Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications

NIST Authors in Bold

Displaying 26 - 50 of 1978

Challenge Design and Lessons Learned from the 2018 Differential Privacy Challenges

April 12, 2021
Diane Ridgeway, Mary Theofanos, Terese Manley, Christine Task
The push for open data has made a multitude of datasets available enabling researchers to analyze publicly available information using various statistical and machine learning methods in support of policy development. An area of increasing interest that is

Combinatorial Testing Metrics for Machine Learning

April 12, 2021
Erin Lanus, Laura Freeman, D. Richard Kuhn, Raghu N. Kacker
This short paper defines a combinatorial coverage metric for comparing machine learning (ML) data sets and proposes the differences between data sets as a function of combinatorial coverage. The paper illustrates its utility for evaluating and predicting

ISCMA: An Information Security Continuous Monitoring Program Assessment

March 31, 2021
Victoria Yan Pillitteri, Kelley L. Dempsey, Chad Baer, Ron Rudman, Robert Niemeyer, Susan Urban
This publication describes an example methodology for assessing an organization's Information Security Continuous Monitoring (ISCM) program. It was developed directly from NIST guidance and is applicable to any organization, public or private. It can be

Securing Property Management Systems

March 30, 2021
Bill Newhouse
Hotels have become targets for malicious actors wishing to exfiltrate sensitive data, deliver malware, or profit from undetected fraud. Property management systems, which are central to hotel operations, present attractive attack surfaces. This example

Encounter Metrics and Exposure Notification

March 28, 2021
Rene Peralta, Angela Robinson
We discuss the measurement of aggregate levels of encounters in a population, a concept we call encounter metrics. Encounter metrics are designed so that they can be deployed while preserving the privacy of individuals. To this end, encounters are labeled

Combinatorial Test Generation for Multiple Input Models with Shared Parameters

March 17, 2021
Chang Rao, Nan Li, Yu Lei, Jin Guo, YaDong Zhang, Raghu N. Kacker, D. Richard Kuhn
Combinatorial testing typically considers a single input model and creates a single test set that achieves t-way coverage. This paper addresses the problem of combinatorial test generation for multiple input models with shared parameters. We formally

Voices of First Responders - Applying Human Factors and Ergonomics Knowledge to Improve the Usability of Public Safety Communications Technology: Findings from User-Centered Interviews, Phase 1, Volume 5

February 11, 2021
Yee-Yin Choong, Gavriel Salvendy
With the newly created Nationwide Public Safety Broadband Network (NPSBN), the public safety community is in the process of supplementing the use of land mobile radios with a technology ecosystem that will include a variety of new and improved

Blockchain Networks: Token Design and Management Overview

February 9, 2021
Loic D. Lesavre, Priam C. Varin, Dylan J. Yaga
Blockchain technology has enabled a new software paradigm for managing digital ownership in partial- or zero-trust environments. It uses tokens to conduct transactions, exchange verifiable data, and achieve coordination across organizations and on the web

Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171

February 9, 2021
Ronald S. Ross, Victoria Pillitteri, Gary Guissanie, Ryan Wagner, Richard Graubart, Deborah Bodeau
The protection of Controlled Unclassified Information (CUI) resident in nonfederal systems and organizations is of paramount importance to federal agencies and can directly impact the ability of the Federal Government to successfully conduct its essential

National Institute of Standards and Technology Environmental Scan 2020

February 9, 2021
Heather Evans, Kristen Greene, William M. Healy, Elizabeth Hoffman, Kate Rimmer, Anna V. Sberegaeva, Neil M. Zimmerman
The 2020 National Institute of Standards and Technology Environmental Scan provides an analysis of key external factors that could impact NIST and the fulfillment of its mission in coming years. The analyses were conducted through four separate lenses

A system of quantities from software metrology

January 15, 2021
David Flater
International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) 80000, the International System of Quantities, collects and organizes the most important physical quantities into a coherent system of quantities whose

Securing Picture Archiving and Communication System (PACS) Cybersecurity for the Healthcare Sector

December 21, 2020
Jennifer L. Cawthra, Sue S. Wang, Bronwyn J. Hodges, Kangmin Zheng, Ryan T. Williams, Jason J. Kuruvilla, Christopher L. Peloquin, Kevin Littlefield, Bob Neimeyer
Medical imaging plays an important role in diagnosing and treating patients. The system that manages medical images is known as the picture archiving communication system (PACS) and is nearly ubiquitous in healthcare environments. PACS is defined by the

