NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.

Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.

U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: D. Richard Kuhn (Assoc)

Search Title, Abstract, Conference, Citation, Keyword or Author
Displaying 151 - 175 of 196

IPOG: A General Strategy for t-Way Software Testing

March 29, 2007
Author(s)
Yu Lei, Raghu N. Kacker, D. Richard Kuhn, Vadim Okun, James F. Lawrence
Most existing work on t-way testing has focused on 2-way (or pairwise) testing, which aims to detect faults caused by interactions between any two parameters. However, faults can also be caused by interactions involving more than two parameters. In this

Role-Based Access Control, Second Edition

December 31, 2006
Author(s)
David F. Ferraiolo, David R. Kuhn, Ramaswamy Chandramouli
[ISBN-13: 978-1-59693-113-8] This newly revised edition of "Role-Based Access Control" offers the latest details on a security model aimed at reducing the cost and complexity of security administration for large networked applications. The second edition

Study of BGP Peering Session Attacks and Their Impacts on Routing Performance

October 1, 2006
Author(s)
Kotikalapudi Sriram, Douglas C. Montgomery, Oliver Borchert, Okhee Kim, David R. Kuhn
We present a detailed study of the potential impact of BGP peering session attacks and the resulting exploitation of Route Flap Damping (RFD) that cause network-wide routing disruptions. We consider canonical grid as well as down-sampled realistic

Assessment of Access Control Systems

September 29, 2006
Author(s)
Chung Tong Hu, David F. Ferraiolo, David R. Kuhn
Access control is perhaps the most basic aspect of computer security. Nearly all applications that deal with financial, privacy, safety, or defense include some form of access control. In many systems access control takes the form of a simple password

Pseudo-Exhaustive Testing for Software

April 28, 2006
Author(s)
David R. Kuhn, Vadim Okun
Pseudo-exhaustive testing uses the empirical observation that, for broad classes of software, a fault is likely triggered by only a few variables interacting. The method takes advantage of two relatively recent advances in software engineering: algorithms

An Algorithm for Generating Very Large Covering Arrays

April 19, 2006
Author(s)
David R. Kuhn
This note describes a covering array algorithm that can be parallelized, making it possible to handle a much larger number of variables than other know algorithms. The algorithm trades test case optimization for speed ? it produces roughly 3% to 15% more

Autonomous System (AS) Isolation under Randomized BGP Session Attacks with RFD Exploitation

April 1, 2006
Author(s)
Kotikalapudi Sriram, Douglas Montgomery, Oliver Borchert, Okhee Kim, D. Richard Kuhn
BGP peering session attacks are known to drive routes into route flap damping (RFD) suppression states and thus cause isolations between autonomous systems (ASes) and destinations. We present a detailed study of the impact of BGP peering session attacks

Securing Voice Over IP Networks

May 27, 2005
Author(s)
T J. Walsh, D. Richard Kuhn
Voice over IP - the transmission of voice over traditional packet-switched IP networks - is one of the hottest trends in telecommunications. As with any new technology, VOIP introduces both opportunities and problems. Lower cost and greater flexibility are

Characterizing the Risks and Costs of BGP Insecurity/Security

March 1, 2005
Author(s)
Douglas Montgomery, Kotikalapudi Sriram, Oliver Borchert, Okhee Kim, D. Richard Kuhn
We examine the performance of multimodal biometric authentication systems using state-of-the-art Commercial Off-the-Shelf (COTS) fingerprint and face biometric systems on a population approaching 1,000 individuals. Majority of prior studies of multimodal

Security Considerations for Voice Over IP Systems

January 1, 2005
Author(s)
David R. Kuhn, Thomas J. Walsh, S G. Fries
Voice over Internet Protocol (VOIP) refers to the transmission of speech across data-style networks. This form of transmission is conceptually superior to conventional circuit switched communication in many ways. However, a plethora of security issues are

Attack vs. Countermeasure Effectiveness (ACE): Modeling Tool for BGP

November 1, 2004
Author(s)
Kotikalapudi Sriram, Douglas Montgomery, D. Richard Kuhn
We examine the performance of multimodal biometric authentication systems using state-of-the-art Commercial Off-the-Shelf (COTS) fingerprint and face biometric systems on a population approaching 1,000 individuals. Majority of prior studies of multimodal

Incorporating Subjective Risk Vales in BGP Attack Trees

November 1, 2004
Author(s)
D. Richard Kuhn, Kotikalapudi Sriram, Douglas Montgomery
We examine the performance of multimodal biometric authentication systems using state-of-the-art Commercial Off-the-Shelf (COTS) fingerprint and face biometric systems on a population approaching 1,000 individuals. Majority of prior studies of multimodal

Securing Voice Over Internet Protocol (IP) Networks

October 1, 2004
Author(s)
Thomas J. Walsh, David R. Kuhn
Voice over IP - the transmission of voice over traditional packet-switched IP networks - is one of the hottest trends in telecommunications. As with any new technology, VOIP introduces both opportunities and problems. Lower cost and greater flexibility are

Software Fault Complexity and Implications for Software Testing

June 16, 2004
Author(s)
D. Richard Kuhn, D Wallace, A M. Gallo
Exhaustive testing of computer software is intractable, but empirical studies of software failures suggest that testing can in some cases be effectively exhaustive. Data reported in this study and others show that software failures in a variety of domains

Vulnerabilities in Quantum Key Distribution Protocols

May 1, 2003
Author(s)
David R. Kuhn
Recently proposed quantum key distribution protocols are shown to be vulnerable to a classic man-in-the-middle attack using entangled pairs created by Eve. The attack could be applied to any protocol that relies on manipulation and return of entangled

Cost Effective Use of Formal Methods in Verification and Validation Foundations

October 1, 2002
Author(s)
D. Richard Kuhn, Ramaswamy Chandramouli, R W. Butler
Formal methods offer the promise of significant improvements in verification and validation, and may be the only approach capable of demonstrating the absence of undesirable system behavior. But it is widely recognized that these methods are expensive, and

Cost Effective Uses of Formal Methods in Verification and Validation

October 1, 2002
Author(s)
D. Richard Kuhn, Ramaswamy Chandramouli
Formal methods offer the promise of significant improvements in verification and validation, and may be the only approach capable of demonstrating the absence of undesirable system behavior. But it is widely recognized that these methods are expensive, and

Quantum Computing and Communication

June 28, 2002
Author(s)
Paul E. Black, David R. Kuhn, Carl J. Williams
A quantum computer, if built, will be to an ordinary computer as a hydrogen bomb is to gunpowder, at least for some types of computations. Today no quantum computer exists, beyond laboratory prototypes capable of solving only tiny problems, and many
Was this page helpful?