Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author

Title

Author

NIST Pub Series

NIST Topic Areas

Report Number

Publication Date

Max Publication Date

NIST Authors in Bold

Displaying 1301 - 1325 of 1521

Specification and Validation of Enterprise Access Control Data for Conformance to Model and Policy Constraints

July 30, 2003

Author(s)

Ramaswamy Chandramouli

The effectiveness of an enterprise access control framework depends upon the integrity of the various components or the building blocks used in that framework. The essential components of that framework are: (a) an Enterprise Access Control Model (b) a

Government Smart Card Interoperability Specification, Version 2.1

July 16, 2003

Author(s)

Teresa T. Schwarzhoff, James F. Dray Jr., John P. Wack, Eric Dalci, Alan H. Goldfine, Michaela Iorga

This Government Smart Card Interoperability Specification (GSC-IS) provides solutions to a number of the interoperability challenges associated with smart card technology. The original version of the GSC-IS (version 1.0, August 2000) was developed by the

An Overview of Issues in Testing Intrusion Detection Systems

July 11, 2003

Author(s)

Peter M. Mell, R Lippmann, Chung Tong Hu, J Haines, M Zissman

While intrusion detection systems are becoming ubiquitous defenses in today's networks, currently we have no comprehensive and scientifically rigorous methodology to test the effectiveness of these systems. This paper explores the types of performance

Picture Password: A Visual Login Technique for Mobile Devices

July 1, 2003

Author(s)

Wayne Jansen, Serban I. Gavrila, Vladimir Korolev, Richard P. Ayers, Ryan Swanstrom

Adequate user authentication is a persistent problem, particularly with handheld devices, which tend to be highly personal and at the fringes of an organization's influence. Yet, these devices are being used increasingly in corporate settings where they

The Role Control Center: Features and Case Studies

June 4, 2003

Author(s)

David F. Ferraiolo, Gail-Joon Ahn, Ramaswamy Chandramouli, Serban I. Gavrila

Role-based Access Control (RBAC) models have been implemented not only in self-contained resource management products such as DBMSs and Operating Systems but also in a class of products called Enterprise Security Management Systems (ESMS). ESMS products

ASSET: Security Assessment Tool for Federal Agencies

June 1, 2003

Author(s)

Elizabeth B. Lennon

This ITL Bulletin describes the features and capabilities of the Automated Security Self-Evaluation Tool (ASSET), ITL's governmentwide IT security assessment tool. ASSET automates the completion of the security questionnaire in NIST Special Publication 800

National Institute of Standards and Technology (Handbook Chapter)

May 15, 2003

Author(s)

Joan Hash

The submission is a chapter describing NIST security standards (FIPS and Special Publication series 800). The author's instructions were that NIST prepare chapter summarizing standards indicating title, dates, publications, and brief summaries.

COTS Security Protection Profile - Operating Systems (CSPP-OS) (Worked Example Applying Guidance of NISTIR-6462, CSPP) Version 1.0

April 1, 2003

Author(s)

G Stoneburner

CSPP-OS provides a worked example of the guidance in NISTIR-6462 for the development of Common Criteria Protection Profiles for commercial off the shelf (COTS) information technology. The intended audience consists of those individuals and organizations in

Policy Expression and Enforcement for Handheld Devices

April 1, 2003

Author(s)

Wayne Jansen, Tom T. Karygiannis, Vladimir Korolev, Serban I. Gavrila, Michaela Iorga

The use of mobile handheld devices, such as Personal Digital Assistants (PDAs) and tablet computers, within the workplace is expanding rapidly. These devices are no longer viewed as coveted gadgets for early technology adopters, but instead have become

Security for Wireless Networks and Devices

March 27, 2003

Author(s)

Shirley M. Radack

This ITL Bulletin summarizes NIST Special Publication (SP) 800-48, Wireless Network Security, 802.11, Bluetooth, and Handheld Devices. Written by Tom Karygiannis and Les Owens. NIST SP 800-48 provides recommendations to improve the security of wireless

Secure Interconnections for Information Technology Systems

February 26, 2003

Author(s)

Shirley M. Radack

This bulletin summarizes NIST Special Publication 800-47, Security Guide for Interconnecting Information Technology Systems, which provides guidance for planning, establishing, maintaining, and terminating secure yet cost-effective interconnections between

Automated Security Self-Evaluation Tool User Manual

February 1, 2003

Author(s)

Marianne M. Swanson, J Fabius, Marc Stevens, Mark McLarnon

[Superseded by NIST SP 800-53A (July 2008): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=51209] The Automated Security Self-Evaluation Tool (ASSET) automates the process of completing a system self-assessment. ASSET will assist

Automated Security Self-Evaluation Tool Technical Documentation, Version 1.03

January 31, 2003

Author(s)

Mark McLarnon, Marianne M. Swanson

The Automated Security Self-Evaluation Tool (ASSET) automates the process of completing a system self-assessment. ASSET will assist organizations in completing the self-assessment questionnaire contained in NIST Special Publication (Special Publication)

Enterprise Access Control Frameworks Using RBAC and XML Technologies

January 1, 2003

Author(s)

Ramaswamy Chandramouli

In this chapter, we show that we can develop an Enterprise Access Control Framework using Role-based Access Control (RBAC) and Extensible Markup Language (XML) technologies. In the first section, we outline the general requirements for the Enterprise

Security of Electronic Mail

January 1, 2003

Author(s)

Shirley M. Radack

This ITL Bulletin summarizes NIST Special Publication (SP) 800-45, Guidelines on Electronic Mail Security, September 2002, which helps federal agencies improve the secure design, implementation, and operation of their electronic mail servers and clients.

