Search Publications

NIST Authors in Bold

Displaying 351 - 375 of 410

Guidelines on Firewalls and Firewall Policy

January 1, 2002

Author(s)

John P. Wack, Ken Cutler, Jamie Pole

[Superseded by SP 800-41 Rev. 1 (September 2009): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=901083] This document provides introductory information about firewalls and firewall policy. It addresses concepts relating to the design

Recommendation for Block Cipher Modes of Operation Methods and Techniques

December 1, 2001

Author(s)

Morris J. Dworkin

This recommendation defines five confidentiality modes of operation for use with an underlying symmetric key block cipher algorithm: Electronic Codebook (ECB), Cipher Block Chaining (CBC), Cipher Feedback (CFB), Output Feedback (OFB), and Counter (CTR)

Underlying Technical Models for Information Technology Security

December 1, 2001

Author(s)

G Stoneburner

Underlying Technical Models for Information Technology Security provides a description of the technical foundations, termed models, that underlie secure information technology (IT). The intent is to provide, in a concise form, the models that should be

Intrusion Detection Systems

November 1, 2001

Author(s)

Rebecca Bace, Peter Mell

[Superseded by NIST SP 800-94, Guide to Intrusion Detection and Prevention Systems (IDPS), http://www.nist.gov/manuscript-publication-search.cfm?pub_id=50951] Intrusion detection systems (IDSs) are software or hardware systems that automate the process of

Security Self-Assessment Guide for Information Technology Systems

November 1, 2001

Author(s)

Marianne M. Swanson

[Withdrawn December 19, 2007; Superseded by SP 800-53 (Feb. 2005), http://www.nist.gov/manuscript-publication-search.cfm?pub_id=918658, and SP 800-53A (July 2008), http://www.nist.gov/manuscript-publication-search.cfm?pub_id=51209] Self-assessments provide

Guidelines on Active Content and Mobile Code

October 17, 2001

Author(s)

Wayne Jansen

[Superseded by SP 800-28 Version 2 (March 2008): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=152039] Active content technologies allow code, in the form of a script, macro, or other kind of portable instruction representation, to execute

Engineering Principles for Information Technology Security (A Baseline for Achieving Security)

June 15, 2001

Author(s)

G Stoneburner, Clark Hayden, Alexis Feringa

[Superseded by SP 800-27 Revision A (June 2004): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=151294] The Engineering Principles for Information Technology (IT) Security (EP-ITS) presents a list of system-level security principles to be

A Comparison of the Security Requirements for Cryptographic Modules in FIPS 140-1 and FIPS 140-2

June 1, 2001

Author(s)

Stanley R. Snouffer, Arch Oldehoeft

Federal agencies, industry, and the public now rely on cryptography to protect information and communications used in critical infrastructures, electronic commerce, and other application areas. Cryptographic modules are implemented in these products and

A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications

May 15, 2001

Author(s)

Andrew L. Rukhin, Juan Soto, James R. Nechvatal, Miles E. Smid, Elaine B. Barker, Stefan D. Leigh, M Levenson, M Vangel, D L. Banks, Nathanael A. Heckert, James F. Dray Jr., S C. Vo

[Superseded by SP 800-22 Revision 1a (April 2010): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=906762] This paper discusses some aspects of selecting and testing random and pseudorandom number generators. The outputs of such generators may

PBX Vulnerability Analysis: Finding Holes in Your PBX Before Someone Else Does

April 1, 2001

Author(s)

David R. Kuhn

This report presents a generic methodology for conducting an analysis of a Private Branch Exchange (PBX) in order to identify security vulnerabilities. The report focuses on digital-based PBXs and addresses the following areas for study: System

Introduction to Public Key Technology and the Federal PKI Infrastructure

February 26, 2001

Author(s)

D. Richard Kuhn, Vincent C. Hu, William Polk, Shu-jen H. Chang

This publication was developed to assist agency decision-makers in determining if a PKI is appropriate for their agency, and how PKI services can be deployed most effectively within a Federal agency. It is intended to provide an overview of PKI functions

Guidelines to Federal Organizations on Security Assurance and Acquisition/Use of Tested/Evaluated Products

August 1, 2000

Author(s)

E Roback

Computer security assurance provides a basis for one to have confidence that security measures, both technical and operational, work as intended. Use of products with an appropriate degree of assurance contributes to security and assurance of the system as

Guideline for Implementing Cryptography in the Federal Government

November 1, 1999

Author(s)

Annabelle Lee

[Superseded by SP 800-21 Second edition (December 2005): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=150421] The purpose of this document is to provide guidance to Federal agencies on how to select cryptographic controls for protecting

Modes of Operation Validation System for the Triple Data Encryption Algorithm (TMOVS): Requirements and Procedures

October 29, 1999

Author(s)

Sharon S. Keller

The National Institute of Standards and Technology (NIST) Modes of Operation Validation System for the Triple Data Encryption Algorithm (TMOVS) specifies the procedures involved in validating implementations of the Triple DES algorithm in ANSI X9.52 - 1998

Mobile Agent Security

October 1, 1999

Author(s)

