Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications

NIST Authors in Bold

Displaying 1401 - 1425 of 2846

Third-Round Report of the SHA-3 Cryptographic Hash Algorithm Competition

November 15, 2012
Author(s)
Shu-jen H. Chang, Ray A. Perlner, William E. Burr, Meltem Sonmez Turan, John M. Kelsey, Souradyuti Paul, Lawrence E. Bassham
The National Institute of Standards and Technology (NIST) opened a public competition on November 2, 2007 to develop a new cryptographic hash algorithm - SHA-3, which will augment the hash algorithms specified in the Federal Information Processing Standard

Combinatorial Coverage Measurement

October 26, 2012
Author(s)
David R. Kuhn, Raghu N. Kacker, Yu Lei
Combinatorial testing applies factor covering arrays to test all t-way combinations of input or configuration state space. In some testing situations, it is not practical to use covering arrays, but any set of tests covers at least some portion of t-way

Notional Supply Chain Risk Management Practices for Federal Information Systems

October 16, 2012
Author(s)
Jon M. Boyens, Celia Paulsen, Nadya Bartol, Rama Moorthy, Stephanie Shankles
This publication is intended to provide a wide array of practices that, when implemented, will help mitigate supply chain risk to federal information systems. It seeks to equip federal departments and agencies with a notional set of repeatable and

Aggregating CVSS Base Scores for Semantics-Rich Network Security Metrics

October 11, 2012
Author(s)
Pengsu Cheng, Lingyu Wang, Sushil Jajodia, Anoop Singhal
A network security metric is desirable in evaluating the effectiveness of security solutions in distributed systems. Aggregating CVSS scores of individual vulnerabilities provides a practical approach to network security metric. However, existing

The Juliet 1.1 C/C++ and Java Test Suite

October 1, 2012
Author(s)
Frederick E. Boland Jr., Paul E. Black
The Juliet Test Suite 1.1 is a collection of over 81,000 synthetic C/C++ and Java programs with known flaws. These programs are useful as test cases for testing the effectiveness of static analyzers and other software assurance tools, and are in the public

Revised Guide Helps Organizations Handle Security-Related Incidents

September 27, 2012
Author(s)
Shirley M. Radack
This bulletin summarizes the information that is included in NIST Special Publication (SP) 800-61 Revision 2, Computer Security Incident Handling Guide. This publication assists organizations in establishing computer security incident response capabilities

Guide for Conducting Risk Assessments

September 17, 2012
Author(s)
Ronald S. Ross
The purpose of Special Publication 800-30 is to provide guidance for conducting risk assessments of federal information systems and organizations, amplifying the guidance provided in Special Publication 800-39. This document provides guidance for carrying

Guidelines for Access Control System Evaluation Metrics

September 14, 2012
Author(s)
Chung Tong Hu, Karen Scarfone
The purpose of this document is to provide Federal agencies with background information on access control (AC) properties, and to help access control experts improve their evaluation of the highest security AC systems. This document discusses the
Displaying 1401 - 1425 of 2846
Was this page helpful?