An Integrated Set of XML Tools – User Guide

December 16, 2020
Thomas R. Kramer, Zeid Kootbally, Craig Schlenoff
This user guide describes an integrated set of C++ software tools for manipulating XML (eXtensible Markup Language) schemas and XML instance files. The tools are: - xmlSchemaParser - parses and reformats XML schema files, prints type derivation hierarchies

Security and Privacy Controls for Information Systems and Organizations

December 10, 2020
Ronald S. Ross, Victoria Y. Pillitteri
This publication provides a catalog of security and privacy controls for information systems and organizations to protect organizational operations and assets, individuals, other organizations, and the Nation from a diverse set of threats and risks

Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events

December 8, 2020
Jennifer L. Cawthra, Michael R. Ekstrom, Lauren N. Lusty, Julian T. Sexton, John E. Sweetnam
Ransomware, destructive malware, insider threats, and even honest mistakes present an ongoing threat to organizations that manage data in various forms. Database records and structure, system files, configurations, user files, application code, and

Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events

December 8, 2020
Jennifer L. Cawthra, Michael R. Ekstrom, Lauren N. Lusty, Julian T. Sexton, John E. Sweetnam, Anne R. Townsend
Ransomware, destructive malware, insider threats, and even honest user mistakes present ongoing threats to organizations. Organizations' data, such as database records, system files, configurations, user files, applications, and customer data, are all

Recommendation for Stateful Hash-Based Signature Schemes

October 29, 2020
David A. Cooper, Daniel C. Apon, Quynh H. Dang, Michael S. Davidson, Morris J. Dworkin, Carl A. Miller
This recommendation specifies two algorithms that can be used to generate a digital signature, both of which are stateful hash-based signature schemes: the Leighton-Micali Signature (LMS) system and the eXtended Merkle Signature Scheme (XMSS), along with

Combinatorial Methods for Explainable AI

October 24, 2020
David R. Kuhn, Raghu N. Kacker, Yu Lei, Dimitris Simos
This paper introduces an approach to producing explanations or justifications of decisions made by artificial intelligence and machine learning (AI/ML) systems, using methods derived from fault location in combinatorial testing. We use a conceptually

FPGA Implementation of a Low Latency and High SFDR Direct Digital Synthesizer for Resource-Efficient Quantum-Enhanced Communication

October 15, 2020
FNU Nur Fajar Rizqi Annafianto, Jabir Marakkarakath Vadakkepurayil, Ivan Burenkov, Hasan Urgurdag, Abdella Battou, Sergey Polyakov
In most modulation schemes for a telecommunication system, a fast and efficient sinusoidal signal generator is needed. Here we report on an FPGA implementation of a versatile CORDIC Based Direct Digital Synthesizer (DDS). Most commercial lightwave

Data Integrity Recovering from Ransomware and Other Destructive Events

September 22, 2020
Anne R. Townsend, Timothy J. McBride, Lauren N. Lusty, Julian T. Sexton, Michael R. Ekstrom
Businesses face a near-constant threat of destructive malware, ransomware, malicious insider activities, and even honest mistakes that can alter or destroy critical data. These data corruption events could cause a significant loss to a company’s reputation

Cryptanalysis of LEDAcrypt

September 16, 2020
Daniel C. Apon, Ray A. Perlner, Angela Y. Robinson, Paulo Santini
We report on the concrete cryptanalysis of LEDAcrypt, a 2nd Round candidate in NIST's Post- Quantum Cryptography standardization process and one of 17 encryption schemes that remain as candidates for near-term standardization. LEDAcrypt consists of a

Online VM Auto-Scaling Algorithms for Application Hosting in a Cloud

September 1, 2020
Yang Guo, Alexander Stolyar, Anwar Walid
We consider the auto-scaling problem for application hosting in a cloud, where applications are elastic and the number of requests changes over time. The application requests are serviced by Virtual Machines (VMs), which reside on Physical Machines (PMs)

2019 NIST/ITL Cybersecurity Program Annual Report

August 24, 2020
Patrick D. O'Reilly, Kristina G. Rigopoulos, Larry Feldman, Gregory A. Witte
During Fiscal Year 2019 (FY 2019), from October 1, 2018 through September 30, 2019, the NIST Information Technology Laboratory (ITL) Cybersecurity and Privacy Program successfully responded to numerous challenges and opportunities in security and privacy
Displaying 26 - 50 of 1978