Wayne Jansen, Athanasios T. Karygiannis

Mobile agent technology offers a new computing paradigm in which a program, in the form of a software agent, can suspend its execution on a host computer, transfer itself to another agent-enabled host on the network, and resume execution on the new host

Guide for Developing Security Plans for Information Technology Systems

December 1, 1998

Author(s)

Marianne M. Swanson

[Superseded by SP 800-18 Revision 1 (February 2006): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=150601] Today's rapidly changing technical environment requires federal agencies to adopt a minimum set of management controls to protect

Information Technology Security Training Requirements: A Role- and Performance-Based Model

April 1, 1998

Author(s)

Mark Wilson, D E. deZafra, S I. Pitcher, J D. Tressler, J B. Ippolito

This document supersedes NIST 500-172, Computer Security Training Guidelines, published in 1989. The new document supports the Computer Security Act (Public Law 100-235) and OMB Circular A-130 Appendix III requirements that NIST develop and issue computer

Modes of Operation Validation System (MOVS): Requirements and Procedures

February 1, 1998

Author(s)

Sharon S. Keller, Miles E. Smid

The National Institute of Standards and Technology (NIST) Modes of Operation Validation System (MOVS) specifies the procedures involved in validating implementations of the DES algorithm in FIPS PUB 46-2 , The Data Encryption Standard (DES) and the

Minimum Interoperability Specification for PKI Components (MISPC), Version 1

January 1, 1998

Author(s)

William E. Burr, Donna F. Dodson, William T. Polk, N Nazario

The Minimum Interoperability Specification for PKI Components (MISPC) supports interoperability for a large scale public key infrastructure (PKI) that issues, revokes and manages X.509 version 3 digital signature public key certificates and version 2

Generally Accepted Principles and Practices for Securing Information Technology Systems

September 3, 1996

Author(s)

Marianne M. Swanson, Barbara Guttman

As more organizations share information electronically, a common understanding of what is needed and expected in securing information technology (IT) resources is required. This document provides a baseline that organizations can use to establish and

An Introduction to Computer Security: the NIST Handbook

October 2, 1995

Author(s)

Barbara Guttman, E. Roback

This handbook provides assistance in securing computer-based resources (including hardware, software, and information) by explaining important concepts, cost considerations, and interrelationships of security controls. It illustrates the benefits of

Telecommunications Security Guidelines for Telecommunications Management Network

October 2, 1995

Author(s)

John Kimmins, Charles Dinkel, Dale Walters

This Telecommunication Security Guideline is intended to provide a security baseline for Network Elements (NEs) and Mediation Devices (MDs) that is based on commercial security needs. In addition, some National Security and Emergency Preparedness (NS/EP)

The Impact of the FCC's Open Network Architecture on NS/NP Telecommunications Security

February 1, 1995

Author(s)

Karen J. Olsen, John M. Tebbutt

A significant portion of National Security and Emergency Preparedness (NS/EP) telecommunications relies on the Public Switched Network (PSN). Therefore, NS/EP telecommunications is concerned with the protection of the PSN to ensure that telecommunications

Keeping Your Site Comfortably Secure: An Introduction to Internet Firewalls

December 1, 1994

Author(s)

John P. Wack, Lisa J. Carnahan

This document provides an overview of the Internet and security-related problems. It then provides an overview of firewall components and the general reasoning behind firewall usage. Several types of network access policies are described, as well as

Security in Open Systems

July 1, 1994

Author(s)

Robert H. Bagwill, John Barkley, Lisa J. Carnahan, Shu-jen H. Chang, David R. Kuhn, Paul Markovitz, Anastase Nakassis, Karen J. Olsen, Michael L. Ransom, John P. Wack

The Public Switched Network (PSN) provides National Security and Emergency Preparedness (NS/EP) telecommunications. Service vendors, equipment manufacturers, and the federal government are concerned that vulnerabilities in the PSN could be exploited and

