Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: Ramaswamy Chandramouli (Fed)

Displaying 51 - 75 of 97

Information Leakage Through the Domain Name System

March 31, 2011

Author(s)

Scott W. Rose, Anastase Nakassis, Ramaswamy Chandramouli

The Domain Name System (DNS) is the global lookup service for network resources. It is often the first step in an Internet transaction as well as a network attack. An attacker can query an organization's DNS as reconnaissance before attacking hosts on a

Framework for Emergency Response Officials (ERO): Authentication and Authorization Infrastructure

August 31, 2010

Author(s)

Ramaswamy Chandramouli, Teresa T. Schwarzhoff

This document describe a framework (with the acronym ERO-AA) for establishing an infrastructure for authentication and authorization of Emergency Response officials (ERO) who respond to various types of man-made and natural disasters. The population of

PIV Card Application and Middleware Interface Test Guidelines (SP800-73-3 compliance)

July 28, 2010

Author(s)

Ramaswamy Chandramouli, Hildegard Ferraiolo, Ketan L. Mehta

[Superseded by SP 800-85A-4 (April 2016): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=920340] The objective of this document is to provide test requirements and test assertions that could be used to validate the compliance/conformance of

Authentication Assurance Level Taxonomies for Smart Identity Token Deployments - A New Approach

June 21, 2010

Author(s)

Ramaswamy Chandramouli

Authentication assurance level taxonomies that have been specified in many real-world smart identity token deployments do not fully reflect all the security properties associated with their underlying authentication mechanisms. In this paper we describe

State of Security Readiness

June 10, 2010

Author(s)

Ramaswamy Chandramouli, Peter M. Mell

Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction. However, the

Secure Domain Name System (DNS) Deployment Guide

April 30, 2010

Author(s)

Ramaswamy Chandramouli

[Superseded by SP 800-81-2 (September 2013): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=914217] This document provides deployment guidelines for securing the Domain Name System (DNS) in any enterprise a government agency or a corporate

Interfaces for Personal Identity Verification

February 19, 2010

Author(s)

Ramaswamy Chandramouli, David A. Cooper, James F. Dray Jr., Hildegard Ferraiolo, Scott Guthery, William I. MacGregor, Ketan Mehta

[Superseded by SP 800-73-4 (May 2015): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=918402] FIPS 201, Personal Identity Verification (PIV) of Federal Employees and Contractors, defines procedures for the PIV lifecycle activities including

Open Issues in Secure DNS Deployment

October 6, 2009

Author(s)

Ramaswamy Chandramouli, Scott W. Rose

This paper describes some practical administrative issues and challenges in the deployment of DNSSEC - an IETF specified suite of security measures for securing the Domain Name System (DNS). The issues covered include: (a) Choice of Cryptographic

Access Specification and Validation Framework for Secure Smart ID Cards Deployment

July 10, 2009

Author(s)

Ramaswamy Chandramouli, Stephen Quirolgico

Deployment of smart cards as identity tokens (Smart ID Cards) requires the support of an enterprise system called Identity Management System (IDMS) for collection, storage, processing and distribution of personal identity credentials. Secure configuration

PIV Card Application and Middleware Interface Test Guidelines (SP800-73-2 compliance)

March 31, 2009

Author(s)

Ramaswamy Chandramouli, Hildegard Ferraiolo, Ketan L. Mehta

[Superseded by SP 800-85A-2 (July 2010): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=906167] The objective of this document [SP 800-85A-1] is to provide test requirements and test assertions that could be used to validate the compliance

Privacy & Authorization Policies - Validation & Assurance Techniques (Two Chapters for a book, Identity and Policy, by FutureText)

December 19, 2008

Author(s)

Ramaswamy Chandramouli

Interfaces for Personal Identity Verification

September 18, 2008

Author(s)

Ramaswamy Chandramouli, James F. Dray Jr., Hildegard Ferraiolo, Scott Guthery, William I. MacGregor, Ketan L. Mehta

[Superseded by SP 800-73-3 (February 2010): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=504797] SP 800-73-2 specifies the PIV data model, Application Programming Interface (API) and card interface requirements necessary to comply with the

Guidelines for the Accreditation of Personal Identity Verification Card Issuers

June 18, 2008

Author(s)

