Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: Ramaswamy Chandramouli ()

Displaying 76 - 100 of 182

Secure Domain Name System (DNS) Deployment Guide

September 18, 2013

Author(s)

Ramaswamy Chandramouli, Scott W. Rose

The Domain Name System (DNS) is a distributed computing system that enables access to Internet resources by user-friendly domain names rather than IP addresses, by translating domain names to IP addresses and back. The DNS infrastructure is made up of

Biometric Specifications for Personal Identity Verification

July 11, 2013

Author(s)

Patrick J. Grother, Wayne J. Salamon, Ramaswamy Chandramouli

Homeland Security Presidential Directive HSPD-12, Policy for a Common Identification Standard for Federal Employees and Contractors [HSPD-12], called for new standards to be adopted governing interoperable use of identity credentials to allow physical and

Security Assurance Requirements for Hypervisor Deployment Features

February 24, 2013

Author(s)

Ramaswamy Chandramouli

Virtualized hosts provide abstraction of the hardware resources (i.e., CPU, Memory etc) enabling multiple computing stacks to be run on a single physical machine. The Hypervisor is the core software that enables this virtualization and hence must be

Security Control Variations Between In-House and Cloud-Based Virtualized Infrastructures

August 19, 2012

Author(s)

Ramaswamy Chandramouli

Virtualization-related components (such as Hypervisor, Virtual Network and Virtual Machines (VMs)) in a virtualized data center infrastructure need effective security controls. However, the differences in scope of control (among stakeholders) over this

Determining Authentication Strength for Smart Card-based Authentication Use Cases

January 30, 2012

Author(s)

Ramaswamy Chandramouli

Smart cards are now being extensively deployed for identity verification(smart identity tokens) for controlling access to Information Technology (IT) as well as physical resources. Depending upon the sensitivity of the resources and the risk of wrong

Service Model Driven Variations in Security Measures for Cloud Environments

November 6, 2011

Author(s)

Ramaswamy Chandramouli

With the increasing adoption of cloud computing service models - Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS), proper implementation of adequate and appropriate security protection measures has become a

Cloud Service Feature Driven Security Policies for Virtualized Infrastructures

July 19, 2011

Author(s)

Ramaswamy Chandramouli

With the increasing maturity of various cloud service delivery models (Software as a Service (SaaS), Platform as a Service (PaaS), Infrastructure as a Service (IaaS)) and deployment models (Private, Community, Public, Hybrid), the security risk profile of

Information Leakage Through the Domain Name System

March 31, 2011

Author(s)

Scott W. Rose, Anastase Nakassis, Ramaswamy Chandramouli

The Domain Name System (DNS) is the global lookup service for network resources. It is often the first step in an Internet transaction as well as a network attack. An attacker can query an organization's DNS as reconnaissance before attacking hosts on a

Framework for Emergency Response Officials (ERO): Authentication and Authorization Infrastructure

August 31, 2010

Author(s)

Ramaswamy Chandramouli, Teresa T. Schwarzhoff

This document describe a framework (with the acronym ERO-AA) for establishing an infrastructure for authentication and authorization of Emergency Response officials (ERO) who respond to various types of man-made and natural disasters. The population of

PIV Card Application and Middleware Interface Test Guidelines (SP800-73-3 compliance)

July 28, 2010

Author(s)

Ramaswamy Chandramouli, Hildegard Ferraiolo, Ketan L. Mehta

[Superseded by SP 800-85A-4 (April 2016): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=920340] The objective of this document is to provide test requirements and test assertions that could be used to validate the compliance/conformance of

Authentication Assurance Level Taxonomies for Smart Identity Token Deployments - A New Approach

June 21, 2010

Author(s)

Ramaswamy Chandramouli

Authentication assurance level taxonomies that have been specified in many real-world smart identity token deployments do not fully reflect all the security properties associated with their underlying authentication mechanisms. In this paper we describe

State of Security Readiness

June 10, 2010

Author(s)

Ramaswamy Chandramouli, Peter M. Mell

Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction. However, the

Secure Domain Name System (DNS) Deployment Guide

April 30, 2010

Author(s)

Ramaswamy Chandramouli

[Superseded by SP 800-81-2 (September 2013): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=914217] This document provides deployment guidelines for securing the Domain Name System (DNS) in any enterprise a government agency or a corporate