Advanced communications
-Open Radio Access Network (Open-RAN)
-Quantum communications
-Spectrum sharing
-Wireless (RF)
Artificial intelligence
-AI measurement and evaluation
-Autonomous systems
--Automated vehicles
--Autonomous laboratories
-Applied AI
-Fundamental AI
-Hardware for AI
-Machine learning
-Trustworthy and responsible AI
Bioscience
-Bioeconomy
--Biological data
-Bioimaging
-Bioinformatics
-Biomanufacturing
-Biomaterials
-Biometrology
-Biosecurity
--Biosurveillance
--Genomic cybersecurity
--Nucleic acid sequence screening
-Cell measurements
-Engineering / synthetic biology
--Biofabrication
--Cell-free systems
--Genome engineering
--Protein engineering
-Gene delivery systems
-Genome editing
-Genomics
-Glycomics
-Metabolomics
-Microbial measurements
-Proteomics
Buildings and construction
-Building codes and standards
-Building control systems
-Building damage and repair
-Building economics
-Building materials
-Energy efficiency
-Heating, ventilation and air conditioning equipment
-Indoor air quality
-Structural engineering
-Thermal comfort
Chemistry
-Analytical chemistry
-Chemical engineering and processing
-Chemical thermodynamics and chemical properties
-Molecular characterization
-Theoretical chemistry and modeling
-Thermochemical properties
Electronics
-Electromagnetics
-Flexible electronics
-Magnetoelectronics
-Optoelectronics
-Organic electronics
-Semiconductors
-Sensors
-Superconducting electronics
Energy
-Alternative energy
-Conventional energy
-Electric power / smart grid
-Fuels
Environment
-Air / water / soil quality
-Climate measurements
-Environmental health
-Greenhouse gas measurements
-Marine science
-Sustainability
Fire
-Fire detection
-Fire dynamics and science
-Fire fighting
-Fire modeling
-Fire risk reduction
-Materials flammability
-Structural fire resistance
-Wildland urban interface fire
Forensic science
-Digital evidence
-Drugs and toxicology
-Firearms and toolmarks
-Forensic biometrics
-Forensic genetics
-Trace evidence
Health
-Biopharmaceuticals
-Cell and gene therapy
-Clinical diagnostics
--Cancer
--Medical imaging
-Food and nutrition
-Human microbiome
-Precision medicine
-Regenerative medicine and advanced therapy
--Flow cytometry
Information technology
-Biometrics
-Cloud computing and virtualization
-Complex systems
-Computational science
-Conformance testing
-Cyber-physical systems
--Smart cities
-Cybersecurity and privacy
--Cryptography
--Cybersecurity education and workforce development
--Cybersecurity measurement
--Identity and access management
--Privacy engineering
--Risk management
--Securing emerging technologies
--Trustworthy networks
--Trustworthy platforms
-Data and informatics
--Human language technology
--Information retrieval
--Natural language processing
-Digital twins
-Federal information processing standards (FIPS)
-Health IT
-Internet of Things (IoT)
-Interoperability testing
-Location based services
-Mobile
-Networking
--Mobile and wireless networking
--Network management and monitoring
--Network modeling and analysis
--Network security and robustness
--Network test and measurement
--Next generation networks
--Protocol design and standardization
--Software defined and virtual networks
-Software research
--Software testing
-Usability and human factors
--Accessibility
-Video analytics
-Virtual / augmented reality
-Visualization research
-Voting systems
Infrastructure
Manufacturing
-Additive manufacturing
-Factory communications
-Factory operations planning and control
-Interoperability in manufacturing
-Machining
-Manufacturing economics
-Manufacturing quality assurance
-Manufacturing systems design and analysis
-Monitoring, diagnostics and prognostics
-Process improvement
-Process measurement and control
-Product data
-Robotics
--Agility and adaptability
--Collaborative robots
--Dexterous grasping
--Manipulation
--Mobility and industrial autonomous vehicles
--Navigation / actuation / control
--Sensing and perception
-Supply chain
-Sustainable manufacturing
-Systems engineering
-Systems integration
-Technology commercialization
Materials
-Ceramics
-Composites
-Concrete / cement
-Materials characterization
--Composition and structure
--Mechanical properties
--Thermal properties
-Metals
-Modeling and computational material science
-Polymers
-Superconductors
Mathematics and statistics
-Experiment design
-Image and signal processing
-Modeling and simulation research
-Numerical methods and software
-Statistical analysis
-Uncertainty quantification
Metrology
-Amount of substance
-Dimensional metrology
-Electrical / electromagnetic metrology
-Flow metrology and rheology
-Force metrology
-Humidity metrology
-Ionizing radiation metrology
-Mass metrology
-Metric
-Optical / photometry / laser metrology
-Pressure and vacuum metrology
-Thermometry metrology
-Time and frequency metrology
-Weights and measures
Nanotechnology
-Nanobiotechnology
-Nanochemistry
-Nanoelectronics
-Nanofabrication / manufacturing
--Lithography
--Self-assembly
-Nanofluidics
-Nanomagnetics
-Nanomaterials
-Nanomechanics
-Nanometrology
-Nanophotonics
-Nanophysics
-Nanoplasmonics
Neutron research
Performance excellence
-Assessment tools and services
-Baldrige award
-Baldrige examiners
-Baldrige framework and criteria
-Best practices
-Leadership development
Physics
-Atomic / molecular / quantum
-Biological physics
-Condensed matter
-Electron physics
-Magnetics
-Nuclear physics
-Optical physics and communications
-Quantum information science
-Radiation
-Spectroscopy
-Thermodynamics
-Time and frequency
Public safety
-Chemical / Biological / Radiological / Nuclear / Explosives (CBRNE)
-First responder preparedness
-Law enforcement
-Public safety communications research
-Response robots
Resilience
-Community resilience
--Recovery
--Resilience metrics
-Disaster and failure studies
-Earthquake risk reduction
-Resilience economics
-Resilient materials
-Windstorm impact reduction
Standards
-Accreditation
-Calibration services
-Conformity assessment
-Documentary standards
-Frameworks
-Quality assurance
-Reference data
-Reference instruments
-Reference materials
-Standards education
Technology transfer
Transportation
-Aerospace
-Automotive