Security of Public Web Servers

December 18, 2002

Author(s)

Shirley M. Radack

This ITL Bulletin summarizes NIST Special Publication 800-44, Guidelines on Securing Public Web Servers.

Federal S/MIME V3 Client Profile

November 5, 2002

Author(s)

C M. Chernick

S/MIME (Secure / Multipurpose Internet Mail Extensions) is a set of specifications for securing electronic mail. S/MIME is based upon the widely used MIME standard and describes a protocol for adding cryptographic security services through MIME

Security for Telecommuting and Broadband Communications

November 1, 2002

Author(s)

Shirley M. Radack

This bulletin summarizes NIST SP 800-46, Security for Telecommuting and Broadband Communications, published September 2002. The report discusses both technical and policy issues, and provides guidance on using personal firewalls, strengthening the security

Systems Administration Guidance for Securing Microsoft Windows 2000 Professional System

November 1, 2002

Author(s)

Murugiah P. Souppaya, Anthony B. Harris, Mark McLarnon, Nikolaos Selimis

The document is intended to assist the users and system administrators of Windows 2000 Professional systems in configuring their hosts by providing configuration templates and security checklists. The guide provides detailed information about the security

Wireless Network Security: 802.11, Bluetooth and Handheld Devices

November 1, 2002

Author(s)

Tom T. Karygiannis, L Owens

[Superseded by SP 800-48 Rev. 1 (July 2008): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=890006] The purpose of this document is to provide agencies with guidance for establishing secure wireless networks. Agencies are encouraged to tailor

Guidelines on Securing Public Web Servers

October 9, 2002

Author(s)

Miles C. Tracy, Wayne Jansen, Mark McLarnon

[Superseded by SP 800-44 Ver. 2 (September 2007): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=51222] Web servers maintained for public use are normally the most targeted and attacked hosts on an organization's network. Thus, it is

Security Patches and the CVE Vulnerability Naming Scheme: Tools to Address Computer System Vulnerabilities

October 1, 2002

Author(s)

Elizabeth B. Lennon

: Today more than ever, timely response to vulnerabilities is critical to maintain the operational availability, confidentiality, and integrity of information technology (IT) systems. To assist federal agencies and industry respond to vulnerabilities in a

Guidelines on Electronic Mail Security

September 11, 2002

Author(s)

Miles C. Tracy, Wayne Jansen, Scot Bisker

[Superseded by SP 800-45 Ver. 2 (February 2007): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=50953] Electronic mail (email) is perhaps the most popularly used system for exchanging information over the Internet. After Web servers, mail

Interface-Driven Model-Based Generation of Java Test Drivers

September 3, 2002

Author(s)

Mark Blackburn, Robert Busser, Aaron Nauman, Ramaswamy Chandramouli

This paper extends prior work in model-based verification and describes interface-driven analysis that combines with a requirement model to support automated generation of Java test scripts. It describes concepts of models and test driver mappings using

Cryptographic Standards and Guidance: A Status Report

September 1, 2002

Author(s)

Elaine B. Barker

A comprehensive toolkit of cryptographic standards and associated guideline that covers a wide range of cryptographic technology is currently under development by the Computer Security Division at NIST. These standards and guidelines will enable U.S

Was this page helpful?

