurs in a big data application, debugging with the original dataset can be difficult due to the large amount of data being processed. This paper introduces a framework for effectively generating method-level tests to facilitate debugging

Generating Domain Terminologies using Root- and Rule-Based Terms

December 21, 2018

Author(s)

Talapady N. Bhat, John T. Elliott, Ursula R. Kattner, Carelyn E. Campbell, Eswaran Subrahmanian, Ram D. Sriram, Jacob Collard, Monarch Ira

Motivated by the need for exible, intuitive, reusable, and normalized ter- minology for the semantic web, we present a general approach for generat- ing sets of such terminologies from nat- ural language documents. The terms that this approach generates

Threat Modeling for Cloud Infrastructures

December 21, 2018

Author(s)

Nawaf Alhebaishi, Lingyu Wang, Anoop Singhal

Today's businesses are increasingly relying on the cloud as an alternative IT solution due to its flexibility and lower cost. Compared to traditional enterprise networks, a cloud infrastructure is typically much larger and more complex. Understanding the

Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy

December 20, 2018

Author(s)

Ronald S. Ross

This publication describes the Risk Management Framework (RMF) and provides guidelines for applying the RMF to information systems and organizations. The RMF provides a disciplined, structured, and flexible process for managing security and privacy risk

Securing Wireless Infusion Pumps

December 19, 2018

Author(s)

Gavin W. O'Brien

This bulletin summarizes the information found in NIST SP 1800-8: Securing Wireless Infusion Pumps in Healthcare Delivery Organizations which discusses the cybersecurity risks associated with medical devices, such as infusion pumps, which -- in todays

Comprehensive Security Assurance Measures for Virtualized Server Environments

December 7, 2018

Author(s)

Ramaswamy Chandramouli

Server or Hardware virtualization is an established technology in data centers used for supporting enterprise IT resources as well as cloud services. The components of this virtualized server environment are: (a) A hardware with features to support

One Block at a Time  Helping to Build Blockchain Knowledge

October 26, 2018

Author(s)

Dylan J. Yaga

This bulletin summarizes the information found in NISTIR 8202: Blockchain Technology overview which provides a high-level technical overview of blockchain technology. It discusses its application to cryptocurrency in depth, but also shows its broader

On Building Fair and Reusable Test Collections using Bandit Techniques

October 17, 2018

Author(s)

Ellen M. Voorhees

While test collections are a vital piece of the research infrastructure for information retrieval, constructing fair, reusable test collections for large data sets is challenging because of the number of human relevance assessments required. Various

PSCR 2017 Stakeholder Conference Presentation Materials -- Day 3

October 16, 2018

Author(s)

Dereck R. Orr, Richard A. Rouil, Jeremy E. Benson, David W. Griffith, Fidel Liberal, Robert Escalle, Sonim Technologies, Richard Lau, Vencore Labs, Paul Sutton, Software Radio Systems LTD, Sumit Roy, Sean Sangodoyin, David A. Howe, Fabio C. Da Silva, Alicia Evangelista, Yet2, Brienne Engel, Yet2, John S. Garofolo

This document is a compilation of the slides presented during Day 3 of the 2017 Public Safety Communications Research Program's (PSCR) Annual Stakeholder Conference. Day 3 topics include PSCR research plans and results for Mission Critical Voice, Indoor

Circuit designs for superconducting optoelectronic loop neurons

October 12, 2018

Author(s)

Jeffrey M. Shainline, Adam N. McCaughan, Jeffrey T. Chiles, Richard P. Mirin, Sae Woo Nam, Sonia M. Buckley

We present designs of superconducting optoelectronic neurons based on superconducting single- photon detectors, Josephson junctions, semiconductor light sources, and multi-planar dielectric waveguides. The neurons send few-photon signals to synaptic