U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications

NIST Authors in Bold

Displaying 826 - 850 of 2846

MyData API Patterns: OAuth

December 8, 2016
Author(s)
Martin Burns, David A. Wollman
The My Data initiatives are part of the Administration's efforts to empower Americans with secure access to their own personal data, and to increase citizens' access to private-sector data-based applications and services. With its focus on personal data

A Secure Multicast Group Management and Key Distribution in IEEE 802.21

December 5, 2016
Author(s)
Yoshikazu Hanatani, Naoki Ogura, Yoshihiro Ohba, Lidong Chen, Subir Das
Controlling a large number of devices such as sensors and smart end points, is always a challenge where scalability and security are indispensa-ble. This is even more critical when it comes to configuration updates to a large number of such devices when

Survey and New Directions for Physics-Based Attack Detection in Control Systems

November 21, 2016
Author(s)
David Urbina, Jairo Giraldo, Alvaro Cardenas, Junia Valente, Mustafa Faisal, Niles O. Tippenhauer, Justin Ruths, Rick Candell, Heinrik Sandberg
Monitoring the "physics" of control systems to detect attacks is a growing area of research. In its basic form a security monitor creates time-series models of sensor readings for an industrial control system and identifies anomalies in these measurements

Small Business Information Security: The Fundamentals

November 3, 2016
Author(s)
Patricia R. Toth, Celia Paulsen
NIST developed this NISTIR as a reference guideline for small businesses. This document is intended to present the fundamentals of a small business information security program in non-technical language.

Defeating Buffer Overflow: One of the Most Trivial and Dangerous Bugs of All!

October 31, 2016
Author(s)
Paul E. Black, Irena Bojanova
The C programming language was invented over 40 years ago. It is infamous for buffer overflows. We have learned a lot about computer science, language design, and software engineering since then. As it is unlikely that we will stop using C any time soon

Limiting The Impact of Stealthy Attacks on Industrial Control Systems

October 28, 2016
Author(s)
David Urbina, Alvaro Cardenas, Niles O. Tippenhauer, Junia Valente, Mustafa Faisal, Justin Ruths, Rick Candell, Heinrik Sandberg
While attacks on information systems have for most practical purposes binary outcomes information was manipulated/eavesdropped, or not), attacks manipulating the sensor or control signals of Industrial Control Systems (ICS) can be tuned by the attacker to

Secure and usable enterprise authentication: Lessons from the Field

October 26, 2016
Author(s)
Mary F. Theofanos, Simson L. Garfinkel, Yee-Yin Choong
There are now more than 5.4 million Personal Identity Verification (PIV) and Common Access Card (CAC) identity cards deployed to US government employees and contractors. These cards are widely used to gain physical access to federal facilities, but their

Making Email Trustworthy

October 24, 2016
Author(s)
Scott W. Rose, Larry Feldman, Gregory A. Witte
This bulletin summarizes the information presented in NIST SP 800-177: Trustworthy Email. This publication gives recommendations and guidelines for enhancing trust in email. This guideline applies to federal IT systems and will also be useful for any small
Displaying 826 - 850 of 2846
Was this page helpful?