Ramaswamy Chandramouli, Dennis Bailey, Nabil Ghadiali, Dennis K. Branstad

[Superseded by SP 800-79-2 (July 2015): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=918845] The purpose of this publication is to provide appropriate and useful guidelines for accrediting the reliability of issuers of Personal Identity

Policy Specification and Enforcement for Smart ID Cards Deployment

June 3, 2008

Author(s)

Ramaswamy Chandramouli

Deployment of Smart Cards for Identity Verification requires collection of credentials and provisioning of credentials from and to heterogeneous and sometimes legacy systems. To facilitate this process, a centralized identity store called Identity

Infrastructure System Design Methodology for Smart ID Cards Deployment

April 19, 2008

Author(s)

Ramaswamy Chandramouli

With the increasing use of smart cards for identity verification of individuals, it has become imperative for organizations to properly design and engineer the expensive infrastructure system that supports smart card deployment. Apart from sound system

A New Taxonomy for Analyzing Smart Card-based Authentication Processes

September 7, 2007

Author(s)

Ramaswamy Chandramouli

As part of E-Government and security initiatives, smart cards are now being increasingly deployed as authentication tokens. The existing classification of authentication factors into What you Know, What You Have and What You Are- does not provide a good

Infrastructure Standards for Smart ID-Cards Deployment

September 7, 2007

Author(s)

Ramaswamy Chandramouli, Philip Lee

Smart cards are being increasingly deployed for many applications. Typical applications are Subscriber Identification Module (SIM) cards (in Telecommunication), Micropayment (in Financial Transactions), Commuter Cards (in Urban Transportation Systems) and

Specification-Driven Testing of Smart Card Interface Using a Formal Model

April 30, 2007

Author(s)

Ramaswamy Chandramouli, Mark Blackburn

Model-Driven Engineering (MDE) is emerging as a promising approach that uses models to support various phases of system development lifecycle such as Code Generation and Verification/Validation (V &V). In this paper, we describe the application of a model

Biometric Data Specification for Personal Identity Verification

January 17, 2007

Author(s)

Charles L. Wilson, Patrick J. Grother, Ramaswamy Chandramouli

[Superseded by SP 800-76-2 (July 2013): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=914224] This document, Special Publication 800-76, is a companion document to FIPS 201, Personal Identity Verification (PIV) of Federal Employees and

Role-Based Access Control, Second Edition

December 31, 2006

Author(s)

David F. Ferraiolo, David R. Kuhn, Ramaswamy Chandramouli

[ISBN-13: 978-1-59693-113-8] This newly revised edition of "Role-Based Access Control" offers the latest details on a security model aimed at reducing the cost and complexity of security administration for large networked applications. The second edition

PIV Card to Reader Interoperability Guidelines

December 29, 2006

Author(s)

James F. Dray Jr., April Giles, Michael Kelley, Ramaswamy Chandramouli

The purpose of this document is to present recommendations for Personal Identity Verification (PIV) card readers in the area of performance and communications characteristics to foster interoperability. This document is not intended to re-state or

PIV Data Model Test Guidelines

July 31, 2006

Author(s)

Ramaswamy Chandramouli, Ketan Mehta, Pius A. Uzamere, Davie Simon, Nabil Ghadiali, Andrew P. Founds

In order to build the necessary PIV infrastructure to support common unified processes and government-wide use of identity credentials, NIST developed this test guidance document that ensures interoperability of PIV data. This document provides test

Secure Domain Name System (DNS) Deployment Guide

May 16, 2006

Author(s)

Ramaswamy Chandramouli, Scott W. Rose

[Superseded by SP 800-81 Rev. 1 (April 2010): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=905113] We examine the performance of multimodal biometric authentication systems using state-of-the-art Commercial Off-the-Shelf (COTS) fingerprint

PIV Middleware and PIV Card Application Conformance Test Guidance (SP 800-73 Compliance)

April 5, 2006

Author(s)

Ramaswamy Chandramouli, Levent Eyuboglu, Ketan Mehta

[Superseded by SP 800-85A-1 (March 2009): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=902200] This document provides derived test requirements and test assertions for generating conformance tests for the following classes of specification

Biometric Data Specification for Personal Identity Verification

February 1, 2006

Author(s)

Charles L. Wilson, Patrick J. Grother, Ramaswamy Chandramouli

[Superseded by SP 800-76-1 (January 2007): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=51101] The Homeland Security Presidential Directive HSPD-12 called for new standards to be adopted governing the interoperable use of identity

Was this page helpful?