Advanced communications
-Open Radio Access Network (Open-RAN)
-Quantum communications
-Spectrum sharing
-Wireless (RF)
Artificial intelligence
-AI measurement and evaluation
-Autonomous systems
--Automated vehicles
--Autonomous laboratories
-Applied AI
-Fundamental AI
-Hardware for AI
-Machine learning
-Trustworthy and responsible AI
Bioscience
-Bioeconomy
--Biological data
-Bioimaging
-Bioinformatics
-Biomanufacturing
-Biomaterials
-Biometrology
-Biosecurity
--Biosurveillance
--Genomic cybersecurity
--Nucleic acid sequence screening
-Cell measurements
-Engineering / synthetic biology
--Biofabrication
--Cell-free systems
--Genome engineering
--Protein engineering
-Gene delivery systems
-Genome editing
-Genomics
-Glycomics
-Metabolomics
-Microbial measurements
-Proteomics
Buildings and Construction
-Building codes and standards
-Building control systems
-Building damage and repair
-Building economics
-Building materials
-Energy efficiency
-Heating, ventilation and air conditioning equipment
-Indoor air quality
-Structural engineering
-Thermal comfort
Chemistry
-Analytical chemistry
-Chemical engineering and processing
-Chemical thermodynamics and chemical properties
-Molecular characterization
-Theoretical chemistry and modeling
-Thermochemical properties
Electronics
-Electromagnetics
-Flexible electronics
-Magnetoelectronics
-Optoelectronics
-Organic electronics
-Semiconductors
-Sensors
-Superconducting electronics
Energy
-Alternative energy
-Conventional energy
-Electric power / smart grid
-Fuels
Environment
-Air / water / soil quality
-Climate Measurements
-Environmental health
-Greenhouse gas measurements
-Marine science
-Sustainability
Fire
-Fire detection
-Fire dynamics and science
-Fire fighting
-Fire modeling
-Fire risk reduction
-Materials flammability
-Structural fire resistance
-Wildland urban interface fire
Forensic Science
-Digital evidence
-Drugs and toxicology
-Firearms and toolmarks
-Forensic biometrics
-Forensic genetics
-Trace evidence
Health
-Biopharmaceuticals
-Cell and gene therapy
-Clinical diagnostics
--Cancer
--Medical imaging
-Food and nutrition
-Human microbiome
-Precision medicine
-Regenerative medicine and advanced therapy
--Flow cytometry
Information technology
-Biometrics
-Cloud computing and virtualization
-Complex systems
-Computational science
-Conformance testing
-Cyber-physical systems
--Smart cities
-Cybersecurity and privacy
--Cryptography
--Cybersecurity education and workforce development
--Cybersecurity measurement
--Identity and access management
--Privacy engineering
--Risk management
--Securing emerging technologies
--Trustworthy networks
--Trustworthy platforms
-Data and informatics
--Human language technology
--Information retrieval
--Natural language processing
-Digital twins
-Federal information processing standards (FIPS)
-Health IT
-Internet of Things (IoT)
-Interoperability testing
-Location based services
-Mobile
-Networking
--Mobile and wireless networking
--Network management and monitoring
--Network modeling and analysis
--Network security and robustness
--Network test and measurement
--Next generation networks
--Protocol design and standardization
--Software defined and virtual networks
-Software research
--Software testing
-Usability and human factors
--Accessibility
-Video analytics
-Virtual / augmented reality
-Visualization research
-Voting systems
Infrastructure
Manufacturing
-Additive manufacturing
-Factory communications
-Factory operations planning and control
-Interoperability in manufacturing
-Machining
-Manufacturing economics
-Manufacturing quality assurance
-Manufacturing systems design and analysis
-Monitoring, diagnostics and prognostics
-Process improvement
-Process measurement and control
-Product data
-Robotics
--Agility and adaptability
--Collaborative robots
--Dexterous grasping
--Manipulation
--Mobility and industrial autonomous vehicles
--Navigation / actuation / control
--Sensing and perception
-Supply chain
-Sustainable manufacturing
-Systems engineering
-Systems integration
-Technology commercialization
Materials
-Ceramics
-Composites
-Concrete / cement
-Materials characterization
--Composition and structure
--Mechanical properties
--Thermal properties
-Metals
-Modeling and computational material science
-Polymers
-Superconductors
Mathematics and statistics
-Experiment design
-Image and signal processing
-Modeling and simulation research
-Numerical methods and software
-Statistical analysis
-Uncertainty quantification
Metrology
-Amount of substance
-Dimensional metrology
-Electrical / electromagnetic metrology
-Flow metrology and rheology
-Force metrology
-Humidity metrology
-Ionizing radiation metrology
-Mass metrology
-Metric
-Optical / photometry / laser metrology
-Pressure and vacuum metrology
-Thermometry metrology
-Time and frequency metrology
-Weights and measures
Nanotechnology
-Nanobiotechnology
-Nanochemistry
-Nanoelectronics
-Nanofabrication / manufacturing
--Lithography
--Self-assembly
-Nanofluidics
-Nanomagnetics
-Nanomaterials
-Nanomechanics
-Nanometrology
-Nanophotonics
-Nanophysics
-Nanoplasmonics
Neutron research
Performance excellence
-Assessment tools and services
-Baldrige award
-Baldrige examiners
-Baldrige Framework and Criteria
-Best practices
-Leadership development
Physics
-Atomic / molecular / quantum
-Biological physics
-Condensed matter
-Electron physics
-Magnetics
-Nuclear physics
-Optical physics and communications
-Quantum information science
-Radiation
-Spectroscopy
-Thermodynamics
-Time and frequency
Public safety
-Chemical / Biological / Radiological / Nuclear / Explosives (CBRNE)
-First responder preparedness
-Law enforcement
-Public safety communications research
-Response robots
Resilience
-Community resilience
--Recovery
--Resilience metrics
-Disaster and failure studies
-Earthquake risk reduction
-Resilience economics
-Resilient materials
-Windstorm impact reduction
Standards
-Accreditation
-Calibration services
-Conformity assessment
-Documentary standards
-Frameworks
-Quality assurance
-Reference data
-Reference instruments
-Reference materials
-Standards education
Technology transfer
Transportation
-Aerospace
-Automotive